Sayne

I also have intrafoundation.com!a2

Recommended Posts

Hello.

Here are my logs:

A-Squared Free

a-squared Free - Version 4.5
Last update: 10/1/2009 10:50:55 PM

Scan settings:

Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start:	10/1/2009 10:51:16 PM

c:\inetpub 	detected: Trace.Directory.intrafoundation.com!A2

Scanned

Files: 	332653
Traces: 	579874
Cookies: 	54
Processes: 	61

Found

Files: 	0
Traces: 	1
Cookies: 	0
Processes: 	0
Registry keys: 	0

Scan end:	10/2/2009 12:23:29 AM
Scan time:	1:32:13

and Hi-Jack free:

Logfile of HiJackFree v3.0
Scan saved at 10:50:02 PM, on 10/1/2009
Platform: Windows Vista64  (Windows NT 6.0.6002)
MSIE: Internet Explorer v 8.0  (8.0.6001.18813)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\wininit.exe
C:\Windows\System32\csrss.exe
C:\Windows\System32\services.exe
C:\Windows\System32\lsass.exe
C:\Windows\System32\lsm.exe
C:\Windows\System32\winlogon.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\SLsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\a-squared Free\a2service.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\SysWOW64\ASDR.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\SearchIndexer.exe
C:\Program Files (x86)\Spybot
C:\Windows\System32\taskeng.exe
C:\Windows\System32\atieclxx.exe
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Symantec AntiVirus\VPTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SysWOW64\CTxfispi.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\Windows\System32\SearchProtocolHost.exe
C:\Windows\System32\SearchFilterHost.exe
C:\Windows\System32\SearchProtocolHost.exe
C:\Program Files (x86)\a-squared HiJackFree\a2hijackfree.exe
C:\Windows\SysWOW64\dllhost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O7 - Regedit - Enabled
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFBAR.ICO
O14 - IERESET.INF: SearchAssistant=
O14 - IERESET.INF: CustomizeSearch=
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15108/CTPID.cab
O21 - ShellServiceObjectDelayLoad: WebCheck - 
O22 - SharedTaskScheduler: Component Categories cache daemon - C:\Windows\system32\browseui.dll
O23 - Service: a-squared Free Service - C:\Program Files (x86)\a-squared Free\a2service.exe
O23 - Service: Application Experience Service - C:\Windows\system32\svchost.exe
O23 - Service: Application Layer Gateway Service - C:\Windows\System32\alg.exe
O23 - Service: IIS Resource DLL - C:\Windows\\system32\svchost.exe
O23 - Service: Application Information Service - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASDR - C:\Windows\SysWOW64\ASDR.exe
O23 - Service: ASP.NET State Service - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
O23 - Service: Windows Audio Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows Audio Service - C:\Windows\System32\svchost.exe
O23 - Service: Base Filtering Engine - C:\Windows\system32\svchost.exe
O23 - Service: Background Intelligent Transfer Service - C:\Windows\System32\svchost.exe
O23 - Service: Bonjour Service - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Computer Browser Service DLL - C:\Windows\System32\svchost.exe
O23 - Service: Symantec Event Manager - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
O23 - Service: COMSysApp - C:\Windows\system32\dllhost.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Cryptographic Services - C:\Windows\system32\svchost.exe
O23 - Service: Creative Audio Service - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher - C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
O23 - Service: DFSR - C:\Windows\system32\DFSR.exe
O23 - Service: DHCP Client Service - C:\Windows\system32\svchost.exe
O23 - Service: DNS Client API DLL - C:\Windows\system32\svchost.exe
O23 - Service: Wired AutoConfig Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft EAPHost service - C:\Windows\System32\svchost.exe
O23 - Service: Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
O23 - Service: Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
O23 - Service: Windows Media Center Service Launcher - C:\Windows\\system32\svchost.exe
O23 - Service: ReadyBoost Service - C:\Windows\system32\svchost.exe
O23 - Service: Event Logging Service - C:\Windows\System32\svchost.exe
O23 - Service: EventSystem - C:\Windows\system32\svchost.exe
O23 - Service: WS Discovery Service - C:\Windows\system32\svchost.exe
O23 - Service: Function Discovery Resource Publication Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Presentation Foundation Host - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
O23 - Service: Google Update Service (gupdate1c9d761db70e7ea) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HID Service - C:\Windows\system32\svchost.exe
O23 - Service: Key Management Service - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: IKE extension - C:\Windows\system32\svchost.exe
O23 - Service: PnP-X IP Bus Enumerator DLL - C:\Windows\system32\svchost.exe
O23 - Service: Service that offers IPv6 connectivity over an IPv4 network. - C:\Windows\System32\svchost.exe
O23 - Service: iPod Service - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: KeyIso - C:\Windows\system32\lsass.exe
O23 - Service: KtmRm - C:\Windows\System32\svchost.exe
O23 - Service: Server Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Workstation Service DLL - C:\Windows\System32\svchost.exe
O23 - Service: Logitech Bluetooth Service - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Link-Layer Topology Discovery Resources - C:\Windows\System32\svchost.exe
O23 - Service: TCPIP NetBios Transport Services DLL - C:\Windows\system32\svchost.exe
O23 - Service: Media Center Resources - C:\Windows\system32\svchost.exe
O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Windows Firewall API - C:\Windows\system32\svchost.exe
O23 - Service: MSDTC - C:\Windows\System32\msdtc.exe
O23 - Service: iSCSI Discovery api - C:\Windows\system32\svchost.exe
O23 - Service: Windows® Installer International Messages - C:\Windows\system32\msiexec
O23 - Service: Quarantine Agent Service Run-Time - C:\Windows\System32\svchost.exe
O23 - Service: Net Logon Services DLL - C:\Windows\system32\lsass.exe
O23 - Service: Network Connections Manager - C:\Windows\System32\svchost.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Network Profile Management UI - C:\Windows\System32\svchost.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Network Location Awareness 2 - C:\Windows\System32\svchost.exe
O23 - Service: Network Store Interface RPC server - C:\Windows\system32\svchost.exe
O23 - Service: Office Source Engine - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe
O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe
O23 - Service: Program Compatibility Assistant Service - C:\Windows\system32\svchost.exe
O23 - Service: x86 Performance Counter Host - C:\Windows\SysWow64\perfhost.exe
O23 - Service: Performance Logs & Alerts - C:\Windows\System32\svchost.exe
O23 - Service: User-mode Plug-and-Play Service - C:\Windows\system32\svchost.exe
O23 - Service: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe
O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe
O23 - Service: Policy Storage dll - C:\Windows\system32\svchost.exe
O23 - Service: ProfSvc - C:\Windows\system32\svchost.exe
O23 - Service: Protected Storage default provider - C:\Windows\system32\lsass.exe
O23 - Service: Windows NT - C:\Windows\\system32\svchost.exe
O23 - Service: Remote Access AutoDial Manager - C:\Windows\system32\svchost.exe
O23 - Service: Remote Access Connection Manager - C:\Windows\system32\svchost.exe
O23 - Service: RemoteRegistry - C:\Windows\system32\svchost.exe
O23 - Service: Rpc Locator - C:\Windows\system32\locator.exe
O23 - Service: SiSoftware Deployment Agent Service - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe
