Thats right people. Logie has one :mad:

Ok. One day I turned on my PC to only find that out the pics and mp3s that I saved stoped working? "Funny" I thought to myself. as the days go on. I save stuff only to find out they stoped working to? "Hrm....." I bloody thought to myself. "I need to see what the hell is going on" so I clicked on one of the pics and hit "edit" and notepad came up. Let me show you what was on the top of that notepad.

"rem ================================================== =============================================
rem "Plan Colombia" virus v1.0
rem by Sand Ja9e Gr0w (www.colombia.com)

rem Dedicated to all the people that want to be hackers or crackers, in Colombia
rem This program is also a protest act against the violence and corruption that Colombia lives...
rem I always wanting that all this finishes, I have said...


rem Santa fe de Bogotá 2000/09
rem I dedicate to all you the song "GoodBye" of Andreas Bochelli
rem ================================================== ===============================================


rem Thanks God..!
rem A greeting for "Lina María" from "Santa fe de Bogotá"
rem A greeting for "Tizo" from "Spain"
rem And One kicked of tail to my friends, "eL ChE" and "ThE SpY"

rem okay, ok...
rem my baby start here..."

I now hate Colombia :mad: Also, I have no bloody idea how to get it off :cry: Can anyone help me? :cry:

A complete reformat?

Don't know how too......I don't think so anyways? :cry:

As far as I can remember, restart in Dos, and type in c:/format.

You could do worse than look in the PC forum, though. There's a reformatting thread there.:rolleyes:

Does anybody not know how to right click on your HD by double clicking my computer and then pressing format?:rolleyes: :rolleyes: :rolleyes:

An example:

http://www.ps2replay.com/format.gif

:rolleyes: :rolleyes: :rolleyes:

Surely that would not work unless you had more than one hard drive.

Attempting to delete files that are in use, such as video and audio drivers, dll's etc. would result in a Access Denied/File In Use error, surely?

Just use a boot disk, makes the whole thing a lot less painful. Not that its remotley painful, as long as you make sure you backed up your files, and have your Windows CD Key handy!

Originally posted by Phoenix
Does anybody not know how to right click on your HD by double clicking my computer and then pressing format?:rolleyes: :rolleyes: :rolleyes:

Wouldn't let me do it :cry: Said it couldn't coz it contains files in use by windows? What do I do now :cry:

You blokes off your head !! Dont tell anyone to format when its obvious they dont know what they are doing :mad:

Logie ...get yourself a virus checker and let that clean up your comp and whatever you do dont format if your not sure how to re set-up your comp ....

My brother took a printer off the system once, and he deleted somethng windows needed - now every time I start up there is an error message asking me to check my file.

Do not format stuff if you don't know what it is.

What file is it paul ? if you can find it elsewhere just replace it to the location that windows is looking for it ...

Logan - go to an anti-virus company's web site and download a free trial to clear this up. It may be too late if the virus has corrupted the registry though.

Good advice - DON'T TRY TO REFORMAT unless you know exactly what you're doing. It isn't as simple to get things going again as people like to make out.

Sounds like you may have to get someone to do it for you though.

Finally, what was the file extension that was infected? And can you send the complete code you saw in notepad? (I'm serious!)

I'm no expert in virus code, but we may be able to see what it's been up to.

Go on logan,just do it.:D:D:D:D

Originally posted by Logan


Wouldn't let me do it :cry: Said it couldn't coz it contains files in use by windows? What do I do now :cry:

I WAS RIGHT! MY PREDICTION WAS RIGHT! I AM A GENIOUS! A GENIOUS I TELLS YA!

*At this point, XBD fell onto the floor shaking, overcome by his own greatness*

Go on logan,chicken?:D:D:D:D

go to MS DOS prompt logan, type format c: and then hit "Y" :jestera:

:jestera: :jestera:
:rolleyes:

I don't get it
:head: :(

Here is what I have discovered about the virus you have:

I-Worm.Plan

--------------------------------------------------------------------------------
This is a variant of the "LoveLetter" Internet worm. It spreads in the same way as the "LoveLetter" worm.
The worm uses different variants of message subject and body. They may be empty or contain the texts:

Subject:

US PRESIDENT AND FBI SECRETS =PLEASE VISIT => (http://WWW.2600.COM)<=

Message:
VERY JOKE..! SEE PRESIDENT AND FBI TOP SECRET PICTURES..

The subject and message body may be also randomly generated, the result looks as follows: "JUIEDO", "TIPOWU", "RESEAU", "HIKOGU", e.t.c.
The attached file name is also randomly constructed (in the same way as above) and has one of the following extensions:

".GIF.vbs"
".BMP.vbs"
".JPG.vbs"

When activated the worm installs itself in the system. It copies itself to the Windows directory using the filename "\reload.vbs", to the Windows system direcory twice using the name "\LINUX32.vbs" and a random constructed name, and registers the first two files in the system registry's auto-run section.
The worm also drops a HTML file with the name "US-PRESIDENT-AND-FBI-SECRETS.HTM", but does not use it in any way.

The worm then connects to MS Outlook and spreads to all addresses listed in the address book. It then affects files on all drives, the list of affected extensions looks as follows:

VBS VBE JS JSE CSS WSH SCT HTA JPG JPEG MP3 MP2

The worm also downloads files from a Web site:
http://members.fortunecity.com/plancolombia/macromedia32.zip
http://members.fortunecity.com/plancolombia/linux321.zip
http://members.fortunecity.com/plancolombia/linux322.zip

The first file is just plain text, the two other files are pictures in BMP format:

http://www.avp.ch/avpve/worms/plan2.gif
http://www.avp.ch/avpve/worms/plan1.gif


It then moves these files into the Windows directory with the names:

macromedia32.zip -> important_note.txt
linux321.zip -> logos.sys
linux322.zip -> logow.sys

and replaces two standard Windows logos as a result.
The worm has a payload routine that is activated on September 17th. That routine unmaps all network drives and displays the message:

Dedicated to my best brother=>Christiam Julian(C.J.G.S.)
Att. [random] (M.H.M. TEAM)

where "random" is five letters random word.
The worm also contains comments in its body:


================================================== =============================================
"Plan Colombia" virus v1.0
by Sand Ja9e Gr0w (www.colombia.com)

Dedicated to all the people that want to be hackers or crackers, in Colombia
This program is also a protest act against the violence and corruption that Colombia lives...
I always wanting that all this finishes, I have said...


Santa fe de Bogotá 2000/09
I dedicate to all you the song "GoodBye" of Andreas Bochelli
================================================== ===============================================


Thanks God..!
A greeting for "Lina María" from "Santa fe de Bogotá"
A greeting for "Tizo" from "Spain"
And One kicked of tail to my friends, "eL ChE" and "ThE SpY"