Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Bitdefender Total Security 2012, Missed two virus threats
414TiC
post Apr 19 2012, 01:49 AM
Post #1


Newbie


Group: Members
Posts: 3
Joined: 19-April 12
Member No.: 103,695



1. mawebcontrol.exe - Located in C:\Program Files\MarkAny\ContentSAFER\ - I did not install this

2. Scalaxy Exploit - Served from a website
- http://comments.gmane.org/gmane.comp.secur...ging-sigs/14876
- http://comments.gmane.org/gmane.comp.secur...ging-sigs/14731
Go to the top of the page
 
+Quote Post
Christian
post Apr 19 2012, 01:34 PM
Post #2


Bitdefender Support
******

Group: Root Admin
Posts: 14,015
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hi and welcome to our forums (IMG:style_emoticons/default/smile.gif)

Thank you for reporting this.

I've sent your request to our lab. I'll keep you up to date.

Have a nice day.
Go to the top of the page
 
+Quote Post
keiooz
post Apr 20 2012, 08:21 AM
Post #3


Newbie


Group: Members
Posts: 12
Joined: 18-April 12
Member No.: 103,649



Is it normal to have an AV without anti-malware software?

Thanks in advance.(IMG:http://imagicon.info/cat/13-31/smile2.png)
Go to the top of the page
 
+Quote Post
Christian
post Apr 20 2012, 08:52 AM
Post #4


Bitdefender Support
******

Group: Root Admin
Posts: 14,015
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

I don't understand the question. Bitdefender has an anti-malware engine. You don't need anything else installed.

Take care.
Go to the top of the page
 
+Quote Post
414TiC
post Apr 24 2012, 08:06 PM
Post #5


Newbie


Group: Members
Posts: 3
Joined: 19-April 12
Member No.: 103,695



A little more detail on the Scalaxy exploit.

This is the nasty one that got through your browser add-on protection. I was using Mozilla Firefox 11 on a Windows 7 machine when a site infected with (Google search: "organicfoodmarkets.com.au/release.js") this custom scalaxy exploit spoofed wellsfargo.com asking for unusual information and also injected code into many of my hosted websites. So, proceed with caution!

Also, a little off topic but your SafeBox started hogging ~1GB of RAM when I have it disabled; in addition, I am not registered for that service. Here's a screenshot:

(IMG:http://i.imgbox.com/aagBXID7.png)
Go to the top of the page
 
+Quote Post
Christian
post Apr 26 2012, 08:37 PM
Post #6


Bitdefender Support
******

Group: Root Admin
Posts: 14,015
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hi (IMG:style_emoticons/default/smile.gif)

In order to be able to further investigate the reported situation we need a bit more information from your computer as follows:

. A BDSYS log;

[how to GENERATE A BDSYS LOG]
. Save and extract the BDSYS tool to a location of your choice:

http://www.bitdefender.com/files/Knowledge.../BDSysLog_i.exe

. Make sure you close all active applications and then run "BDSysLog_i.exe"; If you receive a firewall
alert,select to Allow the application to connect;
. Click the "Create log" button to start generating the
log; A progress bar is indicating that the tool is creating the report;
. When the small window appears with the message "Log
saved" then the report is complete and a new file named "bdsyslog.zip" has appeared on your Desktop;
. Send me via PM the generated log file.
. If the file is to big for send it over PM, upload the results to one of the online file hosting servers mentioned below or use one of your own and send via PM the download link.

http://www.sendspace.com
http://www.mediafire.com

IMPORTANT:

.During this process the Real Time Protection in Bitdefender must be temporarily disabled;
.If you receive a Bitdefender Firewall alert to inform you that BDSysLog_i.exe tries to connect to the internet,then you need to select Allow;

[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2012]
In order to disable the antivirus protection,please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield"tab and click on "Turn off" under On-access scanning.Select the time interval that suites your troubleshooting needs and click "OK" . The On-access scanning should be enabled back after finishing the troubleshooting procedure.

We will get back to you as soon as the analysis is complete. Have a nice day.
Go to the top of the page
 
+Quote Post
414TiC
post May 8 2012, 08:16 PM
Post #7


Newbie


Group: Members
Posts: 3
Joined: 19-April 12
Member No.: 103,695



I found out that ContentSAFER was silently installed with the free Need For Speed World game. Although, it was probably harmless, it remained on my computer after I uninstalled the game. I was able to find an uninstal program specifically for it.

Now I can say that the only real vulnerability I have encountered is the scalaxy exploit. Have a great day!
Go to the top of the page
 
+Quote Post
Christian
post May 9 2012, 12:24 AM
Post #8


Bitdefender Support
******

Group: Root Admin
Posts: 14,015
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Do you still have some samples? A download link would be great!

Thank you.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 19th December 2014 - 01:19 PM