Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

So So Cruel "flashy.exe" Virus


  • Please log in to reply
1 reply to this topic

#1 Real McCoy

Real McCoy

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:06 PM

Posted 20 March 2007 - 09:48 PM

There is a virus called "flashy.exe" spreading in my company .

we can delete it with AVG and bitdefender.

but for the most computers , we installed norton for centralized virus updates.

Norton can't get rid of it.

and all are infected.

that virus is always quick spreading from memory stick.

on the infected memory stick, all real folders are hidden.
it make all read folder to .exe with their respective folder names and all icons are like
normal folder.

and there is another folder named flashy.exe which is the main virus.

whenever we unconsciously doubleclick the memory stick, it starts loading flashy.exe from the root folder of
memory stick(flash drive)

and then it is in the running process on the task manager.
and got into the computer.

destructions on flash drive is all.

since it got into the computer, the first thing it does is removing folder option from Tool menu.
If it becomes worse, it remove or change bultin administrator password.

if much worse, it disable run/regedit and taskmanager.

i am sure it has some strains. sometimes i found with the name flashybot.exe is running in the process.
sometimes flashy.exe.

I still can't get the main source of that virus.
It also wrote in registry. I saw many points for flashy.exe in registry.
but it is not over on the infected machine.
if we restarted PC, it shows again in the registry and Process tab of taskmanager.

what i mean is to remove flashy virus on memory stick is easy.
but to remove flashy permanently from a computer is really out of question now.
because of hidden folder options , lost admin pwd, no task manager, and no regedit.

I really want to get free removal tool to rid of that flashy virus.

i searched all norton, bitdefender, and avg websites.
They still don't offer it.

How can i get my solution?? how can my PC recover from that bleeping flashy virus.??
any body help me??

It is out of question for me to install bitdefender on all over 100 pcs and update definitions daily alone.


help me with removal tool!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

thanks

still nobody can help me!!!!!!!!!!!!!!!!!!!!!!!!!!!!


P.S I HAVE INSTALLED SPYSWEEPER AND NORTON CLIENT SERVER EDITION. BUT THEY DON'T FIND THAT .
SO YESTERDAY I START USING HIJACKTHIS, BUT IT STILL CAN'T.

HOW CAN I???

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:05:06 PM

Posted 21 March 2007 - 08:37 AM

File info

IMPORTANT NOTE: Backdoor Trojans are very dangerous because they provide a means of accessing a computer system that bypasses security mechanisms. Remote attackers use backdoor Trojans as part of an exploit to to gain unauthorized access to a computer and take control of it without your knowledge. If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums. You should consider all your passwords to be compromised. They should be changed by using a different computer and not the infected one. Do not change passwords or do any transactions while using the infected computer because an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breech.

The severity of the infection would justify to have all PC's inspected since this is a backdoor trojan jeopardizing all data on these computers. I couldn't find a one click solution for this. Perhaps anybody else can




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users