First Virus

I somehow got a virus - malwarrior.

Ran all the virus programs and think I got rid of it. Now I get an
error message :c:\windows\system32\bsjhbser.dll

module not found
win32\heur

What should I do? Thanks




--
kathy890

From: "kathy890" <kathy890.2753aa0@pcbanter.net>

| I somehow got a virus - malwarrior.

| Ran all the virus programs and think I got rid of it. Now I get an error message
| :c:\windows\system32\bsjhbser.dll

| module not found
| win32\heur

| What should I do? Thanks -- kathy890

First I doubt it was a virus but instead was a trojan.
Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and the file was removed bu
not the line to load the command...
rundll32 c:\windows\system32\bsjhbser.dll

What needs to be done is remove the line above from startup. This can be done with the
MSCONFIG.EXE command or by searching the Registry and finding the Run key that loads the
above and and removing that key.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

David H. Lipman;3122823 Wrote:
> From: "kathy890" kathy890.2753aa0@pcbanter.net
>
> | I somehow got a virus - malwarrior.
>
> | Ran all the virus programs and think I got rid of it. Now I get an
> error message
> | :c:\windows\system32\bsjhbser.dll
>
> | module not found
> | win32\heur
>
> | What should I do? Thanks -- kathy890
>
> First I doubt it was a virus but instead was a trojan.
> Most likely the file bsjhbser.dll was loaded by RUNDLL32.EXE and the
> file was removed bu
> not the line to load the command...
> rundll32 c:\windows\system32\bsjhbser.dll
>
> What needs to be done is remove the line above from startup. This can
> be done with the
> MSCONFIG.EXE command or by searching the Registry and finding the Run
> key that loads the
> above and and removing that key.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

I will try this when I get to my home desktop. Do you have any idea
how I got this and can prevent any others? I thought I was pretty
heavily protected but guess not.

Thanks




--
kathy890

From: "kathy890" <kathy890.2789469@pcbanter.net>

|
| I will try this when I get to my home desktop. Do you have any ideahow I got this and can
| prevent any others? I thought I was prettyheavily protected but guess not.
|
| Thanks-- kathy890

That hard to say even with something known. All you provided was a DLL name and
"win32\heur". That just means a hueuristic detection. Not much to go on.

What's important is to always practice Safe Hex and to make sure *ALL* vulnerbilities are
mitigated. Usually malware gets installed through a vulnerability exploitation vector or
Social Engineering.

Safe Hex:
http://www.claymania.com/safe-hex.html

Vulnerability detection and mitigation:
http://secunia.com/software_inspector


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp