w32.weird virus...pomoc!!

w32.weird virus...pomoc!!

offline
  • Pridružio: 11 Maj 2003
  • Poruke: 131

dobio sam prvi put virus...zove se w32.weird.....o njemu neznam nista(t.j o virusima samo sam po nesto neki put citao...),neznam ni kako da ga otklonim.....uvek sam isao od toga...ma, gde ce to mene.....



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • Pridružio: 17 Apr 2003
  • Poruke: 488
  • Gde živiš: Niš

Win32.Weird



It is not a dangerous memory resident parasitic Win32 virus. It writes itself to the end of PE EXE files (Windows executable) by increasing last file section and modifying PE header fields. The virus copy in infected files consists of two parts. First part (starter) is a short routine (about one kilobyte of code and data), the second part is the main virus code (about 10Kb of size) encrypted with silly encryption loop.

When the infected file is executed, the starter takes control, decrypts the second part of virus code, drops it to Windows directory as a PE EXE file with random name and executes it. The main virus instance stays memory resident as a hidden Windows application, runs a low priority thread that periodically scans drives' directory trees, looks for PE EXE files and infects them.

The virus also affects the EXPLORER.EXE file. It copies it with the EXPLORER.E name, infects this copy and writes the [rename] instruction to the WININIT.INI file to replace original EXPLORER.EXE with infected copy on next Windows startup.

The virus has a backdoor ability. When it is active as a Windows application it opens Internet connection and waits for specific calls from there. The virus has a lite list of supported commands comparing to other known backdoors, but it allows to upload, download, execute and delete files on the infected machine from remote host.

---

O svim virusima mozes se informisati ovde:
http://www.viruslist.com/eng/viruslist.asp

A to da "nece to tebe"... izvini ali vrlo naivno i nesmotreno, da ne upotrebim tezu rec! Kao da setas po kisi i mislis da nece valjda da te pogodi neka kapljica...



offline
  • Peca  Male
  • Glavni Administrator
  • Predrag Damnjanović
  • SysAdmin i programer
  • Pridružio: 17 Apr 2003
  • Poruke: 23072
  • Gde živiš: Niš

moj drug iz beograda je napisao taj virus pre 3 godine Smile
to je nas, srpski, virus Smile
no, on vise ne pise viruse...

p.s. virus sam po sebi nije opasan, ali ako si na net-u neko moze da ti svrlja po disku...
neko ko skenira cele opsege provajdera Smile

offline
  • Pridružio: 11 Maj 2003
  • Poruke: 131

posto nisam bas neki poznavalac kompjutera....(sluzi mi samo da bi bio u toku sta se desava u yu i tako to...),kako da se oslobodim te napasti.....
ozbiljno mislim.....

offline
  • Pridružio: 17 Apr 2003
  • Poruke: 488
  • Gde živiš: Niš

Pa jesmo li mi neozbiljni?
Covece, azuriraj svoj AV program i proskeniraj ceo hard disk.

offline
  • Zoran Bujandric
  • Programer
  • Pridružio: 18 Apr 2003
  • Poruke: 152
  • Gde živiš: Podgorica

securityresponse.symantec.com/avcenter/venc/data/w32.weird.html

offline
  • Pridružio: 26 Apr 2003
  • Poruke: 1947
  • Gde živiš: Srbija

Uvek imaj neki antivirus na makini, updatuj svakih nedelju dve i bices uvek happy Smile

offline
  • Pridružio: 10 Maj 2003
  • Poruke: 266
  • Gde živiš: bg

Citat:Uvek imaj neki antivirus na makini, updatuj svakih nedelju dve i bices uvek happy

A jel to moze da se primeni i u nekoj drugoj sferi zivota ? Laughing

Ko je trenutno na forumu
 

Ukupno su 1067 korisnika na forumu :: 28 registrovanih, 4 sakrivenih i 1035 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: axa, blue2, CheefCoach, Djokkinen, Eyes Wide Shut, FOX2, Gama, goxin, havoc995, ILGromovnik, ivan979, ivica976, krkalon, Kubovac, MarKhan, Mercury, mgaji21, MIg2, Mixelotti, nenadovic.ivan, pedja.st, S-lash, sakota79, saputnik plavetnila, Shomy2, smilicstefan, vobo, voja64