2 Replies Latest reply on Jan 4, 2012 5:05 PM by vinoo

    McAfee GetSusp 3.0.0.226

    vinoo

      This post is a placeholder for announcing a newer version of GetSusp. Latest released version is GetSusp 3.0.0.226 (build date Nov 17th, 2011)


      GetSusp download: http://getsusp.mcafee.com


      McAfee GetSusp 3.0.0.226 Changelog

       

      Detection based enhancements in this release:

       

      Added scanning of Hot Locations (directories known by malware to drop themselves). Scanning of these hot locations allows GetSusp to scan for dropped/dormant malware which might have no registry reference. Below is an example of new malware detected via this method.

       

      Status

      MD5

      Location

      File Name

      Attribute

      File Size

      Creation Date

      Modification Date

      Type

      UNKNOWN

      68201e49b0c9100aaecb241e0df9150b

      C:\Users\us02\AppData\Local\Temp

      1EA0.tmp

      A

      837,632

      11/22/2011 15:20

      11/22/2011 15:20

      Hot-Location

      UNKNOWN

      ba884481c7f50c01def1f543a8e60ab7

      C:\Users\us02\AppData\Local\Temp

      ms0cfg32.exe

      A

      837,632

      11/22/2011 15:20

      11/22/2011 15:20

      Hot-Location

      UNKNOWN

      fc1b711d875680760f409a9bfa390a03

      C:\windows\temp

      ms0cfg32.exe

      A

      226,816

      11/22/2011 09:48

      11/22/2011 09:48

      Hot-Location

      UNKNOWN

      4e9a37688bc1fa27397575ae9f367894

      C:\windows

      msimg32.dll

      AHS

      125,952

      11/22/2011 09:48

      11/22/2011 09:48

      Hot-Location