/\ _ /\ Hi, How Are You /\ _ /\ A Dangerous Virus! - Computers - Nairaland
Nairaland Forum / Science/Technology / Computers / /\ _ /\ Hi, How Are You /\ _ /\ A Dangerous Virus! (2226 Views)
A Dangerous Malware Known As Ransom32 Discovered - Laptop Owners Beware / Shortcut Virus Removal From Windows 7 PC / "My Removable Device" Shortcut Virus - Help (2) (3) (4)
(1) (Reply)
| /\ _ /\ Hi, How Are You /\ _ /\ A Dangerous Virus! by suprman: 1:47pm On Aug 08, 2008 |
Pls help o. My network is infected by what i think is a virus . eachtime i open a window like My Computer and so on what i see is /\ _ /\ Hi, how are you /\ _ /\. and just yesterday one of my systems loose all user files mysteriously. i scan with my bitdefender antivirus but it sees nothing , what can i do? pls help thnx for ur response |
| Re: /\ _ /\ Hi, How Are You /\ _ /\ A Dangerous Virus! by uspry1(f): 4:15pm On Aug 08, 2008 |
Description of SirCam virus(cause, what it look like, how it attack): I-Worm.Sircam.A is an Internet and network worm similar to I-Worm.Magistr.A. The virus spreads through e-mail using its own SMTP routine, sending itself to addresses from the Address Book and from cache or through the shared directories. It is transmitted through a message with a randomly chosen subject and body, in the form of a combination between the virus infection routine and a file chosen randomly from My Documents. The original name of the file is kept, but an executable extension is added (.pif, .exe, .lnk). Users who do not have the option to see attachment extensions activated, will only see the original extension and can be easily fooled. The body message is as follows: Subject: Document file name (without extension) From: [user_of_infected_machine@prodigy.net.mx] To: [random@email.from.address.book] Hi! How are you? I send you this file in order to have your advice or: I hope you can help me with this file that I send I hope you like the file that I send you This is the file with the information that you ask for See you later! Thanks or, in Spanish: Subject: Document file name (without extension) From: [user_of_infected_machine@prodigy.net.mx] To: [random@email.from.address.book] Hola como estas ? Te mando este archivo para que me des tu punto de vista or: Espero me puedas ayudar con el archivo que te mando Espero te guste este archivo que te mando Este es el archivo con la informacion que me pediste Nos vemos pronto, gracias. If the attachment is opened, the worm copies itself in the system directory under the name scam32.exe. It also copies itself into the directory "Recycled" under the name sirc32.exe, which is a hidden file. Then the virus creates the following three keys in the Windows Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run Services with the value Driver32 = %System%\scam32.exe to be accessed when Windows starts, and: HKLM\SOFTWARE\Classes\exefile\shell\open\command with the value C:\Recycled\sirc32.exe "%1" %*" for the routine infection to be executed before any other EXE file. Therefore, your computer is infected. MY ADVICE TO YOU: never open strange file attachment you never heard. You now learned the lesson! Removal SirCam virus link for BitDefender software(download removal tool): http://www.bitdefender.com/VIRUS-1000000-en--I-Worm.Sircam.html |
(1) (Reply)
Usa Used Hp Probook 440 G1 Intel Core-i5 4th Gen With Intel HD Graphics SOLD / How To Extend The Life Span Of A Laptop LCD Display / Do You Know These Most Useful Computer Hacks?(pictures)
(Go Up)
| Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 14 |