W32/Mydoom.s@MM
0' fill='%23FBBC05' d='M0 37V11l17 13z'/%3e%3cpath clip-path='url(%23b)' fill='%23EA4335' d='M0 11l17 13 7-6.1L48 14V0H0z'/%3e%3cpath clip-path='url(%23b)' fill='%2334A853' d='M0 37l30-23 7.9 1L48 0v48H0z'/%3e%3cpath clip-path='url(%23b)' fill='%234285F4' d='M48 48L17 24l-4-3 35-10z'/%3e%3c/svg%3e){kind=small}
Adaugă-ne ca sursă preferată în Google
' inkscape:export-filename='C:%5cUsers%5cGioSal%5cDesktop%5cGoogle Discover (truT) 326.png' inkscape:export-xdpi='195.8' inkscape:export-ydpi='195.8'%3e %3cdefs id='defs14' /%3e %3csodipodi:namedview pagecolor='white' bordercolor='%23666666' borderopacity='1' objecttolerance='10' gridtolerance='10' guidetolerance='10' inkscape:pageopacity='0' inkscape:pageshadow='2' inkscape:window-width='1920' inkscape:window-height='1057' id='namedview12' showgrid='false' inkscape:zoom='3.280264' inkscape:cx='10.573959' inkscape:cy='124.53611' inkscape:window-x='-8' inkscape:window-y='-8' inkscape:window-maximized='1' inkscape:current-layer='svg10' fit-margin-top='0' fit-margin-left='0' fit-margin-right='0' fit-margin-bottom='0' /%3e %3cmetadata id='metadata2'%3eCreated by potrace 1.15%2c written by Peter Selinger 2001-2017%3crdf:RDF%3e %3ccc:Work rdf:about=''%3e %3cdc:format%3eimage/svg%2bxml%3c/dc:format%3e %3cdc:type rdf:resource='http://purl.org/dc/dcmitype/StillImage' /%3e %3cdc:title%3e%3c/dc:title%3e %3c/cc:Work%3e%3c/rdf:RDF%3e%3c/metadata%3e %3cpath style='fill:%23fbbc01%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.1' inkscape:connector-curvature='0' id='path6' d='m 17.485799%2c17.161672 -7.199999%2c7.3 12.699999%2c12.7 12.8%2c12.8 h -17.8 H 0 v 10 10 h 17.985799 17.8 l 7.2%2c-7.2 7.3%2c-7.2 v -10.1 -10 l -12.8%2c-12.8 -12.7%2c-12.7000001 z' sodipodi:nodetypes='ccccccccccccccccc' /%3e %3cpath style='fill:%23eb4435%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.09999999' inkscape:connector-curvature='0' id='path6-5' d='m 50.05716%2c27.699999 -0.01515%2c27.760627 2.815154%2c-2.760627 c 2.777219%2c-2.723427 2.9%2c-2.7 17.2%2c-2.7 h 14.499999 l 12.7%2c-12.7 L 110.05716%2c24.5 l -7.2%2c-7.2 -7.299997%2c-7.3000001 -12.7%2c12.6999991 -12.799999%2c12.8 v -17.8 V 0 h -10 -10 z' sodipodi:nodetypes='ccsscccccccccccc' /%3e %3cpath style='fill:%234886f4%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.10002016' inkscape:connector-curvature='0' id='path6-2' d='m 52.636899%2c52.666772 c -1.087936%2c1.139283 -3.026919%2c2.966444 -3.435046%2c4.11722 -0.379981%2c1.071417 0.733956%2c1.44349 0.733956%2c3.08278 v 4.5 l 22.709161%2c22.699999 22.809202%2c22.799989 7.202908%2c-7.2 7.30294%2c-7.299989 -12.705122%2c-12.7 -12.805166%2c-12.799999 h 17.807188 17.70714 v -10 -10 H 87.651024 55.337988 Z' sodipodi:nodetypes='csscccccccccccccc' /%3e %3cpath style='fill:%2338a752%3bfill-opacity:1%3bstroke:none%3bstroke-width:0.10003133' inkscape:connector-curvature='0' id='path6-7' d='m 29.872141%2c75.638078 -19.799999%2c19.812414 7.2%2c7.304568 7.3%2c7.20452 12.699999%2c-12.707959 12.8%2c-12.808026 v 17.811155 17.7111 h 10 10 V 102.15469 84.443595 l -10%2c-10.006268 c -9.2%2c-9.105706 -9.778745%2c-10.287283 -10.078745%2c-14.28979 l 0.04861%2c-4.686911 z' sodipodi:nodetypes='cccccccccccccccc' /%3e%3c/svg%3e){kind=small}
Urmărește-ne pe Discover
Virusul acestei saptamani este un troian ce soseste pe e-mail si are o dimensiune de 27,136 biti. Virusul soseste printr-un e-mail cu urmatoarele caracteristici: Subiect: photos Corpul mesajului:
Virusul acestei saptamani este un troian ce soseste pe e-mail si are o dimensiune de 27,136 biti. Virusul soseste printr-un e-mail cu urmatoarele caracteristici: Subiect: photos Corpul mesajului: LOL!)))) Atasament: photos_arc.exe Cand atasamentul ruleaza, virusul este copiat in directorul Windows sub numele de rasor38a.dll si in directorul System din Windows ca winpsd.exe. Dupa aceea modifica registrii prin adaugarea urmatoarelor chei cu scopul de a porni automat la urmatorul start al computerului: HKEY_CURRENT_USER\Software\ Microsoft\Windows\CurrentVersion\ Explorer\ComDlg32; HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\ Explorer\ComDlg32 si HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\Run "winpsd"=C:\WINDOWS\System32\ winpsd.exe. Virusul descarca componenta de backdoor de pe doua site-uri www.richcolour.com si zenandjuice .com. Aceasta componenta este detectata sub numele de BackDoor-CHR. Virusul pentru a putea infecta un computer trebuie pornit manual din fisierul atasat. Odata instalat va cauta adrese de e-mail din fisierele cu urmatoarele extensii: .adb; .asp; .dbx; .htm; .php; .pl; .sht; .tbb; .txt; .wab. Adresele astfel obtinute vor fi tintele atacurilor ulterioare ale virusului. Pentru a scapa de acest parazit va trebui sa reporniti computerul in Safe Mode, sa stergeti fisierul winpsd.exe din directorul System sau System32. Ulterior va trebui sa stergeti cheile adaugate de virus in registrii cu utilitarul regedit. Daca ati facut aceste operatiuni puteti reporni computerul si gata. Este intotdeauna preferabil sa aveti un antivirus performant, actualizat. Eliminarea manuala a virusilor este recomandata doar celor ce au cunostinte in domeniu.
Se încarcă comentariile...
