Results 1 to 6 of 6

Thread: JS/Blacole.S

  1. #1
    New Lounger
    Join Date
    Apr 2010
    Location
    Newbury Park, Ca., USA
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts

    JS/Blacole.S

    On November 7, while doing a scheduled, routine virus scan, Microsoft Security Essentials alerted me that it had found malware on my system. It removed a program named "JS/Blacole.S". I can't find out anything about this malware, but from what tid bits I have read, it seems like it's only being detected by MSE! Does anyone know about this threat? I have attached a screen shot of the report from MSE.
    Attached Images Attached Images

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,058
    Thanks
    196
    Thanked 766 Times in 700 Posts
    Robert,

    I found this on the Avira site.
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  4. #3
    New Lounger
    Join Date
    Apr 2010
    Location
    Newbury Park, Ca., USA
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    RetiredGeek, The malware listed on the Avira site is for JS/Blacole.psah. There is also a JS/Blacole.N and a JS/Blacole.O. Do you think these are all the same?

  5. #4
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,058
    Thanks
    196
    Thanked 766 Times in 700 Posts
    Robert,

    Each vendor gives these things their own names. Where they are the same or close I would assume the same bug. From what I can tell this is a JavaScript drive-by download that is laying dormant for something to activate it. Of course this is just making guesses from the stuff on the Avira site and the name. Be careful searching for this, WOT flagged several of my google hits with red circles...bad places to go!
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  6. #5
    New Lounger
    Join Date
    Apr 2010
    Location
    Newbury Park, Ca., USA
    Posts
    11
    Thanks
    0
    Thanked 0 Times in 0 Posts
    OK, thanks. I've only been looking for this because I would love to know just where I went to pick this up. I have been computing for over 30 years and I've only picked up a couple of viruses in all that time. Thank you for the help.

  7. #6
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by RobertDianella View Post
    I've only been looking for this because I would love to know just where I went to pick this up.
    You can search in Firefox's cache index. In the address bar, type or paste about:cache and then check the disk cache. It usually loads slowly if you have a lot of files in the cache. You should be able to search using Ctrl+f as you would in a web page.

    Edit: Actually, I'm not sure what the original file name was, so I'm not sure you will be able to locate it in the cache index. (Obviously there are way too many .js files to search by extension.)
    Last edited by jscher2000; 2011-11-09 at 20:47. Reason: Whoops.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •