Today I was kind of doing some house keeping job on my computer.
To my supprise, when I went to My Computer -> System Properties,
I was looking at a picture of Bart Simpson and some weird info
like this:
Manufactured and supported by:
SPAC
thespacdude@yahoo.com
and when I clicked on Support Information, it shows:
SPAC
ERROR: Water detected in the BIOS.
Something wonderful has happened,
your computer is alive......
I googled it, I also tried McFee, Symantec, MS AntiSpyware, Adware, SpyBot, F-Secure, etc.
But none would detect any virus or trojans in my computer.
There're 2 strange behavior on my computer recently.
1. At Windows Startup, it plays some weird sound... you hear someone laughing.
2. It changed my OEM information, so I saw "Manufactured and supported by: SPAC"
After about 3 hours of digging thru my registry and system files, I found it.
The file is c:\windows\mssreprc.exe
also it creates a registry key
Name:SpAcDaemon Value: C:\WINDOWS\mssreprc.exe
under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
It changed my C:\WINDOWS\system32\OEMINFO.INI to the following:
[general]
Manufacturer=SPAC
Model=thespacdude@yahoo.com
[Support Information]
Line1= ERROR: Water detected in the BIOS.
Line2=
Line3= Something wonderful has happened,
Line4= your computer is alive......
and created a Bart Simpson Logo as a bmp file
C:\WINDOWS\system32\Oemlogo.bmp
Subscribe to:
Post Comments (Atom)
3 comments:
I had exactly the same things happening plus Cannabis leaf on System Props, all of which have now disappeared. They didn't cause any other malfunction etc., and were in fact quite amusing.
I can not thank you enough, even now, it's the 3rd of februari 2006 goddamn it!!!, I had it on my comp..
That silly nerd from the UK even got into a computer located in Holland!!
no fucking anti-virus or anti-spam program found it, but now I finally solved it, thanks to you, m8!!!
Yo, the SpAcDaemon is harmless. How do I know? Well I wrote it. Firstly SpAcDaemon is NOT a Virus/Worm/Spyware etc, i.e. it's not infectious. Now I suppose you are all wondering how that got on your computer(s). Before I answer that, I'll explain how this come about. Nearly 2 years ago my very inquisitive nephew wanted to know how computer viruses work so I wrote this demo. I embedded SpAcDaemon in a couple cracks I found on the net and I shared them in WinMX for a couple days and during that time only a couple people download these trojan embedded cracks. Today I was blown away when I found your site and upon googling I found stacks of forums where people were discussing this. What a shocker cause till today I forgot all about my SpAcDaemon. Just goes to show the amount of pirates there are out there.
Now getting back to the question of how that got on your computer(s). Well I'm not going to call anyone a pirate here, need I say more...
Btw, sorry if I caused any anxieties as that was never my intentions...
Oh and congrats for figuring out how to get rid of it :)
Post a Comment