COMODO BOClean identified MSASCUI as SPY-BANKER.LB

Hi

I’ve been advised on AumHa forum to post this here to see if this has been seen by anyone - wonder why :-


03/21/2008 11:33:40:
Trojan horse was found in memory.
C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE contained the trojan.
Active trojan horse WAS shut down. System safe.
Logged in user: The Guys

COMODO picked it up on boot-up , unfortunately as we always are, I was in a hurry and answered “yes” to delete the file WINDOWS DEFENDER\MSASCUI.EXE … I now wonder if this is COMODO simply picking up some signature from Windows Defender - anyone know for sure? Looking at the limited information on the Trojan (can’t find any on this specific on it quoted varient of “spy-banker.lb” I would obviously like to be sure I’ve not got problems… Windows XP SP2 - should I be removing BOClean?

Hi stevegwmonkseaton, welcome to the forum :slight_smile:

That is weird :-\ I just executed MSASCUI.EXE with the 2008-03-21 17:03:45 update, and BOClean doesn’t flag it on my XP SP2 system.

Greetz, Red.

Hi

Yep I’ve ran it without getting any problem also, but this sure did happen… as per the attached screen shot. Still I can’t find anything else untoward at the moment, apart from my PC seeming to be a tad (that’s “little” ) slower … :THNK

[attachment deleted by admin]