Was cleaning up my desktop and moving some files and run upon BAZOOKA malware scanner which had not been updated like for a couple of months. Well, i always been fond of this little proggy ever since it identified some malware that many others didn't quite some time ago. Even though it doesn't remove anything, it certainly is been effective on occasion at "Finding" malware and/or their remains which it just did again today.
After some research and comparing notes i discovered at least 6 leftover malware files including a kl.exe and us.exe plus tool1.exe,2,3,4, and tool5.exe All of which were at 0KB. Back in December when i first got hit it was the loader.exe that showed up in C:\ folder as KERIO caught the varmint trying to request an outgoing connection.
Apparently quite a few of these found their way to the WINDOWS folder with the exception of a paytime.exe which landed in SYSTEM32.
BAZOOKA! discovered all these today where Adaware-SE didn't even find a one. So, done some more research and also found out not only does BAZOOKA target this malware but COUNTERSPY also!
Says something if you ask me. Here is the reference i found by doing a Google Search on this searchterror.com exploit. I discovered "some", not all of the exact same files as the Site Admin "OldFrog" points out at his website!
http://www.deckertechnology.net/modules.php?name=Forums&file=viewtopic&t=606
OK, looks like i am going to reach back to some of my Windows 98 defenses and start keeping a running tally again on exactly what new files get added and what have ya'. This proggy is saved the day more times than i care to count on my 98, it also is quite compatible with XP and XP pro, and i assume 2000 too. If anyone else wants to rea up on it and possibly even include it to your layer of defenses, here it is.
So far as i been able to tell over the years it does quite well in discovering changes to C:\,WINDOWS, SYSTEM folders on both XP and 98.
Filemapp by BB
http://www.dogkennels.net/filemap/
JOSEPH, I have had this handy utility installed since May last year. I found out about it,compliments of Herbalist. :thumbsup: