Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Virus ? See attachment.

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Virus ? See attachment.

    Hey all

    Anyone seen this virus before? It changes your wallpaper. Anyone know anything about it and how to remove it?

    You can rename the zip file to a jpeg or gif to view.

    Please dont be scared to open the file, its only a picture.

    Any help appreciated.

    Thanks.
    Last edited by Cider; August 7th, 2008 at 09:49 AM.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    Kind of a scary name for a thread

    I tried changing the ext to .jpg and .gif, but could not open the file.

    edit: Guess I misunderstood, I had to extract the file from the archive, then change the extension. I have not seen that before, but I would run the usual scans... which you have probably done. Have you had any luck getting rid of this thing?
    Last edited by westin; March 28th, 2008 at 02:34 PM.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  3. #3
    Junior Member
    Join Date
    Mar 2008
    Posts
    12
    Greetings Cider,

    I have faced these neat liittle spyware viruses before. here is some rationale behond how it works. The virus has changedyour desektop to use a homepage. It can get tought ot delete whereas it will probably duplicate itself when you restart your computer. First I will need some information. Can you download a copy of HiJackThis and run it and copy the log to tihs thread please? From there I can see whats running when your computer turns son as well as how your registry and startup has been changed.

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Sorry if my post was abit vague

    I havent had any luck getting rid if this.

    Any ideas ?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    What about hijack this...as previously suggested?

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    Senior Member C:\Saw's Avatar
    Join Date
    Jan 2008
    Posts
    125
    Try a-squared free: (3rd one down on the site)

    http://www.emsisoft.com/en/software/download/

    It works for me every time...or try the trial version of counterspy if that doesn't work:

    http://www.sunbelt-software.com/Home...ce/CounterSpy/

    these will hopefully get rid of it
    Last edited by C:\Saw; March 28th, 2008 at 09:43 PM.
    "...to give correctly is to give them what they need from us, for it would not be skillful to bring gifts to anyone that are in no way needed."
    --Socrates

    *Einstein Would Be Proud*

  7. #7
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Yup Ive seen that exact one before :-P Its been awhile but some of those desktop hijacks use active desktop to put a fullsize web page on your screen so even if you change you wall paper it still shows up :-P

  8. #8
    Senior Member
    Join Date
    Dec 2001
    Posts
    319
    So...turning off active desktop would break it?

  9. #9
    Senior Member
    Join Date
    Jul 2002
    Location
    Texas
    Posts
    168
    smitfraud fix by siri!

    run it in safemode. Then run the usual suspects (adaware, avg, spyware doctor, spy sweeper, kaspersky, autoruns and hijackthis)

    should clean it, but make sure to run a disk cleanup. Should do it.

    What you have is a smitfraud variant
    <chsh> I've read more interesting technical discussion on the wall of a public bathroom than I have at AO at times

  10. #10
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hey dark.

    You see I work for Panda so using 3rd party tools is abit of a no no

    But Ill give it a go ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

Similar Threads

  1. Abbr: history of the computer virus
    By E5C4P3 in forum AntiVirus Discussions
    Replies: 12
    Last Post: April 30th, 2013, 08:05 PM
  2. Virus Research Information: What Are The Different Kinds?
    By Spyder32 in forum The Security Tutorials Forum
    Replies: 18
    Last Post: September 3rd, 2004, 11:23 PM
  3. The Bulgarian and Soviet Virus Factories
    By foxdie in forum AntiVirus Discussions
    Replies: 11
    Last Post: April 4th, 2004, 02:52 AM
  4. Black Wolf's Guide to Memory Resident Viruses.
    By ahmedmamuda in forum AntiVirus Discussions
    Replies: 2
    Last Post: March 20th, 2002, 02:03 AM
  5. So you want to learn about Viruses.
    By 3ntropy in forum AntiOnline's General Chit Chat
    Replies: 10
    Last Post: March 4th, 2002, 11:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •