Jump to content

Malwarebytes

Maurice Naggar

Maurice Naggar

Member Since 14 Jun 2008
Offline Last Active Today, 09:49 AM
*****

Kaspersky AV gives a false positive on custom HOSTS

16 March 2013 - 11:53 AM

Heads up if you use a custom HOSTS file, and you have Kaspersky antivirus.
Kaspersky AV gives a false positive on custom HOSTS Posted Image

http://msmvps.com/bl...16/1825302.aspx

With many thanks to Mike Burgess.

Suspect "service"

20 December 2012 - 11:51 AM

Attaching a "suspect" sppsvc.exe from 1 of my "victim-ops" here.
Only McAfee & TrendMicro Housecall identify it as a "trojan".

https://www.virustot...sis/1356020875/

SHA256: 14d9639204c0af1fe8a06865bff9ff4b978ee42c02c774c5fa9f2bea9f75676c
SHA1: b82b3bf75792905d8d23badd25bfd0740c55a79d
MD5: d9e859f4b29377854e1ab0f302824e1c
File size: 10.0 KB ( 10240 bytes )
File name: sppsvc.exe
File type: Win32 EXE
Detection ratio: 3 / 45
Analysis date: 2012-12-20 00:24:49 UTC ( 16 hours, 8 minutes ago )

The OP found on his Win8 system at folder C:\Windows.

Would you advise me on your finding, please.

The legitimate exe would be in \Windows\System32, it should show version 6.2.9200.16384 with a size 4.65 MB
Windows 8 o.s.

Cold winter

02 October 2012 - 11:58 AM

Wife texts husband on a cold winter’s morning:
"Windows frozen."

Husband texts back:
"Pour some lukewarm water over it."

Wife texts back 5 minutes later:
"Computer completely screwed up now."

Malwarebytes Enterprise Edition

17 September 2012 - 01:01 PM

Quote

Malwarebytes, the San Jose-based anti-malware company, now wants to protect large companies from sophisticated Windows malware, including rogue applications and targeted attacks. While known for the free version of its program, which has more than 150 million home PC users, Malwarebytes now has three paid-for offerings: a Pro version for individuals, an SMB version for companies with up to 99 users, and the Malwarebytes Enterprise Edition (MEE) announced today (Monday).

Source: Jack Schofield / ZDNet
http://www.zdnet.com...ses-7000004367/

Also see http://www.malwareby...ess/enterprise/

MS Action against Nitol botnet

14 September 2012 - 02:05 PM

Quote

Earlier this week, the U.S. District Court for the Eastern District of Virginia granted Microsoft’s Digital Crimes Unit permission to disrupt more than 500 different strains of malware with the potential for targeting millions of innocent people. Codenamed “Operation b70,” this legal action and technical disruption proceeded from a Microsoft study which found that cybercriminals infiltrate unsecure supply chains to introduce counterfeit software embedded with malware for the purpose of secretly infecting people’s computers. In disrupting these malware strains, we helped significantly limit the spread of the developing Nitol botnet, our second botnet disruption in the last six months.
Source: http://blogs.technet...pply-chain.aspx

Also see
Microsoft finds malware on new computers in China
By Richard Lardner

http://www.bostonglo...2SHK/story.html

  1. Malwarebytes Forum
  2. Viewing Profile: Maurice Naggar

Products

About

Partners

Follow Us