W32.Hunch.C@mm

W32.Hunch.C@mm

W32.Hunch.C@mm нь имэйл ашиглан тархдаг worm бєгєєд Autoexec.bat файлыг єєрчилж
, C:\ дискийг форматлах оролдлого хийдэг. Ингэхдээ C:\_RESTORE фолдерт байгаа
.ocx, .sys, .dll болон санамсаргvй сонгогдсон єргєтгєлтэй бvх файлуудыг устгадаг.


Ижил тєрлийн worm: Bloodhound.W32.VBWORM
Тєрєл: Worm
Илэрсэн он сар єдєр: 2002.4.11
Хор хохирол учруулах зэрэг: 2
Захианы subject: Файлын нэрийг єргєтгєлийг нь хассан байдлаар бичсэн байна.
Vндсэн текст: Tal como te prometi; te envio mi foto en el archivo adjuncto…
Хавсралтын нэр: Файлын нэр
Хавсралтын хэмжээ: 73.728 байт
Хор хохирол:
– Microsoft Outlook -ын address book-д байгаа хаягууд руу имэйл илгээх замаар
тархдаг.
– Autoexec.bat файлыг єєрчилнє.
– C:\ дискийг форматлах оролдлого хийнэ.
– ".XLS" , ".DOC" , ".WAV" , ".DWG" ,
".MP3" , ".BAK" , ".CDX" , ".BMP" , ".HTM"
, ".HLP" , ".CHM" , ".JPG" , ".GIF" ,
".SCR" ,".TTF" , ".MID" ,".MDB" , ".DBF"
, ".ICO" зэрэг єргєтгєлтэй файлуудаас сонгон 5 ширхэг файлыг устгана.

– Системийг бvхэлд нь тогтворгvй болгоно.

W32.Hunch@mm идэвхжиж эхлээд доорх vйлдлvvдийг гvйцэтгэдэг.
1. Microsoft Outlook -ын address book -д байгаа хаягууд руу имэйл илгээнэ.
2. Порно зураг дэлгэцэнд харуулна.
3. C:\_RESTORE фолдерт байгаа .ocx, .sys, .dll єргєтгєлтэй файлуудыг хайж устгана.
.
4. Хатуу дискний доорх фолдеруудад файлуудыг шинээр хуулна.
– C:\Windows\System\Msoffice.Exe
– C:\Windows\System\Thd16.Exe
– C:\Windows\System\<Attachment file name>
5. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run регистрт THD16
C:\Windows\System\Thd16.Exe гэсэн утга нэмж єгнє. Ингэснээр Windows эхлэх тоолонд
уг worm идэвхжиж эхэлнэ.
6. .xls , .doc , .wav , .dwg , .mp3 , .bak , .cdx , .bmp , .htm , .hlp , .chm
, .jpg , .gif , .scr , .ttf , .mid ,.mdb , .dbf , .ico зэрэг єргєтгєлтэй файлуудаас
сонгож устгана.
7. Vvний дараа C:\Autoexec.bat файлд DEL > FORMAT C: /u /v:THD16 /autotest
гэсэн командыг нэмж єгснєєр єєрчилнє.
8. Дараагын удаа компьютераа асаахад таны C:\ дискийг дахин форматласан байна.

Хэрхэн арилгах вэ?
Арилгахын тулд W32.Hunch.C@mm -аар халдварласан файлуудыг устган , регистрт хийсэн
єєрчлєлтийг засварлахаас гадна Autoexec.bat файлыг засварлах хэрэгтэй.
Устгахдаа:
1. Хамгийн сvvлийн vеийн update хийгдсэн вирусын эсрэг программтай эсэхээ шалгах
2. Norton Antivirus-аар системийг бvхэлд нь scan хийж шалгах шаардлагатай.
3. W32.HunchвС@mm -аар халдварлагдсан бvх файлыг устгах хэрэгтэй.
4. Windows Explorer руу орж доорх фолдеруудад байгаа халдварласан файлуудыг устгах
хэрэгтэй.
o C:\Windows\System\Msoffice.Exe
o C:\Windows\System\Thd16.Exe
o C:\Windows\System\ListWin.txt

Regestry-г хэрхэн засварлах вэ?
1. Start цэсний Run ийг эхлvvлнэ.
2. Regedit гэж бичихэд Regestry-г засварлах цонх гарч ирнэ.
3. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run регистр
рvv орж баруун цонхонд байгаа THD16 C:\Windows\System\Thd16.Exe гэсэн утгыг
устгана.
4. Regestry -г дарж Exit гээд дуусгана.

