da_vinci_cod
2007-12-19, 12:42
ok if noone knows about this, heres what happens
on windows live messenger, someone with a computer affected by this thing will randomly send out messages with file transfer requests.
the name of the request is usually
image-xxxx.zip
where xxxx are some random digits
and inside the zip is:
image xxxx yyyy@zzzz.com
the first xxxx are digits, the yyyy@zzzz is an email address.
as you can see, the .com is fairly obvious, but i wasnt the one who opened this.
now it generates a random process, and my strain (i've heard of other reports of this) generates a process with a a seemingly random name: oudrfhgajzfe.exe.
it then makes you send out file transfer request to your contacts, and my strain does it invisibly.
i need help removing this, i have no idea how to.
I have the file which was downloaded ready to send if anyone needs it
i can supply hjt logs
and redirect me to the correct place if necessary
thanks, da_vinci_cod
on windows live messenger, someone with a computer affected by this thing will randomly send out messages with file transfer requests.
the name of the request is usually
image-xxxx.zip
where xxxx are some random digits
and inside the zip is:
image xxxx yyyy@zzzz.com
the first xxxx are digits, the yyyy@zzzz is an email address.
as you can see, the .com is fairly obvious, but i wasnt the one who opened this.
now it generates a random process, and my strain (i've heard of other reports of this) generates a process with a a seemingly random name: oudrfhgajzfe.exe.
it then makes you send out file transfer request to your contacts, and my strain does it invisibly.
i need help removing this, i have no idea how to.
I have the file which was downloaded ready to send if anyone needs it
i can supply hjt logs
and redirect me to the correct place if necessary
thanks, da_vinci_cod