Spyware Cleaner.exe

Discussion in 'ESET NOD32 Antivirus' started by beethoven, May 17, 2010.

Thread Status:
Not open for further replies.
  1. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    Just noticed during a routine scan of the network that one of the pc was infected by

    In fact doing the scan remotely only advised of the infection, I then did a scan at the pc and had it cleaned as above.

    I am wondering why this was not detected earlier (not trying to blame - just trying to understand;) ) - as I have been doing these scans for more than a year. The dates of the files in this folder are 2006 and older. Can you trust these dates, meaning they have been sitting there for that long?

    Did NOD only now include a definition for this particular malware ? If the user had executed the file, would NOD have interfered earlier?
     
  2. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    Many of these rogue applications fake the file timestamps, I guess in hope of not being detected by tools that scan for files created in the last 'x' amount of days. Most likely it is a very recent threat and was detected when ESET added a signature for it.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    As you can see, it's detected as an unwanted application. Make sure you have detection of potentially unwanted applications enabled on the client to ensure that similar rogue malware is detected.
     
  4. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    Well, as it is not my own pc I cannot be totally sure but I know the person using this pc. I think it is highly unlikely that she would have installed this as a program herself recently and she is not the type to surf . Is there any info on when detection for this was added?

    I found some info on this file going back to 2008, so it's not a very new threat.
     
Thread Status:
Not open for further replies.