Virius Help!

Hardware, Software, Internet, etc.

Moderators: Big-O Ryan, Big-O Mark, Matt, jester22c

Post Reply
Walker
Veteran
Veteran
Posts: 346
Joined: Sat Feb 15, 2003 10:04 pm
Contact:
Contact Walker

Virius Help!

Post by Walker »

I need some Virius Help! I Have a computer with AVG 6.0 and it scanned my computer and *says* it fund a virus. It Says it was "Macro!.scr"i cant see it on my hard drive. Please Help!
Top
Walker
Veteran
Veteran
Posts: 346
Joined: Sat Feb 15, 2003 10:04 pm
Contact:
Contact Walker

Post by Walker »

OK, After I Ran AVG again in Safe Mode, it found nothing and when i started my computer, it couldn't find "Macro!.scr" and when i looked in "msconfig" i saw that the file started on start-up. Sorry if any of these posts don't sound like me. I Found My Virus at 5:00 and it is 8:30 now. And I am EXTREMELEY Tired. I Got like 5 hours of sleep compaired to my normal 8. :|
Top
fuuucckkers
Moderator
Moderator
Posts: 815
Joined: Sun Sep 22, 2002 3:33 pm
Contact:
Contact fuuucckkers

Post by fuuucckkers »

I found the virus at http://antivirus.com

Here's the page..and some related info for you.

http://www.trendmicro.com/vinfo/virusen ... _OPASERV.I

Virus Name:
WORM_OPASERV.I

Reported infections: Low
Damage Potential: High
Distribution Potential: High

If you're on a network in your house with other computers, i suggest you disconnect yourself. It seems to propigate to other networked computers.
Details:

This worm registers itself as a service and repeatedly scans for other machines. It searches for machines on the same network that have shared C:\ drives with full access. It uses SMB (Server Message Block protocol) commands to access shared drives.

Apparent in this worm's codes is that it sends information to a Web site, http://www.gwmn<blocked>t.com.br. It downloads updated copies of itself from the Web site. The site, however, is currently down and inaccessible.

Upon execution, this worm drops a copy of itself named MARCO!.SCR in the Windows directory of both the local machine and all the remote machines with shared drives.

Then, it deletes the originally executed file provided that this file is located on the Windows directory.

It also drops the files, Mane!!.dat and FDP!!!!.dat in the directory C:\. It uses these files during the information exchange with http://www.gwmn<blocked>t.com.br and the site http://www.cronos<blocked>tica.com.br.
Top
Walker
Veteran
Veteran
Posts: 346
Joined: Sat Feb 15, 2003 10:04 pm
Contact:
Contact Walker

Post by Walker »

It Seems to have dissappeared off of my Machine. I Ran AVG in Safe Mode and it found nothing. Then I look and uts gone. I reboot in normal mode and i get a startup error that it cant be found. I looked is msconfig and there is was with start up. IDK Could have AVG gotten it? I didnt see if it did.
Top
Post Reply

Return to “Totally Off-Topic Computers”

Who is online

Users browsing this forum: No registered users and 1 guest