Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety •
Dziwy plik wirusowy - Wersja do druku

+- Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety • (https://windows7forum.pl)
+-- Dział: Pomoc i wsparcie, Windows 7 (/pomoc-i-wsparcie-windows-7-26-f)
+--- Dział: Bezpieczeństwo Windows 7 (/bezpieczenstwo-windows-7-15-f)
+--- Wątek: Dziwy plik wirusowy (/dziwy-plik-wirusowy-11231-t)



Dziwy plik wirusowy - Dominiczeq - 10.11.2010 18:55

Witam.
Otóż niechcąco usunąłem Firefoxa, ponieważ przeglądałem "Odinstaluj lub zmień programy" i usuwałem zbędne... zobaczyłem że są dwa firefoxy, więc usunąłem ten starszy i usunęły mi się dwa *_*. Użyłem opcji "Przywracanie systemu". Nie przywróciło mi FF, tylko samą ikonkę. Wchodzę tak sobie do folderu mozilla firefox a tu patrze że jest plik tekstowy o nazwie "wirus". Nie wiem czy on wcześniej był czy nie... W każdym bądź razie usunąłem go ale mam jego zawartość (w gg, bo do koleżanki wysłałem żeby spytać się co to jest) *_*.
Oto treść:
Kod:
Trojan mcepg.dll Trojan.BAT.DelAll.b This Trojan is a BAT file.  It is 21 bytes in size.
Trojan wtv2dvrms.dll Trojan-SMS.SymbOS.Viver.a This Trojan program is designed to run on smartphones running Symbian.  The Trojan is a SIS installation archive.  The Trojan has no self replication routine.  Trojan-SMS.SymbOS.Viver.a actually covers two variants of this malicious program. The first is an archive called RulesViver.sis. It is 42,...
Malware authz.dll Virus.DOS.ProtoVirus.720.a These are not dangerous memory resident parasitic viruses. They hook INT 21h and write themselves to the end of .COM files that are executed. The viruses contain the text string:   ** ProtoVirus v1.0 by Chr'92 **  and check it while installing into the system memory. If that string is altered, the...
Adware bootres.dll Virus.DOS.Muny.364 These are dangerous memory resident encrypted parasitic viruses. They hook INT 21h and write themselves to the end of COM files that are executed. Muny.969 After infecting 33 files the virus displays a message in Russian, then creates a new file with the name of currently executed file and...
Malware certprop.dll Virus.DOS.PM.733 It is a harmless memory resident stealth parasitic virus. It hooks INT 21h and writes itself to the end of .COM files that are executed or closed. When an infected file is opened, the virus disinfects it. The virus contains the ID-strings:   PM
Malware csrss.exe Virus.DOS.Silver.2071 There are dangerous nonmemory resident viruses. They overwrite all .COM and .EXE files of the current directory. They contain lot of decrypted text strings and display some of them. Silver.2071 It contains the text strings:   Copyright(C) 1992 by CU, Boulder Colorado. Program too big to fit in...
Malware dispdiag.exe Virus.DOS.SPE.CyberWarrior.5300.a It is a very dangerous memory resident polymorphic and stealth parasitic virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed, opened, closed or accessed with Get/Set File Attribute DOS call. Depending on its counter the virus erases the MBR of the hard drive...
Malware eappprxy.dll Virus.DOS.Croatia_II.560 It is a very dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. The virus deletes the CHKLIST.MS file, if it exists. On February 12th it erases the hard drive sectors and displays the message:   Croatia must be free ! (c) 1995 by...
Adware fdWSD.dll Virus.DOS.VLAD.Systa.231 It is a harmless non memory-resident parasitic virus. It searches for SYS files, then writes itself to the end of the file. The virus contains the text strings:   SySta by Qark/VLAD *.sys
Trojan htui.dll Trojan.Win32.LipGame.i This Trojan is a Windows PE EXE file written in C++ and packed using UPX. The file is 23552 bytes in size, and the unpacked file is 56832 bytes in size.  The program is represented by a transparent icon, and it is therefore difficult to see it in some file managers.  This Trojan is almost identical...
Worm ieapfltr.dll Net-Worm.Win32.CodeGreen.a This is an Internet worm that targets Web sites by infecting Internet Information Servers (ISS). The worm completes the method of spreading from one Web site to other Web sites by sending and executing its code on remote machines in a similar way to the "CodeRed" IIS worm.  This worm, like the...
Backdoor KBDFC.DLL Backdoor.WinCE.Brador.a Brador.a is a backdoor (a utility allowing for remote administration of the infected machine) for PocketPC based on Windows CE and newer version of Windows Mobile.    It is written in ASM for ARM-processors and is 5632 bytes in size.  After Brador is launched it creates an svchost.exe file in the...
Trojan KBDTAT.DLL Trojan.Win32.KillAV.gj This Trojan is a Windows PE EXE file 61440 bytes in size.   Once launched, the Trojan causes the following message to be displayed:     It then creates a file called Update.bat in the C:  root directory:   C: \Update.bat  The Trojan terminates any processes it finds with the names listed below: ...
Trojan ksetup.exe Trojan.Win32.KillFiles.lm This Trojan has a malicious payload.  It is a Windows PE EXE file.  The file is 368 128 bytes in size. áàéò. It is not packed in any way.  It is written in Borland Delphi.
Worm moricons.dll Net-Worm.Win32.Zorin.a This worm infects computers running Windows, and spreads via open network resources. Once installed, the worm infects .exe files on the victim computer.  The worm itself is a Windows PE EXE file, and is approximately 82KB in size.  Installation  Once launched, the worm copies itself to the Windows...
