Welcome to the Comodo Forum
Welcome,
Guest
. Please
login
or
register
.
November 18, 2008, 06:12:54 PM
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
212227
Posts
24530
Topics
57713
Members
Latest Member:
desertrat2143
more news...
Search:
Advanced search
|
Tag Cloud
Welcome to the Comodo Forum
Desktop Security Products
Comodo Internet Security - CIS
Virus/Malware Removal Assistance
Possible spyware
« previous
next »
Pages:
[
1
]
Author
Topic: Possible spyware (Read 1622 times)
darkmaster
Newbie
Offline
Posts: 2
Possible spyware
«
on:
November 21, 2006, 12:12:59 AM »
well proud owner of comodo products
well somehow i got infected with the ishost.exe ismini.exe virus
would not able to remove from my computer but somehow i was able to suspend both of them and rename them. the question is that in there (%system32%) two dll show up one is wineak32.dll (know is adware Adware Look2ME) but the other dll is drvfug.dll i can't find anywhere on the net. I wish you can enlighten me with this dll wheter it is important or not
Just in case i kept a copy in a zip file
pssw is "virus"
«
Last Edit: November 22, 2006, 11:33:47 AM by justin1278
»
Logged
compcare
Newbie
Offline
Posts: 19
Re: Possible spyware
«
Reply #1 on:
November 21, 2006, 02:46:30 PM »
The "Thing" that has the two files ishost and ismini seems to be fairly active at the moment - I have had 3 cases in the last two days. A bit early in the morning, but I think there is also a dll file attached to Winlogon and Explorer.
I use two programs for this sort of thing, Current Process and Killbox with Killbox set to delete on restart.
As to the other Items both are certainly not required and I would delete both if able to, or use killbox if not.
Have Fun
Barry
Logged
darkmaster
Newbie
Offline
Posts: 2
Re: Possible spyware
«
Reply #2 on:
November 22, 2006, 03:36:30 AM »
Well thanks for clearing it up
i just used process explorer
suspended them moved them and renamed them
wow never knew it that it was so common
only reason i found out was because of firewall message (comodo 2.3.6 of course)
and the high Cpu usage but it's gone.
Tried both current process and killbox on a test machine and easy as pie
thanks
Logged
Júštiñ™
Global Moderator
Comodo's Hero
Offline
Posts: 2837
Re: Possible spyware
«
Reply #3 on:
November 22, 2006, 11:33:32 AM »
Hello,
Thank you very much for submitting this malware, I have gone ahead and forwarded it to the Comodo Antivirus team, hopefully it will be added to detection shortly. Also to stop the chance of users downloading it and risking infection I have removed the attachment in your first post.
Thanks,
Justin
Logged
When the power of love, overcomes the love of power, the world will know peace.
~Jimi Hendrix
Tags:
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
** New to the Comodo Forum? Start Here! **
-----------------------------
=> New Member Information
-----------------------------
Want to help Comodo?
-----------------------------
=> Help Spread the Word - Official Comodo banners and logos
=> How can you help Comodo? (Please we do need you!)
===> Help spread the word! (Please read and help)
===> Comodo website issues for submitting website problems only
=> Please tell us your views and Vote here!
-----------------------------
General Category
-----------------------------
=> Melih's Corner - CEO Talk/Discussions/Blog
=> Which Product do you want Comodo to develop next?
=> General Discussion (off topic) Anything and everything...
===> Member Confessions :-)
===> Funny Photos :-)
===> Cool Stuff
-----------------------------
Desktop Security Products
-----------------------------
=> Comodo Firewall
===> Feedback/Comments/Announcements/News
===> Leak Testing/Attacks/Vulnerability Research
===> Help for v3
===> Help for v2
===> Frequently Asked Questions (FAQ) for Comodo firewall
===> Comodo Firewall Translations
===> Bug Reports
=> Comodo Internet Security - CIS
===> Overview - CIS
===> Help - CIS
=====> Anti Virus Help
=====> Firewall Help
=====> Defense+ Help
=====> Install / Setup / Configuration Help
===> FAQ - CIS
=====> Anti Virus FAQ
=====> Firewall FAQ
=====> Defense+ FAQ
=====> Install / Setup / Configuration FAQ
===> Feedback/Comments/Announcements/News - CIS
===> Guides - CIS
=====> Anti Virus Guides
=====> Firewall Guides
=====> Defense+ Guides
=====> Install / Setup / Configuration Guides
===> Wishlist - CIS
=====> Anti Virus Wishlist
=====> Firewall Wishlist
=====> Defense+ Wishlist
=====> GUI -Graphical User Interface - Wishlist
===> Bug Report - CIS
=====> Anti Virus Bugs
=====> Firewall Bugs
=====> Defense+ Bugs
=====> Other - General - GUI etc Bugs
=====> False Positive/Negative reporting - (Is this a malware that CIS has/not detected?)
===> Virus/Malware Removal Assistance
=> Comodo Anti-Viruspyware (CAVS)
===> Help for Comodo AntiVirus
===> FAQ for Comodo Anti-ViruSpyware
===> Feedback/Comments/Announcements/News about CAVS
=> Comodo BOClean Anti-Malware
===> Announcements
===> Comodo BOClean Anti-Malware FAQ
=> Comodo Instant Malware Analysis - Online (CIMA)
=> Comodo DiskShield
=> Comodo Disk Encryption
=> Comodo Secure Email (CSE) Product
===> Frequently Asked Questions (FAQ)
===> Feedback/Comments/Announcements/News about CSE
===> Bug Reports
===> Help for Comodo SecureEmail
=> Comodo Memory Firewall(Buffer Overflow Protection)
===> Help
===> Frequently Asked Questions (Comodo Memory Firewall)
===> Feedback/Comments/Announcements/News
=> Comodo TrustConnect - Securing the Wireless world!
=> Comodo SafeSurf and (Comodo's own toolbar)
=> Backup
===> FAQ for Comodo Backup
===> Help
=> Verification Engine (allows you to verify what you see on the Internet)
=> Comodo Vulnerability Analyzer
=> AntiSpam
=> i-Vault
=> Launch Pad
=> Trusttoolbar
-----------------------------
Desktop Utilities
-----------------------------
=> Comodo Registry Cleaner
-----------------------------
Enterprise Security
-----------------------------
=> Comodo Endpoint Security Manager
-----------------------------
Compliance
-----------------------------
=> PCI DSS Compliance
-----------------------------
Learn about Computer Security and Interact with Security Experts
-----------------------------
=> Computer Firewalls
=> Anti Virus/Malware Products/Other Security products
=> Free Virus/Spyware/Trojan/Malware Removal by Comodo Experts
=> HIPS (Host Intrusion Prevention Systems)
=> Anti Phishing solutions
=> Digital Certificates, Encryption and Digital Signing
=> General Security Questions and Comments (not product related)
-----------------------------
Free Services for End Users
-----------------------------
=> UserTrust - First Independent Website Rating - Empowering our users!
=> User Anywhere (Remote Access product)
=> Comodo Meet (Web Conferencing Product)
=> Hacker Guardian
=> Trustfax (free Trial) (online faxing)
-----------------------------
Free Products
-----------------------------
=> Link to Free Comodo Products
-----------------------------
International Comodo Forums
-----------------------------
=> International Comodo Forums
===> 汉语语言, 漢語語言 / Chinese Simplified, Traditional
===> Nederlands / Dutch
===> Francais / French
===> Deutsch / German
===> ελληνικά / Greek
===> Magyar / Hungarian
===> Italiano / Italian
===> Nihongo / Japanese
===> Norsk / Norwegian
===> Polski / Polish
===> Português/Portuguese
===> По-русски / Russian
===> Espanol / Spanish
===> Svenska / Swedish
===> Turkce / Turkish
===> Українська / Ukrainian
===> tiếng Việt / Vietnamese
-----------------------------
Digital Certificates
-----------------------------
=> Code Signing Certificate
=> Content Verification Certificate
=> Email Certificate
=> SSL Certificate
-----------------------------
Web Server Products
-----------------------------
=> Two Factor Authentication for Web Applications
=> Trustlogo
-----------------------------
Infrastructure Products
-----------------------------
=> ZTL
=> Trustix Enterprise Firewall
-----------------------------
Other
-----------------------------
=> Forum Policy Violation Board
Page created in 0.111 seconds with 19 queries.
Powered by SMF 1.1.7
|
SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by
7dana.com
Author