Home page logo
/

bugtraq logo Bugtraq mailing list archives

CastleCops ramps up fight against CoolWebSearch/HomeSearch
From: Paul Laudanski <zx () castlecops com>
Date: Wed, 14 Sep 2005 17:01:30 -0400 (EDT)

CastleCops keeps and maintains various databases on malware and legitimate 
items for browser helpers objects, toolbars, startups, services, and 
activex objects. 

Thanks to the collaboration of many Team CastleCops Expert members, CC is 
frequently among the first to indentify and analyze a new emerging pest, 
and hence to add information on its components to the various Lists. We 
were for example the first to spot and categorize a new BHO co-responsible 
for an all new version of SpySheriff/PsGuard/SmitFraud, one of the most 
insidious and prevalent pests around: 

http://castlecops.com/tk6387-hp_tmp_random_char_or_digit.html 

CastleCops is also in progress of entering all BHOs pertaining to the 
notorious CoolWebSearch/HomeSearch parasite variant to its CLSID database 
list. That information is used to power publicly accessible applications 
such as (in addition to researcher based utilities): 

BHODemon - http://www.definitivesolutions.com/bhodemon.htm
BHOList - http://merijn.org/downloads.html

The BHO database in its entirety is made available to the public here: 

http://castlecops.com/CLSID.html 

Source: 
http://castlecops.com/a6249-CastleCops_ramps_up_fight_against_CoolWebSearch_HomeSearch.html
http://castlecops.com/article-6249-nested-0-0.html
-- 
Tony Klein and Paul Laudanski, Microsoft MVPs
CastleCops(SM), http://castlecops.com



________ Information from Computer Cops, L.L.C. ________
This message was checked by NOD32 Antivirus System for Linux Mail Server.

  part000.txt - is OK
http://castlecops.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]