AVG Antispy v Superantispyware

essexboy · October 20, 2007, 6:37pm

I thought I would share this taken from another thread I was working to show the difference between the two programmes… AVG was run first and SAS straight afterwards

[quote] ---------------------------------------------------------
AVG Anti-Spyware - Scan Report

Created at: 9:38:46 AM 10/17/2007
Scan result:

Nothing found.

::Report end

SUPERANTISPYWARE LOG:

SUPERAntiSpyware Scan Log
Generated 10/17/2007 at 11:12 AM

Application Version : 3.6.1000

Core Rules Database Version : 3326
Trace Rules Database Version: 1327

Scan type : Complete Scan
Total Scan Time : 01:04:18

Memory items scanned : 455
Memory threats detected : 1
Registry items scanned : 5179
Registry threats detected : 29
File items scanned : 50837
File threats detected : 23

Adware.Vundo Variant
C:\WINDOWS\SYSTEM32\YLEGSOOJ.DLL
C:\WINDOWS\SYSTEM32\YLEGSOOJ.DLL
HKLM\Software\Classes\CLSID{868865EC-0295-4C7D-B25D-9F65314145E9}
HKCR\CLSID{868865EC-0295-4C7D-B25D-9F65314145E9}
HKCR\CLSID{868865EC-0295-4C7D-B25D-9F65314145E9}\InprocServer32
HKCR\CLSID{868865EC-0295-4C7D-B25D-9F65314145E9}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\JKKIHHI.DLL
HKLM\Software\Classes\CLSID{F36BE10B-1F0E-48FD-B0A5-61BB0DFEFF7B}
HKCR\CLSID{F36BE10B-1F0E-48FD-B0A5-61BB0DFEFF7B}
HKCR\CLSID{F36BE10B-1F0E-48FD-B0A5-61BB0DFEFF7B}\InprocServer32
HKCR\CLSID{F36BE10B-1F0E-48FD-B0A5-61BB0DFEFF7B}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\MLJJI.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{868865EC-0295-4C7D-B25D-9F65314145E9}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{F36BE10B-1F0E-48FD-B0A5-61BB0DFEFF7B}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{868865EC-0295-4C7D-B25D-9F65314145E9}
HKCR\CLSID{868865EC-0295-4C7D-B25D-9F65314145E9}
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104517.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104518.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104519.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104520.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104521.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104525.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104526.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104527.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104529.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104532.DLL
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104539.DLL

Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID{5ADF3862-9E2E-4ad3-86F7-4510E6550CD0}
HKCR\CLSID{5ADF3862-9E2E-4AD3-86F7-4510E6550CD0}
HKCR\CLSID{5ADF3862-9E2E-4AD3-86F7-4510E6550CD0}\InprocServer32
HKCR\CLSID{5ADF3862-9E2E-4AD3-86F7-4510E6550CD0}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\LTJMMXUS.DLL
HKLM\Software\Classes\CLSID{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}
HKCR\CLSID{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}
HKCR\CLSID{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}\InprocServer32
HKCR\CLSID{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\UVTJBVSG.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{CF46BFB3-2ACC-441b-B82B-36B9562C7FF1}
HKCR\CLSID{5ADF3862-9E2E-4AD3-86F7-4510E6550CD0}
HKCR\CLSID{CF46BFB3-2ACC-441B-B82B-36B9562C7FF1}

Trojan.Downloader-CREW
HKLM\Software\Classes\CLSID{BD1C0106-0410-4CB1-8A24-F19444BDCF8b}
HKCR\CLSID{BD1C0106-0410-4CB1-8A24-F19444BDCF8B}
HKCR\CLSID{BD1C0106-0410-4CB1-8A24-F19444BDCF8B}\InprocServer32
HKCR\CLSID{BD1C0106-0410-4CB1-8A24-F19444BDCF8B}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\NCPDLPUR.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{BD1C0106-0410-4CB1-8A24-F19444BDCF8b}
C:\SYSTEM VOLUME INFORMATION_RESTORE{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP614\A0104535.DLL
C:\WINDOWS\SYSTEM32\GOOBNYRP.DLL
C:\WINDOWS\SYSTEM32\HMPNNBTM.DLL
C:\WINDOWS\SYSTEM32\PKBOUJTD.DLL
C:\WINDOWS\SYSTEM32\XVQXHQBC.DLL
C:\WINDOWS\SYSTEM32\YEPMYFDQ.DLL

Adware.Web Buying
HKU\S-1-5-21-62870733-1741843920-2357477323-1009\Software\WebBuying

Food for thought, this is a genuine infected machine before I started work on it

oldman960 · October 20, 2007, 6:45pm

That’s a huge difference. I’ve noticed on other forums, SAS is getting more use, especially in vundo cases.

system · October 20, 2007, 6:54pm

Ewido was bought by Grisoft, not Symantec

oldman960 · October 20, 2007, 7:04pm

Sorry, I had norton on the brain from something else was reading. Will remove the slight on symantec.

DavidR · October 20, 2007, 7:26pm

It would look like the development since Grisoft bought out Ewido as not kept pace with the competition. However since they are both on-demand there is no problem of having both installed.

system · October 20, 2007, 10:16pm

I think each Antispyware are specializing against a specific kind of spyware. It’s like diet, you must eat everything to be in shape!

system · October 20, 2007, 10:19pm

I have only two options Superantispyware Pro lifetime edition and A-squared Antimalware. They’re the best!Best Regards.

AVG Antispy v Superantispyware

[quote] --------------------------------------------------------- AVG Anti-Spyware - Scan Report

SUPERANTISPYWARE LOG:

Announcements

[quote] ---------------------------------------------------------
AVG Anti-Spyware - Scan Report