W32/Stanit - Malware
Archives Forums/General Discussion/W32/Stanit - Malware
| ||
| I am running Ad-Aware 2007 and it suddenly thinks all my Blitz files (exe files) are infected with the above Malware. Anyone else strike this? |
| ||
| W32/Stanit is a windows file infector that searches the computer for PE executable files. The search routine scans the hard drive recursively for .exe files. It appends its code at the end of the infected files, modifying the entry point in the file header in order to execute itself. In order to prevent multiple infections of the same file, an infection marker is added to the modified files: the 50th byte in each infected file is modified to value 56 - ascii value "V". --------------------------------------- I have checked some files and they do indeed have this character. Damn i must have got a virus... |
| ||
| Can you upload a sample exe or send to http://www.virustotal.com/ for a scan? |
| ||
| Do you not have virus protection software? Doesn't seem like it, if Ad-Aware is what found the virus. Norton/McAfee/AVG/Etc would have picked up on that puppy. If not, you could have multiple virus's. |
| ||
| Actually i was just starting an Adaware scan when the virus was noticed by my virus scanner. So my mistake there. I have cleaned the PC and renamed the infected files. It affected 206 files, all in my programming section. Fortunately i have backups for everything. I am not sure which file i downloaded had the original infection though. Still, all back up and running and no harm done. |
   |