HelpSites

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, January 22, 2009

Miekiemoes rules ?? Yeah right...

Posted on 1:41 AM by Unknown
This is about the Searchengine Hijack I blogged about a couple of months ago. Files responsible for this hijack are sysaudio.sys or wdmaud.sys, present in the system32 folder - detected by most scanners as Win32:Daonol.
Someone notified me yesterday about a version of Win32:Daonol which is a bit different than other versions.
The malware author(s) decided to add "Miekiemoes rules" under file description in one of its versions.
Again, another proof why not to believe what malware tells you :P

This is what you get when you hover your mouse over the malicious wdmaud.sys:



I only have above screenshot. The person who uploaded this screenshot for me already deleted the wdmaud.sys, so no sample available. In anyway, thanks for the screenshot.

Sample is welcome (only above version).
Edit - Sample received - Thank you blogreaders :)
Email ThisBlogThis!Share to XShare to Facebook
Posted in Malware | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • 3 stubborn PC problems you can fix
    Copy from retired Microsoft at Work website (retired June 30, 2013), Copyright Microsoft.  3 stubborn PC problems you can fix Ever notice h...
  • Reminder for Forum owners
    This post is actually a reminder to my previous blog post http://miekiemoes.blogspot.com/2008/04/forum-owners-take-your-responsability.html ...
  • Forum owners - Take your responsibility!!
    After we had this , with a little update here , I'm still amazed how many website owners don't take responsibility. I was researchin...
  • Email-Worm.Win32.Locksky - new stubborn variant
    I was helping a user the other day where his computer was crippled with malware. We could successfully delete all other files, registry keys...
  • Rogue HDDDefragmenter
    HDD Defragmenter is a rogue which appears quite easy to get rid of. That's not what I wanted to talk about. It's about how much Rogu...
  • Fake sysaudio.sys causes Searchengine Hijack
    What is this infection about... It actually loads a script, so searchengine results are loaded within a script. For example, when you resear...
  • Top Ten excuses why people don't want to secure their computer
    1. I don't have anything valuable on my computer anyway, so I don't need to worry about someone taking it over. Actually, you have s...
  • Miekiemoes rules ?? Yeah right...
    This is about the Searchengine Hijack I blogged about a couple of months ago. Files responsible for this hijack are sysaudio.sys or wdmaud...
  • Meet the Medion Family
    A picture of my "Workplace"...
  • The Neverending Story
    It's already more than 4 years that I clean severly infected computers. In most of the cases, when I review the logs, I see more malware...

Categories

  • BlogTools
  • Compromised
  • databases
  • dogs
  • email
  • Exploits
  • Firefox
  • forums
  • Funny
  • hacks
  • Internet Explorer
  • Malware
  • Me
  • Mobile
  • Online Tools
  • Other
  • phish
  • Popups
  • Prevention
  • Rant
  • Recipe
  • Registry
  • Rogue
  • scam
  • Security Products
  • Slow computer
  • Software
  • spam
  • websites
  • Windows
  • Windows Update
  • Windows Vista

Blog Archive

  • ►  2013 (11)
    • ►  June (9)
    • ►  April (1)
    • ►  February (1)
  • ►  2012 (4)
    • ►  December (1)
    • ►  November (1)
    • ►  August (1)
    • ►  January (1)
  • ►  2011 (2)
    • ►  November (2)
  • ►  2010 (3)
    • ►  November (1)
    • ►  October (1)
    • ►  April (1)
  • ▼  2009 (13)
    • ►  November (2)
    • ►  July (1)
    • ►  June (1)
    • ►  May (2)
    • ►  March (2)
    • ►  February (2)
    • ▼  January (3)
      • IX Web Hosting - Reliable?
      • Miekiemoes rules ?? Yeah right...
      • Settings won't save in Firefox
  • ►  2008 (71)
    • ►  December (1)
    • ►  November (8)
    • ►  October (5)
    • ►  September (5)
    • ►  August (7)
    • ►  July (5)
    • ►  June (12)
    • ►  May (8)
    • ►  April (6)
    • ►  March (5)
    • ►  February (9)
Powered by Blogger.

About Me

Unknown
View my complete profile