Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Oct 7th, 2008, 12:07pm
   Mischel Internet Security Forum
   Malware
   Adware, Browser Hijackers and other Malware (Moderators: Helena, Gavin_Coe, Magnus)
   new spyware?		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: new spyware?  (Read 1766 times)
Mobilemaverick
Newbie
*





   


Gender: male
 Posts: 9
new spyware?
« on: Jun 17th, 2004, 1:34am »		 Quote Quote  Modify Modify
I got a client hit by some new spyware, that hijacks your homepage. to \\xxxx.dll\index.html#96676.  (xxxx=random name), creates a bunch of hidden system files in %\system32 and %\system directories.  I have a zip of them if needed.
latest defs with 3.8, detect 3 of about 20 exe's and being possible trojans.  
 
 
Kevin.
 
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5661
Re: new spyware?
« Reply #1 on: Jun 17th, 2004, 2:39am »		 Quote Quote  Modify Modify
Kevin,
 
Why don't you go ahead and send them to Magnus at:
submit@trojanhunter.com
 
He can then analyze them to determine if any should be added to TrojanHunter's definitions.
 
Also you may wish to update to TrojanHunter V3.9, Build 807 which is a recommended upgrade.  
 
Hopefully your client uses a spyware detection program such as AdAware6 or Spybot Search and Destroy.  AdAware6 is very good about issuing frequent updates to catch new spyware/malware.  They also have a submission area that permits users to send in files for analysis.  
 
SpywareGuard and SpywareBlaster are good tools to help prevent many spyware elements from getting on your system.  They are free (donations optional) and can be found at  
  www.wilderssecurity.net/spywareguard.html www.wilderssecurity.net/spywareblaster.html
 
HTHs
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Mobilemaverick
Newbie
*





   


Gender: male
 Posts: 9
Re: new spyware?
« Reply #2 on: Jun 18th, 2004, 1:33am »		 Quote Quote  Modify Modify
submitted them this morning, replies are showing up on security focus now, seems to be a coolwebsearch variant.
IP Logged
iamfromnf
Newbie
*



internet optimizer is da shit!!

   


Posts: 1
Re: new spyware?
« Reply #3 on: Sep 26th, 2004, 10:53am »		 Quote Quote  Modify Modify
There should be a .dll file in c:\windows\system32 that keeps creating that file. if you look at the properties of the htm it should lead you in the right direction
IP Logged
Kayrac
Full Member
***






   
Email

Posts: 162
Re: new spyware?
« Reply #4 on: Sep 26th, 2004, 10:56am »		 Quote Quote  Modify Modify
do a google search for a program called 'hijackthis' download version 1.98.2 and post your log here......can't guarentee i can fix it, but can try for you
also make sure you put hijackthis into it's own folder, like c:\hijackthis
IP Logged
Kayrac
Full Member
***






   
Email

Posts: 162
Re: new spyware?
« Reply #5 on: Sep 26th, 2004, 10:59am »		 Quote Quote  Modify Modify
or if you want an expert to help you fix it, http://www.dslreports.com/forum/security
go there, and post a thread......i'm good at fixing my own, and OK at fixing others, but i guarentee you'll get it fixed if you post there
 
also you need to follow ALL the steps from this link
http://www.dslreports.com/faq/8428
before you post a hijackthis log, to that dslreports.com forum
« Last Edit: Sep 26th, 2004, 11:01am by Kayrac » IP Logged
Aaron
Administrator
*****





   


Gender: male
 Posts: 286
Re: new spyware?
« Reply #6 on: Sep 26th, 2004, 4:56pm »		 Quote Quote  Modify Modify
Well, I heard I'm an expert at such things. Wink
 
This is from back in June... was it resolved?  If not, resend the files ATTN Aaron and I'll look at them.
« Last Edit: Sep 26th, 2004, 5:01pm by Aaron » IP Logged
Aaron Hulett | Trojan Analyst | Mischel Internet Security
Mobilemaverick
Newbie
*





   


Gender: male
 Posts: 9
Re: new spyware?
« Reply #7 on: Sep 26th, 2004, 10:10pm »		 Quote Quote  Modify Modify
Yes solved.  Thanks for all the replies.  I can fix this in my sleep now Smiley
 
first two times took about three hours each, now it's less than 20 minutes.
 
Kevin
IP Logged
Aaron
Administrator
*****





   


Gender: male
 Posts: 286
Re: new spyware?
« Reply #8 on: Sep 27th, 2004, 12:01am »		 Quote Quote  Modify Modify
I checked with Magnus, and the files you sent were added to TrojanHunter's database.  Some newer variants were also recently added (the Adware.CoolWebSearch items).
IP Logged
Aaron Hulett | Trojan Analyst | Mischel Internet Security
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register