Tinba - Trojan-banker detection ?

Discussion in 'Prevx Releases' started by CloneRanger, Jun 1, 2012.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    PSO generically blocks its actions so there isn't a need to block the file itself, although I checked the MD5s and we are blocking it as of yesterday.
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ PrevxHelp

    Hi, that's good to hear :thumb: Though i havn't tested it yet.

    I just scanned the folder with the 08ab7f68c6b3a4a2a745cc244d41d213 original nasty & the same but renamed readme (2).exe that i executed as in the other thread. NO detection here ?

    p1.gif

    The screenie just shows one of the scans, but both were identical !

    Any info about the IP i mentioned ?
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It's bad in our database but the SafeOnline version uses delayed rules to prevent FPs as it is meant to be silent to the user. I haven't looked closer at the IP address at this point.
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ PrevxHelp

    First time i've heard that, considering ALL the previous tests i've done with PSOL !

    As soon as you do, please let us know your impressions :thumb:

    When i said i hadn't tested it yet, i obviously did, i was thinking of another one, sorry for the slip up.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.