Adang described Taufik Jauhar, a virus analyst from Vaksincom, this virus is generically known as W32/VBTroj.CEPA and the de facto become the most vicious viruses and most disturbing in the beginning of the year 2010.
The virus is capable of doing many things like installing rootkits, block network access and manipulate the Windows hosts file so I can do blocking access to security sites on the victim computer.
"And the more sophisticated, it dienkrip hosts file to avoid detection and repair by antivirus programs."
This virus, he added, also will perform several blocks access to security sites or other sites that have been determined by the number switch to IP 209.85.225.99 which is the public ip www.google.com, it actually indirectly cause ddos against Google . com.
"Is there a connection or not with the attack on Google in China that cause Google account to leave? We'll see. In fact, more and more computers are infected by this virus, then the access (which indirectly causes DDos) against the original site Google will and higher, "he said.
So that every time a user tries to access to certain websites, including website security / antivirus, then that arises is the site www.google.com.
This virus spreads very rapidly by taking advantage of chat media commonly used by users such as Yahoo Messenger, MSN Messenger and Skype by sending a message and attach a link to download a file which is engineered like an image file (JPG), but in fact a virus file already compressed berdeda sizes are different depending on the variant that infects the computer. The compressed file has an exe extension.
If you receive the message you receive should not be let alone run the included file while the Messenger contact a friend who you know, it's not your friend who sent the virus but the virus that infects the computer and use messenger accounts.
One of the things that cause the virus to spread in addition to successfully use the media mentioned above, it will also update to update itself it is this which causes Scaner antivirus can not detect the virus.
The virus is more powerful entrenched with the help of a rootkit file serving to protect the active parent file in memory, so cleaning is done through windows Normal, Safe Mode or Safe Mode With Command Prompt sometimes can not solve the problem.
0 comments:
Posting Komentar