Black Pegasus Virus

Discussion in 'malware problems & news' started by fallen_angel08, May 8, 2008.

Thread Status:
Not open for further replies.
  1. fallen_angel08

    fallen_angel08 Registered Member

    Joined:
    Apr 29, 2008
    Posts:
    6
    how can i heal a virus named black pegasus.. This virus contains svchost.exe, transmit.exe, isetup.exe, autorun.inf, diffuse.dat, p3g4sus.dat.

    FIRST RUN NG VIRUS:
    * Disable Windows Safe Mode (to prevent the user from using safe mode because p3g4sus.dat cant run on safe mode)
    * Hide Virus From Task List (so that p3g4sus.dat cant be seen on task manager)

    REGISTRY MANIPULATION:
    * Disable FIND feature in Microsoft Windows
    * Disable RUN feature in Microsoft Windows
    * Hide File Extension Of Know Windows Files
    * Hide Hidden Files
    * Disable Removable Autorun
    * Replace Registered Owner
    * Replace Registered Organization
     
  2. techie007

    techie007 Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    125
    Location:
    Ontario, Canada
    if it's XP or Vista here's a few things you can try:

    System restore

    Remote System Restore via Ultimate Boot CD 4 Win tools

    Manual System Restore via XP command console

    uBCD4Win or command console, or similar, find and kill .DAT file and other suspects.

    If you disable it enough it should give you plenty of time to find and clean other changes it may have made.

    One of, or a combination of these works for most (all?) viruses. :)
     
  3. fallen_angel08

    fallen_angel08 Registered Member

    Joined:
    Apr 29, 2008
    Posts:
    6
    ok.. i'll try them.. i'll inform you about it.. thanks..
     
  4. fallen_angel08

    fallen_angel08 Registered Member

    Joined:
    Apr 29, 2008
    Posts:
    6
    is there any anti virus that can heal it?
     
  5. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    If you have it.. it would be great if you could upload a sample at Eset Support for their analisis, maybe they can add detection and provide feedback on how to ger rid of it.
     
  6. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Let's continue in your ongoing thread concerning this matter and not start duplicate threads for assistance Please.

    continue here---> Black Pegasus

    Bubba
     
Loading...
Thread Status:
Not open for further replies.