Spycar test not picked up...

Discussion in 'Prevx Releases' started by Tarnak, Dec 25, 2013.

Thread Status:
Not open for further replies.
  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I ran these as per this Wilders post here , earlier in the day.

    They were not detected by WSA at the time, except that when they ran my System locked an I had to
    reboot using Windows Tab + L

    My scheduled scan tonight, has now listed them as detections:

    Some legitimate files are not included in this log
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_runonceex.exe [MD5: 98A66446E975BB1B4D12E060AACFBD94] [Flags: 00080000.10387] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_run.exe [MD5: A80A5A0FDAD042DC63CF52A5EFA068F2] [Flags: 00080000.10393] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_runonceex.exe [MD5: 643F96596D6ABEE59EA1ADB375EEBE52] [Flags: 00080000.10399] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hkcu_runonce.exe [MD5: 66AB68314FC4A3DD6E5B0D52D163263B] [Flags: 00080000.10401] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\towtruck.exe [MD5: BF647E3CB88A4AFDFEFC127F90F979A3] [Flags: 00080000.6264] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\alterhostsfile.exe [MD5: 2DA00C02DFAD28FF12721D1888E7FEBE] [Flags: 00080000.10403] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-homepagelock.exe [MD5: 595411611FE6B1789B91754F3365882E] [Flags: 00080000.10405] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_runonce.exe [MD5: A376ED5F503EA11DCB8D9EC1684FD0D6] [Flags: 00080000.10408] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\hklm_run.exe [MD5: 7F066C383179C1E371DA5A176CAD962A] [Flags: 00080000.10410] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-killconnectionstab.exe [MD5: 59853082047070E000DDBE0FA276487B] [Flags: 00080000.10411] [Threat: Adware.Spycar-Test]
    c:\documents and settings\<My Name>\desktop\spycar_tests\ie-killadvancedtab.exe [MD5: 8FCD9147A870A43C9AA1C4FBAC3E4A4A] [Flags: 00080000.10414] [Threat: Adware.Spycar-Test]

    P.S. They also were not picked by the MBAM alpha beta at the time, and about which I have posted in Malwarebytes beta test forum which is not open to all at the moment.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It could have been locked by another process, or we recently added the "detection" for them.
     
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    Thanks...:thumb:

    Edit: revised post
     
    Last edited: Dec 25, 2013
Thread Status:
Not open for further replies.