Virus autorun ini menyebar paling banyak melalui media flasdisk, karena paling banyak digunakan oleh para pengguna computer karena kemudahan membawanya dan bertukar data. Bagi yang masih awam pada dunia computer khususnya virus maka akan dengan mudah terkena virus, terlebih virus yang disebarkan khususnya lewat media flasdisk ini.
Virus autorun, virus shortcut, atau virus sality begitu dikenali oleh antivirus avira
Hasil scan pada hardisk yang terdapat virus :
J:\siuay.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
J:\yuhox.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
J:\yuhoxx.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
J:\x.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
J:\zzz.dll
[DETECTION] Is the TR/ATRAPS.Gen2 Trojan
J:\zdH.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zdv.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zvy.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zeE.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zUW.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zwR.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zTp.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zLo.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\zlD.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
J:\yuhox.scr
[DETECTION] Contains code of the W32/Sality.AT Windows virus
Beginning disinfection:
J:\yuhox.scr
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was moved to the quarantine directory under the name '4a3e1412.qua'.
J:\zlD.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '52f53bab.qua'.
J:\zLo.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '00ff6163.qua'.
J:\zTp.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '66c92eb9.qua'.
J:\zwR.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '232f03aa.qua'.
J:\zUW.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '5c2f31e9.qua'.
J:\zeE.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '10b91d93.qua'.
J:\zvy.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '6ced5dd2.qua'.
J:\zdv.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '41aa7281.qua'.
J:\zdH.lnk
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-2568.B exploit
[NOTE] The file was moved to the quarantine directory under the name '58ac491b.qua'.
J:\zzz.dll
[DETECTION] Is the TR/ATRAPS.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '34826531.qua'.
J:\x.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was moved to the quarantine directory under the name '45565c68.qua'.
J:\yuhoxx.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was moved to the quarantine directory under the name '4b336c66.qua'.
J:\yuhox.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was moved to the quarantine directory under the name '0e1a1524.qua'.
J:\siuay.exe
[DETECTION] Contains code of the W32/Sality.AT Windows virus
[NOTE] The file was moved to the quarantine directory under the name '071e119b.qua'.
Dapat kita lihat terdapat beberapa file ciptaan virus yaitu
siuay.exe
yuhox.exe
yuhoxx.exe
x.exe
zzz.dll
kesemuanya adalah file ciptaan virus autorun, atau virus shortcut karena virus ini akan membuat shortcut pada tempat dia menyebar misal di flasdisk maka di tiap folder akan terdapat shortcut dari virus ini dimana biasanya fasilitas menu show hidden file tidak bisa di aktifkan karena telah di disable oleh virus ini. Dari beberapa antivirus avira cukup bagus setelah saya coba.
Untuk download bisa di www.avira.com
Tidak ada komentar:
Posting Komentar