Question

Locked

Got a really cool virus, need a VHD resizer

By Slayer_ ·
Seriously.
Ill state my question first, need a tool to shrink a VHD, anyone got one? I found one online but it required .net2 and the only system that has .net2 is the VM in question.

Anyways, coolest virus I have seen so far.
It somehow, created a folder called
C:\WINDOWS\system32\system
In there it put a lot of application files, including ini's, dll's. heck, even bot logs.
The log it reads shows it trying to connect to a website.

Closing Server Connection: Connection reset by peer
** 2009-11-19-20:09:49: Attempting Connection to fackerx.3utilities.com:6667 (direct)
** 2009-11-19-20:09:49: WARNING: fork(): Permission denied
** 2009-11-19-20:10:02: WARNING: System Time Changed Forward or Mainloop Skipped 0m 13s!!

** 2009-11-19-20:10:02: Attempting Connection to fackerx.3utilities.com:6667 (direct)
** 2009-11-19-20:10:02:


Now, sadly Avira has already gone at this virus with a fricken bazooka and deleted 74! files from this directory. But when I got home (Never leave DMZ on lol) it had up a message asking to copy a thumbs.db file. And I noticed it was MOVING my downloaded movies to that folder on the VHD. not copying, moving. I suspect this virus would have made more sense if it was on a host machine. But it was moving these files from the host to the virtual world. And herein lies my problem, it moved 34 gigs of files from my host to the VHD. Which of course, made the VHD 34 gigs larger. I have since moved the videos back to their right spot, but the VHD size remains . Anyone know any good tools?

I do have .net1.1 installed, so if the tool uses that, then I'm ok with it.

I only ask this here cause.. Windows programs are so... viral... you just never know, so recommendations would be nice, or trusted download sites.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

update

by Slayer_ In reply to Got a really cool virus, ...

In addition to disabling windows firewall service (pretty weak thing lol) and it actually created a lot of system processes. Made it hard to delete that folder cause the DLL's were locked. Nothing excessive task manager killing and "shutdown -a" with a touch of "rmdir" couldn't solve (accidentally killed the RPC service, which screwed up Explorer functions).
It's so fun curing viruses on a VM you don't care about. As an extra precaution, I changed the permissions on my folder to not have "Delete" so it can't move it again. Too bad I cannot block a specific computer access to my shares .

Collapse -

Can't find any

by .Martin. In reply to Got a really cool virus, ...

that don't need .net 2.0 ,

good luck with it though

Collapse -

Hmmm

by Slayer_ In reply to Can't find any

Is there one for Mint? Maybe I could command mint to shrink one on a network drive, without copying to itself first (Thus bloating another virtual drive)

Collapse -

Still need one {nt}

by Slayer_ In reply to Got a really cool virus, ...
Collapse -
by 1bn0 In reply to Got a really cool virus, ...

First hit:

http://www.dabcc.com/article.aspx?id=6784

How To Shrink A Virtual PC Virtual Hard Disk

Apparently you have to "zero" the empty space first. Don't know, didn't read any further.

Practical application is left to the requester.

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums