Jump to content
xisto Community
Tyssen

Serious Wmf Windows Exploit No-one is safe right now

Recommended Posts

hmm .. i think i ever find it 1 weeks ago. i think this is normal virus or trojan. but it hard to be cleaned.from this information i know it is wmf exploit.i will to give you solution i ever do if your computer is infected1.update all of your antivirus definitions2.try to find ad-aware personal ( http://www.lavasoft.com/ ) and update definitions too 1 recomended personal because this is free for private use3.after you download the definition and the software in your pc ,reboot your pc and start ing it in SAFE MODE4. run all scan using your anti virus and ad-aware personal ( you can try other spyware remover) after virus found you can remove it.5. restart your pc after you scan it6. just waiting for 5 minutes for make your pc cleanthis is for XP user.you can me other suggestion if you have other best solution ...thank you

Share this post


Link to post
Share on other sites

I've already had an encounter with the .wmf file, it downloaded and installed several spywares and fake anti-virus programs onto my computer. A little pop-up that looked like a windows update button appeared on my task bar, and it said something about my computer being infected, and that it needs to install the newest up-to-date anti malware program. I tried to X it out, but missed, and it installed "SpyAxe 3.0" on my computer.. and I had great difficulty removing it. If you get exploited by the WMF file, I suggest looking at the processes running, and looking for abnormal ones and researching them. If you find them to be spyware, etc, then search google.com for ways to remove them.The process running on my computer was mssearchnet.exe, and I searched and found a way to do it. If you need any help removing your spyware, PM me, or post in this topic for more help :D.

Share this post


Link to post
Share on other sites

Some .wmf files indeed contain virus inside their bytecodes. But the exploit in .wmf format is more than just capable of storing viruses inside them. It's an exploit that cannot be fixed. So virus writers now know of this exploit, and certainly uses them to intrude your data. If that's the case, and since this exploit cannot be solved, it will be undetectable by firewalls and antivirus softwares. Probably that ones that you had encountered were indeed natural virus files that were not based on that exploit. It will be even more damaging with its based on the exploit.

Share this post


Link to post
Share on other sites

No it's not. Did you even read the link?  :)

217695[/snapback]


sorry friend i mean at the first sight i think this is only normal spyware.but after 3 days i can't clean that pc .. so i think this is serious .. :P

Share this post


Link to post
Share on other sites

How fast can I say (without gleaming to much)Am I glad I have a Mac or what? The number of viruses, sober or drunk, trojan horses and what-nots on a Mac are countable on one hand.Sorry, for all you guys with you lowly PC's.../sarcasm

Share this post


Link to post
Share on other sites

i believe vulnerable versions of windows for this wmf bug only include ME, 2000, XP and Server 2003. btw, does microsoft still support win98/98se? don't they have a timetable where they will cease supporting these win versions and below?

Share this post


Link to post
Share on other sites

According to Microsoft, Win98/Win98SE does not have the same problem so there will be no patch for it.Microsoft still offers some support for Win98SE on a paid basis. Hotfixes and patches are no longer available as of June 2003. Self-help support is still available for Win98SE on the Microsoft website until June 30, 2007.Critical security updates for Win98SE are available until June 30/06 from the Windows Update site.

Share this post


Link to post
Share on other sites

thanks moogie. :)

 

and to see how serious this is, read this: even LINUX/BSD is vulnerable! :P that is for people running WINE, etc. on their boxes.

http://www.zdnet.com/article/linuxbsd-still-exposed-to-wmf-exploit-through-wine/

 

All applications launched inside Wine, Cedega, or Cross-Over Office are technically still exploitable. Wine runs on most x86 platforms, including Linux and the various BSDs.

Share this post


Link to post
Share on other sites

my friend had experienced this. i removed it using antispyware. he said that he went on a porn site and probably some pic on it was downloaded on the computer. he had one of those fake errors but when he clicked on the box, he said that his desktop appearance changed, giving him a link to a site where u can find antispyware apps (sites that gave u more spyware). he also said that when he opened IE, there was an error message saying that he was infected and that somebody was trying to gain access to his computer. if you find any of these signs, you are infected! but there is a security patch now, thank god for that.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.