[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 488: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4762: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4764: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4765: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4766: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3897)
ClanKiller.com - View topic - Possible a very weird windows virus
It is currently Fri Nov 22, 2024 7:54 pm



Reply to topic  [ 7 posts ] 
Possible a very weird windows virus 
Author Message
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post Possible a very weird windows virus
Yesterday my firewall started noticing that every EXE file that passes his diff control has been changed. Funny thing about that was that some of these programs that are well known (Firefox, Skype, DAP) seemed to work properly, while some less known (qip, x-chat) simply refused to work and some of them even reported corruption of EXE file.

When even explorer process started to bug, forcing me to kill and restart it from time to time, I reinstalled windows today.

Well, that wasn't the end of the story. Short after the reinstallation has been done (full reinstallation, HDD formated), the same thing started occurring again, not even letting me time to reinstall all the software.

This is weird since I never had problems with viruses. I don't even have an antivirus or I ever needed it. This windows installation I have I dunno since when and it never 'hooked' anything. Well, now it obviously gets some really bad plague, and it gets it very fast and automatically.

Now I'm trying to figure out what happens. I isolated an example of a corrupted and non-corrupted file, am downloading some free antiviruses, will do some checks and if nothing works I will switch to a linux distribution, till I figure out what is fucking going out here. Well it IS something going out when a fresh installed version of XP gets infected by simple surfing on wikipedia, clankiller, my site and google again and again.

Will report later.

_________________
++


Last edited by RB on Sat Aug 04, 2007 12:26 pm, edited 1 time in total.



Sat Aug 04, 2007 11:51 am
Profile WWW
Minor Diety
User avatar

Joined: Fri Apr 11, 2003 5:09 pm
Posts: 4004
Location: Walsall, West Mids, UK
Reply with quote
Post Re: Possible a very weird windows virus

_________________
Games to complete:
GTA IV [100%] (For Multiplayer next!)
Fallout 3 [50%]
Rock Band [35%]
http://www.cafepress.com/SmeepProducts


Sat Aug 04, 2007 12:04 pm
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post Re: Possible a very weird windows virus

_________________
++


Sat Aug 04, 2007 12:26 pm
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
Okay aftermath here.

I am amazed how it succeeded to infect a zillion of files within just about 8 hours, which is how long this windows installation lives. I deleted it everywhere antivirus had found it and am doing some additional scans. I will be looking for the reason why it actually had happened. I have some assumptions but won't do/tell anything before I am sure. (it is always hard to point anywhere)

Damage: huge. Almost all EXE files removed from the computer. Many programs to be reinstalled. It is an irony that it even destroyed my instance of borland c++ compiler, which was used to finalize it (yes, this virus has been finalized in bcc32).

As well, I had a ROFLMAO when I saw the virus infected even my own 3D engine executable. I hate the bastard who has made it, that's sure. :P

Anyway, the myth about how I do not need an antivirus has been busted. For now I will definitely keep this AVG for it has done a good job. :P

_________________
++


Sat Aug 04, 2007 1:09 pm
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
One more weird fact. Just the last night I had a dream where my computer started to shut down over and over again, till in the end I got a spooky message "bring your mech to the neurosurgery, you idiot" with an ugly smiley over the whole screen.

Duh, sixth sense? :shock:

_________________
++


Sat Aug 04, 2007 1:26 pm
Profile WWW
Felix Rex
User avatar

Joined: Fri Mar 28, 2003 6:01 pm
Posts: 16662
Location: On a slope
Reply with quote
Post 
lol...pretty good dream.

Regarding the issue, yea, definetely sounds like your Lan is the culprit. Probably used some xp exploit to get file system access and begin replicating itself. I actually watched a virus copy itself into a share folder I had open... freaked me out.

Anyway, good job kicking its ass. AVG is indeed a decent AV product, especially considering the price. I keep it loaded and running.

_________________
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.


Sun Aug 05, 2007 10:13 am
Profile WWW
Emperor
User avatar

Joined: Wed Apr 16, 2003 1:25 am
Posts: 2560
Reply with quote
Post 
What I've read about Parite doesn't imply it is capable of sneaking through network. So someone had to infiltrate it here and initiate the first run (not that hard I suppose, since I'm windows user). BitComet is the other possibility since it has its flaws too. The firefox and the programs that I ran ain't an option as I wasn't downloading anything that could have carried the virus (exe/scr files) in the evening I got it. I was just watching a movie and went early to bed as the problems started occurring.

In the end.. it's gone.

_________________
++


Sun Aug 05, 2007 10:27 am
Profile WWW
Display posts from previous:  Sort by  
Reply to topic   [ 7 posts ] 

Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by STSoftware.