Tinba - Trojan-banker detection ?

Discussion in 'Prevx Releases' started by CloneRanger, Jun 1, 2012.

Thread Status:
Not open for further replies.
  1. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    PSO generically blocks its actions so there isn't a need to block the file itself, although I checked the MD5s and we are blocking it as of yesterday.
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ PrevxHelp

    Hi, that's good to hear :thumb: Though i havn't tested it yet.

    I just scanned the folder with the 08ab7f68c6b3a4a2a745cc244d41d213 original nasty & the same but renamed readme (2).exe that i executed as in the other thread. NO detection here ?

    p1.gif

    The screenie just shows one of the scans, but both were identical !

    Any info about the IP i mentioned ?
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It's bad in our database but the SafeOnline version uses delayed rules to prevent FPs as it is meant to be silent to the user. I haven't looked closer at the IP address at this point.
     
  5. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ PrevxHelp

    First time i've heard that, considering ALL the previous tests i've done with PSOL !

    As soon as you do, please let us know your impressions :thumb:

    When i said i hadn't tested it yet, i obviously did, i was thinking of another one, sorry for the slip up.
     
Thread Status:
Not open for further replies.