Monday, October 09, 2006

Tintucso virus, removal

Tintukso virus - Very little is known about this virus as of now. It comes to you through Yahoo messenger as a link when one of your friend’s pc gets infected. Once you click the link, it installs itself at attaches itself with the OS to keep you bugging :d It sends the link to all your active contacts once it infects. This was found (on a friend's pc) just today, 09th October 2006.

  • You cannot change your homepage (options for changing homepage are disabled).
  • You cannot launch regedit; PC re-boots as soon as you try to edit registry.

    Virus/trojan not yet explained in detail on the net yet. it sends a message saying test the site and shows up the folowing url
    Please do not launch the above url unless you have a good firewall and antivirus (and enough courage to open it).

    My official PC categorized it as a dating/unwanted site and blocked it. Didnt take a chance on my Home pc.

  • Scan with your antivirus or adware , if it can detect it; chances are that it will also clear it.
  • If above fails, on a windows box, restore your PC to the last known good configuration. here are the detailed steps to restore your operating system on a XP system.

    Update from Symantec as on 12th October 2006
    Symantec Japan has confirmed the virus and documented the details of the virus here

    Thanks Arvind for your valuable feedback on this virus.

    I shall keep updating this post with the new findings on the virus.

    Have a safe computing :)
  • 1 comment:

    sanjaykattimani said...

    Ah the website is blocked by the hosting service provider. Now it shows me the following message..
    403 forbidden
    Server configuration does not allow access to this page. Please go back and try again.