VIRUSUL SAPTAMANII
0' fill='%23FBBC05' d='M0 37V11l17 13z'/%3e%3cpath clip-path='url(%23b)' fill='%23EA4335' d='M0 11l17 13 7-6.1L48 14V0H0z'/%3e%3cpath clip-path='url(%23b)' fill='%2334A853' d='M0 37l30-23 7.9 1L48 0v48H0z'/%3e%3cpath clip-path='url(%23b)' fill='%234285F4' d='M48 48L17 24l-4-3 35-10z'/%3e%3c/svg%3e){kind=small}
Adaugă-ne ca sursă preferată în Google
' inkscape:export-filename='C:%5cUsers%5cGioSal%5cDesktop%5cGoogle Discover (truT) 326.png' inkscape:export-xdpi='195.8' inkscape:export-ydpi='195.8'%3e %3cdefs id='defs14' /%3e %3csodipodi:namedview pagecolor='white' bordercolor='%23666666' borderopacity='1' objecttolerance='10' gridtolerance='10' guidetolerance='10' inkscape:pageopacity='0' inkscape:pageshadow='2' inkscape:window-width='1920' inkscape:window-height='1057' id='namedview12' showgrid='false' inkscape:zoom='3.280264' inkscape:cx='10.573959' inkscape:cy='124.53611' inkscape:window-x='-8' inkscape:window-y='-8' inkscape:window-maximized='1' inkscape:current-layer='svg10' fit-margin-top='0' fit-margin-left='0' fit-margin-right='0' fit-margin-bottom='0' /%3e %3cmetadata id='metadata2'%3eCreated by potrace 1.15%2c written by Peter Selinger 2001-2017%3crdf:RDF%3e %3ccc:Work rdf:about=''%3e %3cdc:format%3eimage/svg%2bxml%3c/dc:format%3e %3cdc:type rdf:resource='http://purl.org/dc/dcmitype/StillImage' /%3e %3cdc:title%3e%3c/dc:title%3e %3c/cc:Work%3e%3c/rdf:RDF%3e%3c/metadata%3e %3cpath style='fill:%23fbbc01%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.1' inkscape:connector-curvature='0' id='path6' d='m 17.485799%2c17.161672 -7.199999%2c7.3 12.699999%2c12.7 12.8%2c12.8 h -17.8 H 0 v 10 10 h 17.985799 17.8 l 7.2%2c-7.2 7.3%2c-7.2 v -10.1 -10 l -12.8%2c-12.8 -12.7%2c-12.7000001 z' sodipodi:nodetypes='ccccccccccccccccc' /%3e %3cpath style='fill:%23eb4435%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.09999999' inkscape:connector-curvature='0' id='path6-5' d='m 50.05716%2c27.699999 -0.01515%2c27.760627 2.815154%2c-2.760627 c 2.777219%2c-2.723427 2.9%2c-2.7 17.2%2c-2.7 h 14.499999 l 12.7%2c-12.7 L 110.05716%2c24.5 l -7.2%2c-7.2 -7.299997%2c-7.3000001 -12.7%2c12.6999991 -12.799999%2c12.8 v -17.8 V 0 h -10 -10 z' sodipodi:nodetypes='ccsscccccccccccc' /%3e %3cpath style='fill:%234886f4%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.10002016' inkscape:connector-curvature='0' id='path6-2' d='m 52.636899%2c52.666772 c -1.087936%2c1.139283 -3.026919%2c2.966444 -3.435046%2c4.11722 -0.379981%2c1.071417 0.733956%2c1.44349 0.733956%2c3.08278 v 4.5 l 22.709161%2c22.699999 22.809202%2c22.799989 7.202908%2c-7.2 7.30294%2c-7.299989 -12.705122%2c-12.7 -12.805166%2c-12.799999 h 17.807188 17.70714 v -10 -10 H 87.651024 55.337988 Z' sodipodi:nodetypes='csscccccccccccccc' /%3e %3cpath style='fill:%2338a752%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.10003133' inkscape:connector-curvature='0' id='path6-7' d='m 29.872141%2c75.638078 -19.799999%2c19.812414 7.2%2c7.304568 7.3%2c7.20452 12.699999%2c-12.707959 12.8%2c-12.808026 v 17.811155 17.7111 h 10 10 V 102.15469 84.443595 l -10%2c-10.006268 c -9.2%2c-9.105706 -9.778745%2c-10.287283 -10.078745%2c-14.28979 l 0.04861%2c-4.686911 z' sodipodi:nodetypes='cccccccccccccccc' /%3e%3c/svg%3e){kind=small}
Urmărește-ne pe Discover
W32/Bagle.aj!proxy Virusul acestei saptamani este o noua varianta a virusului W32/Bagle si are 5,924 biti (FSG arhivat) 33,298 biti (nearhivat). Ca si majoritatea predecesorilor sai, el nu ataca
W32/Bagle.aj!proxy
Virusul acestei saptamani este o noua varianta a virusului W32/Bagle si are 5,924 biti (FSG arhivat) 33,298 biti (nearhivat). Ca si majoritatea predecesorilor sai, el nu ataca direct, ci actioneaza ca un troian pe masina victima. El se instaleaza ca WINdirect.exe (5,924 biti) in directorul Windows System. Urmatoarea cheie este adaugata in registirii pentru a se incarca la pornirea computerului: HKEY_LOCAL_MACHINE\Software\
Microsoft\Windows\CurrentVersion\Run\ "win_upd.exe" = %SysDir%\WINdirect.exe.
O cerere HTTP este trimisa catre mai multe servere pentru a notifica haker-ul de instalarea sa. In continuare, un port este deschis pentru accesul de la distanta. De asemenea, sunt oprite mai multe procese, in special cele ale antivirusilor.
Spre exemplu, se constata deschiderea portului TCP 1056 fara nici un motiv aparent si oprirea din functionare a unor procese cum ar fi: firewall; atupdater; winxp; sys_xp; sysxp; autoupdate; drwebupw; autodown; nupgrade; outpost; icssuppnt; icsupp95; escanh95; escanhnt; atupdater; aupdate; autotrace; avxquar; avpupd; avxquar; avwupd32; cfiaudit; luall; update; nupgrade; mcupdate.
Se încarcă comentariile...
