here is a good one.

Discussion in 'other anti-malware software' started by trjam, Oct 10, 2009.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Not posting links but screrenshots. Prevx, MSE and F-Secure did not even detect this rogue. The funny thing is it will not let MBAM start. Well it will, but when I hit scan it closes it. Going reboot in safe mode to try because I would really like to see what trojan it is.
     

    Attached Files:

  2. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    seems like a nasty one.
     
  3. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    try MBAM againts it ;)
     
  4. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    he said MBAM crashes when u try to scan
     
  5. Morro

    Morro Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    353
    Location:
    Netherlands
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    did he tried in safe mode?:D
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
    installing anti-malware on a infected system...? funny dude
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    well some times you have to find a solution when it is necesery;) .for testing i know it doesnt make sense:D
     
  9. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    it was a nasty bugger. Got the link if you want it. Deleted snapshot cleared it. But no one detected it except MBAM in safe mode.
     
  11. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i knew it;) :D :thumb:
     
  12. chrome_sturmen

    chrome_sturmen Registered Member

    Joined:
    Apr 29, 2006
    Posts:
    785
    Location:
    Sverige
    trjam, once i got a virus that hooked into all my snapshots - no matter which i booted to, the virus was present ;( it was bad, i had to format, restore from an image, and then catch my snapshots up from archives. be careful on the playground *puppy*
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    well, to be a totally honest man, why do you think I have not been here all day till now.:doubt:
     
  14. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    This computer needed a good cleanng. I did try it in ShadowDefender and it did get rid of it on reboot.:thumb:
     
  15. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    There is very interesting tool called Remove Fake Antivirus. It is real antimalware, not a rogue (as it seems :D) . Do not have much experience with this tool but, IMHO, this antirogue deserve our attention.
     
    Last edited: Oct 10, 2009
  16. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Do you have DW realtime? If not, it would be interesting to see if MBAM would detect the malware on download/install/execution as opposed to just on demand
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    cool:D that is the way to go man;)
     
  18. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    Thanks kasperking and Zimzi for the links.
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    is this as good as Mbam?
     
  20. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Hi, could you please PM me the link. Thank you :)
     
    Last edited: Oct 10, 2009
  21. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    No offense but let me ask what is special about this malware, and testing a single rouge application against signature based products. Hmmm...
     
  22. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    nothing really, just something that happened.
     
  23. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    And I sure as heck coulnt try Geswall since all I get are BSODs since the new version came out.:cautious:
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    get DefenseWall as a replacement;)
     
  25. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Gave this Cyber Security rogue a run in a vm but seems vm/sandbox aware so ran it on a Returnil Win 7.

    MBAM would only run for a sec or two then shutdown.

    Then I created the below reg entry then killed Cyber Security through taskmanager which stayed dead then ran MBAM which successfully ran to completion and got rid of the rogue. :thumb:
     
Loading...
Thread Status:
Not open for further replies.