[John Bull]

My Emsisoft AM detected 4 Registry trace threats, listed as Medium Threat. They were all by SurfSecret Keypad and have been quarantined.

I looked up SurfSecret Keypad on the web and they appear to be a reliable security vendor. I could not find anything bad said against them. I have never heard of these people and anything on my PC is not there by my invitation. They must even have got passed Sandboxie. I have never had such a by-pass before. Mind you, I have had to use a non-sandboxed access to Firefox and IE for specific reasons, but it was never on for long.

Can anybody explain why SurfSecret Keypad is regarded as a threat by Emsisoft. Is it a case of false positive ? Also, how did this vendors product get into my system when I have never even heard of them let alone clicked on their site ?

[Advertisements]

Hi,

sorry for the late reply.

Can you please give the exact registry items that lavasoft found?

regards myrti

[myrti]

Hi,

sorry for the late reply.

Can you please give the exact registry items that lavasoft found?

regards myrti

[John Bull]

Hi,

sorry for the late reply.

Can you please give the exact registry items that lavasoft found?

regards myrti

Hi mrti and thanks.

I only have the Emsisoft (not Lavasoft) Quarantine list and it truncates the items. Here is the screen shot :-



The Source is too long to reproduce, but it ends "InprocServer32-->Threading Model" and the Behaviour/Infection is "Trace.Registry.SurfSecret.KeyPad 2.1!A2"

They look like false positives to me, but I would like confirmation. Like I said, SurfSecret do not appear to be disreputable.

[myrti]

Hi,

SurfSecret is down for me and I can't reach their homepage. It seems A-squared has been classifying them as adware for years, but I can't check for myself just why they're targeting it. It's quite possible that the detection is not (or no longer) justified.

regards myrti

[John Bull]

Hi,

SurfSecret is down for me and I can't reach their homepage. It seems A-squared has been classifying them as adware for years, but I can't check for myself just why they're targeting it. It's quite possible that the detection is not (or no longer) justified.

regards myrti

Hello again myrti,

Thank you. I reckon your feelings and my own just about kills my query, unless somebody else comes in on it.
None of my other programs pick up these items - Hitman Pro, MBAM or AVG 2012.

So I will let it RIP. Thanks for your help.

Edited by John Bull, 06 January 2012 - 03:54 PM.

[myrti]

Hi,

well, if you search long enough... Found this review saying that keypad creates a toolbar. This could explain the detection.. Toolbars are usually a thorn in the eye of most security workers... They tend to do all kind of things they shouldn't, often are installed without querying the user for their consent and are rarely to never really used by the user.

I don't think there is any harm in keeping Keypad if you like what it offers.

regards myrti

[myrti]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.