O23 - Service: SBSD Security Center Service - C:\Program Files (x86)\Spybot
O23 - Service: Smart Card Resource Management Server - C:\Windows\system32\svchost.exe
O23 - Service: Task Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft® Windows Backup Service - C:\Windows\system32\svchost.exe
O23 - Service: System Event Notification Service (SENS) - C:\Windows\system32\svchost.exe
O23 - Service: Terminal Services Configuration service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft NAT Helper Components - C:\Windows\System32\svchost.exe
O23 - Service: Windows Shell Services Dll - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft Software Licensing Service - C:\Windows\system32\SLsvc.exe
O23 - Service: Software Licensing UI Notification Service - C:\Windows\system32\svchost.exe
O23 - Service: SNMP Trap - C:\Windows\System32\snmptrap.exe
O23 - Service: SSDP Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Provides the facility of using Secure Socket Tunneling Protocol (SSTP) to connect to remote computers (using VPN). - C:\Windows\system32\svchost.exe
O23 - Service: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Still Image Devices Service - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft® Volume Shadow Copy Service software provider - C:\Windows\System32\svchost.exe
O23 - Service: Symantec AntiVirus - C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Superfetch Service Host - C:\Windows\system32\svchost.exe
O23 - Service: Microsoft Tablet PC Input Service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft® Windows(TM) Telephony Server - C:\Windows\System32\svchost.exe
O23 - Service: TBS Service - C:\Windows\System32\svchost.exe
O23 - Service: Terminal Server Remote Connections Manager - C:\Windows\System32\svchost.exe
O23 - Service: Windows Shell Services Dll - C:\Windows\System32\svchost.exe
O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe
O23 - Service: Interactive services detection - C:\Windows\system32\UI0Detect.exe
O23 - Service: UPnP Device Host - C:\Windows\system32\svchost.exe
O23 - Service: Desktop Window Manager - C:\Windows\System32\svchost.exe
O23 - Service: Virtual Disk Service - C:\Windows\System32\vds.exe
O23 - Service: Microsoft® Volume Shadow Copy Service - C:\Windows\system32\vssvc.exe
O23 - Service: Windows Time Service - C:\Windows\system32\svchost.exe
O23 - Service: IIS Resource DLL - C:\Windows\\system32\svchost.exe
O23 - Service: IIS Resource DLL - C:\Windows\\system32\svchost.exe
O23 - Service: Windows Connect Now - Config Registrar Service - C:\Windows\System32\svchost.exe
O23 - Service: WcsPlugInService DLL - C:\Windows\system32\svchost.exe
O23 - Service: Web DAV Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: Event Collector Service - C:\Windows\system32\svchost.exe
O23 - Service: Problem Reports and Solutions - C:\Windows\System32\svchost.exe
O23 - Service: Windows Error Reporting Service - C:\Windows\System32\svchost.exe
O23 - Service: WinDefend - C:\Windows\System32\svchost.exe
O23 - Service: Windows HTTP Services - C:\Windows\system32\svchost.exe
O23 - Service: WMI - C:\Windows\system32\svchost.exe
O23 - Service: WSMan Service - C:\Windows\System32\svchost.exe
O23 - Service: Windows WLAN AutoConfig Service DLL - C:\Windows\system32\svchost.exe
O23 - Service: WMI Performance Reverse Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: WMPNetworkSvc - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
O23 - Service: WPC Filtering Service - C:\Windows\system32\svchost.exe
O23 - Service: Portable Device Enumerator - C:\Windows\system32\svchost.exe
O23 - Service: Windows Security Center Service - C:\Windows\System32\svchost.exe
O23 - Service: Microsoft Windows Search Indexer - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update Agent - C:\Windows\system32\svchost.exe
O23 - Service: Windows Driver Foundation - User-mode Driver Framework Service - C:\Windows\system32\svchost.exe

