Author Topic: Is this being detected as PUP?  (Read 3384 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Is this being detected as PUP?
« on: December 02, 2011, 08:28:57 PM »
Considering this DrWeb URL checker scan:

Checking: -http://ld.mediaget.com/index.php?l=es&&&&&&&&r=x-taringa.com&&&&&&&&f=directory_opus_95503889_x86/x64&&&&&&&&s=Directory
Engine version: 5.0.2.3300
Total virus-finding records: 2861181
File size: 779.67 KB
File MD5: 4823a4950f2ba5b4838fbd0e3c5e827c

-http://ld.mediaget.com/index.php?l=es&&&&&&&&r=x-taringa.com&&&&&&&&f=directory_opus_95503889_x86/x64&&&&&&&&s=Directory packed by UPX
>-http://ld.mediaget.com/index.php?l=es&&&&&&&&r=x-taringa.com&&&&&&&&f=directory_opus_95503889_x86/x64&&&&&&&&s=Directory contains an intrusion tool Tool.InstallToolbar.31

See: http://vscan.urlvoid.com/analysis/0ec99e5b58debf6003395589f41544d1/bWVkaWFnZXQtZXhl/

See for this MD5 hash: http://threatcenter.crdf.fr/?More&ID=54343&D=CRDF.Malware.Win32.PEx.1774806483

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37597
  • Not a avast user

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Is this being detected as PUP?
« Reply #2 on: December 02, 2011, 11:46:39 PM »
Here is some information on mediaget.exe to check against: http://www.backgroundtask.eu/Systeemtaken/taakinfo/49486/mediaget.exe/
Also consider this info: http://systemexplorer.net/filereviews.php?fid=3423824
and this: http://isthisfilesafe.net/sha1/FD06C2151BF5E762C29FA642314827E9268D0E72_details.aspx

Manual removal procedure:
mediaget.exe
To deinstall one should go to task manager and end the process named mediaget.exe first, after that
try to deinstall the program or one of the 141 different files for filename mediaget.exe.

1. Temporarily Disable System Restore, Reboot computer in SafeMode;

2. Locate mediaget.exe virus files and uninstall mediaget.exe files program.

3. Reboot computer in SafeMode,clean/delete all mediaget.exe infected files :mediaget.exe and related,or rename mediaget.exe virus files, if the file refused to be deleted;

4. Delete/Modify any values added to the registry related with mediaget.exe.
Exit registry editor and restart the computer.

5.Delete all your IE temp files with mediaget.exe manually, run a full scan with your antivirus program.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!