Bitdefender meng-informasikan ada jenis worm baru yang diberi nama worm.p2p.palevo.at ,

Worm ini berukuran

~ 180 Kbytes

mempunyai ciri:

1. Worm ini akan meng-copy ( membuat ) file yang bernama nissan.exe , yang bertempat di folder recycler\%SID%\nissan.exe

2. Membuat registry HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman , berguna untuk meng-eksekusi file nissan.exe yang ada di folder recycler.

3. Explorer.exe mencoba untuk menyambung pada situs yang berbeda antara lain:

  • sandra.pricha [dihapus] .com
  • pica.banjalucke-ljepot [dihapus] .com
  • l33t.brand-clo[dihapus]. com

Berguna untuk men-download / meng-akses file-file yang digunakan untuk menyerang / meng-infeksi system peng-akses.

4. Setiap kali removable drive dimasukkan , file-file berikut akan dibuat di dalamnya:

  • autorun.inf yang menunjuk ke ZALJUBIT \ dousiju.exe   , untuk tujuan tereksekusi oleh autorun windows secara otomatis bila autorun windows posisi on..
  • dousiju.exe yang berada didalam folder ZALZUBIT.

5. Menciptakan sebuah file bernama desktop.ini tersembunyi dalam folder yang sama dengan  nissan.exe isi sebagai berikut:
[.ShellClassInfo] [. ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E} CLSID = (645FF040-5081-101B-9F08-00AA002F954E)
Dengan membuat modifikasi ini, folder yang berisi nissan.exe akan memiliki ikon RecycleBin, bukan FolderIcon. Juga, ketika membuka folder ini menggunakan Windows Explorer akan menampilkan isi RecycleBin dan bukan dua file: nissan.exe dan desktop.ini

Cara penularannya / penyebaran:

  1. Menggunakan removable disk / UFD  dengan cara menaruh file autorun.inf yang berfungsi peng-eksekusi file ZALJUBIT \ dousiju.exe
  2. MSN Messenger ,
  3. P2P aplikasi , misalnya: BearShare, iMesh, Shareaza, Kazaa, DC + +, eMule, eMule +, LimeWire

Cara pencegahan :

1. Matikan autorun di windows dengan cara:

  • Run>>gpedit.msc>>Computer Configuration>>administrative template>>system>>double klik Turn off Autoplay pilih enable>>all drive>>ok.
  • Buat DWORD Value di HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer dengan nama:  NoDriveTypeAutoRun  dengan value data ff

2. Hapus bila di flash disk ada folder ZALZUBIT

3. Hapus folder Recycle bin yaitu folder yang berada di dalam folder recycler misalnya: S-1-5-21-842925246-796845957-682003330-1004

folder ini adalah folder system jadi untuk menampilkan kita harus setting folder options ke show folder / file hidden system.

Untuk cara menghapus folder recycle bin:

  • klik kanan folder recycle bin pilih rename
  • Copy name recycle bin yang aslinya sebelum merubah namanya misalnya: S-1-5-21-842925246-796845957-682003330-1004
  • Rubah /rename folder tersebut sesuka anda misalnya: 12346
  • Buat folder baru ( new folder ) lalu rename dan paste dengan nama asli yang sudah kita copy dari folder recycle bin tadi.
  • Delete folder recycle bin yang asli yang sudah kita rename menjadi 12346 tadi.
  • Dengan cara ini maka file Virus yang ada didalam folder tersebut-pun akan ikut terhapus…

🙂 oooOOOOOoooo 🙂


Tentang Mpu-Elcom

Sholatku , ibadahku , hidupku , dan matiku , ku persembahkan untuk Allah tuhan Alam semesta...
Pos ini dipublikasikan di Virus dan tag , , , . Tandai permalink.

