Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Oct 7th, 2008, 6:04am
   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   PestPatrol		 « Previous topic | Next topic »
Pages: 1    Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: PestPatrol  (Read 634 times)
Jackal
Newbie
*





   


Posts: 12
PestPatrol
« on: Jul 29th, 2006, 4:34am »
Hello,
 
I'm having hardtime figuring out whether I'm really in trouble.
I use two accounts on my machine: administrator and a less powerful account.
 
When I scan the computer with TH as administrator, I don't receive any warnings everything is OK.
 
However, when I scan again under the other account, I'm seeing the following:
=-=-=-=-=-=-=-=-=
Registry scan
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PestPatrol Control Center  
(Regedit Jump)
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PPMemCheck  
(Regedit Jump)
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\CookiePatrol  
(Regedit Jump)
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PestPatrolCL  
(Regedit Jump)
Suspicious registry entry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\KeyPatrol  
(Regedit Jump)
No suspicious entries found
Inifile scan
No suspicious entries found
Port scan
No suspicious open ports found
Memory scan
No trojans found in memory
File scan (autostarted files, running executables)
No trojan files found
=-=-=-=-=-=-=-=-=
 
I wasn't having such warnings before I installed the latest ruleset.
 
And strangely I'm also having a trouble with my license as well. Could both problems be related with each other somehow?
http://forum.misec.net/board/LicenseIssues/1154127459
 
 
p.s.
Same happens when I do the same in Safe Mode as well.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #1 on: Jul 29th, 2006, 4:42am »
Quote:
And strangely I'm also having a trouble with my license as well. Could both problems be related with each other somehow?  

 
See my post under License Issues on your post there.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #2 on: Jul 29th, 2006, 4:46am »
I've emailed Gavin asking him to check this post and your problem that is showing up because of Pest Patrol.. Wink
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Jackal
Newbie
*





   


Posts: 12
Re: PestPatrol
« Reply #3 on: Jul 29th, 2006, 4:52am »
Thank You SiliconMan.  
 
I'm donwloading the new version of PestPatrol at the meantime. The one I have been using is not the latest version. Smiley
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #4 on: Jul 29th, 2006, 6:01am »
Gavin has provided some more updates since your last TH scan.  Perform a TH LiveUpdate and rescan after you get the new PP installed.  
 
Not sure if Gavin may have corrected this problem.  Wink
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Jackal
Newbie
*





   


Posts: 12
Re: PestPatrol
« Reply #5 on: Jul 29th, 2006, 10:13am »
Hey SiliconMan,
 
Thank you for your kind help.
 
I uninstalled PPv4 and installed PPv5. No more problems.  
 
Best Regards Wink
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #6 on: Jul 29th, 2006, 2:07pm »
You are batting 1000 today!   Cheesy
 
Glad your problems are resolved.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Jackal
Newbie
*





   


Posts: 12
Re: PestPatrol
« Reply #7 on: Jul 29th, 2006, 3:34pm »
on Jul 29th, 2006, 2:07pm, siliconman01 wrote:
You are batting 1000 today!   Cheesy
 
Glad your problems are resolved.  

 
Yup, it's been such a busy day. Smiley
I think I'm a little bit paranoid when it comes to security.
IP Logged
Jrb
Full Member
***



I love YaBB 1G - SP1!

   


Posts: 210
Re: PestPatrol
« Reply #8 on: Jul 29th, 2006, 6:27pm »
Hi,
 
I saw this thread about a FP from TH on PestPatrol.
 
I just did a full scan with TH on my Win98SE box (Dutch).
I didn't get any warning from TH about PP.
Scan was on normal mode, with my resident AV/AT disabled.
 
For your info:
I don't run TH on access (only on-demand).
I don't run any part of PP on-access.
Details of TH:
===
Ruleset datestamp         : 2006-07-29
Scan kernel               : 4.0 (Cobra)
Ruleset entries           : 77230
Trojan definitions        : 29429
Detection rules           : 47801
===
I have PP version 4 standard installed.
For details see my screenshot at this DSLR update thread for 28-July-2006:
http://www.dslreports.com/forum/remark,16592843
 
« Last Edit: Jul 30th, 2006, 12:52am by Jrb » IP Logged
Jackal
Newbie
*





   


Posts: 12
Re: PestPatrol
« Reply #9 on: Jul 30th, 2006, 4:55am »
Thank you Jrb for your input.
 
I had never experienced someething like this before. I always use TH and PP on demand like you do and I run these programs for each of the user accounts in Safe Mode. I also run Quick Scan in TH a couple times a day.
 
I forgot to give another detail about this situation. TH was giving the name of the trojan as "Trojan.Generic" when it was giving a dialogbox with the Clean button on it. I couldn't locate a trojan like   this in the trojan database.
 
Regards
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #10 on: Jul 30th, 2006, 5:04am »
I suspect that trojan.generic is coming from the heuristic scanner component.  Are you still getting it?
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Jackal
Newbie
*





   


Posts: 12
Re: PestPatrol
« Reply #11 on: Jul 30th, 2006, 1:02pm »
Nope,  I'm not getting the same warning anymore. Eveyrthing is fine after installing the new version of PP.
IP Logged
Gavin_Coe
Trojan Analyst
*****





   
WWW  

Posts: 2037
Re: PestPatrol
« Reply #12 on: Aug 2nd, 2006, 5:38am »
Hi, this looks to be triggered by the new generic registry detection. We'll take a look if we can improve it some more. So far it doesn't seem to be giving false alarms, but I'll look into what you noted.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: PestPatrol
« Reply #13 on: Aug 15th, 2006, 2:06am »
Fixed and thread Locked.  Please create a new post if assistance is needed on this topic.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1    Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register