PDA

View Full Version : Kuasio.Ka - false positive



antizip
2007-07-04, 18:13
I've been creating a toolbar using ToolbarStudio (from bestToolbars.net) and each time I do i receive a trojan installation from the software. I dont even have to install the toolbar, just run their software and i pick up this trojan.

I've read on another thread here (http://forums.spybot.info/showthread.php?t=13139) that this is a false positive and was going to be addressed on an update 2 months ago. Is this still classified as a false postive?

Thanks in advance

Here's the log:
-----------------------------------------------------


Kuasio.Ka: Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}

Kuasio.Ka: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}

Kuasio.Ka: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-07-03 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-07-03 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-07-03 Includes\DialerC.sbi (*)
2007-06-20 Includes\Hijackers.sbi (*)
2007-07-03 Includes\HijackersC.sbi (*)
2007-06-27 Includes\Keyloggers.sbi (*)
2007-07-03 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-06-20 Includes\Malware.sbi (*)
2007-07-03 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-07-03 Includes\PUPSC.sbi (*)
2007-07-03 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-07-03 Includes\SecurityC.sbi (*)
2007-06-20 Includes\Spybots.sbi (*)
2007-07-03 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2007-07-03 Includes\Trojans.sbi (*)
2007-07-03 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll

Yodama
2007-07-05, 09:22
hello,

the false positive you are referring to only had the same product name, the difference lies in the IDs for the typelibrary and interfaces.
If possible you should choose other IDs for your toolbar.