Autoexec.bat файлыг засварлах
1. Start цэсний Run руу орно.
2. edit c:autoexec.bat гэж бичнэ.
3. MS-DOS Editor нээгдэхэд DEL > FORMAT C: /u /v:THD16 /autotest
замыг хайж олон тэмдэглэсний дараа Delete -ыг дарж устгана.
4. File – Save гэж даран Exit гээд дуусгана.

 

{mos_fb_discuss:2} 

Date: September 26th, 2007 | Categories: Вирус | By: | Comments: 3,693

3,693 Responses to W32.Hunch.C@mm

    I’d like to find out more? I’d care to find out some additional information.|

    Hi there, of course this paragraph is truly fastidious and I have learned lot of things from it about blogging. thanks.|

    Spot on with this write-up, I absolutely believe that this website needs much more attention. I’ll probably be back again to read through more, thanks for the info!|

    Excellent post. I was checking constantly this blog and I’m impressed! Extremely helpful info particularly the last part 🙂 I care for such information much. I was seeking this certain info for a long time. Thank you and good luck.

    I want to voice my affection for your kindness in support of persons that actually need help on that idea. Your personal dedication to passing the solution all over was astonishingly informative and has in most cases encouraged girls much like me to get to their objectives. Your amazing valuable facts indicates a whole lot a person like me and additionally to my office workers. Thanks a ton; from each one of us.

    Very nice post. I just stumbled upon your blog and wished to say that I’ve really enjoyed surfing around your blog posts. In any case I’ll be subscribing to your rss feed and I hope you write again soon!|

    Hi! I just wanted to ask if you ever have any problems with hackers? My last blog (wordpress) was hacked and I ended up losing many months of hard work due to no backup. Do you have any methods to protect against hackers?|

    Hey there! I know this is kind of off topic but I was wondering if you knew where I could find a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!|

    Good day! I know this is kind of off topic but I was wondering if you knew where I could find a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having problems finding one? Thanks a lot!|

    I’m amazed, I must say. Rarely do I come across a blog that’s both equally educative and engaging, and let me tell you, you have hit the nail on the head. The issue is an issue that too few people are speaking intelligently about. I am very happy I found this in my search for something regarding this.|

    Hey I am so thrilled I found your website, I really found you by error, while I was researching on Digg for something else, Anyways I am here now and would just like to say cheers for a fantastic post and a all round interesting blog (I also love the theme/design), I don’t have time to look over it all at the minute but I have saved it and also included your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up the great work.|

    Nice weblog here! Also your website so much up very fast! What host are you the usage of? Can I get your affiliate hyperlink on your host? I desire my website loaded up as fast as yours lol|

    Howdy, I think your blog may be having web browser compatibility problems. Whenever I take a look at your blog in Safari, it looks fine but when opening in IE, it has some overlapping issues. I simply wanted to give you a quick heads up! Apart from that, excellent blog!

    I truly appreciate this post. I’ve been looking all over for this! Thank goodness I found it on Bing. You’ve made my day! Thank you again!

    generic viagra without a doctor prescription – http://www.medspublic.com/#

    you’re in reality a excellent webmaster. The website loading speed is amazing. It sort of feels that you’re doing any distinctive trick. Furthermore, The contents are masterwork. you’ve performed a fantastic process on this subject!|

    I am sure this post has touched all the internet visitors, its really really fastidious paragraph on building up new web site.|

    I was very pleased to discover this page. I want to to thank you for your time for this particularly wonderful read!! I definitely loved every bit of it and I have you book marked to check out new stuff in your blog.

    you are really a good webmaster. The website loading velocity is amazing. It sort of feels that you’re doing any distinctive trick. In addition, The contents are masterpiece. you’ve performed a fantastic activity in this subject!|

    I carry on listening to the newscast lecture about getting boundless online grant applications so I have been looking around for the best site to get one. Could you tell me please, where could i find some?

    Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something. I think that you can do with some pics to drive the message home a bit, but instead of that, this is wonderful blog. A fantastic read. I will certainly be back.

    I love it when individuals come together and share opinions. Great blog, continue the good work!|

    Admiring the time and energy you put into your blog and detailed information you offer. It’s awesome to come across a blog every once in a while that isn’t the same outdated rehashed material. Wonderful read! I’ve saved your site and I’m including your RSS feeds to my Google account.|

    Please let me know if you’re looking for a writer for your blog. You have some really good articles and I think I would be a good asset. If you ever want to take some of the load off, I’d absolutely love to write some articles for your blog in exchange for a link back to mine. Please shoot me an e-mail if interested. Regards!|

    First off I would like to say wonderful blog! I had a quick question which I’d like to ask if you don’t mind. I was interested to know how you center yourself and clear your head before writing. I’ve had a difficult time clearing my thoughts in getting my thoughts out there. I truly do enjoy writing however it just seems like the first 10 to 15 minutes tend to be lost just trying to figure out how to begin. Any ideas or hints? Cheers!|

    Sweet blog! I found it while searching on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Many thanks|

    Thanks for ones marvelous posting! I actually enjoyed reading it, you might be a great author. I will ensure that I bookmark your blog and may come back sometime soon. I want to encourage you to continue your great posts, have a nice afternoon!|

    Hello! I’ve been following your website for a long time now and finally got the courage to go ahead and give you a shout out from Lubbock Tx! Just wanted to say keep up the good job!|

    If some one wishes to be updated with newest technologies then he must be pay a quick visit this site and be up to date every day.|

    Hello there I am so happy I found your blog, I really found you by accident, while I was researching on Google for something else, Nonetheless I am here now and would just like to say cheers for a tremendous post and a all round interesting blog (I also love the theme/design), I don’t have time to go through it all at the moment but I have saved it and also added in your RSS feeds, so when I have time I will be back to read a great deal more, Please do keep up the great job.

    Great blog you have here.. It’s hard to find quality writing like yours these days. I truly appreciate people like you! Take care!!

    Hello my friend! I want to say that this post is amazing, great written and come with almost all important infos. I’d like to look extra posts like this .|

    Aw, this was an incredibly good post. Taking the time and actual effort to generate a superb article… but what can I say… I hesitate a whole lot and don’t seem to get anything done.

    Hi there, just became alert to your blog through Google, and found that it’s really informative. I am gonna watch out for brussels. I will be grateful if you continue this in future. Lots of people will be benefited from your writing. Cheers!

    Hi there, I found your web site by the use of Google while searching for a similar subject, your web site got here up, it seems to be great. I’ve bookmarked it in my google bookmarks.

    I appreciate, cause I found exactly what I was looking for. You have ended my four day long hunt! God Bless you man. Have a nice day. Bye

    Greetings from Ohio! I’m bored at work so I decided to check out your website on my iphone during lunch break. I enjoy the info you present here and can’t wait to take a look when I get home. I’m amazed at how quick your blog loaded on my phone .. I’m not even using WIFI, just 3G .. Anyhow, excellent site!

    You’re so awesome! I do not think I have read through anything like this before. So good to discover another person with a few genuine thoughts on this subject. Seriously.. many thanks for starting this up. This website is something that is needed on the internet, someone with a little originality!

    If you are going for best contents like me, only go to see this site everyday since it provides quality contents, thanks|

    Aw, this was an extremely good post. Taking a few minutes and actual effort to produce a top notch articleÖ but what can I sayÖ I procrastinate a lot and don’t manage to get nearly anything done.

    Wow, fantastic blog layout! How long have you been blogging for? you make blogging look easy. The overall look of your site is excellent, as well as the content!|

    It is truly a nice and useful piece of info. I’m glad that you simply shared this useful info with us. Please keep us up to date like this. Thanks for sharing.|

    It’s the best time to make some plans for the future and it’s time to be happy. I’ve read this post and if I could I desire to suggest you few interesting things or suggestions. Perhaps you can write next articles referring to this article. I want to read even more things about it!|

Leave a Reply

Message:*

Name:

Email:

Website: