Threatened with damage to the hard disk, let alone to lose data, can make people panic. Caution, a warning message that may be a false error.
As presented by Adang Jauhar Taufik, an analyst with antivirus from Vaksincom, a malicious program disguised as a device "Data Recovery".
Such a fake security program commonly known as Scareware, because he was scaring their victims with false threats.
Malicious programs that masquerade as "Data Recovery", according to Adang detected as W32/FakeAV.AESL by Norman Security Suite.
Some message "spooky" of the display is as follows:
Hard drive rotational speed Decreased by 20%.Disk Drive c: - is unreadable.Drive C error initializingCirtically RAM GPU Temperature is high.Critical Error. Error harddrive.Windows detected a hard disk problem. A potential disk failure may Causes loss of files, applications and documents stored on the hard disk. It's highly recommended to scan and solve problems before HPP continue using this PC.
The characteristics of Infection
Adang said the bogus device was built using the programming language Visual C + +. At run time, it will create some master file that will be active when the computer is turned on.
Here are some files that are located in "C: Documents and Settings-All Users-Application Data":
6DSS92c31Apgjk.exe with size 563 KBBFwoCYFrNlwR.exe with size 619 KB6DSS92c31Apgjk, file size 1 MB
There is also a file located in "C: Documents and Settings-user-desktop-data" with the name "Recovery.lnk"
Then, to defraud victims. This fake program will insert an icon on the taskbar can display messages "scary".
Crime mode
The first thing that interferes with the presence of this malicious program is that it will gobble up memory resources from the infected computer. The computer also has the potential to hang or crash.
While the effects are more severe if the victim is deceived and tried to follow the advice device to activate the fake software.
If that happens, the malicious program will take the victim to the site that ultimately require delivery of a specific amount of money to solve problems on the computer.
Another action is no less evil, he will menghapur all applications on the computer. Application is removed it will be entered into the temporary folder.
He will also hide files and folders from the victim computer. If you do not know, the victim may feel it is true there is an error in the system.
W32/FakeAV.AESLViruses that can make a computer technician taxable gaplok
This scenario is only a shadow, but it may happen:Lhoo! ... I really want you even Data Recovery Antivirus installed, instead of the hard drive is damaged even added later. Do you want deceiving me well. Clop ..... Clap. Dear sir, my guns deceiving, but this is the virus that malsuin Windows warning.
If your computer is infected with virus / malware antivirus medicine, if the disk is damaged and corrupted data recovery program of the medicine which sought as much as possible to not run a damaged hard drive so that the damage from getting worse. But if you get a case like the one below, where you take the hard drive "according to the" message fatal damage arising as: (see Figure 5-11 below)
- Hard drive rotational speed Decreased by 20%. (Which roughly means harddrive decreased motor performance / damage)- Disk Drive c: \ is unreadable.- Drive C initializing error (but the computer can get way when almost windowsnya when system is on drive C).- GPU RAM cirtically Temperature is high. (Guns understand why a high temperature RAM .... should not it high temperature processors).- Critical Error. Error harddrive.- Windows detected a hard disk problem. A potential disk failure may Causes loss of files, applications and documents stored on the hard disk. It's highly recommended to scan and solve problems before HPP continue using this PC.
Then the technician store your computer and then install the antivirus, do you immediately angry and technicians in tampol first. Since in this case the engineer was not willing to fool you into installing antivirus damaged computer hard drive.
But there was a fake virus warnings Windows hard drive as if you were severely damaged. For details please follow the article made by Aj Tau below. And if you are a computer technician who gets this case, no need to wear a helmet when anti gaplok eradicate this virus: p because Vaksincom provide tools to eradicate this virus.=====================================The current trend of the spread of the virus is more dominated by a virus that has the ability to inject such an application file with the file extensions EXE, COM or SCR call it virusW32/Alman, W32/Sality, W32/Virut or W32/Ramnit and many other virus variants quite a lot. Rampant spread of the virus currently requires us to be more alert to the possibilities of other viruses that lurk at any time.
Need to step carefully to anticipate falling victim to one of them in choosing an antivirus program and "apparently" it was a new crack that can be utilized by the virus to spread itself by forging itself as a security program (read: anti-virus).
Fake antivirus or better known as a fake Antivirus which has the appearance of no less interesting as an antivirus program that usually comes with sharing features such as Firewall or Internet Security Privacy Tools.
In terms of detection are also quite "good" because it can detect viruses that can not be detected by the antivirus program in general, but you do not be fooled because of all the warnings that appear is FALSE, the edges we are asked to send some money to get the full version in order to remove the virus was "fake" it.
Fake antivirus program or better known as Scareware is now in the tens of types. Its lack of user knowledge of the virus into the cause of this fake antivirus easily spread. Of the many scareware programs that spread one of them is thus W32/FakeAV.AESL Norman Security Suite detects this virus (see Figure 2). This fake program will disguise himself as a tool "Data Recovery" that contains the features to perform checks on your computer such as checking the condition of the Hard Disk, Memory, Registry and your Operating System.
Tidak ada komentar:
Posting Komentar