I am now a proud owner of Google Android - enabled HTC G1 t-mobile Gadget.
Trying to make use of it.
first impressions : it downloaded update via GRPS and that has put $10 to my mobile bill.
Not very nice. Good thing it is on our company.
Wednesday, April 29, 2009
Thursday, April 9, 2009
setupapi problem with browsers : malware
Recently i have found IE and Opera misbehave on my system.
Ie just crashes, and opera does not download anything , crashing upon trying to download. drweb - cure-it found infected setupapi.dll in bin forlder of opera, IE & firefox. i removed them and voila- all works like a charm.
P.S
Before that i removed a rootkit driver and winlogon plugin dll.
AntiVir Found TR/Rootkit.Gen
ArcaVir Found nothing
Avast Found Win32:Rootkit-gen
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found Trojan.Packed.142
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found Backdoor.Winnt
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found Mal/TDSSPack-G
AntiVir Found TR/Dldr.Age.orh.1.A
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found Trojan.DownLoad.33838
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan-Downloader.Win32.Agent.bqus
Ikarus Found Trojan-Spy.Finanz.J
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Agent.bqus
NOD32 Found Win32/TrojanDownloader.Agent.ORH
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found Mal/Generic-A
VirusBuster Found nothing
VBA32 Found nothing
Ie just crashes, and opera does not download anything , crashing upon trying to download. drweb - cure-it found infected setupapi.dll in bin forlder of opera, IE & firefox. i removed them and voila- all works like a charm.
P.S
Before that i removed a rootkit driver and winlogon plugin dll.
a massive attack , must i say. Looks like a 0-day exploit.
File: 509fff07.sys
Status: INFECTED/MALWARE
MD5: 013baa9555f638680f8e0485d838c290
AntiVir Found TR/Rootkit.Gen
ArcaVir Found nothing
Avast Found Win32:Rootkit-gen
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found Trojan.Packed.142
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Ikarus Found Backdoor.Winnt
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found Mal/TDSSPack-G
VirusBuster Found nothing
VBA32 Found Malware-Cryptor.Win32.General.3 (probable variant)
that one is more famous and stupid
File: crypts.dll
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 9e1715c7898a8cd97a162711886989dc
Packers detected: PE_PATCH.UPX, UPX
AntiVir Found TR/Dldr.Age.orh.1.A
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found Trojan.DownLoad.33838
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan-Downloader.Win32.Agent.bqus
Ikarus Found Trojan-Spy.Finanz.J
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Agent.bqus
NOD32 Found Win32/TrojanDownloader.Agent.ORH
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Quick Heal Found nothing
Sophos Antivirus Found Mal/Generic-A
VirusBuster Found nothing
VBA32 Found nothing
Subscribe to:
Posts (Atom)