Spyware MSMPEG2ENC.DLL Trojan-PSW.Win32.Coced This Trojan is one of a family of Trojans which steals user passwords.  It is designed to steal confidential data.  It is a Windows PE EXE file.  The file is 9,728 bytes in size. It is written in Visual C++.
Backdoor NAPSTAT.EXE Backdoor.Win32.AckCmd This Troajn program can be used for remote administration of the victim machine. It has both a client and a server component.  The server component is written in Microsoft Visual C++. It is 28672 bytes in size, and is not packed in any way. The client component is also written in Microsoft Visual...
Rogue NlsData0022.dll Virus.DOS.Holms.6161 It is not a dangerous memory resident parasitic polymorphic virus. It hooks INT 8, 1Ch, 21h, 28h and writes itself to the end of COM and EXE files (except COMMAND.COM) that are executed or opened. On INT 8 and INT 28h calls depending on its counters and system conditions, the virus searches for the...
Dialer NlsLexicons0022.dll Exploit.HTML.Ascii.p This exploit uses a vulnerability in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HTML page.  It is 1872 bytes in size. It is not packed in any way.
Backdoor nvsvcr.dll Backdoor.Win32.Delf.duc This malicious program is a Trojan.  It is a Windows PE EXE file.  It is 447488 bytes in size.
Spyware PerfCenterCPL.dll Trojan-PSW.Win32.Coced This Trojan is one of a family of Trojans which steals user passwords.  It is designed to steal confidential data.  It is a Windows PE EXE file.  The file is 9,728 bytes in size. It is written in Visual C++.
Spyware rdpclip.exe Trojan-PSW.Win32.Lmir.a This Trojan is designed to steal confidential data.  It is a Windows PE EXE file.  The size of infected files may vary from 147KB to 171KB. It is packed using AsPack.  It is written in Delphi.  Installation  Once launched, the Trojan copies itself to the Windows root directory (%WinDir%) under one...
Rogue Robocopy.exe Virus.DOS.Mabuhay.2660.b This is a very dangerous virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed (except COMMAND.COM). It looks like modifications of the "Jerusalem" virus. On June, 12th it displays the national flag of Philippines, the text message, erases the disk sectors and...
Adware shimgvw.dll Virus.DOS.Carbuncle.622 Carbuncle is a dangerous memory resident companion virus. It is the COM file 622 bytes of length. On execution it checks the system time, depending on current seconds value it either jumps to infection routine or calls the trigger function. In infection routine the virus creates the...
Malware SNTSearch.dll Virus.DOS.Bye.641 It is a dangerous memory resident parasitic virus. It hooks INT 1Ch, 21h and writes itself to the end of COM files that are executed. If during one hour there were no files infected, the virus displays a message in Russian and reboots the computer.  Me¡     c½¿  om ñ...
Trojan tapiperf.dll Trojan.Win32.KillAV.gj This Trojan is a Windows PE EXE file 61440 bytes in size.   Once launched, the Trojan causes the following message to be displayed:     It then creates a file called Update.bat in the C:  root directory:   C: \Update.bat  The Trojan terminates any processes it finds with the names listed below: ...
Dialer TRAPI.dll HackTool.Perl.IrBot.d This malicious program is a hacking utility.  It is a Perl script.  The size of infected files may vary from 12KB to 69KB.
Trojan wcnwiz.dll Trojan.Win32.Killav.be This Trojan is designed to disable antivirus programs and terminate a range of processes on the victim machine.  It is a Windows PE EXE file.  The file is 5,632 bytes in size.  Installation  This Trojan will be installed to the victim machine by another malicious program.
Worm whealogr.dll Net-Worm.Win32.Witty This fileless worm, also known as BlackIce and Blackworm, infects computers which use the following vulnerable ISS products:   RealSecure Network 7.0, XPU 22.11 and before  RealSecure Server Sensor 7.0 XPU 22.11 and before   RealSecure Server Sensor 6.5 for Windows SR 3.10 and before   Proventia A...
Trojan WPDSp.dll Trojan.MSWord.Thief This Trojan uses remote template vulnerability of MS Word 97. The URL is sent to some IRC channels that contain a HTML file that automatically loads and opens an MS Word document that contains reference to another MS Word template-containing Trojan macro. MS Word opens this template without any...
Adware XInput9_1_0.dll Virus.DOS.Beast.a This is a dangerous stealth virus that affects COM files, writing itself at the file beginning. A file is infected as it is executed or closed. The beginning of the file is saved at the first unused sector of the last cluster of the file.   ? <----------- File -------------------------->...

Czy wiecie co to jest?


RE: Dziwy plik wirusowy - grapcio33 - 12.11.2010 17:42

Wygląda to na jakieś informacje o wirusach tak jakby opis co jaki z wyżej wymienionych wirusów robi i przy niektórych jakie mają wielkości xD


RE: Dziwy plik wirusowy - Dominiczeq - 12.11.2010 21:28

Spoko, dzięki Cwaniak.


RE: Dziwy plik wirusowy - DamiaX - 12.11.2010 23:39

Wygląda na jakąś bazę danych wirusów dziwne Zacieszacz.


RE: Dziwy plik wirusowy - stingear - 16.11.2010 19:38

Jaki masz program antywirusowy? To wygląda jak plik raportu po usunięciu wirusa.