Question about THIS virus.

Forums » Up and Running » Security » Security » Question about THIS virus.


Uniqs: 609	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

TrojanHunter and .dll files? »
« AdAware update error

DaMaGeINC
The Lan Man
Premium
join:2002-06-08
Greenville, SC
clubs:

·Charter Pipeline

·AT&T Southeast

4 edits

Question about THIS virus.

I was just browsing the forums when some people on my buddy list on AIM started send me a message,

"DO NOT DOWNLOAD THIS FILE, IT IS A VIRUS"

this is the message

friend on aim: this looks like you : Link Removed. Read the forum rules. People in this forum are not Guinea pigs. WCB!

When I messaged him back, he said he dident send it and that someone sent it to him, right then I knew it was a virus and was glad I dident click on it, well comon, pic.pif? Its like how stupid do you think I am to click on some shit like that. So, can anyone indentify this file and give me some removal methods I can relay on to him. I sent him to about 3 online virus scaner sites already.

--
inc.ath.cx
Have a Networking problem or question? Stop by the Networking Forum and let us help you.

permalink · 2005-06-24 16:34:11 · Print ·

kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH

1 edit

Re: Question about THIS virus.

It's against the rules here to post links to malware. You should remove the link from your post, or a moderator may do it for you.

That said, when I scanned the sample on Jotti's site BitDefender identified it as a possible new variant of Sdbot. None of the AVs Jotti uses detected it positively, but any unsolicited executable file, especially .pif files should be considered suspicious.

I'll submit the sample to the AV companies.
--
SMTP: Spam and Malware Transfer Protocol. Also used on rare occasion to transmit e-mail messages.

permalink · 2005-06-24 16:40:25 · Print ·

DaMaGeINC
The Lan Man
Premium
join:2002-06-08
Greenville, SC
clubs:

·Charter Pipeline

·AT&T Southeast

A quick lookup on the domain

Domain Name: GAMENIAC.COM
Registrar: GO DADDY SOFTWARE, INC.
Whois Server: whois.godaddy.com
Referral URL: »registrar.godaddy.com
Name Server: NS1.ICH-3.COM
Name Server: NS2.ICH-3.COM
Status: REGISTRAR-LOCK
Updated Date: 04-may-2005
Creation Date: 15-jan-2005
Expiration Date: 15-jan-2006

Figures
--
inc.ath.cx
Have a Networking problem or question? Stop by the Networking Forum and let us help you.

permalink · 2005-06-24 16:40:30 · Print ·

DaMaGeINC The Lan Man Premium join:2002-06-08 Greenville, SC clubs: 2 edits	Re: Question about THIS virus. opps, wrong company
	permalink · 2005-06-24 16:55:21 ·

m0x I love juice too Premium join:2002-11-04 San Francisco, CA	Re: Question about THIS virus. said by DaMaGeINC : Go Daddy is a KNOW malware/virus company, why doesent our goverment shut them down? This world is soo fucked up GoDaddy is known registrar, one of the biggest at that... -- Just because you're paranoid doesn't mean they're not out to get you
	permalink · 2005-06-24 17:47:24 ·

DaMaGeINC The Lan Man Premium join:2002-06-08 Greenville, SC clubs:	Re: Question about THIS virus. So who actually made the domain?
	permalink · 2005-06-24 19:08:36 ·

NyQuil Kid 8f The Nyquil Kid join:2001-01-06 Brick, NJ	Here's a thread that appears related to your experience: »another AIM virus... [8F] The NyQuil Kid
	permalink · 2005-06-24 16:42:14 ·

DaMaGeINC The Lan Man Premium join:2002-06-08 Greenville, SC clubs:	So no one can offer any help?
	permalink · 2005-06-24 17:42:57 ·

DaMaGeINC The Lan Man Premium join:2002-06-08 Greenville, SC clubs:	Well, this thread was useless. Last time I come here for help.
	permalink · 2005-06-24 18:52:52 ·

NyQuil Kid
8f The Nyquil Kid

join:2001-01-06
Brick, NJ

·Comcast

·Verizon Online DSL

Re: Question about THIS virus.

If you bothered to check the link I provided, you would have noticed that no one really knows alot about this particular virus, so you are not alone in your ignorance.

Rather than ranting on, perhaps you want to review that link and just chalk it up to good fortune that you knew enough not to click on it. As for your friend who did...well, our ancestors learned that fire was hot when they touched it, so maybe he'll remember this experience the next time around.

[8F] The NyQuil Kid
--
[8F] The NyQuil Kid comes into town not looking for trouble...n00bz gang up, but he ain't seein' double,...pulls and draws, his deagles two...n00bz litter the ground you know it's true.

permalink · 2005-06-24 19:35:39 · Print ·

waltham41 My ISP can beat up your ISP Premium join:2003-11-26 Fort Gibson, OK ·HughesNet Satellit..	said by DaMaGeINC : Well, this thread was useless. Last time I come here for help. How Rude!!!!! -- DirecWay \| DW 2 way \| SatMex5 1270mhz \|HP a620n 2.2G \| Win XP SP2 \| 2 XP PC's on the internet via D-Link DSS 5+ switch
	permalink · 2005-06-24 21:37:23 ·

Wildcatboy Premium,Mod join:2000-10-30 Toronto, ON Host: Security Product V.. Security	said by DaMaGeINC : Well, this thread was useless. Last time I come here for help. Let's try to make sure of that. -- You can catch the Devil, but you can't hold him long.
	permalink · 2005-06-24 21:43:58 ·

(topic locked)

Forums » Up and Running » Security » Security	TrojanHunter and .dll files? » « AdAware update error


Thursday, 03-Dec 12:34:21	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF