3 replies to this topic

[oddigy]

hxxp://ocjjnation.com/index.php

This site is completely spamming up my client's NOD32 log as a variant of W32/BHO.NPE trojan. I've run MBAM and it has not turned up any rogue threats.
The only suspicious looking thing I'm turning up in IEHistoryView is the following:

hxxp://msttrfa.com/medow/?MjzuFY7HueES1Riqb6lCQKInIYdq6M8CAi/nPfRTLYzo0/cssphslfRrK3uK7NK8kScWeWo=

Submitting for analysis. Have a good day. I will add if I find anything else that may help.

[JoleFindsTheRogues]

Nothing on

hxxp://msttrfa.com/medow/?MjzuFY7HueES1Riqb6lCQKInIYdq6M8CAi/nPfRTLYzo0/cssphslfRrK3uK7NK8kScWeWo=

Doesn't do anything

hxxp://ocjjnation.com/index.php

Possible exploit , but it did nothing to me

[Bobc11]

Still having problems?

[Fatdcuk]

oddigy, on Aug 21 2009, 05:48 PM, said:

This site is completely spamming up my client's NOD32 log as a variant of W32/BHO.NPE trojan. I've run MBAM and it has not turned up any rogue threats.
The only suspicious looking thing I'm turning up in IEHistoryView is the following:


Submitting for analysis. Have a good day. I will add if I find anything else that may help.

Hi there is no data available from those sources for the unknown PE file that i can run analysis to give new instructions to MBAM DB in order to resolve this for your client.

I would suggest you do the following and treat as having an infected computer inorder to find a solution to it

• Please read and follow the instructions provided here: I'm infected - What do I do now?
  
• If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs

• NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.