Not much has changed in this, the only shift in the ranking. Still in the order of the top perch Conficker virus. Second and third are still the same as last month, namely consecutive Autoit and Freemine. Different, in the fourth order BlackMoron have a new entrance to the rank of ten. . For more details, please see the complete list of the following:
1. Conficker
List of domains in the black-list by Conficker.Virus outside berteknologi powerful this really incredible spread. Of which is the DLL file (Dynamic Link Library) to distinguish them with most other viruses in the form of EXE. Capability can also held disetarakan with the rootkit. And, are pro-polymorphic making them have a body change. At the infected computer, users will not be able to open the site "smelly" antivirius or Microsoft update. The virus is also active in Indonesia, spread by using a removable media disk eg flash disk. In the flash disk infected, you will find a file autorun.inf and RECYCLER directory in which there is a sub-directory with the name eg S-5-3-42-2819952290-8240758988-879315005-3665, and in this directory there are files with the virus Conficker jwgkvsq.vmx name usually is the actual DLL file.2. Autoit variants
Spread the message to each contact person in the Y! M. Almost most variants of the virus-based import script using this as a folder-like icon. This virus has the ability to do the auto update to multiple sites. He can also take advantage of Yahoo! Messenger as media distribution intermediaries to send a message with a link to each contact person in the Y! M victims.3. FreeMine
The contents of the file autorun.inf virus from local Freemine.Virus is made with Visual Basic using the file size around 68KB without in-pack. The virus, the icon like Microsoft Word. When active in memory, it will maintain the continuance of his life with the men-terminate every application that is in the black-list in the body, such as Process Explorer. It also can spread via removable disk media, and on the removable disk will be infected autorun.inf file and Free_Mine.exe.4. BlackMoron
Display the file properties of the virus BlackMoron, nyamar as an antivirus. Nyamar repellent software such as a virus, it is the virus. There are no special techniques or sophisticated, the virus that is very simple, created using Visual Basic with the file size of 48KB, without in-pack. Time off will turn off some Windows functions such as regedit, Command prompt, Task Manager, Folder Options, and others. He will create autorun in registry with the name of AVG.5. Yuyun.vbs
Message from the virus Yuyun.vbs.Virus created using Visual Basic Script is sized about 9KB. At the infected computer it will create lots of duplicate files in each folder that it found the file name autorun.inf, Thumb.db, in pro-hidden attributes, and a shortcut with the name Microsoft. If the shortcut is accessed, he will indeed go to a folder, but behind that the virus will also be active. File Thumb.db here also is not a file belonging to Windows, but unless the script file virus. At the infected computer will also found a virus the message file in the directory user Temp. In this directory will also find other files that the script virus that has been in pitch-decrypt. Because you need to know that this virus is present in most encryption.6. Recycler variants
File viruses hiding behind the Recycle Bin palsu.Yang become typical of this virus is a technique, how it spread. Namely "ngumpet" Recycler directory in / Recycler / Recycle Bin. He is also known to apply techniques code code injection so that the virus can "nyangkut" on explorer.exe. This is done to make user or even anti-virus program to kill him.7. Vinurika
Discount Vinurika.vbs script virus. Strong presumption of the virus is still with the same virus that Yuyun.vbs. Characteristic of its the same, create a shortcut on the computer a lot of sacrifice. And in the flash infected, there will be approximately 4 ie autorun.inf file, thumb.db, Microsoft.lnk, and New Folder.lnk. File thumb.db who act as mother, as the Yuyun.vbs.8. Malingsi variants
Malingsi virus attacks the virus lain.Virus well with the size of fat, for example in one of the variants have a size of about 689KB. It was created using Visual Basic in-pack use PECompact. It seems this virus is to attack another virus, this is visible from the message in the body. Virus breed and spread using the Personalization mediator, which acts as a bot.9. Raider.vbs variants
The contents of the body of the virus if Raider.vbs opened Notepad.Virus with this type of VBScript if opened with Notepad, for example, the string is not much that can be read as in most encryption. In several variants. on the Registry, it provides the user with the create new key in HKLM \ Software with the same name as the name on the computer name, with its contents as a string value such as virus name, Raider, and the date the first time the computer is infected.10. Risa
Message delivered by Risa virus. The virus has a local one about the size of 42KB, with the condition of one-pack using UPX. Icon resembling the folder. When a computer infected with this virus, will be a lot of the folders found in every corner of spoofery drive. He can also go to the flash disk, flash disk will be in there are some files with names such as "love palsu.exe Poetry Collection," "Secret (Do not be opened). Exe", and other. Message from the creator of the virus also can be found in the Windows directory with the name "Wasiat.html", or on the root drive C: \ with the name "Puisi_untukmu_bang.html".for more information plese visit http://virusindonesia.com/
0 comments:
Post a Comment