Some weird entries in MS Antispyware results

[Baffled]

In general, I am quite careful with installing software and
browsing...suspicious sites.
After running MS AS Beta, 3 entries appeared:
1. Two entries for SearchSquire (Adaware) in the Registry,
(in Internet Settings/ZoneMap/Domains/SearchSquire.com);
any idea what these "Domains" under "ZoneMap" are??

2. Over 4,000 entries for Incredifind (Adware). These are
in fact Registry entries for Visicommedia's Ace AHTML Pro 5
(a web page authoring software). It appears (???) that the
entire software is adware-related, which is hard to
believe. Anyone got any views on that?

3. Four entries for XferPro (Trojan), all Registry entries
related to the ".xx" file type.

If someone could help in the interpretation of the results
(especially point 2), this would be greatly appreciated.

 

[Baffled]

-----Original Message-----
In general, I am quite careful with installing software and
browsing...suspicious sites.
After running MS AS Beta, 3 entries appeared:
1. Two entries for SearchSquire (Adaware) in the Registry,
(in Internet Settings/ZoneMap/Domains/SearchSquire.com);
any idea what these "Domains" under "ZoneMap" are??

2. Over 4,000 entries for Incredifind (Adware). These are
in fact Registry entries for Visicommedia's Ace AHTML Pro 5
(a web page authoring software). It appears (???) that the
entire software is adware-related, which is hard to
believe. Anyone got any views on that?

3. Four entries for XferPro (Trojan), all Registry entries
related to the ".xx" file type.

If someone could help in the interpretation of the results
(especially point 2), this would be greatly appreciated.
.

Did some reserach (sorry for not doing it before posting
for the first time).

The first entry is probably a silly mistake by MSAS as it
refers to a domain that is among the sites placed in the
"Restricted Sites" within "Internet Options"

The third entry is probably related to the Zip Genius
software, as suggested on this page
http://filext.com/detaillist.php?extdetail=XX
Also hard to believe that this programme is Trojan-related.

Am I the only one here who's getting the feeling that all
entries in the MSAS results are most probably false alarms?

 

[Bill Sanderson]

Am I the only one here who's getting the feeling that all
entries in the MSAS results are most probably false alarms?

Don't sell it short. Yes, I (and we) are seeing some false positives on
machines which are kept pretty clean. However, independent third-party
testing has rated the product this beta is based on quite highly compared to
others with the same focus--so I wouldn't let a few glitches like those you
are seeing keep you from evaluating the basic worth of the program--take a
look at all the stuff the agents are monitoring.

 

[Hilarion]

2. Over 4,000 entries for Incredifind (Adware). These are

in fact Registry entries for Visicommedia's Ace AHTML Pro 5
(a web page authoring software). It appears (???) that the
entire software is adware-related, which is hard to
believe. Anyone got any views on that?

Same results with me (AceHTML 5 Free, also when uninstalled).
All reported registry entries seem to be configuration entries of this application.
They are in: HKEY_CURRENT_USER\Software\Visicom Media\AceHTML 5 Freeware
(and one is HKEY_CURRENT_USER\Software\Visicom Media).



The report states:

IncrediFind
Type: Adware
Threat Level: High
Author: Euniverse.com Inc., incredifind.com
Description: IncrediFind is an Internet Explorer browser helper object (BHO) that changes your Internet Explorer error page to its
own page and displays pop-up advertising.
Advice: This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy.
About Adware: Adware is generally software that displays advertisements. Some advertisers may covertly install adware on your system
and generate a stream of unsolicited advertisements that can clutter your desktop and affect your productivity. The advertisements
may also contain pornographic or other material that you might find inappropriate. The extra processing required to track you or to
display advertisements can tax your computer and hurt your system performance.


The "AceHTML 5 Free" software has nothing to do with "Euniverse.com Inc." or "incredifind.com" and is not BHO.


I hope that this information will be used in final release of MS AntiSpyware to avoid this false alarm. (Or better, that it'll
update the spyware database of MS AntiSpyware and make Beta better.)

Hilarion

 

[Bill Sanderson]

Thanks for this report. It is best to report false positives in the
..signatures group, but Microsoft monitors all these groups.