Ok, it’s BHOdemon time… installed from cd and on starting: BHOdemon bhotb-all.html not found, no web connection downloading on other machine. Finally get it to work copying from another machine. But I had to change the Windows ME to show full filenames to help troubleshoot why it couldn’t find the file (naming problem.) (There seems […]
OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire. I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house […]
So, AVG has been scanning away finding things we’ve really got a foothold on the system and the malware has a fight on it’s hands. It’s good to see progress. Up to this point we’ve had multiple Spool32 errors (printer related). These errors are what prompted the system to be brought in initially. There’s a […]
Picking up from last time… AVG was failing to install with a peculiar registry error. (Which I didn’t see much reference to online.) OK, so here is another fruit of the online search (so many bugs to identify…) jawa32.exe is listed as spyware.seekseek in sarc’s database. OK – let’s see if we can kill of […]
Incidents.org is reporting this as well… A new Beagle variant is making the rounds. It comes in an almost empty email, as a ZIP attachment containing the worm as an EXE. The attachment name, email subject and sole text content of the email all seem to be male or female surnames. Keep your eyes peeled, […]
The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version […]
Ok, the last post got a bit long with the hijackthis log, but I wanted to include the whole picture. I put a few comments in, but thought it might be useful to include the notes I took at the time. For starters I leave it unplugged from the network. (There is no network card […]
Sunbelt has this warning about yet another fake security site. This one is laid out a bit different than the others we’ve seen in recent days. It’s not quite the same spoof of the Windows Security Center, but it makes use of Microsoft’s security logo. (And it does say Security Center at the top of […]
This is the first in a several part series documenting the cleaning of an infected PC. The only real noteworthy item is that it was a dial-up only connection and was rather infested for that. (On par with some of the broadband connected pc’s I’ve seen. It’s also an interesting counterpoint to the network security […]
This would be a good thing for clamantivirus. eEye is considering “adopting” clamav for inclusion in their Blink product. The idea is that they would improve clamantivirus and then start integrating it as antivirus scanning functionality in their product. This would be really promising for the prospects of having clamav (clamwin) do real-time, on-access scanning […]
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Viruses category.
