Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Puzzled by certain detections


Recommended Posts

IObit Malwate Fighter Pro ran a spontaneous scan on my system and presented these detections.

 

OS: Windows XP

Version: 2.5.0.8

Database Version: 1393

Time Elapsed: 02:02:39

Objects Scanned: 88623

Threats Found: 74

Save Time: 11/19/2014 11:11:01 PM

 

|Name|Type|Description|ID|

jollywallet, FOLDER, C:\Program Files\JollyWallet, 305163

SaveSense, FOLDER, C:\Documents and Settings\Owner\Application Data\SaveSense, 305207

SaveSense, FOLDER, C:\Program Files\SaveSenseLive, 305210

SaveSense, FOLDER, C:\Documents and Settings\Owner\Start Menu\Programs\SaveSense, 305211

SaveSense, FILE, C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, 1021269

SaveSense, FILE, C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, 1021270

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook, 2001039

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook.1, 2001039

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}, 2013028

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}, 2013029

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}, 2013030

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}, 2013032

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}, 2013033

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}, 2013034

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}, 2013035

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, 2013036

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}, 2013037

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}, 2013038

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}, 2013039

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}, 2013041

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}, 2013042

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}, 2013043

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}, 2013044

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}, 2013045

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}, 2013046

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}, 2013047

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}, 2013048

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}, 2013049

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}, 2013050

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}, 2013051

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}, 2013052

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}, 2013053

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}, 2013054

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}, 2013055

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}, 2013056

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}, 2013057

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{4509D3CC-B642-4745-B030-645B79522C6D}, 2013058

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{B87F8B63-7274-43FD-87FA-09D3B7496148}, 2013060

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}, 2013062

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}, 2013064

jollywallet, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JollyWallet, 2015217

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, 2015293

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, 2015294

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, 2015295

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, 2015296

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, 2015297

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, 2015298

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, 2015299

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, 2015300

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, 2015301

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, 2015302

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, 2015303

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, 2015304

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, 2015305

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, 2015306

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, 2015307

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, 2015308

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, 2015309

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, 2015310

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, 2015311

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, 2015312

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, 2015313

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, 2015314

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, 2015315

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, 2015316

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, 2015317

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, 2015318

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, 2015319

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, 2015320

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, 2015321

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, 2015322

SaveSense, REG, HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SAVESENSELIVE.EXE, 2015323

SaveSense, REG, HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselive, 2015327

SaveSense, REG, HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselivem, 2015328

 

 

 

For some reason after I tried to save the report to my flash drive, the GUI got completely locked up, and I had no choice but to kill the process without acting on any of these detections.

 

I intend to run the scan again, but I am not going to allow removal of most of these items. I chose to sign up with Jollywallet. Its extension or extensions are not malware. I chose to install SaveSense. I control it through the Firefox extensions menu. I have SaveSense disabled more than 95% of the time. I only enable it when I am shopping. I chose days ago to install the SPEEDbit toolbar. I will probably keep it disabled most of the time.

 

I am not able to discern the identity of some of these detections, although I have to assume they are probably related to those three programs.

 

As for these detections :

 

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook, 2001039

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook.1, 2001039

 

I am unable to determine exactly what these registry keys relate to.

 

As for the registry keys shown from :

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}, 2013028

through

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}, 2013064

I do not know what these keys relate to. Furthermore I don't even find them when I use the Registry Editor on my Windows XP. Is there some kind of third-party software that would enable me to see these registry entries and know what they are?

 

Can anybody here identify these unknown keys for me?

 

 

 

Computer: Dell System B3 Desktop

CPU: Intel Pentium 4-2667 (Northwood, D1)

2666 MHz (20.00x133.3) @ 2657 MHz (20.00x132.9)

Motherboard: DELL 0G1548

Chipset: Intel 845GEV (Brookdale-GEV) + ICH4

Memory: 2048 MBytes @ 166 MHz, 2.5-3-3-7

- 1024 MB PC3200 DDR-SDRAM - Kingston K

Graphics: Intel 82845G/GL/GV Graphics Controller [DELL]

Intel i845G(L) Integrated, 64 MB

Drive: ST380011A, 78.1 GB, E-IDE (ATA-6)

Drive: HGST HTS545050A7E380, 488.4 GB, Serial ATA 3Gb/s <-> USB

Drive: SAMSUNG CD-R/RW SW-252S, CD-R Writer

Sound: Creative Technology SB Live! Series Audio Processor

Network: RealTek Semiconductor RTL8139 PCI Fast Ethernet NIC [A/B/C]

Network: Broadcom 4401 10/100 Integrated Controller

OS: Microsoft Windows XP Home Edition Build 2600 SP3

 

 

 

Link to comment
Share on other sites

Hi conceptualclarity,

 

We will remove Jollywallet and SaveSense in our database 1394. Please update it when it is available to see how it works.

 

And the following registry keys are related to SocialSkinz

 

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}, 2013028

through

Misleading.SocialSkinz, REG, HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TYPELIB\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}, 2013064

 

As for these detections are virus which should be removed.

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook, 2001039

Trojan.Win32/BHO, REG, HKEY_CLASSES_ROOT\URLSearchHook.ToolbarURLSearchHook.1, 2001039

 

Cheers.

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...