Hmm hafta ask about this...

my pal was having trouble playing online games like Operation Flashpoint, etc with me.. I always host and he always has good ping with me.. maybe 200ms at the most... Anyway he kept the same ping but it started acting like he had 800ms... took forever to load in, unimaginable lag....

so i had him use "housecall" and he said it came up clean....

I had him check "system information" and he had 74% system resources free, but with 4 reboots he went between 11% free to 80%...

Here's the kicker... his hard drive turned into an office word file... *??? *

I didnt see it but he said after hitting "my computer" then his "c drive" icon had become a word icon and file and he couldn't get in..

the word file that was where his hard drive used to be was named "hahahahahahaha"

So.. uh.. any idea what this is? trojan, virus, worm.. names.. anything??

Your buddy has something like this....It is valentines day and looks like he does not have much protection or an up to date virus program.


Edds.A was a virus in 1998 which did this...


The main replication and payload are triggered by most of the macros listed above. The virus may save infected DOC files to drives P, R, or , S. The names of these infected DOC files can be:
porno.doc
sex.doc
readme!.doc


The virus also displays a MessageBox on February 14th which states I Hope You Got Your Girlfriend Something Nice!. There is also a [1]-in-[100] chance that the virus displays a MessageBox which states Your Computer Has The Edds Head Virus. The virus also may change the Harddrive icon using a procedure similar to the one found in Disco.A. The virus may also try to save a file C:\WINDOWS\START MENU\ PROGRAMS\STARTUP\MSFILE.BAT.

Here was the warnings...
http://www.dslreports.com/forum/remark,2476970~root=security,1~mode=flat


Suggest he get moving to fix it....there is a hahahahha message one which eats the drive out there lately..forgot the name but it is defined and came be stopped.

ps. wish they would fix that url thing here..I do not like playing with extra buttons!!!!!!

hmm well the valentine's one doesnt sound like what he had.. he has had some of this trouble off and on for a while... but I forgot to say that he reformatted his hard drive when he found the "hahahahaha" icon and couldn't use his hard drive. That should mean he is safe now... yes? I mean so long as he takes some better precautions now...

{QUOTE-> ... but I forgot to say that he reformatted his hard drive when he found the "hahahahaha" icon and couldn't use his hard drive. That should mean he is safe now... yes? I mean so long as he takes some better precautions now... <-QUOTE}

Detox,

Most probably: yes. *If the symptoms described are no longer, *the (unknown) malware did not affect the MBR and has no payload, *he's clean now - that's somethin different than safe. *Safe computing in combo with the needed basic security software installed, updating, are needed to be safe indeed.

regards.

paul

hehe gotcha paul, I just didn't word that right :-D I'm geting him to get some better software, or so I hope... I mean I use all free stuff and have never gotten anything other than that joke virus... Prolly cause I'm so paranoid and never look at any of the forwards people send me every day hehe

Detox,

Seems to me you are a good friend *;D

regards.

paul