New Heur.Fdd (link)
Virus Flash Disk
Virus ini terdeteksi dengan Smadav
dengan nama New Heur.Fdd (link).
Virus hamper sama pola kerja nya dengan virus shortcut dan gabungan Annie.ani dengan
Ramnit. Dimana memanfaat file autorun pada flashdisk untuk proses aktifnya.
Walaupun anti virus memblok autorun.inf virus membuat folder aktifasi dengan
nama Recycler. Disinilah bibit virusnya diletakkan.
Tampak pada gambar dibawah ini folder Recycler.
Walaupun Anda clean dengan smadav
dan Avia Internet Security bukan berarti virus tersebut sudah lumpuh total.
Virus masih bisa aktif selagi masih ada folder
Recycler.
Jika anda kurang nyakin setelah anda
colok flashdisk + anda clean virusnya. Kemuadian anda cabut flashdisknya pada
PC anda. Coba anda colok lagi flashdisknya. Apa yang terjadi virus masih bisa
aktif lagi berkat rangsangan autorun.Inf.
Jika mau aman bersih 100% flash
disknya anda harus format ulang isinya. Ini baru aman.
Karantina
virus oleh smadav, tampak pada gambar dibawah ini.
Sedangkan dibawah ini adalah hasil report deteksi virus via Avira
Internet security :
- SPR/Tool.Patch.18
- W32/Ramnit.C
- TR/Starter.Y
- VBS/Dunihi.EB.2
- EXP/CVE-2010-2568.A
Type: File
Source: G:\IDM v6.17 Build 9 Final\IDM v6.17
Build 9 Final\Patch.exe
Status: Infected
Quarantine
object: 57400f5f.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: SPR/Tool.Patch.18
Date/Time: 30/10/2013, 12:32
Type: File
Source: G:\RECYCLER\S-5-1-62-2286161444-7233275308-745612612-6651\LaaYINcF.exe
Status: Infected
Quarantine
object: 410c22b2.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus definition
file: 7.11.110.26
Detection: W32/Ramnit.C
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\RECYCLER\S-5-1-62-2286161444-7233275308-745612612-6651\EHIrwDHU.cpl
Status: Infected
Quarantine
object: 3e7f10ca.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: TR/Starter.Y
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\crypted.vbs
Status: Infected
Quarantine
object: 0d8c0ed7.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: VBS/Dunihi.EB.2
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\Copy of Shortcut to (1).lnk
Status: Infected
Quarantine
object: 575d0754.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: EXP/CVE-2010-2568.A
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\Copy of Shortcut to (4).lnk
Status: Infected
Quarantine
object: 7ba23dd9.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: EXP/CVE-2010-2568.A
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\Copy of Shortcut to (2).lnk
Status: Infected
Quarantine
object: 4fca28f3.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: EXP/CVE-2010-2568.A
Date/Time: 30/10/2013, 12:29
Type: File
Source: G:\Copy of Shortcut to (3).lnk
Status: Infected
Quarantine
object: 1d95721b.qua
Restored: NO
Uploaded to
Avira: NO
Operating
system: Windows XP/VISTA
Workstation/Windows 7
Search
engine: 8.02.12.134
Virus
definition file: 7.11.110.26
Detection: EXP/CVE-2010-2568.A
Date/Time: 30/10/2013, 12:29
Mudah-mudahan solusi ini dapat anda
gunakan jika berhadapan dengan virus jenis baru ini. Jangan Panik masih ada
penawarnya.
3 Komentar:
solusinya mana?
Gunakan aja smadav dan avira-virus akan hilang.
ane sudah format flashdisk ane , tpi tu virus msh aja ada. ada solusi lain gak gan ??
Help !!!
Posting Komentar