Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Emsisoft AM Detection [Closed]


  • This topic is locked This topic is locked

#1
John Bull

John Bull

    Member

  • Member
  • PipPipPip
  • 146 posts
My Emsisoft AM detected 4 Registry trace threats, listed as Medium Threat. They were all by SurfSecret Keypad and have been quarantined.

I looked up SurfSecret Keypad on the web and they appear to be a reliable security vendor. I could not find anything bad said against them. I have never heard of these people and anything on my PC is not there by my invitation. They must even have got passed Sandboxie. I have never had such a by-pass before. Mind you, I have had to use a non-sandboxed access to Firefox and IE for specific reasons, but it was never on for long.

Can anybody explain why SurfSecret Keypad is regarded as a threat by Emsisoft. Is it a case of false positive ? Also, how did this vendors product get into my system when I have never even heard of them let alone clicked on their site ?
  • 0

Advertisements


#2
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

sorry for the late reply.

Can you please give the exact registry items that lavasoft found?

regards myrti
  • 0

#3
John Bull

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Hi,

sorry for the late reply.

Can you please give the exact registry items that lavasoft found?

regards myrti

Hi mrti and thanks.

I only have the Emsisoft (not Lavasoft) Quarantine list and it truncates the items. Here is the screen shot :-

Emsisoft Q.JPG

The Source is too long to reproduce, but it ends "InprocServer32-->Threading Model" and the Behaviour/Infection is "Trace.Registry.SurfSecret.KeyPad 2.1!A2"

They look like false positives to me, but I would like confirmation. Like I said, SurfSecret do not appear to be disreputable.
  • 0

#4
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

SurfSecret is down for me and I can't reach their homepage. It seems A-squared has been classifying them as adware for years, but I can't check for myself just why they're targeting it. It's quite possible that the detection is not (or no longer) justified.

regards myrti
  • 0

#5
John Bull

John Bull

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts

Hi,

SurfSecret is down for me and I can't reach their homepage. It seems A-squared has been classifying them as adware for years, but I can't check for myself just why they're targeting it. It's quite possible that the detection is not (or no longer) justified.

regards myrti


Hello again myrti,

Thank you. I reckon your feelings and my own just about kills my query, unless somebody else comes in on it.
None of my other programs pick up these items - Hitman Pro, MBAM or AVG 2012.

So I will let it RIP. Thanks for your help.

Edited by John Bull, 06 January 2012 - 03:54 PM.

  • 0

#6
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

well, if you search long enough... Found this review saying that keypad creates a toolbar. This could explain the detection.. Toolbars are usually a thorn in the eye of most security workers... They tend to do all kind of things they shouldn't, often are installed without querying the user for their consent and are rarely to never really used by the user.

I don't think there is any harm in keeping Keypad if you like what it offers.

regards myrti
  • 0

#7
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP