PDA

View Full Version : Possible F/P, AstaKiller ?


Mr_JAk3
2006-11-15, 11:56
Hello :)

Could this be a false positive ?

AstaKiller: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{6BF52A52-394A-11D3-B153-00C04F79FAA6}

I have a user and the original thread here (http://forum.malwareremoval.com/viewtopic.php?t=15368)

Thanks
md usa spybot fan
2006-11-15, 13:54
There is a related post by kerol (http://forums.spybot.info/member.php?u=14093) here:

removing asta killer makes player in mce unuseable
http://forums.spybot.info/showthread.php?t=8701
Buster
2006-11-15, 14:29
:oops: We will fix this false positive in the next detection update scheduled for Friday.
Mr_JAk3
2006-11-15, 14:33
Ohh so the user posted to two forums :scratch:

Thanks for the info Buster :bighug:
md usa spybot fan
2006-11-15, 15:35
Ohh so the user posted to two forums :scratch:
In all fairness to kerol (http://forums.spybot.info/member.php?u=14093), they did wait 5 days without an answer before posting at the Malware Removal forum.
Mr_JAk3
2006-11-15, 15:40
You're rigth about that...

The reason why he/she got overlooked here is prolly because he/she replyed to the own thread --> it wasn't a 0 reply thread anymore... :sad:
kerol
2006-11-26, 13:36
I already updated the SSD, but after I ran a scan, SSD still give me warning of possible threat of AstaKiller.

When I ran a scan with BitDefender 10, it shows same result.

Scan result from BitDefender 10:

<System>=>HKEY_CLASSES_ROOT\MEZZIACODEC.CHL Detected: Trojan.Nebuler-G
<System>=>HKEY_CLASSES_ROOT\MEZZIACODEC.CHL Deleted
<System> Update failed

Scan result from SSD

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

AstaKiller: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\MezziaCodec.Chl


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-09-11 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-11-24 Includes\Cookies.sbi (*)
2006-10-13 Includes\Dialer.sbi (*)
2006-11-24 Includes\DialerC.sbi (*)
2006-11-24 Includes\Hijackers.sbi (*)
2006-11-24 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2006-11-24 Includes\KeyloggersC.sbi (*)
2006-10-13 Includes\Malware.sbi (*)
2006-11-24 Includes\MalwareC.sbi (*)
2006-10-20 Includes\PUPS.sbi (*)
2006-11-24 Includes\PUPSC.sbi (*)
2006-11-24 Includes\Revision.sbi (*)
2006-10-13 Includes\Security.sbi (*)
2006-11-24 Includes\SecurityC.sbi (*)
2006-10-13 Includes\Spybots.sbi (*)
2006-11-24 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-11-24 Includes\Trojans.sbi (*)
2006-11-24 Includes\TrojansC.sbi (*)


So, I'm quite confused. If the AstaKiller is false warning, why the BitDefender show the same result.
Is the Bitdefender also shows a false warning.

I ran scans with Ad-Aware SE Personal and AVG Anti-Spyware and both show no infections - system is clean.

Could you clear me on this. It scared seeing warning of possible threats.

Thanks a lot