Author Topic: http://www.13lune.it/171811.php mas mailer from my outlook this morning  (Read 3114 times)

0 Members and 1 Guest are viewing this topic.

rmerrick

  • Guest
http://www.13lune.it/171811.php
i got 70+ mail bounces come back to me with this address in them.
avast didnt find the worm.

rmerrick

  • Guest
malwarebytes found it. Avast8 let it through


Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ray Merrick :: RAYM-PC [limited]

Protection: Enabled

20/03/2013 8:55:43 AM
mbam-log-2013-03-20 (08-55-43).txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 249133
Time elapsed: 1 minute(s), 27 second(s)

Memory Processes Detected: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 4000 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Delete on reboot.

(end)

rmerrick

  • Guest
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ray Merrick :: RAYM-PC [limited]

Protection: Enabled

20/03/2013 9:04:16 AM
mbam-log-2013-03-20 (09-04-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291344
Time elapsed: 2 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Ray Merrick\AppData\Local\Temp\CSM49CD.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Ray Merrick\AppData\Local\Temp\Temp1_ISOBuster_Pro_v1[1].6.0.19.zip\IsoBuster.Pro.v1.6.0.19-ROR\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

Offline davexnet

  • Poster
  • *
  • Posts: 540
It's interesting, even with it's "cloud intelligence" , Avast still seems second best when it comes to
detecting these issues.  There has been a few incidents in the last week where Malwarebytes
detected something Avast happily let into the system.

Avast is working well in my XP system, but I don't think it should be beaten by some of these other
anti-malware packages.
AMD FX-4300 4GB DDR3
avast free 2279 (Windows XP), MBAM free

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Quote
malwarebytes found it. Avast8 let it through
not a virus but detected as riskware by malwarebytes......so it may be detected by avast PUP scan
PUP = not a virus/Possible Unwanted Program



Quote
C:\Users\Ray Merrick\AppData\Local\Temp\Temp1_ISOBuster_Pro_v1[1].6.0.19.zip\IsoBuster.Pro.v1.6.0.19-ROR\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
Quote
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Delete on reboot.

This file is not a virus. It is used to crack Microsoft office2010.When Microsoft office2010 is cracked, you no longer need to activate Microsoft office2010 and pay for it.

So what to expect when running keygen and crack software.   ::)


« Last Edit: March 20, 2013, 12:09:10 AM by Pondus »