One more line of recalcitrant virus latest version, a new virus variant is similar Sality obstinate, his name W32/Ramnit.
This morning one of the computers in the office and the new weird virus in my opinion, almost similar to the virus but more powerful shortcut. This virus belonged to the trojan / backdoor, it will be active if the target computer connected to the Internet and one of weapon. dangerous and nauseating computer users to download other viruses, "
Viruses have also downloaded the names and sizes vary so complicate anti-virus program for detection and cleaning your computer
From my studies after recovering office computer. Dr.Web Cure It is in the package Hiren's BootCD 13.0 and there was still some virus files on my flash, I try to analyze this virus:
First is the emergence of the Internet Explorer pop-up broser containing an offer or advertisement of investment, games and promotional programs. The second symptom is the change icon removable media (USB Flash, External HDD, and the like) into a folder icon. When a user accessible USB flash will get a warning "Access Denied". In addition it appears also the message "compressed zip folders" when USB flash access. Another symptom is the appearance of many files with the file name "Copy of Shortcut to (1). Lnk" s / d "Copy of Shortcut to (4). Lnk" in the USB Flash, this is very disturbing at all, but the virus is still not able to penetrate Folder protection with Unicode Characters I Made Unique.
USB Flash used this virus as a medium for spreading itself by using the autorun feature of Windows. For bodies active virus can be automated, W32/Ramnit also create the file autorun.inf and 4 (four) other shortcut files with the name "Copy of Shortcut to (1). Lnk" s / d "Copy of Shortcut to (4). lnk ".
After W32/Ramnit successfully infects a computer it will also mengifeksi file [C: \ Windows \ Explorer.exe and C: \ Windows \ System32 \ Winlogon]. After successfully carry out the action, this virus will call the other parent files assigned to be active in memory. To trick the user he will then call the application [C: \ Program files \ Internet Explorer \ Iexplore.exe].
Spend bandwidth and virtual memory
If the computer suddenly show information "Virtual Memory Minimum Too Low" while you're not doing anything so beware. Because the virus will always do an internet connection and call the website constantly with different content. Connection is done continuously resulted in a slow computer at the time of use. In some cases the virus can also cause the "Virtual Memory Minimum Too Low" It's very frustrating because our memory is full of unnecessary files from the file the virus.
How to Clean W32/Ramnit?
Because W32/Ramnit attack EXE files, DLLs and HTM / HTML, the best healing method is through DOS mode. Tools like Hiren's BootCD 13.0 is combined with an antivirus program Dr Web Cure It is a combination of the most effective when cleaning virus this Ramnit
The following are detailed steps to clean the virus Ramnit
Hopefully helpful.
This morning one of the computers in the office and the new weird virus in my opinion, almost similar to the virus but more powerful shortcut. This virus belonged to the trojan / backdoor, it will be active if the target computer connected to the Internet and one of weapon. dangerous and nauseating computer users to download other viruses, "
Viruses have also downloaded the names and sizes vary so complicate anti-virus program for detection and cleaning your computer
From my studies after recovering office computer. Dr.Web Cure It is in the package Hiren's BootCD 13.0 and there was still some virus files on my flash, I try to analyze this virus:
First is the emergence of the Internet Explorer pop-up broser containing an offer or advertisement of investment, games and promotional programs. The second symptom is the change icon removable media (USB Flash, External HDD, and the like) into a folder icon. When a user accessible USB flash will get a warning "Access Denied". In addition it appears also the message "compressed zip folders" when USB flash access. Another symptom is the appearance of many files with the file name "Copy of Shortcut to (1). Lnk" s / d "Copy of Shortcut to (4). Lnk" in the USB Flash, this is very disturbing at all, but the virus is still not able to penetrate Folder protection with Unicode Characters I Made Unique.
USB Flash used this virus as a medium for spreading itself by using the autorun feature of Windows. For bodies active virus can be automated, W32/Ramnit also create the file autorun.inf and 4 (four) other shortcut files with the name "Copy of Shortcut to (1). Lnk" s / d "Copy of Shortcut to (4). lnk ".
After W32/Ramnit successfully infects a computer it will also mengifeksi file [C: \ Windows \ Explorer.exe and C: \ Windows \ System32 \ Winlogon]. After successfully carry out the action, this virus will call the other parent files assigned to be active in memory. To trick the user he will then call the application [C: \ Program files \ Internet Explorer \ Iexplore.exe].
Spend bandwidth and virtual memory
If the computer suddenly show information "Virtual Memory Minimum Too Low" while you're not doing anything so beware. Because the virus will always do an internet connection and call the website constantly with different content. Connection is done continuously resulted in a slow computer at the time of use. In some cases the virus can also cause the "Virtual Memory Minimum Too Low" It's very frustrating because our memory is full of unnecessary files from the file the virus.
How to Clean W32/Ramnit?
Because W32/Ramnit attack EXE files, DLLs and HTM / HTML, the best healing method is through DOS mode. Tools like Hiren's BootCD 13.0 is combined with an antivirus program Dr Web Cure It is a combination of the most effective when cleaning virus this Ramnit
The following are detailed steps to clean the virus Ramnit
Hopefully helpful.
from : katabudi
Post a Comment