#BAHAYA BARU PENGGUNA MESSENGER#
5 posters
Forum Cendana :: General :: Dunia Kita
Halaman 1 dari 1
#BAHAYA BARU PENGGUNA MESSENGER#
Untuk pengunjung smadaver mungkin akhir2 ini (perkiraan virus ini baru luncur, karna pas jam 6 di terima & browsing ternyata baru ada 1 org yg nge-post, itupun dgn jeda beberapa menit yg lalu)sering menerima link berupa ''foto http://wallerimages.com/images.php atau pun foto http://joblinz.co.nz/images.php
mungkin ada beberapa varian domain lainnya, jadi kesimpulan(menurut ajojing loh) klo virus ini menyebar dgn format ''foto http://namadomain/images.php [s]SPASI virus kirim ke 9090 [/s]
Kronologi korban : Enterwebsite->save file->Run->Terhubung dgn myspace->Attack GTalk & YM
Jadi smadaver di harapkan untuk tdk membuka link apapun dgn akhirannya /images.php
*klo mau buka jugak gpp asalkan gak mendownload apa2 hohoh tapi resiko di ambil sendiri >=)
Dan kemungkinan ini adalah virus yg baru di luncurkan bisa di lihat di website site advisor dari McAfee bahwa ada yg melaporkan site tsb klo uda bahaya, yg baru di tulis pd tgl 3 mei
#UPDATE#
- Code:
foto http://photo4urspace.com/image.php
foto http://lmagesspot.com/image.php
foto http://keralawebhosting.biz/image.php
foto http://mbi-photos.com/image.php
foto http://wallerimages.com/image.php
foto http://memorylmages.com/image.php
foto http://joblin.co.nz/image.php
foto http://foto-spaces.com/image.php
foto http://photos-fb.com/image.php
foto http://lmages-space.com/image.php
foto http://myspace-imb.biz/image.php
foto http://myspace-lmg.com/image.php
foto http://enfinito.net/image.php
foto http://margaretiamges.com/image.php
foto http://lmagesbucket.com/image.php
foto http://facebook-lmg.com/image.php
foto http://beautyphotoson.com/image.php
foto http://myspace-lmages.com/image.php
foto http://lmages.net/image.php
foto http://lmages-space.com/image.php
foto http://myspace-imb.biz/image.php
foto http://lmb-space.com/image.php
foto http://facebook-lmages.com/image.php
foto http://facebook-imb.com/image.php
foto http://yungimages.net/image.php
foto http://mimapic.com/image.php
foto http://post-photos.com/image.php
foto http://domimages.net/image.php
foto http://limpskr.com/image.php
foto http://kompnk.com/image.php
foto http://yunphotos.net/image.php
foto http://domeimg.com/image.php
foto http://vertiphotos.com/image.php
foto http://myphotoarchives.net/image.php
foto http://mycomimg.com/image.php
foto http://smallimg4u.com/image.php
foto http://miggiphotos.com/image.php
foto http://funwiththisguy.com/image.php
foto http://ariafotos.com/image.php
foto http://zhelefun.com/image.php
foto http://tviceimg.com/image.php
foto http://tusfbfotos.com/image.php
foto http://twittersphoto.com/image.php
foto http://tuesimages.com/image.php
foto http://red-myspace.com/image.php
foto http://tvicephotos.com/image.php
foto http://ceceliaimg.com/image.php
foto http://enfinito.net/image.php
membuat beberapa file
- Code:
C:\Windows\mds.sys
C:\Windows\mdt.sys
C:\Windows\winbrd.jpg
C:\Windows\infocard.exe
C:\Program Files\infocard.exe
C:\Program Files\mds.sys
C:\Program Files\mdt.sys
C:\Program Files\winbrd.jpg
C:\Users\Public\mds.sys
C:\Users\Public\ mdt.sys
C:\Users\Public\ infocard.exe
C:\Users\Public\ winbrd.jpg
C:\Documents and Settings\Administrator\ mds.sys
C:\Documents and Settings\Administrator\mdt.sys
C:\Documents and Settings\Administrator\infocard.exe
C:\Documents and Settings\Administrator\winbrd.jpg
C:\Documents and Settings\<USER>\ mds.sys
C:\Documents and Settings\<USER>\mdt.sys
C:\Documents and Settings\<USER>\infocard.exe
C:\Documents and Settings\<USER>\winbrd.jpg
menambah registry
- Code:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]“Firewall Administrating”=”C:\\WINDOWS\\infocard.exe”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]“Firewall Administrating”=”C:\\WINDOWS\\infocard.exe”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentV ersion\Run]“Firewall Administrating”=”C:\\WINDOWS\\infocard.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\S haredAccess\Parameters\FirewallPolicy\StandardProf ile\AuthorizedApplications\List]“C:\\Documents and Settings\\<USER>\\Desktop\\IM56245.JPG-www.myspace.com.exe”=”C:\\WINDOWS\\infocard.exe:*: Enabled:Firewall Administrating”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]“C:\\Documents and Settings\\<USER>\\Desktop\\IM56245.JPGwww.myspace. com.exe”=”C:\\WINDOWS\\infocard.exe:*:Enabled:Fire wall Administrating”
[HKEY_USERS\S-1-5-21-117609710-764733703-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Run]“Firewall Administrating”=”C:\\WINDOWS\\infocard.exe”
Untuk registry uda beberapa bisa Smadav tangani, tapi untuk penyembuhan lebih lanjut gunakan Malwarebytes
atau pun system restore
copas di sini
oia, username ajojing kira2 siapa? katanya anak duri
Terakhir diubah oleh Vakiu tanggal Wed May 05, 2010 1:31 pm, total 1 kali diubah
Re: #BAHAYA BARU PENGGUNA MESSENGER#
wow...
thanks buat infonya graaa...
thanks buat infonya graaa...
Hafana10- Anak SMA
- Posts : 115
Join date : 24.04.10
Age : 29
Location : Duri
Re: #BAHAYA BARU PENGGUNA MESSENGER#
mantiip cak inpoh nya
tp akhir2 nii jrng oL siih. . .
jd gak make tuuh messengger2 an. . .
tp akhir2 nii jrng oL siih. . .
jd gak make tuuh messengger2 an. . .
Similar topics
» Emoticons Baru
» Badge Baru. . .
» Member Baru
» Update Admin Baru -.-
» Seriuslah bikin sibol DRC baru....??!!!
» Badge Baru. . .
» Member Baru
» Update Admin Baru -.-
» Seriuslah bikin sibol DRC baru....??!!!
Forum Cendana :: General :: Dunia Kita
Halaman 1 dari 1
Permissions in this forum:
Anda tidak dapat menjawab topik