Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Undetected Samples

Options
miekiemoes
miekiemoes
in Malware talk

Hi,


I've attached some undetected samples I found on a user's computer. (also undetected by most companies, not all)


I already sent a mail to your submisssion mailaddress, but post here anyway with the same samples since it appears to be a common issue lately on a lot of computers.


Small, but important note:


spool.exe also modifies the value UserInit under: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon to %Windir%\system32\drivers\spool.exe %Windir%\system32\userinit.exe


So this means, if the file gets deleted without restoring the UserInit value in the registry, user may not be able to log in anymore. (will go into a login-logoff loop)


/applications/core/interface/file/attachment.php?id=1362" data-fileid="1362" rel="">samples.zip


Regards,


Mieke

Comments

  • Cd-MaN
    Cd-MaN
    Options

    Signed and will be detected as:


    Trojan.Agent.AGOG


    Trojan.KillAV.NS


    Trojan.Spy.Small.IT


    Thank you for the samples.


    Best regards.

  • miekiemoes
    miekiemoes
    Options

    Thanks Cd-MaN

All Time Leaders

Categories

Defenders of the month