W32.Hunch@mm

W32.Hunch@mm

W32.Hunch@mm нь том хэмжээний имэйл хэлбэрээр илгээгддэг worm бєгєєд Autoexec.bat
файлыг єєрчилж , C:\ дискийг форматлах оролдлого хийдэг. Ингэхдээ C:\_RESTORE
фолдерт байгаа .ocx, .sys, .dll болон санамсаргvй сонгогдсон єргєтгєлтэй бvх
файлуудыг устгадаг.

Тєрєл: Worm
Илэрсэн он сар єдєр: 2001.1.30
Хор хохирол учруулах зэрэг: 2
Захианы subject: Файлын нэр хассан єргєтгєлтэй байдаг.
Хавсралтын нэр: Файлын нэр
Хавсралтын хэмжээ: 151.552 байт
Хор хохирол:
1. Том хэмжээний имэйл хэлбэрээр илгээгддэг.
2. Autoexec.bat файлыг єєрчилнє.
3. C:\ дискийг форматлах оролдлого хийнэ.
4. ".XLS" , ".DOC" , ".WAV" , ".DWG"
, ".MP3" , ".BAK" , ".CDX" , ".BMP"
, ".HTM" , ".HLP" , ".CHM" , ".JPG"
, ".GIF" , ".SCR" ,".TTF" , ".MID" ,".MDB"
, ".DBF" , ".ICO" зэрэг єргєтгєлтэй файлуудаас сонгон 5
ширхэг файлыг устгана.
5. Системийг бvхэлд нь тогтворгvй болгоно.

W32.Hunch@mm идэвхжиж эхлээд доорх vйлдлvvдийг гvйцэтгэдэг.
1. Microsoft Outlook -ын address book -д байгаа хаягуудад доорх захиаг явуулна.
Subject: <Файлын нэрээс хамаарна. >
Їндсэн текст: Mensaje importante para <Явуулагчын нэр > en el archivo
adjunto…
Хавсралт: <Файлын нэрээс хамаарна >

2. Дараах зургыг дэлгэцэнд харуулна.
3. C:\_RESTORE фолдерт байгаа .ocx, .sys, .dll єргєтгєлтэй файлуудыг хайна.

4. Хатуу дискний доорх фолдеруудад шинээр файлуудыг хуулна.
– C:\Windows\System\Msword.Exe
– C:\Windows\System\Thwin.Exe
– C:\Windows\System\<Файлын нэр >
5. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices гэсэн
регистрvvдэд
THWIN C:\Windows\System\Thwin.Exe гэсэн утгыг нэмж єгнє. Ингэснээр Windows эхлэх
тоолонд идэвхжиж эхэлнэ.
6. .xls , .doc , .wav , .dwg , .mp3 , .bak , .cdx , .bmp , .htm , .hlp , .chm
, .jpg , .gif , .scr , .ttf , .mid ,.mdb , .dbf , .ico зэрэг єргєтгєлтэй файлаас
сонгон устгана.
7. Устгасан файлуудаа C:\Windows\System\ListWin.txt. фолдерт журнал файл болгон
хадгална.
8. Їvнй дараа C:\Autoexec.bat файлыг DEL > FORMAT C: /u /v:UNSCH /autotest
командыг нэмж єгснєєр єєрчилнє.
9. Дараагын удаа компьютераа асаахад таны C:\ дискийг дахин форматласан байна.

Хэрхэн арилгах вэ?
Арилгахын тулд W32.Hunch@mm -аар халдварласан файлыг устган , регистрт хийсэн
єєрчлєлтийг засварлахаас гадна Autoexec.bat файлыг засварлах хэрэгтэй.

Устгахдаа:

1. Хамгийн сvvлийн vеийн update хийгдсэн вирусын эсрэг программтай эсэхээ шалгах
2. Norton Antivirus-аар системийг бvхэлд нь scan хийж шалгах шаардлагатай.
3. W32.Hunch@mm -аар – аар халдварлагдсан бvх файлыг устгах хэрэгтэй.
4. Windows Explorer руу орж доорх фолдеруудад байгаа халдварласан файлуудыг
устгах хэрэгтэй.
– C:\Windows\System\Msword.Exe
– C:\Windows\System\Thwin.Exe
– C:\Windows\System\ListWin.txt

Regestry-г хэрхэн засварлах вэ?

1. Start цэсний Run ийг эхлvvлнэ.
2. Regedit гэж бичихэд Regestry-г засварлах цонх гарч ирнэ.
3. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices гэсэн
регистр рvv орж баруун цонхонд байгаа THWIN C:\Windows\System\Thwin.Exe гэсэн
утгыг устгана.
4. Regestry -г дарж Exit гээд дуусгана.

Autoexec.bat файлыг засварлах

1. Start цэсний Run руу орно.
2. edit c:autoexec.bat гэж бичнэ.
3. MS-DOS Editor нээгдэхэд DEL > FORMAT C: /u /v:UNSCH /autotestм замыг хайж
олон тэмдэглэнэ.
4. File – Save гэж даран Exit гээд дуусгана.

 

{mos_fb_discuss:2} 

Date: September 26th, 2007 | Categories: Вирус | By: | Comments: 5,816

5,816 Responses to W32.Hunch@mm

    You made some clear points there. I looked on the internet for the subject and found most individuals will go along with with your blog.

    whoah this weblog is excellent i really like reading your posts. Keep up the great paintings! You realize, many persons are hunting around for this information, you could help them greatly.

    Good day! This post could not be written any better! Reading through this post reminds me of my old room mate! He always kept talking about this. I will forward this article to him. Fairly certain he will have a good read. Thank you for sharing!|

    I’m still learning from you, while I’m improving myself. I certainly liked reading all that is posted on your site.Keep the posts coming. I enjoyed it!

    you are in point of fact a just right webmaster. The website loading speed is incredible. It seems that you’re doing any unique trick. Also, The contents are masterpiece. you’ve performed a fantastic process in this topic!

    Can I just say what a comfort to uncover an individual who really knows what they are talking about on the net. You definitely know how to bring an issue to light and make it important. A lot more people have to read this and understand this side of the story. I can’t believe you are not more popular because you certainly possess the gift.

    I’m impressed, I have to admit. Seldom do I encounter a blog that’s both equally educative and entertaining, and without a doubt, you’ve hit the nail on the head. The issue is an issue that not enough people are speaking intelligently about. Now i’m very happy I came across this in my search for something relating to this.

    Hello! I know this is somewhat off topic but I was wondering which blog platform are you using for this site? I’m getting tired of WordPress because I’ve had issues with hackers and I’m looking at options for another platform. I would be fantastic if you could point me in the direction of a good platform.|

    very easy to understand explanation. fits me perfectly. from now on I will be your fan

    hello!,I love your writing so much! share we communicate extra approximately your post on AOL? I require a specialist on this area to resolve my problem. May be that is you! Taking a look forward to look you.

    ivermectin 3 mg for humans http://ivermectinovercounter.com/# ivermectina uso umano prezzo

    Hello, Neat post. There is an issue with your web site in web explorer, may test this… IE still is the marketplace chief and a big section of people will miss your fantastic writing due to this problem.

    Do you mind if I quote a few of your articles as long as I provide credit and sources back to your website? My website is in the exact same area of interest as yours and my visitors would really benefit from some of the information you provide here. Please let me know if this ok with you. Appreciate it!|

    I think the admin of this site is genuinely working hard in support of his site, for the reason that here every information is quality based information.|

    I am not sure where you are getting your information, but good topic. I needs to spend some time learning more or understanding more. Thanks for wonderful info I was looking for this information for my mission.|

    Very quickly this web page will be famous among all blog people, due to it’s nice content|

    No matter if some one searches for his vital thing, thus he/she desires to be available that in detail, therefore that thing is maintained over here.|

    Wow that was unusual. I just wrote an extremely long comment but after I clicked submit my comment didn’t appear. Grrrr… well I’m not writing all that over again. Regardless, just wanted to say fantastic blog!|

    I need to to thank you for this great read!! I certainly enjoyed every little bit of it. I have you bookmarked to check out new things you post…

    My developer is trying to persuade me to move to .net from PHP. I have always disliked the idea because of the expenses. But he’s tryiong none the less. I’ve been using WordPress on several websites for about a year and am worried about switching to another platform. I have heard good things about blogengine.net. Is there a way I can transfer all my wordpress content into it? Any kind of help would be greatly appreciated!|

    Great weblog here! Also your web site a lot up fast! What host are you using? Can I am getting your associate hyperlink on your host? I wish my site loaded up as fast as yours lol|

    When I initially commented I seem to have clicked the -Notify me when new comments are added- checkbox and from now on each time a comment is added I get 4 emails with the exact same comment. There has to be a means you can remove me from that service? Appreciate it!

