-
August 29th, 2002, 10:36 AM
#1
Member
An .EXE file with JPEG Icon
I feel this is going to be use for Windows users
I have found a file with .exe extension with JPEG icon in my box. My AV (NAV2002) has detected it. It resides in \windows\system folder.
Moreover,
I got a place in Startup procedure. I have found an entry of PIX in startup. One can access this thru Start>Run>msconfig. Startup tab of System Configuration Utility Dialog reveals this. Here programs that are to be loaded (called memory resident) will have its place. The syntax is "Key Name followed by its value (path)" (eg: System Tray - SysTray.exe, TaskMonitor - C:\WINDOWS\TASKMON.EXE etc., ). PIX61081 got linked to rundll32.exe and is display the entry as 'PIX61081 - C:\WINDOWS\RUNDLL32.EXE'
Tip: An important one.
Go to Folder Options from Windows Explorer
Uncheck "Hide Extensions of known file types.
-
August 30th, 2002, 05:56 AM
#2
Junior Member
Neo,
Something intresting. Thanks for the warning.
ragmyn
At the heart of the Internet culture is the force that want to know everything about you.
-
August 30th, 2002, 06:11 AM
#3
This attachment is an EXE file under an jpeg Icon..
It will still pass Norton AV2002...I have had this file for 2 years now.
Still passes all trojan scanners and AV checkers.
The reason..
It's not a Virii or Trojan...
Just a simple exe file that removes "Windows System files" and kills Windows!!
-
August 30th, 2002, 06:26 AM
#4
Info_Au are you sure if that is the case do not delete this file unless you want to reformat.
No good deed goes unpunished.
-
August 30th, 2002, 04:01 PM
#5
Junior Member
Sounds like a virus which has been "bound" to an exe, and had the icon changed.. this is standard hacking practice for newbie hackers... I would check and see what applications are running and see if there's anything there that you don't recognise
-
August 30th, 2002, 08:27 PM
#6
Originally posted here by Info_Au
This attachment is an EXE file under an jpeg Icon..
It will still pass Norton AV2002...I have had this file for 2 years now.
Still passes all trojan scanners and AV checkers.
The reason..
It's not a Virii or Trojan...
Just a simple exe file that removes "Windows System files" and kills Windows!!
suggestion, dont delete anything if u dont know exactly what it is!
do ur research before u do these such things
such as if a file like CIH.exe is found on ur computer go to www.google.com and type "CIH.exe" and check what is found about that file
or if u find multiple files like
a.dll b.dll c.dll e.dll and their causeing errors type
"a.dll b.dll c.dll e.dll" in google IN QUOTES so it searchs the exact phrase and it IS A BIG possability that someone elese has had the same problem and has posted something that could help you fix it!! or at least tell u what is going on..
--NetSyN
[shadow]i have a herd of 1337 sheep[/shadow]
Worth should be judged on quality... Not apperance... Anyone can sell you **** inside a pretty box.. The only real gift then is the box..
-
August 30th, 2002, 08:34 PM
#7
Agree 120% with NetSyn. Don't delete things until you know the consequences. I compiled a 2.4 linux kernel on my Slackware 8 system the other day, deleted the 2.2 befroe I tried the 2.4, so confident I was that it'd work... It ****ed up, of course, and I had to reinstall the whole system (well, I could've recompiled a 2.2, but it'd have been more trouble than it was worth!)
Moral of the story:
Don't delete unless you're absolutely sure.
-
August 30th, 2002, 09:10 PM
#8
Member
.
i also think that it is posssibly a trojan as well. this sounds like what a program called net devil does which is a back door trojan.
but it usually picked up by Av's and trojan scanners
odd
-
August 31st, 2002, 12:49 AM
#9
I know exactly what this file does!!
I have asked somebody here to look at it more(uncompile it) and they told me what it does a long time ago.
The reason i posted it is....It still passes AV and trojan scanners so any newbie could think as it passed both of them it was safe to open it??
NOPE!!
This exe file removes "System INI" file from Windows and displays a red window with nasty abuse on it...Then on a reboot your P.C will not know how to start-up!
All that done in 28kb.
-
August 31st, 2002, 04:43 AM
#10
Yes, but can't you easily assign any ICON to any file? Just because you assign an icon to an item doesn't mean anything. All my MP3 files have a stupid RIAA Spoof ICON.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|