Welcome to the Comodo Forum
Welcome,
Guest
. Please
login
or
register
.
July 25, 2008, 02:24:09 PM
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
177034
Posts
20932
Topics
50752
Members
Latest Member:
morgen
more news...
Search:
Advanced search
|
Tag Cloud
Welcome to the Comodo Forum
Desktop Security Products
Comodo Anti-Viruspyware (CAVS)
Virus/Malware Removal Assistance
Possible spyware
« previous
next »
Pages:
[
1
]
Author
Topic: Possible spyware (Read 1362 times)
darkmaster
Newbie
Offline
Posts: 2
Possible spyware
«
on:
November 21, 2006, 12:12:59 AM »
well proud owner of comodo products
well somehow i got infected with the ishost.exe ismini.exe virus
would not able to remove from my computer but somehow i was able to suspend both of them and rename them. the question is that in there (%system32%) two dll show up one is wineak32.dll (know is adware Adware Look2ME) but the other dll is drvfug.dll i can't find anywhere on the net. I wish you can enlighten me with this dll wheter it is important or not
Just in case i kept a copy in a zip file
pssw is "virus"
«
Last Edit: November 22, 2006, 11:33:47 AM by justin1278
»
Logged
compcare
Newbie
Offline
Posts: 19
Re: Possible spyware
«
Reply #1 on:
November 21, 2006, 02:46:30 PM »
The "Thing" that has the two files ishost and ismini seems to be fairly active at the moment - I have had 3 cases in the last two days. A bit early in the morning, but I think there is also a dll file attached to Winlogon and Explorer.
I use two programs for this sort of thing, Current Process and Killbox with Killbox set to delete on restart.
As to the other Items both are certainly not required and I would delete both if able to, or use killbox if not.
Have Fun
Barry
Logged
darkmaster
Newbie
Offline
Posts: 2
Re: Possible spyware
«
Reply #2 on:
November 22, 2006, 03:36:30 AM »
Well thanks for clearing it up
i just used process explorer
suspended them moved them and renamed them
wow never knew it that it was so common
only reason i found out was because of firewall message (comodo 2.3.6 of course)
and the high Cpu usage but it's gone.
Tried both current process and killbox on a test machine and easy as pie
thanks
Logged
Júštiñ™
Global Moderator
Comodo's Hero
Offline
Posts: 2754
Re: Possible spyware
«
Reply #3 on:
November 22, 2006, 11:33:32 AM »
Hello,
Thank you very much for submitting this malware, I have gone ahead and forwarded it to the Comodo Antivirus team, hopefully it will be added to detection shortly. Also to stop the chance of users downloading it and risking infection I have removed the attachment in your first post.
Thanks,
Justin
Logged
When the power of love, overcomes the love of power, the world will know peace.
~Jimi Hendrix
Tags:
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
** New to the Comodo Forum? Start Here! **
-----------------------------
=> New Member Information
-----------------------------
Want to help Comodo?
-----------------------------
=> Help Spread the Word - Official Comodo banners and logos
=> How can you help Comodo? (Please we do need you!)
===> Help spread the word! (Please read and help)
===> Comodo website issues for submitting website problems only
=> Please tell us your views and Vote here!
-----------------------------
General Category
-----------------------------
=> Melih's Corner - CEO Talk/Discussions/Blog
=> Which Product do you want Comodo to develop next?
=> General Discussion (off topic) Anything and everything...
===> Member Confessions :-)
===> Funny Photos :-)
===> Cool Stuff
-----------------------------
Desktop Security Products
-----------------------------
=> Comodo Firewall
===> Feedback/Comments/Announcements/News
===> Leak Testing/Attacks/Vulnerability Research
===> Help for v3
===> Help for v2
===> Frequently Asked Questions (FAQ) for Comodo firewall
===> Comodo Firewall Translations
===> Bug Reports
=> Comodo Anti-Viruspyware (CAVS)
===> Help for Comodo AntiVirus
===> FAQ for Comodo Anti-ViruSpyware
===> Feedback/Comments/Announcements/News about CAVS
===> Virus/Malware Removal Assistance
=> Comodo BOClean Anti-Malware
===> Announcements
===> Comodo BOClean Anti-Malware FAQ
=> Comodo DiskShield
=> Comodo Disk Encryption
=> Comodo Secure Email (CSE) Product
===> CSE Beta Corner
===> Frequently Asked Questions (FAQ)
===> Feedback/Comments/Announcements/News about CSE
===> Bug Reports
===> Help for Comodo SecureEmail
=> Comodo Memory Firewall(Buffer Overflow Protection)
===> Help
===> Frequently Asked Questions (Comodo Memory Firewall)
===> Feedback/Comments/Announcements/News
=> Comodo TrustConnect - Securing the Wireless world!
=> Comodo SafeSurf and (Comodo's own toolbar)
=> Backup
===> FAQ for Comodo Backup
===> Help
=> Verification Engine (allows you to verify what you see on the Internet)
=> Comodo Vulnerability Analyzer
=> AntiSpam
=> i-Vault
=> Launch Pad
=> Trusttoolbar
-----------------------------
Enterprise Security
-----------------------------
=> Comodo Endpoint Security Manager
-----------------------------
Compliance
-----------------------------
=> PCI DSS Compliance
-----------------------------
Learn about Computer Security and Interact with Security Experts
-----------------------------
=> Computer Firewalls
=> Anti Virus/Malware Products/Other Security products
=> Free Virus/Spyware/Trojan/Malware Removal by Comodo Experts
=> HIPS (Host Intrusion Prevention Systems)
=> Anti Phishing solutions
=> Digital Certificates, Encryption and Digital Signing
=> General Security Questions and Comments (not product related)
-----------------------------
Free Services for End Users
-----------------------------
=> UserTrust - First Independent Website Rating - Empowering our users!
=> User Anywhere (Remote Access product)
=> Comodo Meet (Web Conferencing Product)
=> Hacker Guardian
=> Trustfax (free Trial) (online faxing)
-----------------------------
Free Products
-----------------------------
=> Link to Free Comodo Products
-----------------------------
International Comodo Forums
-----------------------------
=> International Comodo Forums
===> 汉语语言, 漢語語言 / Chinese Simplified, Traditional
===> Nederlands / Dutch
===> Francais / French
===> Deutsch / German
===> ελληνικά / Greek
===> Magyar / Hungarian
===> Italiano / Italian
===> Nihongo / Japanese
===> Norsk / Norwegian
===> Polski / Polish
===> Português/Portuguese
===> По-русски / Russian
===> Espanol / Spanish
===> Svenska / Swedish
===> Turkce / Turkish
===> Українська / Ukrainian
===> tiếng Việt / Vietnamese
-----------------------------
Digital Certificates
-----------------------------
=> Code Signing Certificate
=> Content Verification Certificate
=> Email Certificate
=> SSL Certificate
-----------------------------
Web Server Products
-----------------------------
=> Two Factor Authentication for Web Applications
=> Trustlogo
-----------------------------
Infrastructure Products
-----------------------------
=> ZTL
=> Trustix Enterprise Firewall
-----------------------------
Other
-----------------------------
=> Forum Policy Violation Board
Page created in 0.087 seconds with 19 queries.
Powered by SMF 1.1.5
|
SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by
7dana.com
Author