    Can you tell us more about this? I’d like to find out more details.|

    Unquestionably believe that which you stated. Your favourite justification appeared to be at the net the simplest factor to bear in mind of. I say to you, I definitely get irked at the same time as other people consider concerns that they just don’t know about. You managed to hit the nail upon the highest as neatly as defined out the entire thing with no need side effect , other folks can take a signal. Will probably be again to get more. Thanks|

    I am regular visitor, how are you everybody? This article posted at this web site is truly pleasant.|

    I don’t know whether it’s just me or if everybody else encountering issues with your website. It seems like some of the text in your content are running off the screen. Can someone else please comment and let me know if this is happening to them too? This could be a problem with my browser because I’ve had this happen before. Thanks|

    Hello! I just wanted to ask if you ever have any issues with hackers? My last blog (wordpress) was hacked and I ended up losing months of hard work due to no data backup. Do you have any methods to prevent hackers?|

    Hi! I know this is kind of off-topic however I had to ask. Does operating a well-established blog like yours take a massive amount work? I am brand new to writing a blog but I do write in my diary on a daily basis. I’d like to start a blog so I can share my experience and thoughts online. Please let me know if you have any kind of ideas or tips for new aspiring bloggers. Appreciate it!|

    With havin so much content do you ever run into any problems of plagorism or copyright violation? My blog has a lot of unique content I’ve either authored myself or outsourced but it seems a lot of it is popping it up all over the internet without my agreement. Do you know any methods to help protect against content from being stolen? I’d genuinely appreciate it.|

    Outstanding post but I was wanting to know if you could write a litte more on this subject? I’d be very thankful if you could elaborate a little bit more. Cheers!

    Saved as a favorite, I really like your web site!

    Asking questions are in fact fastidious thing if you are not understanding something totally, except this article presents good understanding yet.|

    Hi there to every body, it’s my first visit of this web site; this webpage includes amazing and really good data in favor of readers.|

    Having read this I thought it was very enlightening. I appreciate you finding the time and effort to put this informative article together. I once again find myself personally spending a significant amount of time both reading and posting comments. But so what, it was still worth it!

    Hello, i think that i noticed you visited my blog thus i came to go back the favor?.I am trying to find things to improve my website!I assume its adequate to use some of your ideas!!|

    Aw, this was an exceptionally good post. Spending some time and actual effort to create a very good articleÖ but what can I sayÖ I put things off a whole lot and never seem to get nearly anything done.

    I blog quite often and I truly appreciate your content. This great article has truly peaked my interest. I am going to bookmark your site and keep checking for new details about once per week. I opted in for your Feed as well.

    There’s definately a lot to learn about this topic. I like all the points you’ve made.

    This is my first time go to see at here and i am truly pleassant to read everthing at alone place.|

    When I initially commented I seem to have clicked the -Notify me when new comments are added- checkbox and now every time a comment is added I get 4 emails with the exact same comment. There has to be a way you can remove me from that service? Kudos!

    My developer is trying to convince me to move to .net from PHP. I have always disliked the idea because of the costs. But he’s tryiong none the less. I’ve been using Movable-type on various websites for about a year and am anxious about switching to another platform. I have heard good things about blogengine.net. Is there a way I can import all my wordpress content into it? Any help would be really appreciated!|

    Having read this I thought it was extremely enlightening. I appreciate you finding the time and energy to put this article together. I once again find myself spending way too much time both reading and posting comments. But so what, it was still worth it!

    Its like you learn my thoughts! You appear to know a lot approximately this, such as you wrote the e book in it or something. I feel that you simply can do with some to pressure the message home a bit, but instead of that, this is magnificent blog. An excellent read. I’ll certainly be back.|

    Hi there! I simply want to offer you a huge thumbs up for the excellent info you’ve got here on this post. I’ll be coming back to your web site for more soon.|

    Hi, just wanted to mention, I enjoyed this blog post. It was funny. Keep on posting!|

    If some one needs to be updated with latest technologies after that he must be visit this website and be up to date all the time.|

    This web site truly has all the information and facts I wanted concerning this subject and didn’t know who to ask. |

    I read this piece of writing fully on the topic of the comparison of most recent and previous technologies, it’s awesome article.|

Leave a Reply

Message:*

Name:

Email:

Website: