here is a good one.

Discussion in 'other anti-malware software' started by trjam, Oct 10, 2009.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    Not posting links but screrenshots. Prevx, MSE and F-Secure did not even detect this rogue. The funny thing is it will not let MBAM start. Well it will, but when I hit scan it closes it. Going reboot in safe mode to try because I would really like to see what trojan it is.
     

    Attached Files:

  2. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    seems like a nasty one.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    try MBAM againts it ;)
     
  4. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    he said MBAM crashes when u try to scan
     
  5. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    355
    Location:
    Netherlands
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    did he tried in safe mode?:D
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    installing anti-malware on a infected system...? funny dude
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    well some times you have to find a solution when it is necesery;) .for testing i know it doesnt make sense:D
     
  9. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    it was a nasty bugger. Got the link if you want it. Deleted snapshot cleared it. But no one detected it except MBAM in safe mode.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    i knew it;) :D :thumb:
     
  12. chrome_sturmen

    chrome_sturmen Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    875
    Location:
    Sverige
    trjam, once i got a virus that hooked into all my snapshots - no matter which i booted to, the virus was present ;( it was bad, i had to format, restore from an image, and then catch my snapshots up from archives. be careful on the playground *puppy*
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    well, to be a totally honest man, why do you think I have not been here all day till now.:doubt:
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    This computer needed a good cleanng. I did try it in ShadowDefender and it did get rid of it on reboot.:thumb:
     
  15. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    There is very interesting tool called Remove Fake Antivirus. It is real antimalware, not a rogue (as it seems :D) . Do not have much experience with this tool but, IMHO, this antirogue deserve our attention.
     
    Last edited: Oct 10, 2009
  16. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    Do you have DW realtime? If not, it would be interesting to see if MBAM would detect the malware on download/install/execution as opposed to just on demand
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    cool:D that is the way to go man;)
     
  18. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Thanks kasperking and Zimzi for the links.
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    is this as good as Mbam?
     
  20. BrendanK.

    BrendanK. Guest

    Hi, could you please PM me the link. Thank you :)
     
    Last edited by a moderator: Oct 10, 2009
  21. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    No offense but let me ask what is special about this malware, and testing a single rouge application against signature based products. Hmmm...
     
  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    nothing really, just something that happened.
     
  23. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    And I sure as heck coulnt try Geswall since all I get are BSODs since the new version came out.:cautious:
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    get DefenseWall as a replacement;)
     
  25. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Gave this Cyber Security rogue a run in a vm but seems vm/sandbox aware so ran it on a Returnil Win 7.

    MBAM would only run for a sec or two then shutdown.

    Then I created the below reg entry then killed Cyber Security through taskmanager which stayed dead then ran MBAM which successfully ran to completion and got rid of the rogue. :thumb:
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.