First Virus

K

kathy890

I somehow got a virus - malwarrior.

Ran all the virus programs and think I got rid of it. Now I get a
error message :c:\windows\system32\bsjhbser.dll

module not found
win32\heur

What should I do? Thank
 
D

David H. Lipman

From: "kathy890" <[email protected]>

| I somehow got a virus - malwarrior.

| Ran all the virus programs and think I got rid of it. Now I get an error message
| :c:\windows\system32\bsjhbser.dll

| module not found
| win32\heur

| What should I do? Thanks -- kathy890

First I doubt it was a virus but instead was a trojan.
Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and the file was removed bu
not the line to load the command...
rundll32 c:\windows\system32\bsjhbser.dll

What needs to be done is remove the line above from startup. This can be done with the
MSCONFIG.EXE command or by searching the Registry and finding the Run key that loads the
above and and removing that key.
 
K

kathy890

David said:
From: "kathy890" (e-mail address removed)

| I somehow got a virus - malwarrior.

| Ran all the virus programs and think I got rid of it. Now I get a
error message
| :c:\windows\system32\bsjhbser.dll

| module not found
| win32\heur

| What should I do? Thanks -- kathy890

First I doubt it was a virus but instead was a trojan.
Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and th
file was removed bu
not the line to load the command...
rundll32 c:\windows\system32\bsjhbser.dll

What needs to be done is remove the line above from startup. This ca
be done with the
MSCONFIG.EXE command or by searching the Registry and finding the Ru
key that loads the
above and and removing that key.
Click to expand...

I will try this when I get to my home desktop. Do you have any ide
how I got this and can prevent any others? I thought I was prett
heavily protected but guess not.

Thank
 
D

David H. Lipman

From: "kathy890" <[email protected]>

|
| I will try this when I get to my home desktop. Do you have any ideahow I got this and can
| prevent any others? I thought I was prettyheavily protected but guess not.
|
| Thanks-- kathy890

That hard to say even with something known. All you provided was a DLL name and
"win32\heur". That just means a hueuristic detection. Not much to go on.

What's important is to always practice Safe Hex and to make sure *ALL* vulnerbilities are
mitigated. Usually malware gets installed through a vulnerability exploitation vector or
Social Engineering.

Safe Hex:
http://www.claymania.com/safe-hex.html

Vulnerability detection and mitigation:
http://secunia.com/software_inspector
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Another Mytob variant 6
gpedit.msc, access denied 2
virus infection 8
AVG and my virus 3
tidserv backdoor rouge virus on netbook 9
Virus 1
toyutabo.dll 7
Suspicious file problem 7

Top