BHO.dll
New forum
...testing
-
Upload sample test:
Attached BHO.dll, gathered from this thread:
http://www.lavasoftsupport.com/index.php?s...c=13492&hl=
O2 - BHO: (no name) - {8F776B2A-72DF-40C1-BD69-EDB642A706D7} - C:\WINDOWS\system32\4LfGsn\BHO.dll
Certainly malware related /adware related - Chinese origin.
No scanners are detecting it yet.
Aspack packed.
Edit, it appears that I can only submit zip files (so we need to zip the files first)
Is a password required (infected) or not? In this case I didn't use a password.
0 -
FYI.. Avira and Kaspersky are now detecting it as: Trojan-Downloader.Win32.Agent.epu
0 -
Thanks Miekie,
I lost my DSL connection last night (just as I was typing a reply here) and did not get it back fully until this afternoon.
Yes, on the zip files and
Yes, they should be password protection. Use the password: infected
I did manage to get an email off to the Research team about this forum, but don't know if they have seen it yet.
Thanks very much. I'll go ahead and FTP this one on in for them in case they missed it.
And now, much catching up to do!
I'm subscribed now to this entire forum so I'll be sure to give them a heads up each time something is uploaded here.
You can just start a new topic and attach a file anytime you see one you think needs it.
0 -
Hi Mieke,
Just to confirm they did get this and it is included in today's definitions update
Family Id: 1006 Name: Win32.TrojanDownloader.Agent Category: Virus TAI:10
Item Id: 64368 Value: File: C:\DOCUME~1\COMPAQ~1\MYDOCU~1\Malware\SUSPIC~3\Mikie BHO zip\BHO.dll
I'll go ahead and remove attachment since it isn't need any more, but I'll leave the topic thread in tact (and I changed the title so it doesn't say *test* anymore, since we made it live )
Thank you so much!
0
Please sign in to leave a comment.
Comments
4 comments