Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro

Page 2 of 4 FirstFirst 1234 LastLast

  1. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #11

    Can you give me an example of a share sitr?Thanks.

    UPDATE:MSE seems to be holding it at bay.Restarted a couple of times and everything is cool runnings-so far.

    EDIT:AV Security Suite is exactly the name of the "scanner" that came with it.
      My Computer

  2.   My Computer


  3. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #13

    OK.
      My Computer


  4. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #14
      My Computer


  5. Posts : 112
    7
       #15

    kfsuiwvtssd.exe - Result: 14/41 (34.15%
    Virustotal. MD5: e86fe76999d536d68199241e8de64235 Trojan.FakeAV Trojan.Generic.KD.17354 Win32/Adware.SpywareProtect2009
    Installed into a VM where MBAM is used as on demand.

    After the rogue is installed mbam.exe is blocked from starting so I use opera.exe to get mbam up and running.

    Updated MBAM and quick scan found and deleted this rogue which was a goner on reboot.

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-one.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-two.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-three.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-four.jpg
      My Computer


  6. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #16

    Scanning............


    Jaxryley said:
    kfsuiwvtssd.exe - Result: 14/41 (34.15%
    Virustotal. MD5: e86fe76999d536d68199241e8de64235 Trojan.FakeAV Trojan.Generic.KD.17354 Win32/Adware.SpywareProtect2009
    Installed into a VM where MBAM is used as on demand.

    After the rogue is installed mbam.exe is blocked from starting so I use opera.exe to get mbam up and running.

    Updated MBAM and quick scan found and deleted this rogue which was a goner on reboot.

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-one.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-two.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-three.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-four.jpg
      My Computer


  7. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #17

    WORD!


    Much apreciated.
    Repped.

    About 15 hours of this.The main thing was getting my laptop up and running so I could get help with this.What a B****!I don't have another rig,so.........

    See ya again,Jaxryley.Good Job.


    bludgard69 said:
    Scanning............


    Jaxryley said:
    kfsuiwvtssd.exe - Result: 14/41 (34.15%
    Virustotal. MD5: e86fe76999d536d68199241e8de64235 Trojan.FakeAV Trojan.Generic.KD.17354 Win32/Adware.SpywareProtect2009
    Installed into a VM where MBAM is used as on demand.

    After the rogue is installed mbam.exe is blocked from starting so I use opera.exe to get mbam up and running.

    Updated MBAM and quick scan found and deleted this rogue which was a goner on reboot.

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-one.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-two.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-three.jpg

    Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-four.jpg
    Attached Thumbnails Attached Thumbnails Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro-h.png  
      My Computer


  8. Posts : 112
    7
       #18

    Great stuff, glad you got it sorted!
      My Computer


  9. Posts : 112
    7
       #19

    I've just reran the microjoin exploit that downloads heaps including an installer for the rogue AV Security Suite and this new morphed installer goes zero day over Jottis.
    ouyuerdtssd.exe - Scan finished. 0 out of 19 scanners reported malware.
    ouyuerdtssd.exe - Jotti's malware scan

    So in effect this one would bypass just about every major AV/AM until they get a hold of it and added to their definitions. And yes, MBAM doesn't hit this one as yet either but will within the next update or two.

    When most AV's start hitting this exe the rogue authors will release a new morphed version making sure it's not detected by most.

    Dunno what's up with Virus Total but seems to be playing up a bit lately?
      My Computer


  10. Posts : 241
    MS Windows 7 Home Premium 64-bit
    Thread Starter
       #20

    Sleepy


    Very interesting stuff.First time Anything has taken control of my lappy.Glad I have some support.I'll be back on later.Thing's got my eyes gritty.No monies to pay ransome fees.

    See ya later!



    Jaxryley said:
    I've just reran the microjoin exploit that downloads heaps

    including an installer for the rogue AV Security Suite and this new morphed installer goes zero day over Jottis.
    ouyuerdtssd.exe - Scan finished. 0 out of 19 scanners reported malware.
    ouyuerdtssd.exe - Jotti's malware scan

    So in effect this one would bypass just about every major AV/AM until they get a hold of it and added to their definitions. And yes, MBAM doesn't hit this one as yet either but will within the next update or two.

    When most AV's start hitting this exe the rogue authors will release a new morphed version making sure it's not detected by most.

    Dunno what's up with Virus Total but seems to be playing up a bit lately?
      My Computer


 
Page 2 of 4 FirstFirst 1234 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:04.
Find Us