What is this virus ? - description inside

redeyedbass

New member
Local time
10:42 AM
Messages
5
Hi all,

A friend handed me a software (legit) under the ISO format.

What I usually do is mount these with Daemon Tools. This works great most of the time.

Except for this one. What happens is that, I start the setup.exe, shortly after, the system shuts down and reboots.

After that, the Windows installation is totally corrupt. I think it messes up the 100mb active partition, also corrupts ci.dll.

The system cannot be repaired at all.

If I restore an image (done with Windows' own image utility), no luck as the image does not have (it seems) the content of this crucial 100mb partition.

So you have to reinstall Windows, which recreates this 100mb part. and THEN restore the image.

Anyways, I tought this was Daemon Tools' SPTD fault as I heard bad things about it. So I uninstalled DT, extracted the ISO instead of mounting it, ran the setup.exe once again, then Action Center said "Windows has detected potentially harmful software" and BOOM reboot and same thing as mentionned above.

So it seems it's a virus, but I'd like to know if someone ever had this one and what is its name ? Malware Bytes did not detect anything and it's usually pretty good...

Thanks!
 

My Computer My Computer

At a glance

Windows 7 Enteprise x64 SP1Intel Q8200Nvidia GTX 260
Computer Manufacturer/Model Number
ASUS
OS
Windows 7 Enteprise x64 SP1
CPU
Intel Q8200
Motherboard
P5Q SE
Graphics Card(s)
Nvidia GTX 260
Nobody can help you unless you tell us what exactly that software is.

BTW, such "legit" software from friends are usually cracked copies of commercial software. Even then, you must have ran the setup.exe despite windows' warning otherwise if you had cancelled you would have been fine.

Please stick to legit software that is either freeware or you have purchased yourself.
 

My Computer My Computer

At a glance

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
Computer Manufacturer/Model Number
Too many to describe...
OS
Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
Hi all,

A friend handed me a software (legit) under the ISO format.

So it seems it's a virus, but I'd like to know if someone ever had this one and what is its name ? Malware Bytes did not detect anything and it's usually pretty good...

Thanks!

Welcome redeyebass to the windows 7 forums.

question. What was the software and how do you know it was legit?

Also, did you make a DVD/CD of the iso and then scan it with malwarebytes?

I don't believe that mwb can scan an .ISO to check for bad guys.

If you make the .iso into a dvd/cd then it can be checked with mwb.

Rich
 

My Computer My Computer

At a glance

Windows 7 Pro x64 SP1Intel Core I716 GigsNVIDIA GeForce GTX 670M
Computer type
Laptop
Computer Manufacturer/Model Number
Toshiba Laptop Qosimo X870
OS
Windows 7 Pro x64 SP1
CPU
Intel Core I7
Motherboard
Toshiba Qosmio
Memory
16 Gigs
Graphics Card(s)
NVIDIA GeForce GTX 670M
Monitor(s) Displays
17.7" laptop
Screen Resolution
1600 x 900
Hard Drives
256 Gig SanDisk SSD for C
256 Gig Intel SSD for D
Internet Speed
50/25 FIOS
Antivirus
Vipre (all you can eat for 10 machines)
Browser
IE and FF
Other Info
I have dos 6.22, wfwg 3.11, win98, 2000 and xp VHD's available for testing. MS's Virtual PC works great.
Guys, I'm not looking for help per se. I fixed the issue already.

I was just curious about the virus name and if anyone ever had it before.

I also had MWB scan the contents of the ISO once it was extracted to a directory.

The virus rebooted the computer before I could even completely read the Action Center's message.
 

My Computer My Computer

At a glance

Windows 7 Enteprise x64 SP1Intel Q8200Nvidia GTX 260
Computer Manufacturer/Model Number
ASUS
OS
Windows 7 Enteprise x64 SP1
CPU
Intel Q8200
Motherboard
P5Q SE
Graphics Card(s)
Nvidia GTX 260
Hi,

There is no way to tell which virus family your are referring to, let alone the name (there are too many variants out there). As Bill suggested, tell us what the program ISO was called, and that could be a clue we need to take a guess.

Regards,
Golden
 

My Computer My Computer

At a glance

Windows 10 Pro x64 ; Xubuntu x64Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz16GB Corsair Vengance DDR3 @ 661 MHz Dual Cha...EVGA NVidia GTX 560 1024MB
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Golden Mk. I.4
OS
Windows 10 Pro x64 ; Xubuntu x64
CPU
Intel i7 860 @ 2.80 GHz O/C'ed to 4.0GHz
Motherboard
Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory
16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card(s)
EVGA NVidia GTX 560 1024MB
Sound Card
Realtek Integrated
Monitor(s) Displays
Dual Samsung SyncMaster 2494HS
Screen Resolution
1920*1080 and 1920*1080
Hard Drives
1*Samsung 840 EVO 120GB SSD;
1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
1*Samsung F1 SpinPoint 1TB;
2*Western Digital 1TB External USB 3.0
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
PSU
Thermaltake ToughPower QFan 750W
Case
Thermaltake Element S VK60001W2Z
Cooling
Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Keyboard
Logitech G110
Mouse
Logitech MX518
Back
Top