Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: Win32.YOK.SuperSearch - found by ZA pro - no other major security firm lists it as an item - que??

  1. #1
    tonysara Guest

    Default Win32.YOK.SuperSearch - found by ZA pro - no other major security firm lists it as an item - que??

    Zonealarm pro v 6.5.722.000 has just found an alleged trojan, named as above. i cannot corroborate the trojan as being in existence in any of CA, symantec, macafee or trend-micro threat databases. what is happening? registry key "found" is: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\Component Categories\{00021494-0000-0000-C000-000000000046}screen shot unable to be attached

    Operating System:Windows 2000 Pro
    Product Name:ZoneAlarm Pro
    Software Version:6.5

  2. #2
    unhappy_viewer Guest

    Default Re: Win32.YOK.SuperSearch

    Have a look at this thread where the peson also got the same problem:
    http://forum.zonelabs.org/zonelabs/b...ssage.id=13104

  3. #3
    kkken Guest

    Default Win32.YOK.SuperSearch - found by ZA pro - no other major security firm lists it as an item - que??

    <DIV align=left><P align=left>UV, thanks for completing the circuit with the x-ref.<P align=left>Tonysara, I got the same registry key reported that you did.<P align=left><P align=left>&gt;screen shot unable to be attached<P align=left>Allow me: <P align=left>http://.....[ Click ]

    Message Edited by Kkken on 08-05-2006 07:42 AM

    Product Name:ZoneAlarm Internet Security Suite
    Software Version:6.1

  4. #4
    jenaguru Guest

    Default Re: Win32.YOK.SuperSearch

    I also detected this trojan courtsey ZA PRO yesterday. ZA successfully treated.

    jenaguru.

  5. #5
    yarok Guest

    Default Re: Win32.YOK.SuperSearch - found by ZA pro

    Hi,

    Looks to me like a false positive.

    Ewido is a dedicated anti-Trojan. It found nothing (I did deep registry scan and then scan of all files on the computer).

    Lavasoft Adaware - dedicated antispyware application - found nothing. It deep scans the registry.

    NAV found nothing.

    All three with latest definitions.

    00021494 .... 046 indicates an Internet Explorer add-on toolbar. Such toolbars are frequently used by adware - but very rarely by Trojans. The Win32.YOK, Supersearch is supposed to be a Trojan.

    I have an Opera with in-built Google search (and Amazon search). I just updated to Opera 9.01, so maybe that's the source of the FP. Don't know. Would love to have an answer.

    Yarok.

  6. #6
    mochit Guest

    Default Re: Win32.YOK.SuperSearch - found by ZA pro

    My ZA pro, version 6.5.722,just quarantined this little critter today. I had never heard of it prior to today. Is it real and if so, what are its dangers?

  7. #7
    tonysara Guest

    Default Re: Win32.YOK.SuperSearch - found by ZA pro

    i suspect that it is a false positive, and have logged a report to taht effect. as someone else has posted, it is a browser add on. there is no findable software taht goes with it

  8. #8
    captspock Guest

    Default Re: Win32.YOK.SuperSearch - found by ZA pro

    Yarok: Appreciate your research. My ZA Pro 6.1.744.001 id'd it today and I deleted. Based on timing it may have either entered via an accessed webpage or file d/l: both sent via single email from one sender. Wondering if anyone has taken a look at it to see what (if anything) it really does?CSXPSP2

  9. #9
    yarok Guest

    Default Where is Tech Support?

    Hi,

    New antispyware definitions file 310 was released today and the FP remains.

    I call it FP (False Positive) because ONLY a registry entry is identified by ZA.

    None - NOT ONE - of the files associated with YOK. Supersearch is found on my computer.

    YOK. Supersearch installs MANY files on the infected computer + a toolbar. These are nowhere to be found on my computer. ZA only identifies a registry entry.

    Additionally, no other dedicated anti-Trojan and anti-spyware applications find this threat - only ZA! Ewido, Adaware, Spysweeper - all excellent products that tell me my computer is 100&#37; clean. Only ZA comes up with this registry entry.

    It is a pity that ZA Tech Support do not respond to us in times of distress.

    Y.

  10. #10
    tonysara Guest

    Default Re: Where is Tech Support?

    tech support has responded by email to me, and suggetsed a deep scan, which is in progress as i type.yaroks views, prior to the scan finishing (!!), seem sound to me.

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •