Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 50

Thread: I HAVE A unknow VIRUS

  1. #31
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Ok if an av product doesnt detect something on your pc but something starts to delete files or stuff up the regestry. AV should kick in and worn you about virus like activity. So if you can make an exe/batchfile. That tells you to reboot and then leaps in befor your protection, on boot up, it should be able to do some damage, befor any protection can save your arse.

    Could this be why we are seing different results from people that have tried it out??
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  2. #32
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi mate

    do any of you test viruses?
    yesssssssssssssssssss!

    Not had a chance with this one yet.............and I am not sorted out here (my new home/family home) yet

    Please PM me with any you come across, as well as posting the alert,I have five machines up now, so I have an ARV and a couple of labrats (other two are wife & self ) Rest to follow............five to build............but "I have to decorate the breakfast room"..........so there?

    Thanks for the interesting post


  3. #33
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    I'm looking at the file right now.

    I can't see all of it yet, cause I cant' remember how to specify my viewing window, but heres some interesting things.

    It deletes your reg keys for network connections and various other windows components.. and does something in the registry with kazzaa and yahoo.

    Oh and it also does something with cmd.exe (ms-dos)

    If you would of never tried to open the file you would of been fine.

    Anyone remember how I can use edit in ms-dos to display a certain amount of rows and collumns?
    =

  4. #34
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Just looking at the binary (well my interpretation of) I would say that it is a personal comms thing..................Kazaaa, Yahoo and probably AIM, PIRC,mIRC and the usual culprits......................I suppose they chucked in e-mail as well

    If you people want to rip off recording companies, and share pr0n....go do it...........but please remember that you are not the only persons using the internet?

    Yep.................I am paranoid?


  5. #35
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    What are you using to view the file nihil?
    =

  6. #36
    Member
    Join Date
    Sep 2002
    Posts
    51
    Maybe this is the start of the virri of the futer that i read about in Computer Securty Info Mag. Called a Micro Code

  7. #37
    AntiOnline n00b
    Join Date
    Feb 2004
    Posts
    666
    Hi cheyenne1212

    Anyone remember how I can use edit in ms-dos to display a certain amount of rows and collumns?
    Edit /70 filename


    yes gets your network setting all the connections were deleted. And your Display Driver it busted my display driver too on both machined. and one of them was a dual boot with windows 98 and windows 2000, i ran it on windows 98 , it did busted all my network setting and connections and my display driver it hardly took me 15 to get it running again. But the Windows 2000 i had to do a complete restore. It refused to start just restarted after the initial startup screen without any error message. but there is no sign of it spreading . and yes you are perfectily safe until you run it yourself. one thing more i noticed when you run it your it first Disables your AV.


    Ok a few more things about this It's made in Visual Basic - 5 most probably, but can be VB-6 too. .......... And during compiling and creation the whole project was stored in the folder called DarkSide , don't know if it rings a bell ..............All the paths are given by this dumbo in the project are physical paths( e.g C:\windows\cmd.exe and c:\winnt\cmd.exe . ) not relative so my guess is it wouldn't work if the OS is not in C drive.. and it delets a lot og regestry keys hell lot of them of kaza , messengers, winzip, adobe etc etc........Their regestration information got f**ked up i had to again key in the regestration Serials etc


    virri of the futer
    lol no i don't think so it's the viri of the future , first it's not designed to spread, it dosen't tries to get to start itself at startup and take control , you would have to click it to start , and has a funny icon that tell you not to click on it, it's not designed to create havoc or something it's probably made by somebody for learning or to satsfy his ego most probably . and viruses tries to spread it dosen't spread .

  8. #38
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    well then its not a virus...malware indeed but not a virus. Because you had to run it to activate it, wouldn't that make it a trojan?

  9. #39
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I Hi Cheyenne,

    Hands up...........I was a coward............I used vi, I will have a go in notepad a bit later...........I was just looking for the "arrogant messages" bit, or for subtle hints like 29a, cult of the dead cow, and so on?



    I will not go with Cyber1d in that it would technically be a trojan, because I have not found out how it is presented..............OK I am a "nitpicker" but to me:

    1. This proggy will make your computer run twice as fast = trojan
    2. Hey, take a look at my huge **** = virus

    Just a thought?

  10. #40
    Senior Member
    Join Date
    Feb 2004
    Posts
    197
    Originally posted here by nihil


    2. Hey, take a look at my huge **** = virus

    Just a thought?
    lol

    true trojans would be more stealth like than showing off

    ps, to SwordFish_13 viruses dont spread worms do. viruses screw somthing up or infect

    ps,i changed the icon to that so people would know it was dangerous.the icon it had before was a game icon

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •