Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible DOJ variant


  • Please log in to reply
No replies to this topic

#1 bupaje

bupaje

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:31 AM

Posted 22 May 2013 - 04:44 PM

First time poster though I have dropped into bleepingcomputer from time to time.

 

I just removed a DOJ virus from someones computer. I went in through an admin account and AVG Free, Malwarebytes and McAfee rootkit products did not find anything. Logged out and in to the users limited account and found the virus was still existing. I used Hitman Pro in the admin account and it found a cpuhelper.dll in C:\ProgramData\NVidia\Spaces it labeled as suspicious and also a Softonics class (forgot to take not of the folder. I quarantined the dll and delete the Softonic reference and when I switched back the DOJ virus appears to be gone. I ran several scanners on it andnothing was found.

 

I am reporting it here as some of the scanners I used that I read would detect and remove this virus did not so I thought it may have found a new place to hide.

 



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users