|
-
August 9th, 2005, 08:38 PM
#1
Member
 Chinese Hacker-2 Infection
Hello Friends,
Okay, I have another problem. My School network is infected with some trojan / virus or what-ever it says:
"My God! Some one killed Chinese Hacker-2 Monitor"
And then the message keep coming on all PCs. We run Xps over most of the PC, linux PCs are not infected.
How to remove this? Any resource or advise will be appreciated.
Thanks in advance,
Zeeshan Alam
-
August 9th, 2005, 08:49 PM
#2
have you ran a spyware/malware program yet?
if not, run it in safe mode on the pc.
If there is a quicker way to clean up across the network, one of the more
experienced guys around here can help.
If its the school network, hopefully you have admin rights to fix them.
Difficult takes a day, Impossible takes a week~Kthln01! 
-
August 9th, 2005, 08:52 PM
#3
are you sure its not somone messing with netsend?
do you have an antivirus software installed? (if not slap your admin)
Has the AV given you any indication what it is?
where does this pop up? is it like a webpage pop-up, or like an error message, but with that message?
do you have the messenger service disabled?
we need WAY more information at this point.
but here is a generic answer.
Update all virus Definitions,
Install something like adaware, update that
unplug from the network
restart in safemode,
scan for viruses
scan for adware.
do it on one computer that is having the problem, to start with, find the problem before trying to fix it on every other computer.
still having the problem, let us know.
-
August 9th, 2005, 08:54 PM
#4
yeah at first it sounded like one of those programs that schools use to control the screens in computer labs. I figured that could be easily identified tho.
Difficult takes a day, Impossible takes a week~Kthln01!
-
August 9th, 2005, 09:17 PM
#5
Hi AceSpy,
Sorry nothing here...
http://www.esafe.com/home/csrt/index.asp
Virus Updates - Virus Alerts
or here...
http://www.us-cert.gov/cas/bulletins/SB05-089.html
US-CERT Cyber Security Bulletin
( which is updated till August 2nd )
But I did find someone else who has the same problem...unfortuately no solution...
http://www.google.ca/url?sa=t&ct=res...FMzE4QGfooSLDg
Microsoft ISA Server Message Boards: About Chinese hacker-2 Monitor
so...I don't think it'd be a school problem.
Also came across a Chinese guy calling himself Hacker2 who has a major hate on for the Japanese...and some game references to kills by and of a Hacker2
Eg 
-
August 10th, 2005, 03:35 PM
#6
May I be the first to congratulate your school's it administrators? 
http://vil.nai.com/vil/content/v_99518.htm
McAfee's analysis of it.
This malware is THREE YEARS OLD so, unless this is a brand new variant, any decent AV product should detect it.
-
August 10th, 2005, 07:59 PM
#7
Member
Thank you Mr. Nihil and all other guys for answering. So all end up with a Worm! Sux! I will install McAfee to ensure its removal. I will also try to remove it manually.
Yeah, the dept. Administration SUX! All they know to solve a problem is to format the HDD. 
Thanks again,
Zeeshan Alam
-
August 10th, 2005, 08:20 PM
#8
Hi Zeeshan,
Please go here:
http://www.diamondcs.com.au/index.php?page=products
There are a number of useful tools, but the one your school might find particularly useful is "RegistryProt" This will warn you of additions and amendments to the Registry, and let you reverse them.
These products are free, even for institutions
Good luck, and remember when you are fighting malware it is best to run your tools in SAFE MODE
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
