Today I allowed the apple auto-updater to install what I thought was an updated version of QuickTime, the apple updater ran and detected an update to QuickTime was required, on attempting to install this the installer appeared to hang, and was manually terminated. Subsequently SpyBot resident protection detected the process ‘moozy’ an adware plugin running from Quicktime plugins directory as ‘deleteMe1.exe’.
The following is the Spybot Search and destroy Resident protection log entries ;-
22/05/2012 18:41:44 Allowed (based on user decision) value "QuickTime Task" (new data: ""C:\Program Files\QuickTime\QTTask.exe" -atboottime") added in System Startup global entry!
22/05/2012 18:42:29 Allowed (based on user decision) value "QuickTime Plugin Install" (new data: "C:\Program Files\QuickTime\Plugins\DeleteMe1.exe") added in System Startup global entry!
22/05/2012 18:42:29 Encountered and terminated Moozy in C:\Program Files\QuickTime\Plugins\DeleteMe1.exe!
22/05/2012 18:46:45 Allowed (based on user decision) value "QuickTime Plugin Install" (new data: "") deleted in System Startup global entry!
As you can see from the above it appears that Resident caught them red handed !
