That new Aquanox WB Skin...

Myros / 1 decade ago (24 March 2007 10:43)

Okay, I download the RAR, double click on the .exe, and Kaspersky hits me with pop-ups like theres no tomorrow. After clicking on the .exe, a file called pw.exe is created in the same folder, and it had the Internet Explorer logo with a red key.. Another form it takes is as a registry file icon. (<< Doesn't look trustworthy, if you ask me...)

Kaspersky says:

"Detected: riskware Private data and passwords access Running process: CGrinocuments and SettingsuserDesktopUnusedpw.exe"

Please investigate the upload immediately, and take the necessary action.

the skin is here:

Post replies:

1 decade ago (24.03.2007 11:03)
Reply by: adni18
It was a virus! It strange though, because the Author of it is trusted member! Sad
1 decade ago (24.03.2007 11:35)
Reply by:
Hats off to Myros for seeing this. This could have been very damaging to peoples computers if this was not found. Thank you Myros!! Happy
1 decade ago (25.03.2007 12:10)
Reply by: Myros
I was recently infected with a worm, and I went through hell to retrieve my PC´s regular performance. I can honestly say I wouldn´t wish it on my worst adversary Fun

I ran a Spyware Doctor scan soon after, and two files that could pass off E-Mail passwords were found. So my suggestion to anyone who has downloaded this file and is reading this: Scan with Spyware Doctor, and change your MSN email password (or any email you logged on to AFTER the infection).

I tried to find a "Report" button, but to no avail. Thank God you guys are active around the message board, though sensitive

@Fjnunes712: Thank you. I have to admit, that skin looked VERY seductive... Happy
1 decade ago (25.03.2007 02:56)
Reply by:
Apparently this member has uploaded another skin today. Now, I use Windowblinds skins. But I cannot in good faith download it until an explanation regarding the other in question is offered. I am forced at this time to exercise common sense cautious behavior.
1 decade ago (25.03.2007 07:30)
Reply by: adni18
Someone from Germany has use Yrgal´s account to send Viruses, we are investigating this case... we are trying to do our best, we are sorry for this Sad
1 decade ago (25.03.2007 10:20)
Reply by:
Thanks for that info Nikos. I hope it gets stopped, that is a real shame. Sad