Email worm win32 sober.q
Prikazujem rezultate 1 do 3 od 3

Tema: Email worm win32 sober.q

  1. #1
    Početnik
    Učlanjen
    25.06.2005.
    Poruke
    1
    Reputaciona moć
    0

    Podrazumevano Email worm win32 sober.q

    Gde se moze naci antivirus za sober q.? Negde je selektovan kao trojan ascetic.c.



  2. #2
    Zainteresovan član
    Učlanjen
    02.10.2004.
    Poruke
    267
    Reputaciona moć
    51

    Podrazumevano

    AVG je objavio uzbunu na ovaj worm... Inace ima sredstvo za ubijanje istog: http://free.grisoft.com/doc/2/lng/us/tpl/v5

  3. #3
    Zainteresovan član
    Učlanjen
    02.10.2004.
    Poruke
    267
    Reputaciona moć
    51

    Podrazumevano

    ako neces da stavis AVg onda prati ova uputstva:
    his worm sends spammed messages from infected computer.

    Installation:
    When the worm is launched it creates \Help Directory in %WINDIR%\Help\ Directory and copies itself into files with services.exe, smss.exe and csrss.exe names. It also creates several helpfiles in the same folder. Virus registers services.exe file in HKLM\Software\Microsoft\Windows\CurrentVersion\Run as SystemBoot and in HKCU\Software\Microsoft\Windows\CurrentVersion\Run as _SystemBoot in Windows Registry.


    Virus also creates Spammer.ReadMe text-file in %WINDIR%\system32\ directory which contains following text:
    http://i-newswire.com/pr19707.html
    http://www.ebcvg.com/press.php?id=965


    Ich bin immer noch kein Spammer!
    Aber sollte vielleicht einer werden


    In diesem Sinne


    Spreading: e-mail
    Worm sends spammed messages to e-mail addresses that are taken from files with pmr, phtm, stm, slk, inbox, imb, csv, bak, imh, xhtml, imm, imh, cms, nws, vcf, ctl, dhtm, cgi, pp, ppt, msg, jsp, oft, vbs, uin, ldb, abc, pst, cfg, mdw, mbx, mdx, mda, adp, nab, fdb, vap, dsp, ade, sln, dsw, mde, frm, bas, adr, cls, ini, ldif, log, mdb, xml, wsh, tbb, abx, abd, adb, pl, rtf, mmf, doc, ods, nch, xls, nsf, txt, wab, eml, hlp, mht, nfo, php, asp, shtml and dbx extension.

    Messages are randomly generated from large amount of texts inside virus body and have two possible language variants - English and German.


    Removing:
    Removing is based on deleting files on which AVG reports I-Worm/Sober virus and in this case removing the reference to these files from the registry. Deleting of the files (either manually or by AVG) will have to be done after booting the Windows in the DOS mode (Windows 9x) or Safe Mode (Windows NT/2000/XP)

Slične teme

  1. Earth Worm Jim
    Autor Boki u forumu Video igre
    Odgovora: 12
    Poslednja poruka: 25.03.2009., 21:59
  2. Email-Worm.Win32.banwarum.f
    Autor Mr X u forumu Sigurnost i zaštita
    Odgovora: 3
    Poslednja poruka: 08.10.2006., 11:55
  3. Problem sa win32/netsky.z.worm
    Autor zorba2907 u forumu Sigurnost i zaštita
    Odgovora: 3
    Poslednja poruka: 27.04.2005., 13:59
  4. Worm.Win32.Lovesan
    Autor Sekspir... u forumu Sigurnost i zaštita
    Odgovora: 2
    Poslednja poruka: 18.01.2004., 01:15
  5. Worm.Win32.Welchila
    Autor gogischa u forumu Sigurnost i zaštita
    Odgovora: 2
    Poslednja poruka: 28.10.2003., 06:54

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •