Spycar test not picked up...

Discussion in 'Prevx Releases' started by Tarnak, Dec 25, 2013.

Thread Status:
Not open for further replies.
  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,295
    I ran these as per this Wilders post here , earlier in the day.

    They were not detected by WSA at the time, except that when they ran my System locked an I had to
    reboot using Windows Tab + L

    My scheduled scan tonight, has now listed them as detections:

    Some legitimate files are not included in this log
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_runonceex.exe [MD5: 98A66446E975BB1B4D12E060AACFBD94] [Flags: 00080000.10387] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_run.exe [MD5: A80A5A0FDAD042DC63CF52A5EFA068F2] [Flags: 00080000.10393] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_runonceex.exe [MD5: 643F96596D6ABEE59EA1ADB375EEBE52] [Flags: 00080000.10399] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_runonce.exe [MD5: 66AB68314FC4A3DD6E5B0D52D163263B] [Flags: 00080000.10401] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\towtruck.exe [MD5: BF647E3CB88A4AFDFEFC127F90F979A3] [Flags: 00080000.6264] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\alterhostsfile.exe [MD5: 2DA00C02DFAD28FF12721D1888E7FEBE] [Flags: 00080000.10403] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-homepagelock.exe [MD5: 595411611FE6B1789B91754F3365882E] [Flags: 00080000.10405] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_runonce.exe [MD5: A376ED5F503EA11DCB8D9EC1684FD0D6] [Flags: 00080000.10408] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_run.exe [MD5: 7F066C383179C1E371DA5A176CAD962A] [Flags: 00080000.10410] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-killconnectionstab.exe [MD5: 59853082047070E000DDBE0FA276487B] [Flags: 00080000.10411] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-killadvancedtab.exe [MD5: 8FCD9147A870A43C9AA1C4FBAC3E4A4A] [Flags: 00080000.10414] [Threat: Adware.Spycar-Test]

    P.S. They also were not picked by the MBAM alpha beta at the time, and about which I have posted in Malwarebytes beta test forum which is not open to all at the moment.
     
    Tarnak, Dec 25, 2013
    #1
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It could have been locked by another process, or we recently added the "detection" for them.
     
    PrevxHelp, Dec 25, 2013
    #2
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,295
    Thanks...:thumb:

    Edit: revised post
     
    Last edited: Dec 25, 2013
    Tarnak, Dec 25, 2013
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...