Yesterday I finalized my “Forensic Analysis” of the unknown malware that my work PC had contracted. I sent the results to McAfee, and was given instructions on how to provide them with the actual files. I did this, and I got an immediate response from an automated system that indicated complete ignorance of any known… Continue reading odsca.dll malware update – day 5
Month: January 2008
Saliar.com: Malware group, or something else?
OK, so, here’s an update on the strange pop-ups. When googling these problems, the immediate response was no hits. Then, suddenly, this blog appeared; as well as multiple hits from a company called “Saliar.com”. They claim to be a big important professional organization with some anti-malware software, complete with testimonials from such individuals as “Alferd”,… Continue reading Saliar.com: Malware group, or something else?
Reboot caused new, lamer message to appear
The saga of my unknown malware continues. I tried that RunAnalyzer, and it was just so much information that I had no idea what was legitimate and what wasn’t. Sorry, but I don’t have hours to parse through all that information. I will say that it is very interesting though. So, I rebooted, to see… Continue reading Reboot caused new, lamer message to appear
Possible Malicious Infection – Day 3
So, I log on, boot up, and two pop-ups appear on my desktop. The first one is UltraMon.exe crashing. Probably / Maybe legitimate; Ultramon is the program I use to control my Awesome Triple Monitor setup. But the Other, Oh, the OTHER message…. Well, have a look: SysFader: IE7XPLORER.EXE – Application Fatal Error The… Continue reading Possible Malicious Infection – Day 3
Correction: There IS a legitimate process called "System".
Oh well! *Blush* However, I have used the following tools to try and discover what is launching these pop-ups, and, near as I can tell, explorer.exe itself is launching them. –Spybot Search & Destroy –McAfee VirusScan –AdAware 2007 –Filemon (SysInternals) –Procmon (Sysinternals) –ProcXP (VERY cool util, thanks Ryan) (Sysinternals)
The Plot Thickens… WINSYSLDR.EXE and "Critical Error Occured"
I am convinced that some viral / spyware is knocking on my door. This morning, Monday, January 28th, 2008, I came in to my office and my machine had been logged in all weekend (Locked, of course). Well, well, well, what did we have here: TWO instances of “WINSYSLDR.EXE” on my desktop. Sigh. Well, at… Continue reading The Plot Thickens… WINSYSLDR.EXE and "Critical Error Occured"
Strange Windows Pop-up
Today my XP machine popped up with the following dialogue box: WINSYSLDR.EXE Unhandled exception in WINSYSLDR.EXE (0xCD003592) Division by zero. Not knowing if it was a malicious thing, i.e., a fake pop-up box where if you click “OK” you’re actually launching some evil virus, I Googled WINSYSLDR.EXE. and got… NOTHING. Yes,… Continue reading Strange Windows Pop-up