|
|
|
|
  |
  Group: Members
Posts: 1,161 Joined: 9-May 05 From: Brisbane, QLD Member No.: 6,818  |
Post
#1
 Jan 1 2006, 08:23 AM
This has blown up big time in the last 3 days: http://www.f-secure.com/weblog/
 
|
|
Group: Members
Posts: 1,203 Joined: 25-March 05 Member No.: 4,883 |
Post
#2
Jan 1 2006, 09:06 AM
Yeap.. This Wmf so far is not patched, and probably impossible to patch. I've read somewhere detailed before.. Here's the link http://www.updatexp.com/wmf-exploit.html
|
|
Group: Members
Posts: 55 Joined: 20-December 05 From: Jakarta - Indonesia Member No.: 15,976 |
Post
#3
Jan 2 2006, 12:36 PM
hmm .. i think i ever find it 1 weeks ago. i think this is normal virus or trojan. but it hard to be cleaned. from this information i know it is wmf exploit. i will to give you solution i ever do if your computer is infected 1.update all of your antivirus definitions 2.try to find ad-aware personal ( www.lavasoft.com ) and update definitions too 1 recomended personal because this is free for private use 3.after you download the definition and the software in your pc ,reboot your pc and start ing it in SAFE MODE 4. run all scan using your anti virus and ad-aware personal ( you can try other spyware remover) after virus found you can remove it. 5. restart your pc after you scan it 6. just waiting for 5 minutes for make your pc clean this is for XP user. you can me other suggestion if you have other best solution ... thank you
|
|
Group: Members
Posts: 1,161 Joined: 9-May 05 From: Brisbane, QLD Member No.: 6,818 |
Post
#4
Jan 2 2006, 10:27 PM
QUOTE(zaqy @ Jan 2 2006, 10:36 PM) i think this is normal virus or trojan. but it hard to be cleaned. No it's not. Did you even read the link? 
|
|
Group: Members
Posts: 710 Joined: 30-October 04 From: Texas Member No.: 2,058 |
Post
#5
Jan 3 2006, 05:01 AM
I've already had an encounter with the .wmf file, it downloaded and installed several spywares and fake anti-virus programs onto my computer. A little pop-up that looked like a windows update button appeared on my task bar, and it said something about my computer being infected, and that it needs to install the newest up-to-date anti malware program. I tried to X it out, but missed, and it installed "SpyAxe 3.0" on my computer.. and I had great difficulty removing it. If you get exploited by the WMF file, I suggest looking at the processes running, and looking for abnormal ones and researching them. If you find them to be spyware, etc, then search google.com for ways to remove them. The process running on my computer was mssearchnet.exe, and I searched and found a way to do it. If you need any help removing your spyware, PM me, or post in this topic for more help  .
|
|
Group: Members
Posts: 20 Joined: 16-November 05 Member No.: 14,379 |
Post
#6
Jan 5 2006, 02:57 AM
I've encountered the .wmf file also. It was downloaded into my temp directory, it managed to open a windows fax viewer window but was blocked at that point by my anti-virus.
|
|
Group: Members
Posts: 1,203 Joined: 25-March 05 Member No.: 4,883 |
Post
#7
Jan 5 2006, 05:10 AM
Some .wmf files indeed contain virus inside their bytecodes. But the exploit in .wmf format is more than just capable of storing viruses inside them. It's an exploit that cannot be fixed. So virus writers now know of this exploit, and certainly uses them to intrude your data. If that's the case, and since this exploit cannot be solved, it will be undetectable by firewalls and antivirus softwares. Probably that ones that you had encountered were indeed natural virus files that were not based on that exploit. It will be even more damaging with its based on the exploit.
|
|
Group: Members
Posts: 1,161 Joined: 9-May 05 From: Brisbane, QLD Member No.: 6,818 |
Post
#8
Jan 5 2006, 08:19 AM
The guy who posted his own patch in the first link I gave has had so much traffic to his site that his ISP shut his site down. 
|
|
Group: Members
Posts: 55 Joined: 20-December 05 From: Jakarta - Indonesia Member No.: 15,976 |
Post
#9
Jan 5 2006, 01:55 PM
QUOTE(Tyssen @ Jan 3 2006, 05:27 AM) No it's not. Did you even read the link? [right][snapback]217695[/snapback][/right] sorry friend i mean at the first sight i think this is only normal spyware.but after 3 days i can't clean that pc .. so i think this is serious ..
|
|
Group: Members
Posts: 109 Joined: 12-September 05 Member No.: 11,785 |
Post
#10
Jan 5 2006, 04:29 PM
How fast can I say (without gleaming to much) Am I glad I have a Mac or what? The number of viruses, sober or drunk, trojan horses and what-nots on a Mac are countable on one hand. Sorry, for all you guys with you lowly PC's... /sarcasm
|
|
Similar Topics
| Topic Title | Replies | Topic Starter | Views | Last Action | |||
|---|---|---|---|---|---|---|---|
 |
4 | bluedragon | 599 | 27th June 2008 - 01:38 PM Last post by: rvalkass |
|||
|
5 | Evil man | 2,151 | 23rd June 2007 - 06:34 PM Last post by: rize619 |
|||
|
7 | jailbox | 650 | 6th September 2004 - 11:53 AM Last post by: synderoxide |
|||
|
2 | dontmaimyourself | 674 | 2nd August 2004 - 08:55 AM Last post by: Spectre |
|||
 |
16 | pr3dr49 | 1,210 | 9th August 2004 - 06:39 PM Last post by: popac |
|||
|
 |
11 | stingray001 | 1,258 | 1st August 2006 - 04:46 PM Last post by: gaggu121 |
||
|
3 | Albus Dumbledore | 387 | 20th May 2007 - 04:46 AM Last post by: jlhaslip |
|||
|
10 | zhangzy | 1,145 | 24th September 2004 - 01:58 PM Last post by: goranche |
|||
|
5 | stevey | 478 | 20th August 2004 - 06:14 PM Last post by: Spectre |
|||
|
14 | Thunder | 1,142 | 24th September 2004 - 01:25 AM Last post by: akz |
|||
|
17 | dundun2007 | 1,604 | 20th October 2004 - 01:50 PM Last post by: jamesdm |
|||
|
8 | tonyused | 664 | 23rd June 2006 - 04:38 PM Last post by: innocent-devil |
|||
|
2 | stevey | 529 | 24th September 2004 - 12:30 AM Last post by: akz |
|||
|
11 | Zenchi | 1,813 | 14th October 2004 - 12:04 PM Last post by: NTNguyen |
|||
|
1 | farh1n | 4,349 | 11th August 2007 - 02:21 PM Last post by: odomike |
|||
