Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have a virus sample


  • Please log in to reply
4 replies to this topic

#1 yoomanipop12

yoomanipop12

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 06 August 2011 - 07:50 AM

Hi guys

I encountered this error last week and it kind gave me a hard time becuase I have to do manual removal of it. I try ranning some scanners on it like Safety Scanner, Hitman Pro, ESET online scanner, but it was not able to detect it. I was able to get some sample and I was hoping you can analyze it for me on what kind of virus is this

Here is the link of the virus sample

Removed to protect membership. ~ OB

Thanks

Hi

I just forgot there is a hidden file there it is wuapp.exe, that's the one you should run


thanks

Edited by Orange Blossom, 06 August 2011 - 04:03 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:40 PM

Posted 06 August 2011 - 04:06 PM

Hello,

I have removed the link to the virus sample to protect our membership. Those who work with analyzing such have been given the link.

Do you require assistance in cleaning your computer?

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 yoomanipop12

yoomanipop12
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 07 August 2011 - 06:54 PM

Hi

Thanks for the reply Orange Blossom, Actually I got rid of the virus already, I am just wondering what kind of virus is that because to be honest it is kinda new ( Unlike 2012, malware Protection, XP recovery 2012 ). I was hoping you could analyze it for me and find a best way to remove it. because to be honest, I was just lucky to remove it with process explorer...

Thanks Guys


Yoomanipop12

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:40 PM

Posted 07 August 2011 - 09:09 PM

I'm sorry but we do not discuss that in the general forums. If you are interested in learning more about malware removal and helping other members on this site, please read this: http://www.bleepingcomputer.com/forums/topic86678.html

Given that you don't need assistance with cleaning your computer, I am moving this topic to a different forum.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 AM

Posted 08 August 2011 - 02:36 AM

I suggest you submit your sample to virustotal.com and see how many AV products detect it.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users