FP - AlmPdfReader as Trojan.Banker

[hufkes]

Installed together with tax help program Elsevier belasting aangifte, has been reported as Trojan.Banker since ages.

 

http://virusscan.jotti.org/en/scanresult/d127dfbe29d47d1845c746f0f77627acf633e326

 

Logfile:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.06.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Hufkes :: UNKNOWN [administrator]

7-6-2014 20:31:50
MBAM-log-2014-06-07 (22-46-03).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 426228
Time elapsed: 1 hour(s), 1 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ELSEVIER\EBCD2014\ALMPDFREADER.EXE (Trojan.Banker) -> Data: 1 -> No action taken. [bde45520c5b668ce9b7a0c059272966a]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: xx
C:\Program Files (x86)\Elsevier\Ebcd2012\AlmPdfReader.exe (Trojan.Banker) -> No action taken. [bde45520c5b668ce9b7a0c059272966a]
C:\Program Files (x86)\Elsevier\Ebcd2014\AlmPdfReader.exe (Trojan.Banker) -> No action taken. [bde45520c5b668ce9b7a0c059272966a]
C:\tmp\FreemakeVideoConverter v4.1.2.exe (PUP.Optional.OpenCandy) -> No action taken. [ced3185d9fdc6ec8d72b1df325dc0000]

(end)

 

 

AlmPdfReader.zip

[nosirrah]

Taking a look right now.

[nosirrah]

fixed in the next update

[hufkes]

Thnx for the super-fast-service