| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 69414 | 2006-05-31 15:31:00 | Iopus Again | SurferJoe46 (51) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 459691 | 2006-05-31 15:31:00 | I found something very interesting about Iopus . It shows up in the Beta version scan of Spybot only . Since I use the Beta version of Spybot, it never dawned on me that Iopus even existed until last week . When I did my Spybot scan, it found it and fixed the problem . Fast forward to today; I suggested that a friend install Spybot Beta version for the increased security, and guess what? First thing outta the box, it too finds Iopus on a machine that never has shown that as a result before . I went to Google, and found this: ( . spybot . info/showthread . php?p=26775" target="_blank">forums . spybot . info) . Now I wonder; is the Beta version the only one that finds Iopus? Is it a false positive? More clarity: I also run FilAlyzer, FolderAlyzer and WebAlyzer, all from Safer Networking (Spybot's home) . Maybe Iopus is in one of them? The other machine that had the results on Iopus has just had those other utilities added too . Coincidence? BTW: a local true-geek here in my group says that Iopus does NOT have to be entered via keyboard and operator request: it can be inserted into an e-mail, arrive as a trojan in a attachment or even encrypted into the body of a jpeg . With all the rukus Iopus has caused (me assuming someone had access to my equiptment and downloading the keylogger/screenshotter/password-hacker from the internet against and without my knowledge), things have been a little (NZ term here:) dodgy . The entries look like this: Iopus: Settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\The Silicon Realms Toolworks Wincontrol: Uninstall settings (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\ST6UNST #1 . . . and then this: Hello, Both entrys (Iopus and Wincontrol) are F/Ps and will be removed from our beta detection . Thank you for your help! Markus MisterW Member of Team Spybot So, it looks like Team Spybot knows of a false positive and will fix it next week . And I was worried! :blush: |
SurferJoe46 (51) | ||
| 459692 | 2006-06-01 06:33:00 | I did wonder at the time whether it was a false-positive when you first posted about it. However, seeing you posted the registry key to clean it out in your previous post I assumed you had found that registry key in your system ruling out my false-positive theory. :p | Jen (38) | ||
| 459693 | 2006-06-02 02:15:00 | I did wonder at the time whether it was a false-positive when you first posted about it . However, seeing you posted the registry key to clean it out in your previous post I assumed you had found that registry key in your system ruling out my false-positive theory . :p Yeah, Jen . . . that's what amazes me too . . . the registry key was there, but then again, I get this message from Spybot techo-s that it's a false positive . . . could be a coincidence? I think not . . but time will tell . . BTW: there's a new Firefox update today too . . . |
SurferJoe46 (51) | ||
| 1 | |||||