I downloaded and installed all the programs listed on your Start Here post, but I can't get ISeeYouXP.bat to run on my x64 version of windows. Thoughts?

...I might just reformat and reinstall windows anyhow. It's been a year, I'm due.

Thanks!

Chris

Share this post


Link to post
Share on other sites

Hi Chris,

Welcome to the forum.

Please do not rush to “reformat and reinstall windows”

First that is just a "Trace" detection.

Traces are not necessarily representing danger.

http://www.emsisoft.com/en/kb/articles/tec070120/

Have you submitted the entry from the detection list to EMSI developers for analisys in order to find out whether that is False Positive flagging or not?

Please do that irrespectively.

c:\inetpub folder usually is created when Microsoft IIS (Internet Information Services) are used

If you have questions about submitting procedure and other questions please create case in the respective section of the forum (a2 Free in your case)

Malware fighter will review your logs and you will be advised regarding ISeeYouXP and x64 system (rather if there is an alternative)

My regards

Share this post


Link to post
Share on other sites

Thanks for getting back to me. I've been thinking about doing a reformat anyhow, so I was mostly thinking out loud.

I'll submit it to the devs, but I've been using A-squared for years now and it's never detected this before. It comes up as a "medium risk" on the a-squared interface.

I have also never consciously used Microsoft IIS, and I don't recall that folder on my machine before, so I'm not sure what this is. This computer is my home PC, not a server or a machine on an office network.

A-squared isn't detecting any malware when I scan just the folder... but I'd rather be safe than sorry. Windows also won't let me delete the folder, which is logical if it's part of a Microsoft application.

Thanks

Share this post


Link to post
Share on other sites
...

A-squared isn't detecting any malware when I scan just the folder...

If you are using Shell Extension for scanning "just a folder" or a file that will not scan/detect Traces.

You can use Custom Scan of a separate folder- then Traces are scanned.

My regards

Share this post


Link to post
Share on other sites

I see what you mean.

When running a custom scan of C:\inetpub, the detection comes up during the "Scanning traces" part of the scan. When the folder itself is scanned, nothing pops up.

Perhaps this is a false-positive, then?

Thanks

Chris

Share this post


Link to post
Share on other sites

...Perhaps this is a false-positive, then?

Perhaps it is my English, but not "then" as a conclusion about False Positive because of the differences in the described features.

It is just most likely FP because of current situation with signatures and/or program's algorithm.

My regards

Share this post


Link to post
Share on other sites

OK great. Hopefully it'll go away after a few signatures updates.

I meant "then" just as and Englishman would add "then" at the end of a sentence for no apparent reason. "You want to go for a walk, then?" My grandmother was a war bride from WWII and I've picked up her speech patterns. I guess I don't think too much about interjecting them into internet speak where it just confuses people. Sorry about that.

Either way, thanks for helping me out to determine if this is a real threat or not. ^_^

Chris

Share this post


Link to post
Share on other sites

Correct. Ok,then ;)

We'll leave it like that since this is not a discussion section of the forum.

So you are welcome to create new thread in another section... and sure wait for the reply from ShadowPuterDude.

At the same time please let us know here or in another thread whether there is a fix in subsequent update(s).

My regards

Share this post


Link to post
Share on other sites

I don't believe so, no. If that's something I would have to consciously download then no. If it's something that windows update would just DO, then I'm not sure. I'm not sure because I've never heard of the program before this little episode.

The create date of C:\inetpub was January 5, the date I installed windows on this machine. So it didn't just appear. Don't know if that's a red-herring or not.

Oh I just updated A-squared (about 11:15 EDT) and it's still picking up the trace.

Thanks

Chris

Share this post


Link to post
Share on other sites

I don't believe so, no. If that's something I would have to consciously download then no. If it's something that windows update would just DO, then I'm not sure. I'm not sure because I've never heard of the program before this little episode.

The create date of C:\inetpub was January 5, the date I installed windows on this machine. So it didn't just appear. Don't know if that's a red-herring or not.

Oh I just updated A-squared (about 11:15 EDT) and it's still picking up the trace.

Thanks

Chris

As I can see from this thread

http://support.emsisoft.com/index.php?/topic/158-intrafoundationcoma2/

there are no flaggings of the said folder and subfolders according to the last a2 report

and there were several a-squared native signatures (!A2) updates lately

http://www.emsisoft.com/a2/changelog/free/

My regards

Share this post


Link to post
Share on other sites

Those folders are created by Microsoft's Internet Information Server (IIS) during installation.

Update your a-squared definitions, run a new scan and post the resulting log.

Share this post


Link to post
Share on other sites

Thread Closed

Reason: Resolved

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.