Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Virus Identification (may be slightly offensive) 1

Status
Not open for further replies.
Guest_imported

Guest_imported

New member
Joined
Jan 1, 1970
Messages
0
I work as a tech in a computer repair shop and the other day someone brought in a laptop infected with quite a nasty virus. We've since formatted the laptop's hard drive, but due to the nature of the virus I know about 5 people who are dying to know what virus it was.

Main symptom - on bootup, before loading the Windows taskbar, the virus popped up an error message that... had something to do with the male anatomy. "Error loading my (lovely expletives which we all laughed at), you must reinstall windows." Afterwards, the computer would freeze. At this point our virus "expert" took over, but I believe the virus also corrupted some files required to be able to write to the A drive of the computer.

I've tried searching for an ID of this virus online, but due to the part of the error message I left out, I get mostly websites that have absolutely nothing to do with computers. ;-) Any help would be appreciated.
 
Sort by date Sort by votes
Would've helped if you have a screenshot of the message then we'd all get a laugh!

Try looking at either McAfee or Symantec's research sites for virus descriptions.

AVChap
 
Upvote 0 Downvote
I may be able to help, but unfortunatly I would have to have the offensive part of the message to search from. otherwise I have no clue. you might post the message but bleep out a couple letters so we know what you mean... FatesWebb

if you do what I suggested it is not my fault...
 
Upvote 0 Downvote
As you wish. ;-) I did put a warning in the subject header, after all.

The full message was "Error loading my c--k in your a--, You must reinstall windows." The techs I work with are pervy, they had some fun with that one... the virus guy really wanted to capture it, too.
 
Upvote 0 Downvote
Joker1602 and Green Joker are the closest viruses I know of, these viruses make weird errors like the one your talking about. although I havent seen that particular one. It may be a new variant of the Joker virus... here is info on Green Joker for instance.


Green Joker Corporate User : Low
Home User : Low

Virus Information
Discovery Date: 06/01/1992
Origin: Unknown
Length: 743 Bytes
Type: Virus
SubType: File Infector
Minimum DAT:
Release Date: 4002
12/02/1998
Minimum Engine: N/A
Description Added: 06/15/1992
Description Modified: 06/15/1992 12:00 AM (PT)

Virus Characteristics:
Green Joker is file infecting virus. It does not become memory resident. It infects .COM files, including COMMAND.COM.
Each time a file infected with the Green Joker virus is executed, this virus infects all of the .COM files in the current directory.

Additional Comments:
The Green Joker, or Green, virus was submitted in June, 1992. Its origin or point of isolation is unknown. Green Joker is a non- resident, direct action infector of .COM programs, including COMMAND.COM. It may be related to the Ash virus. When a program infected with the Green Joker virus is executed, this virus will infect all of the .COM programs located in the current directory. If COMMAND.COM is located in this directory, it will become infected. Programs infected with the Green Joker virus will have a file length increase of 743 bytes with the virus being located at the end of the file. The program's date and time in the DOS disk directory listing will have been updated to the current system date and time when infection occurred. The Green Joker virus will usually display a message on the system display when an infected program is executed. Occassionally, the message will be accompanied by beeping on the system speaker. The messages which may be displayed by the virus are: "Fail on INT 24" "Impotence error reading user's dick Abort, Retry, Ignore, Fail?" "Program too big to fit in memory" "JOKER!" "Cannot load COMMAND, system halted" The above message text strings can be found within the viral code in infected programs, along with the following two additional text strings: "*.COM" "Joker!" Green Joker doesn't do anything besides display its messages and replicate.

Symptoms
The Green Joker virus usually displays a message on the system display when an infected file is executed. Occasionally, the message is accompanied by beeping on the system speaker. The messages which may be displayed by the virus are:
"Fail on INT 24"

"Impotence error reading user's dick Abort, Retry, Ignore, Fail?"

"Program too big to fit in memory"

"JOKER!"

"Cannot load COMMAND, system halted"

The above message text strings are found within the viral code in infected files, along with the following two additional text strings:

"*.COM"
"Joker!"

Files infected with the Green Joker virus have a file length increase of 743 bytes. The virus is located at the end of the file. The file's date and time in the DOS disk directory listing are updated to the current system date and time of infection.

Method Of Infection
The only way to infect a computer with a file infecting virus is to execute an infected file on the computer. The infected file may come from a multitude of sources including: floppy diskettes, downloads through an online service, network, etc. Once the infected file is executed, the virus may activate.

Removal Instructions
All Users:
Script,Batch,Macro and non memory-resident:
Use current engine and DAT files for detection and removal.
PE,Trojan,Internet Worm and memory resident:
Use specified engine and DAT files for detection. To remove, boot to MS-DOS mode or use a boot diskette and use the command line scanner:


SCANPM /ADL /CLEAN /ALL
Additional Windows ME/XP removal considerations

AVERT Recommended Updates:

* Office2000 Updates

* Malformed Word Document Could Enable Macro to Run Automatically (Information/Patch)

* scriptlet.typelib/Eyedog vulnerability patch

* Outlook as an email attachment security update

* Exchange 5.5 post SP3 Information Store Patch 5.5.2652.42 - this patch corrects detection issues with GroupShield

For a list of attachments blocked by the Outlook patch and a general FAQ, visit this link.
Additionally, Network Administrators can configure this update using an available tool - visit this link for more information.

It is very common for macro viruses to disable options within Office applications for example in Word, the macro protection warning commonly is disabled. After cleaning macro viruses, ensure that your previously set options are again enabled.

Aliases
Name
Green
FatesWebb

if you do what I suggested it is not my fault...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question Question
Avast Anti-Virus is.. a virus?!
Replies
5
Views
862
Oorde
Oorde
2ffat
  • Locked
  • News News
MalwareBytes may have been hacked
Replies
0
Views
465
2ffat
2ffat
andyv2011
  • Locked
  • Question Question
Looking at Virus Actions
Replies
0
Views
356
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question Question
Virus / Malware Scans on Local PCs
Replies
5
Views
644
goombawaho
goombawaho
kharrison70
  • Locked
  • Question Question
Meskisift Visaal Studie Virus?
Replies
6
Views
632
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top