New Heur.Fdd (link)

30/10/13

New Heur.Fdd (link)
Virus Flash Disk

Virus ini terdeteksi dengan Smadav dengan nama New Heur.Fdd (link). Virus hamper sama pola kerja nya dengan virus shortcut dan gabungan Annie.ani dengan Ramnit. Dimana memanfaat file autorun pada flashdisk untuk proses aktifnya. Walaupun anti virus memblok autorun.inf virus membuat folder aktifasi dengan nama Recycler. Disinilah bibit virusnya diletakkan.


Tampak pada gambar dibawah ini folder  Recycler.



Walaupun Anda clean dengan smadav dan Avia Internet Security bukan berarti virus tersebut sudah lumpuh total. Virus masih bisa aktif selagi masih ada folder  Recycler.
Jika anda kurang nyakin setelah anda colok flashdisk + anda clean virusnya. Kemuadian anda cabut flashdisknya pada PC anda. Coba anda colok lagi flashdisknya. Apa yang terjadi virus masih bisa aktif lagi berkat rangsangan autorun.Inf.
Jika mau aman bersih 100% flash disknya anda harus format ulang isinya. Ini baru aman.
Karantina virus oleh smadav, tampak pada gambar dibawah ini.



Sedangkan dibawah ini adalah hasil report deteksi virus via Avira Internet security :
  1. SPR/Tool.Patch.18
  2. W32/Ramnit.C
  3. TR/Starter.Y
  4. VBS/Dunihi.EB.2
  5. EXP/CVE-2010-2568.A

Type:   File
Source:            G:\IDM v6.17 Build 9 Final\IDM v6.17 Build 9 Final\Patch.exe
Status: Infected
Quarantine object:       57400f5f.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       SPR/Tool.Patch.18
Date/Time:      30/10/2013, 12:32


Type:   File
Source:            G:\RECYCLER\S-5-1-62-2286161444-7233275308-745612612-6651\LaaYINcF.exe
Status: Infected
Quarantine object:       410c22b2.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       W32/Ramnit.C
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\RECYCLER\S-5-1-62-2286161444-7233275308-745612612-6651\EHIrwDHU.cpl
Status: Infected
Quarantine object:       3e7f10ca.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       TR/Starter.Y
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\crypted.vbs
Status: Infected
Quarantine object:       0d8c0ed7.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       VBS/Dunihi.EB.2
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\Copy of Shortcut to (1).lnk
Status: Infected
Quarantine object:       575d0754.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       EXP/CVE-2010-2568.A
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\Copy of Shortcut to (4).lnk
Status: Infected
Quarantine object:       7ba23dd9.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       EXP/CVE-2010-2568.A
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\Copy of Shortcut to (2).lnk
Status: Infected
Quarantine object:       4fca28f3.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       EXP/CVE-2010-2568.A
Date/Time:      30/10/2013, 12:29


Type:   File
Source:            G:\Copy of Shortcut to (3).lnk
Status: Infected
Quarantine object:       1d95721b.qua
Restored:         NO
Uploaded to Avira:     NO
Operating system:       Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.12.134
Virus definition file:   7.11.110.26
Detection:       EXP/CVE-2010-2568.A
Date/Time:      30/10/2013, 12:29

Mudah-mudahan solusi ini dapat anda gunakan jika berhadapan dengan virus jenis baru ini. Jangan Panik masih ada penawarnya.



3 Komentar:

Poskan Komentar

Cari Posting Blog

Memuat...

Translate

Follow by Email

Download Software

Download Software
FREE AVIRA

Baidu PC Faster

Baidu PC Faster
FREE DOWNLOAD

Rek 2960 398486

Rek 2960 398486
Khairul Maddy

Google+ Followers

Pengikut

Grade

Entri Populer

Total Tayangan Laman

Backlink

eXTReMe Tracker
Free Capricorn Red Cursors at www.totallyfreecursors.com