Results 1 to 9 of 9

Thread: dirote???

  1. #1
    Junior Member
    Join Date
    Mar 2003
    Posts
    3

    Question dirote???

    Hello,

    I found a file running on my system and can't figure out what it is....HELP.

    C:\WINDOWS\system32\w1erd32\dirote.exe

  2. #2
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Good Day,

    Now that one doesn't show up on google either. I would be real suspcious of the thing for sure. With a name like: w1erd32\dirote.exe, it's probably up to no good. Did you run Spybot S&D, Ad-aware, CWShreader, Hyjackthis, AV or anything else on it yet? Notice your computer acting up or anything?

    More specific info will help

    cheers

    edit: Ok have you downloaded any scanners or science apps lately?

    Eugene V. Dirote has been doing some Nanotechnology and it bears his name?

    http://www.novapublishers.com/detail...=1-59033-411-6

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Well,

    There doesn't seem to be anything on Google for it.

    I suggest that you take a look in the w1erd32 folder and tell us what else is in there?

    "w1erd32"???????? could that be a leet misspelling of "weird"?

    Cheers

  4. #4
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    I found a couple sites...I don't have the character set installed, and Google didn't give me the option to translate...

    http://www.viruszone.net/bbs/zboard....desc=asc&no=17

    EDIT:Sorry about fubaring the format...

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Groovicus!

    You mean that you have forgotten your Korean already?

    They seem to say that it is scumware and that AdAware will get rid of it. Be sure to run AdAware in safe mode.

    Good luck

  6. #6
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    I dont think system32 should really be modified much, especially by something named w1erd32, no such thing in my system32 folder, thats for sure. Right click on the w1erd32 folder and choose properties, see when it was created. If you didnt do anything on that date then delete it.
    I am the uber duck!!1
    Proxy Tools

  7. #7
    Junior Member
    Join Date
    Mar 2003
    Posts
    3

    Re: dirote???

    Thanks in advance for your advice. Going to the logcollector I found another file

    c:\windows\system32\w1erd32\roudstid.exe

    I checked Google and no information except in Korean site....

  8. #8
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    Copy the URL of the korean site and go to www.altavista.com. Then click translate. Then go down till you see where you can translate websites. Select Korean to English. Then paste the URL in the URL input box and just click ok (or translate or whatever it says on the input button) The reason you should head to altavista is because google doesnt translate korean, for some reason. Seriously, I would not trust anything that just showed up out of no where or no reason on my computer, especially in the system32 folder.
    I am the uber duck!!1
    Proxy Tools

  9. #9
    Senior Member
    Join Date
    Feb 2004
    Posts
    201
    Also keep in mind when you have one odd/unwanted thing that sneaks in that there may be others...

    I would suggest running the following:
    Adaware, Spybot Search & Destroy, an online virus scanner, and an anti-trojan.
    And you may want to run HijackThis and post the log here for examination.

    Good luck!

    Sorry no links - I'm not on my pc - look all the progs up in the forum - links are there

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •