Smitty
12-02-2001, 02:52 AM
Internet Explorer 5.5SP2 has been acting up so I did local virus scan with McAfee...nothing
I paid a visit to Housecall for their free scan...nothing
Still not satisfied I ran Regclean and examined log file. Noticed references to "misc.exe", perhaps 6 or 7 keys removed by regclean..
Ran a search for the file and found it..While searching I noticed "bindico.exe" so I searched web and found several contradictory webpages. One below indicates it is associated with a virus. [W32.FunLove.4099]
Another indicated it was an ICON used with Access or some other office application.
I also found on my drive executables which are not found on the web using GOOGLE. For example
I found _24ef2a94.exein folder C:\WINDOWS\Application Data\Microsoft\Installer\{8918AD50-F8D8-4E5C-A2DE-08C1B275B3B4}
bindico.exe in folder C:\WINDOWS\Application Data\Microsoft\Installer\{00170409-78E1-11D2-B60F-006097C998E7}
Searching the web I found this entry included in the log of an "infected machine:"
D:\WINNT\Installer\{00010409-78E1-11D2-B60F-006097C998E7}\bindico.exe
Virus name: W32.FunLove.4099
I went to Symantec and downloaded their FunLove virus removal tool, booted to DOS, ran the tool and it reports no infected files.
My question is, has anyone else found these files on their machines, are they trojan's, or do you have any knowledge of them?
Thanks for any and all responses.
Smitty
I paid a visit to Housecall for their free scan...nothing
Still not satisfied I ran Regclean and examined log file. Noticed references to "misc.exe", perhaps 6 or 7 keys removed by regclean..
Ran a search for the file and found it..While searching I noticed "bindico.exe" so I searched web and found several contradictory webpages. One below indicates it is associated with a virus. [W32.FunLove.4099]
Another indicated it was an ICON used with Access or some other office application.
I also found on my drive executables which are not found on the web using GOOGLE. For example
I found _24ef2a94.exein folder C:\WINDOWS\Application Data\Microsoft\Installer\{8918AD50-F8D8-4E5C-A2DE-08C1B275B3B4}
bindico.exe in folder C:\WINDOWS\Application Data\Microsoft\Installer\{00170409-78E1-11D2-B60F-006097C998E7}
Searching the web I found this entry included in the log of an "infected machine:"
D:\WINNT\Installer\{00010409-78E1-11D2-B60F-006097C998E7}\bindico.exe
Virus name: W32.FunLove.4099
I went to Symantec and downloaded their FunLove virus removal tool, booted to DOS, ran the tool and it reports no infected files.
My question is, has anyone else found these files on their machines, are they trojan's, or do you have any knowledge of them?
Thanks for any and all responses.
Smitty