1. mawebcontrol.exe - Located in C:\Program Files\MarkAny\ContentSAFER\ - I did not install this
2. Scalaxy Exploit - Served from a website
- http://comments.gmane.org/gmane.comp.secur...ging-sigs/14876
- http://comments.gmane.org/gmane.comp.secur...ging-sigs/14731
Hi and welcome to our forums
Thank you for reporting this.
I've sent your request to our lab. I'll keep you up to date.
Have a nice day.
Is it normal to have an AV without anti-malware software?
Thanks in advance.
Hello
I don't understand the question. Bitdefender has an anti-malware engine. You don't need anything else installed.
Take care.
A little more detail on the Scalaxy exploit.
This is the nasty one that got through your browser add-on protection. I was using Mozilla Firefox 11 on a Windows 7 machine when a site infected with (Google search: "organicfoodmarkets.com.au/release.js") this custom scalaxy exploit spoofed wellsfargo.com asking for unusual information and also injected code into many of my hosted websites. So, proceed with caution!
Also, a little off topic but your SafeBox started hogging ~1GB of RAM when I have it disabled; in addition, I am not registered for that service. Here's a screenshot:
Hi
In order to be able to further investigate the reported situation we need a bit more information from your computer as follows:
. A BDSYS log;
[how to GENERATE A BDSYS LOG]
. Save and extract the BDSYS tool to a location of your choice:
http://www.bitdefender.com/files/Knowledge.../BDSysLog_i.exe
. Make sure you close all active applications and then run "BDSysLog_i.exe"; If you receive a firewall
alert,select to Allow the application to connect;
. Click the "Create log" button to start generating the
log; A progress bar is indicating that the tool is creating the report;
. When the small window appears with the message "Log
saved" then the report is complete and a new file named "bdsyslog.zip" has appeared on your Desktop;
. Send me via PM the generated log file.
. If the file is to big for send it over PM, upload the results to one of the online file hosting servers mentioned below or use one of your own and send via PM the download link.
http://www.sendspace.com
http://www.mediafire.com
IMPORTANT:
.During this process the Real Time Protection in Bitdefender must be temporarily disabled;
.If you receive a Bitdefender Firewall alert to inform you that BDSysLog_i.exe tries to connect to the internet,then you need to select Allow;
[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2012]
In order to disable the antivirus protection,please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield"tab and click on "Turn off" under On-access scanning.Select the time interval that suites your troubleshooting needs and click "OK" . The On-access scanning should be enabled back after finishing the troubleshooting procedure.
We will get back to you as soon as the analysis is complete. Have a nice day.
I found out that ContentSAFER was silently installed with the free Need For Speed World game. Although, it was probably harmless, it remained on my computer after I uninstalled the game. I was able to find an uninstal program specifically for it.
Now I can say that the only real vulnerability I have encountered is the scalaxy exploit. Have a great day!
Do you still have some samples? A download link would be great!
Thank you.
