Loose lips sink ships, and they're not very good for blow jobs either.
Trojan Warning From The Nintendo Freak
forgot to mention, this trojan gets through most anti-virus programs, the link below is to the CLIENT tool that you extract the zip file, open the program and click scan, once the scan is done if you have it, it will give you the option to remove/disinfect, if you dont have it, congradulations and close the program, ill keep you posted as i learn more.
sorry if you guys get this twice, just want to make sure everyone gets this, please tell your friends, tell all you know and warn them about this worm that could disable your internet
http://www.bdtools.net/download-removal-tool.php
What is Downadup?
Win32.Worm.Downadup is a worm that relies on the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (MS08-67) in order to spread on other computers in the local network. The authors took various approaches to make this malware especially fast spreading and hard to remove.
This malware always comes wrapped in an obfuscated layer which aims at deterring analysis. The layer can be in two flavors, either packed with UPX or not packed, but it is always obfuscated and uses various rarely used apis to break emulators. The real malware is contained inside in an encrypted form. It is packed with a standard upx version, but to deter unpacking it is never written on disk and it doesn't have the PE header which makes it appear as an invalid executable. This has the side effect of being undetectable when injected into another process, it just looks as standard memory allocated page.
Read Full Technical Details about Win32.Worm.Downadup.
sorry if you guys get this twice, just want to make sure everyone gets this, please tell your friends, tell all you know and warn them about this worm that could disable your internet
http://www.bdtools.net/download-removal-tool.php
What is Downadup?
Win32.Worm.Downadup is a worm that relies on the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (MS08-67) in order to spread on other computers in the local network. The authors took various approaches to make this malware especially fast spreading and hard to remove.
This malware always comes wrapped in an obfuscated layer which aims at deterring analysis. The layer can be in two flavors, either packed with UPX or not packed, but it is always obfuscated and uses various rarely used apis to break emulators. The real malware is contained inside in an encrypted form. It is packed with a standard upx version, but to deter unpacking it is never written on disk and it doesn't have the PE header which makes it appear as an invalid executable. This has the side effect of being undetectable when injected into another process, it just looks as standard memory allocated page.
Read Full Technical Details about Win32.Worm.Downadup.
Replies to This Discussion
-
Permalink Reply by Phil on -
Hey bro!
downloaded and did the check and I'm clean. But this thing is conflicting with another program. Went to remove it and it is not in my uninstall menu or in the folder were I placed the installer ??? were is this app and how do I remove it?
-
Permalink Reply by Nintendo Freak on
-
the tool is standalone, meaning it runs without having to be installed, if your program is conflicted it might be something else, just delete the files you extracted from the zip file and its gone, what program is conflicted? what happens when you access the conflicted program? did you download the client or network scanner? yahoo client id nintendofreak_13@yahoo.com please dont email, i dont use that email address just for messenger
Phil said:Hey bro!
downloaded and did the check and I'm clean. But this thing is conflicting with another program. Went to remove it and it is not in my uninstall menu or in the folder were I placed the installer ??? were is this app and how do I remove it?
-
Permalink Reply by Phil on
-
The conflict was with Graboid which is a video search engine under developement. It was causing problems with the download manager which is still a little shaky anyhow. Got it under control but were is this app stored? can't find it to remove it.
I don't want to discourage anyone from trying the bitdefender! I'm pushing it in several areas that make me more sensitive to software. Download and check your PC
-
-
where can i download this Graboid? is it for firefox or IE, what version of IE or Firefox, anything in particular you are downloading thats causing issues? have you tried downloading from other sites? in the mean time you never mentioned if u downloaded the client or the network one? the app is stored wherever you extracted it, what you could do is re-download it and see what files are a part of it, then do a search on your c drive for those files and delete them, again as ive stated its standalone, self-sufficient, it doesnt use other programs and other programs dont use it, and i don't think it would write anything to the registry. have you tried using a different browser and you did say it was under development. My suggestion would be to do the following,
1. clear your temporary files, which can be done by going to start > run and in the run box type cleanmgr.exe which will bring up disk cleanup check all the boxes but the last 2 then click ok
2. go to safer-networking.org if you dont already have spybot search and destroy 1.6.2, uncheck the option for teatimer (because like vista its poinless to have it.) update, run immunization, then i would run a full scan
3. if results are negative try uninstalling the browser, reboot, then re-install
4. if that doesn't work i would email the makers of the program and ask if it makes any entries in the registry.
thats all i can think of for now...
Phil said:The conflict was with Graboid which is a video search engine under developement. It was causing problems with the download manager which is still a little shaky anyhow. Got it under control but were is this app stored? can't find it to remove it.
I don't want to discourage anyone from trying the bitdefender! I'm pushing it in several areas that make me more sensitive to software. Download and check your PC
-
Permalink Reply by John Cress on -
Damn...thanks dude...this one was embedded in my System32 folder.
© 2009 Created by Soccergirl on Ning. Create a Ning Network!
