hati-hati buka gudang lagu dot com, karena akan terdirect link ke security threet alert, page ini men scan computer kemudian mengaku compie kita terdeteksi beberapa virus, dan kita disuruh mendownload sebuah file exe (BUILD107_2037[1].EXE) untuk menghapus virus tersebut, padahal file tersebut sendiri adalah virus yang sangat berbahaya:
BUILD107_2037[1].EXE
Author:Virus encyclopedia Read times:171 Submit Time:2010-4-21 7:24:38
BUILD107_2037[1].EXE
Sample Accepted Time:2010-4-21 7:24:38
Infected Times:172
BUILD107_2037[1].EXE Description:
Maleware file is has the following brother maleware:
Fraudulent Security Program
BUILD107_2037[1].EXE action as following:
The Process is packed and/or encrypted using a software packing process
Adds a Registry Key (RUNONCE) to auto start Programs on system start up
Writes to another Process Virtual Memory (Process Hijacking)
This process creates other processes in your system.
Executes a Process
This Process Deletes Other Processes From Disk
Can communicate with other computer systems using HTTP protocols
Hooks the WININET.DLL function allowing it to read or copy Http and Https web page content and session information
Registers a Dynamic Link Library File
Creates new folders on the system
Copies files
Creates or uses a background service to access the Internet using HTTP protocols
Injects code into other processes
Performs DNS look ups to resolve URL IP addresses
BUILD107_2037[1].EXE also has the following action
Added as a Registry Key (RUNONCE) to auto start Programs on system start up
Created as a process in your system.
Executed as a Process
Has code inserted into its Virtual Memory space by other programs
Deleted as a process from disk
Copied to multiple locations on the system
Infected Countries
Maleware file BUILD107_2037[1].EXE detected on Apr 19 2010 in the following geographical region of the Prevx community:
# Poland on Apr 19 2010
Same behavior related threat file name:
BUILD107_2037[1].EXE has the following brother program file:
PACKUPDATE_BUILD107_2037[1].EXE
PACKUPDATE_BUILD106_258.EXE
PACKUPDATE_BUILD30_302[1].EXE
PACKUPDATE_BUILD30_2025[1].EXE
PACKUPDATE_BUILD106_231(1).EXE
PACKUPDATE_BUILD107_231[1].EXE
BUILD107_302[1].EXE
PACKUPDATE_BUILD107_158[1].EXE
PACKUPDATE_BUILD8_195.EXE
PACKUPDATE_BUILD30_2037[1].EXE
PACKUPDATE_BUILD30_2037.EXE
PACKUPDATE_BUILD106_231.EXE
PACKUPDATE_BUILD107_231.EXE
PACKUPDATE_BUILD30_289[1].EXE
PACKUPDATE_BUILD30_302.EXE
PACKUPDATE_BUILD106_310.EXE
PACKUPDATE_BUILD107_2027.EXE
X_MQCDIM.EXE.PART
JJGPWMFU.EXE.PART
97240955.EXE
Filesizes
This file has been seen with the following file size:
388,096 bytes
File Type
Maleware file BUILD107_2037[1].EXE refers to an executable program.
0 komentar:
Posting Komentar