14 Balasan ke Worm.P2P.Palevo.AT

  1. A.J.I berkata:

    semakin canggih saja virus2 yg lahir

  2. Mpu-Elcom berkata:

    @ A.J.I: ya mas!.. akhirnya kita dituntut untuk terus belajar… :D..

  3. I loved what you’ve carried out right here. The style is tasteful, your composed content material stylish. Nevertheless, you could have acquired an edginess to what you’re offering the following. Sick totally arrive back again once more for considerably a lot more in situation you protect this up. Dont do away with hope if not too a few men and women see your perspective, know you may have acquired a fan suitable the next who values what you might have got to say along using the way you have offered yourself. Excellent on you!

  4. I cherished what you have performed here. The theme is stylish, your authored written content elegant. Nonetheless, you have acquired an edginess to what you will be offering the next. Unwell definitely arrive back again once more for considerably far more in case you preserve this up. Dont wipe out hope if not too a variety of women and men see your eyesight, know you may have acquired a fan suitable the next who beliefs what you may have received to say along using the way you could have presented yourself. Excellent on you!

  5. cartoonnetwork berkata:

    Remarkable post! Marvelous knowledge about the topic. Without a doubt the latest bookmark.

  6. Sherill Snavely berkata:

    Fully agree with admn. Finally someone has the cojonies to tell it like it is.

  7. I have not had a drag in 10 years. The worst aspect regarding stopping is the beginning couple of weeks. Thankfully this those effects didn’t last and stuff got easier day-to-day on account of the e-cigarettes. Never throw in the towel. Merely persevere and you may well be smoke-free permanently.

  8. Maureen Granillo berkata:

    While attempting to quit cigs, I came across the smokeless cigarette. The compare electronic cigarettes wotks on a nicotine compound that is made up of only nicotine. Basically no toxic chemicals at all. They have fortunetly made all the difference. Getting rid of inhaling and exhaling toxic substances feels fantastic to me!

  9. wamucards berkata:

    I am gracious for this helpful great web page; this may be the type of subject that sustains me though out the day.We’ve normally heard been not long ago needing close to in your web-site suitable just after I noticed about these from a near close friend and was delighted when I was in a position to obtain it following searching out for some time. Being a enthusiastic blogger, I’m pleased to see other people today taking gumption and adding to your neighborhood. I just wanted to comment to display my comprehension for a release since it is particularly inviting, and many writers do not get the credit they have earned. I’m good I’ll be back again once again and can deliver a several of my mates.

  10. ecig review berkata:

    I have not had a cigarette in since I was divorced. The most severe thing concerning kicking the habit in considered the 1st few days. Fortunetly for me this those effects didn’t last long and stuff improved day by day as a result of the electronic cigarettes. Please don’t stop. Please persevere and you inevitably you will live a healthier life once and for all.

  11. Mose Jeffris berkata:

    While trying to giving up smoking, I came across the electronic cigarette. The smokeless cigarette uses a nicotine liquid which is made up of simply nicotine. Simply no poisons whatsoever. They’ve virtually saved my life. No more inhaling poisons feels very good to me!

  12. Carmela Clair berkata:

    Almost all that is on my mind is smoking. I don’t want to smoke and if perhaps someone offered me a hit this minute, I’d totally refuse. I feel I’m in a really crappy mental state and have had trouble attempting to sleep but I realize I must definitely end up being tough. The compare smokeless cigarettes may also be helpful in the end.

  13. Junior Kagan berkata:

    This page appears to get a great deal of visitors. How do you advertise it? It gives a nice unique spin on things. I guess having something authentic or substantial to post about is the most important thing.

  14. Sapphire Ecig berkata:

    I am really impressed with your writing skills and also with the layout
    on your weblog. Is this a paid theme or did you modify it yourself?
    Anyway keep up the nice quality writing, it’s rare to see a great blog like this one today.

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout /  Ubah )

Foto Google+

You are commenting using your Google+ account. Logout /  Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout /  Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout /  Ubah )


Connecting to %s