What is Cloaked malware?

Discussion in 'Prevx Releases' started by reevesloh, Sep 13, 2009.

Thread Status:
Not open for further replies.
  1. reevesloh

    reevesloh Registered Member

    Joined:
    Jul 6, 2009
    Posts:
    160
    Halo,me download Prevx3.0 and scanning my computer.And the result it found that my window "svchost.eve" is a cloaked threat.I try to send it to analysis but gmail are not allow me to attach a file.So i click it as false malware.But i still worries so it is ok for my PC.What is a effect if my PC has infect by cloaked malware?Any symptom?I already send that log file to sample@prevxsearch.com and wait the result!
     

    Attached Files:

    • Help.JPG
      Help.JPG
      File size:
      93.9 KB
      Views:
      260
    Last edited: Sep 13, 2009
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello,
    The detections do not appear to be false positives - we recommend either using Prevx to remove the files or removing the manually.

    Please let us know if you have any other questions. The files in your log come from cracks which have been modified to drop malware on to the system.
     
  3. reevesloh

    reevesloh Registered Member

    Joined:
    Jul 6, 2009
    Posts:
    160
    )Any other solution for me?If i dun deleted it could it harm my PC?Or if i send the log file to my ESS4 security center could they settle for me?Coz just now i still studing so i dun have such cost yet...Please help me!!
     
    Last edited: Sep 14, 2009
  4. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,016
    You have two options.

    The first is to buy the removal license at Prevx at least and get rid of such malware.

    or

    You can report that suspicious file for perusal to Eset as per their KBs and wait for their release of AV definition which might be able to identify and remove it.

    However as we are in Prevx forum, I definitely call for the first option but in the same way I understand your arguments. So the second one is the only option for you but you will have to fully rely on Eset they will do their homework.

    To Prevx moderators: I don't know if any relations to other vendors are allowed here, so please forgive me if it is not the case. I am still newbie in Prevx forum and product itself.
     
  5. reevesloh

    reevesloh Registered Member

    Joined:
    Jul 6, 2009
    Posts:
    160
    The only thing i can hope is hope Eset can help me coz me nid to play study cost and a lot lot..U know la life in malaysia is very hard....So cannot afford it lo
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You should be able to delete it manually by opening the folder by click Start > Run and opening: c:\documents and settings\user\local settings\temp\

    and then deleting the file svchost.exe

    Then open: c:\program files\konami\pro evolution soccer 2009\

    and delete the file pro evolution soccer 2009 trainer.exe (which is more of a riskware threat so it should be easy to remove).

    Let me know if you have any problems with this :)
     
  7. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I recently decided to try out Prevx also. It then scanned the computer & identified the the portable APP Free Commander in almost the same way. I went to Prevx's site & read their description sure enough it was cloaked malware & identified the developer of free commander as the distributor. Well I deleted the file but I wonder about this. NOD32, AVIRA, AVAST, Super Antispyware & A2 do not identify this file as malware. This is very strange to me. The files source was a far as I can remember the official site. Now I do not particularly like the way prevx markets by identifying malware & then trys to encourage you to spend money for removal but they are in business to make money & I suppose its a valid concept to market this way. I really wonder if Free commander is "Cloaked Malware" or if there is some other explanation especially in light of a bunch of other AVs & malware scanners who think that there is no problem.
     
  8. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    There was an exploit / malware targeted at software developers.
    This might be an example of that.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    If you have a copy of this file still, could you please follow these instructions to send it to us: https://www.wilderssecurity.com/showthread.php?t=245129

    Thank you :)
     
Thread Status:
Not open for further replies.