Author Topic: Malware or suspicious BHO?  (Read 2562 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Malware or suspicious BHO?
« on: February 11, 2012, 05:21:58 PM »
See: hxxps://www.virustotal.com/url/aa51aad6ab8b1c25bbd624fd682872f2ab75ca33adb6da91e0b547e9a3b542e4/analysis/
Flagged as unknown_file_$_OUTDIR/waitBHOEnable.exe   
Given clean here: hxxp://vscan.urlvoid.com/analysis/07d4557acec8522b6a19312088a3ebeb/d2FqYW0tYmxpbngtZXhl/
Consider this also: hxxp://www.threatexpert.com/files/blinkx.exe.html
Also see: hxxp://anubis.iseclab.org/?action=result&task_id=1ffc0b85ac01c6d54213e2482d8d62904&call=first
And found to be suspicious here: hxxp://camas.comodo.com/cgi-bin/submit?file=1db0f20faf08d3a88122bed0fb9641c27a56934a4560a83c21f9ba9aa0594a22
-wajam_121.crx packed by BINARY PACKAGE
>>-hxxp://download.wajam.com/download/wajam_blinx.exe/wajam_121.crx - archive BINARYRES
Also given suspicious here: hxxp://urlquery.net/report.php?id=20586

polonus


chocholo: removed active links
« Last Edit: February 11, 2012, 06:19:59 PM by chocholo »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37582
  • Not a avast user
Re: Malware or suspicious BHO?
« Reply #1 on: February 11, 2012, 06:32:33 PM »
VirusTotal - wajam_blinx.exe - 0/43
https://www.virustotal.com/file/b5bf144bb5e4a5e262c4d1a9a8154f3e79ba036a7fc89e8428fd98f06f8e2202/analysis/1328981149/

First seen by VirusTotal   2012-02-10 23:18:33 UTC ( 18 timer, 8 minutter ago )   so....  ???



ThreatExpert
http://www.threatexpert.com/report.aspx?md5=07d4557acec8522b6a19312088a3ebeb
« Last Edit: February 11, 2012, 07:24:49 PM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Malware or suspicious BHO?
« Reply #2 on: February 11, 2012, 07:01:48 PM »
Hi Pondus,

There must be a reason for this: hxxp://www.prevx.com/filenames/X3454108785344069036-X1/BLINX.EXE.html
It can be a website hijacker in a promotion tool for various scam products,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48610
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Malware or suspicious BHO?
« Reply #3 on: February 11, 2012, 07:22:16 PM »
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Malware or suspicious BHO?
« Reply #4 on: February 11, 2012, 10:51:57 PM »
Hi bob3160,

Awfully good we have that,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!