beaureg
2007-12-03, 23:39
I first posted in safer networking forums/software/spybot S&D and was told to repost in the false positive
I detect Stration.C with Spybot, I delete the worm, reboot and the worm is not there anymore
However it comes back after a few reboots. It's in the Samsung HKEY, does it have something to do with Samsung ???
My operating system is Windows XP SP2
Browser is Internet Explorer 6.0
Version of SpyBot is 1.3 with update 2007-11-28
--- Report generated: 2007-12-03 14:46 ---
Omniture: Tracking cookie (Internet Explorer: Owner) (Cookie, fixed)
Microsoft.WindowsSecurityCenter_disabled: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2
Stration.C: Autorun settings (Samsung PanelMgr) (Registry value, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Samsung PanelMgr
--- Spybot - Search && Destroy version: 1.3 ---
2007-11-28 Includes\Cookies.sbi
2007-10-31 Includes\Dialer.sbi
2007-11-07 Includes\Hijackers.sbi
2007-10-04 Includes\Keyloggers.sbi
2007-11-07 Includes\Malware.sbi
2007-11-28 Includes\Revision.sbi
2007-05-30 Includes\Security.sbi
2007-11-07 Includes\Spybots.sbi
2007-11-28 Includes\Trojans.sbi
2007-11-06 Includes\Tracks.uti
2004-11-29 Includes\LSP.sbi
2007-10-24 Includes\PUPS.sbi
2007-11-28 Includes\TrojansC.sbi
2007-11-28 Includes\SpybotsC.sbi
2007-11-28 Includes\SecurityC.sbi
2007-11-28 Includes\PUPSC.sbi
2007-11-28 Includes\MalwareC.sbi
2007-11-28 Includes\KeyloggersC.sbi
2007-11-28 Includes\HijackersC.sbi
2007-11-28 Includes\DialerC.sbi
2007-06-06 Plugins\TCPIPAddress.dll
I detect Stration.C with Spybot, I delete the worm, reboot and the worm is not there anymore
However it comes back after a few reboots. It's in the Samsung HKEY, does it have something to do with Samsung ???
My operating system is Windows XP SP2
Browser is Internet Explorer 6.0
Version of SpyBot is 1.3 with update 2007-11-28
--- Report generated: 2007-12-03 14:46 ---
Omniture: Tracking cookie (Internet Explorer: Owner) (Cookie, fixed)
Microsoft.WindowsSecurityCenter_disabled: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start!=W=2
Stration.C: Autorun settings (Samsung PanelMgr) (Registry value, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Samsung PanelMgr
--- Spybot - Search && Destroy version: 1.3 ---
2007-11-28 Includes\Cookies.sbi
2007-10-31 Includes\Dialer.sbi
2007-11-07 Includes\Hijackers.sbi
2007-10-04 Includes\Keyloggers.sbi
2007-11-07 Includes\Malware.sbi
2007-11-28 Includes\Revision.sbi
2007-05-30 Includes\Security.sbi
2007-11-07 Includes\Spybots.sbi
2007-11-28 Includes\Trojans.sbi
2007-11-06 Includes\Tracks.uti
2004-11-29 Includes\LSP.sbi
2007-10-24 Includes\PUPS.sbi
2007-11-28 Includes\TrojansC.sbi
2007-11-28 Includes\SpybotsC.sbi
2007-11-28 Includes\SecurityC.sbi
2007-11-28 Includes\PUPSC.sbi
2007-11-28 Includes\MalwareC.sbi
2007-11-28 Includes\KeyloggersC.sbi
2007-11-28 Includes\HijackersC.sbi
2007-11-28 Includes\DialerC.sbi
2007-06-06 Plugins\TCPIPAddress.dll