[40308] in bugtraq
CastleCops ramps up fight against CoolWebSearch/HomeSearch
daemon@ATHENA.MIT.EDU (Paul Laudanski)
Thu Sep 15 14:45:15 2005
Date: Wed, 14 Sep 2005 17:01:30 -0400 (EDT)
From: Paul Laudanski <zx@castlecops.com>
To: bugs@securitytracker.com, <bugtraq@securityfocus.com>,
<news@securiteam.com>, <vuln@secunia.com>
Message-ID: <Pine.LNX.4.44.0509141658300.24888-100000@bugsbunny.castlecops.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
CastleCops keeps and maintains various databases on malware and legitimate
items for browser helpers objects, toolbars, startups, services, and
activex objects.
Thanks to the collaboration of many Team CastleCops Expert members, CC is
frequently among the first to indentify and analyze a new emerging pest,
and hence to add information on its components to the various Lists. We
were for example the first to spot and categorize a new BHO co-responsible
for an all new version of SpySheriff/PsGuard/SmitFraud, one of the most
insidious and prevalent pests around:
http://castlecops.com/tk6387-hp_tmp_random_char_or_digit.html
CastleCops is also in progress of entering all BHOs pertaining to the
notorious CoolWebSearch/HomeSearch parasite variant to its CLSID database
list. That information is used to power publicly accessible applications
such as (in addition to researcher based utilities):
BHODemon - http://www.definitivesolutions.com/bhodemon.htm
BHOList - http://merijn.org/downloads.html
The BHO database in its entirety is made available to the public here:
http://castlecops.com/CLSID.html
Source:
http://castlecops.com/a6249-CastleCops_ramps_up_fight_against_CoolWebSearch_HomeSearch.html
http://castlecops.com/article-6249-nested-0-0.html
--
Tony Klein and Paul Laudanski, Microsoft MVPs
CastleCops(SM), http://castlecops.com
________ Information from Computer Cops, L.L.C. ________
This message was checked by NOD32 Antivirus System for Linux Mail Server.
part000.txt - is OK
http://castlecops.com
