BoClean caught something....i think.

Discussion in 'other anti-trojan software' started by Kegel, Feb 27, 2005.

Thread Status:
Not open for further replies.
  1. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159
    02/27/2005 21:30:56: SCHOOLBUS SMS TROJAN STOPPED by BOCLEAN!
    Trojan horse was found in memory.
    E:\TEMP\A~NSISU_.EXE contained the trojan.
    Active trojan horse WAS shut down. System now safe.


    Was this a real catch? It happened as I uninstalled MindRover (game).
     
  2. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi Kegel,

    Did you have "Keep copy of trojan as evidence" enabled in BOClean's configuration? If you did, you can submit it for analysis.

    Nick
     
  3. controler

    controler Guest

    Here is an alert I got today while installing ABC Torrent, I didn't keep the copy but you can always duplicate this by trying to install ABC Torrent.

    02/27/2005 10:00:31: DESKADSERV TROJAN VARIANT STOPPED!
    Trojan horse was found in memory.
    C:\PROGRAM FILES\PREVIEW ADSERVICE\PREVADSERV.EXE contained the trojan.
    Active trojan horse WAS shut down. System safe.

    Appears BoClean targets some spyware also :D

    What is Preview AdService?
    ---------------------
    Preview AdService is free ad delivery software which provides targeted advertising offers.


    How did Preview AdService get installed on your computer?
    ----------------------------------------------------
    You downloaded Preview AdService from a Website that is able to offer its content for free because
    it shows the Preview AdService ActiveX popup. The Preview AdService program is installed only once the user
    has agreed on it by clicking on “yes”. Through the ActiveX, the user can review the license terms
    and privacy policy before installing the software. Each and every distributor is carefully reviewed
    to make sure that their distribution techniques abide by a strict code of conduct.

    If you do not remember having seen an ActiveX prompt, you might have downloaded Preview AdService from a
    popular free software product (screensavers, games, file sharing software, etc.). Users always will
    have to opt-in before installing the Preview AdService software.


    Removal instructions:
    ---------------------
    Preview AdService supports many free software products through its advertising relevancy technology.
    If you remove Preview AdService from your system, certain free software that you installed may no longer
    function properly and you may have to reinstall them from a backup.

    If you are sure that you want to remove Preview AdService from your computer just follow these two easy steps:

    1) Click Start -> Control Panel -> Add/Remove Programs

    2) Scroll to Preview AdService and click Remove


    End User License Agreement:
    ---------------------------
    Please find an up to date copy of Preview AdService's End User License Agreement at
    http://www.windupdates.com/license.html


    Bruce
     
    Last edited by a moderator: Feb 27, 2005
  4. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
  5. controler

    controler Guest

  6. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Makes sense. I tested the install from my link and did not find a "C:\PROGRAM FILES\PREVIEW ADSERVICE\PREVADSERV.EXE". I will check your link out.

    Nick
     
  7. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
  8. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O

    you'll be positively surprised on how much spyware BoClean actually nails ;) ;) :D
     
  9. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Yes. If I could have nothing else I would have BoClean and a solid AntiVirus, even if it meant using Windows SP2 Firewall for lack of $$. I think BO is that good. ;) :-*
     
Thread Status:
Not open for further replies.