Announcement

Announcement Module
Collapse
No announcement yet.

[2.Bi-Weekly]Accidental Test w/ SpyBot, Ad Aware Free, and Malwarebyte Antimalware

Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • [2.Bi-Weekly]Accidental Test w/ SpyBot, Ad Aware Free, and Malwarebyte Antimalware

    ..of course I also ran 360.

    The following was/were NOT detected by any of the above. The reason this was an 'accidental' test is it was found by Emisoft A2 Free edition and Comodo's BoClean engine (now built in to their free internet security package).

    Before attempting removal I re-ran all of the above with the highest possible detection/heuristic settings and still nothing was found.

    I confirmed this infection manually both in the registry along with finding msa.exe and other files.

    Here is a copy of a2 scan:

    a-squared Free - Version 4.5
    Last update: 10/4/2009 11:59:52 AM

    Scan settings:

    Scan type: Smart Scan
    Objects: Memory, Traces, Cookies, C:\WINDOWS\, C:\Program Files
    Scan archives: On
    Heuristics: Off
    ADS Scan: On

    Scan start: 10/4/2009 12:01:07 PM

    Key: HKEY_USERS\S-1-5-21-1482476501-1580818891-725345543-1004\software\NordBull\ detected: Trace.Registry.FraudPack!A2
    Key: HKEY_USERS\S-1-5-21-1482476501-1580818891-725345543-1004\software\PopRock\ detected: Trace.Registry.FraudPack!A2

    Scanned

    Files: 17037
    Traces: 633298
    Cookies: 53
    Processes: 35

    Found

    Files: 0
    Traces: 2
    Cookies: 0
    Processes: 0
    Registry keys: 0

    Scan end: 10/4/2009 12:23:38 PM
    Scan time: 0:22:31



    AND


    a-squared Free - Version 4.5
    Last update: 10/4/2009 11:59:52 AM

    Scan settings:

    Scan type: Custom Scan
    Objects: Memory, Traces, Cookies, C:\, C:\Documents and Settings
    Scan archives: On
    Heuristics: On
    ADS Scan: On

    Scan start: 10/4/2009 12:50:58 PM

    C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4cr0lmq.default\Cache\2ED03218d01/eboostrcp.exe detected: Trojan-Downloader.JJXE!IK

    Scanned

    Files: 3148
    Traces: 633298
    Cookies: 53
    Processes: 36

    Found

    Files: 1
    Traces: 0
    Cookies: 0
    Processes: 0
    Registry keys: 0

    Scan end: 10/4/2009 12:56:49 PM
    Scan time: 0:05:51

    C:\Documents and Settings\Jay\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4cr0lmq.default\Cache\2ED03218d01/eboostrcp.exe Quarantined Trojan-Downloader.JJXE!IK

    Quarantined

    Files: 1
    Traces: 0
    Cookies: 0
Working...
X