First Virus

  • Thread starter Thread starter kathy890
  • Start date Start date
K

kathy890

I somehow got a virus - malwarrior.

Ran all the virus programs and think I got rid of it. Now I get a
error message :c:\windows\system32\bsjhbser.dll

module not found
win32\heur

What should I do? Thank
 
From: "kathy890" <[email protected]>

| I somehow got a virus - malwarrior.

| Ran all the virus programs and think I got rid of it. Now I get an error message
| :c:\windows\system32\bsjhbser.dll

| module not found
| win32\heur

| What should I do? Thanks -- kathy890

First I doubt it was a virus but instead was a trojan.
Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and the file was removed bu
not the line to load the command...
rundll32 c:\windows\system32\bsjhbser.dll

What needs to be done is remove the line above from startup. This can be done with the
MSCONFIG.EXE command or by searching the Registry and finding the Run key that loads the
above and and removing that key.
 
David said:
From: "kathy890" (e-mail address removed)

| I somehow got a virus - malwarrior.

| Ran all the virus programs and think I got rid of it. Now I get a
error message
| :c:\windows\system32\bsjhbser.dll

| module not found
| win32\heur

| What should I do? Thanks -- kathy890

First I doubt it was a virus but instead was a trojan.
Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and th
file was removed bu
not the line to load the command...
rundll32 c:\windows\system32\bsjhbser.dll

What needs to be done is remove the line above from startup. This ca
be done with the
MSCONFIG.EXE command or by searching the Registry and finding the Ru
key that loads the
above and and removing that key.

I will try this when I get to my home desktop. Do you have any ide
how I got this and can prevent any others? I thought I was prett
heavily protected but guess not.

Thank
 
From: "kathy890" <[email protected]>

|
| I will try this when I get to my home desktop. Do you have any ideahow I got this and can
| prevent any others? I thought I was prettyheavily protected but guess not.
|
| Thanks-- kathy890

That hard to say even with something known. All you provided was a DLL name and
"win32\heur". That just means a hueuristic detection. Not much to go on.

What's important is to always practice Safe Hex and to make sure *ALL* vulnerbilities are
mitigated. Usually malware gets installed through a vulnerability exploitation vector or
Social Engineering.

Safe Hex:
http://www.claymania.com/safe-hex.html

Vulnerability detection and mitigation:
http://secunia.com/software_inspector
 
Back
Top