INF / Autorun, a computer virus is detected as the most attacking PC Computer in the world. Data provider of antivirus software Eset November 2010 showed most of the malware threat is still occupied by the threat-threat the previous month. While the new entrants in the top 10 Global Threat is JS/Exploit.CVE-2010-0806.A.
Following the order of top 10 Global Threat during November 2010, which quoted from the statement of Eset,
Following the order of top 10 Global Threat during November 2010, which quoted from the statement of Eset,
1. INF / Autorun
Percentage of Detection: 5.75%
The virus is used to manjabarkan all variations of malware using the file autorun.inf as a way to attack a PC. This file contains information about the programs that are intended to run automatically when (flash drives and the like) when a media moving in with a bum your Windows PC. ESET security software Advanced Heuristic capabilities are able to identify malware that enter or modify autorun.inf files as INF / Autorun, except if it has been identified as one of a certain malware family.
The default Autorun setting in Windows will automatically run the programs that are in the autorun.inf file when you access some of the media moves. There are many types of malware that can copy itself and into the mobile data storage device: even so, this way is not the only way the spread of the virus program. malware authors are always ready to add certain parts in addition to incorporate the techniques of additional infection.
2.Win32/Conficker
Percentage of Detection: 4.92%
Win32/Conficker is a network worm that usually spreads, taking advantage of the weakness of the Windows Operating System. The vulnerability in the RPC sub-system and can be used by attackers to remotely without requiring a valid user identity of the traffic system is the target computer. This worm can also spread through the folders and usb / flash disk, do the activation through the facilities of Autorun by default in Windows (though not windows 7).
It's also important to note that in order to prevent most of the risk of infection generic Conficker, by doing "safe hex": keep up-to-date with system patches, disable autorun, and does not enable shared folders that are not safe.
3. Win32/PSW.OnLineGames
Percentage of Detection: 2:54%
Still a family member Trojans are usually used for phishing attacks and is intended for gamers: Trojan of this type go with keylogging and (sometimes) rootkit capabilities to gather information related to online gaming and the credentials of the players.
Trojans are still very much of this type was found, and gamers need to be very vigilant because there are always people who are not happy, which will steal the data of other gamers. So it is important also for participants in MMORPGs (Massively Multi-player Online Role Playing Games) like Lineage and World of Warcraft, as well as "metaverses" like Second Life, stay alert.
4. Win32/Sality
Percentage of Detection: 2.10%
Sality is a kind of polymorphic file infector. This malware will attack after enabling us create / delete registry keys for enabling security in the system and eventually also precisely activate reboot process in their respective operating system.
Win32/Sality modify EXE and SCR files and terminate processes and services related to security solutions.
5.Win32/Tifaut.C
Percentage of Detection: 1.50%
Tifaut based malware Autoit scripting language. This malware spreads between computers by means reproduce yourself and go into storage devices (external hard disk or usb flash disk) with how you create Autorun.inf files remedy can be started automatically. Malware is designed to steal information from infected computers.
6. INF / Conficker
Percentage of Detection: 1:46%
INF / Conficker associated with the detection of INF / Autorun. Threat This is another version of the file autorun.inf which is used to spread the new variant of Conficker worms, malware is also capable of disabling Autorun
7. JS/Exploit.CVE-2010-0806.A
Percentage of Detection: 0.99%
JS/Exploit.CVE-2010-0806.A not a new malware, but from detection by ESET Threat Center, the malware has increased significantly so that occupies position 7 November 2010. This malware is actually developed using a JavaScript file, which utilizes kerentanaan CVE-2010-0806. Trojan is a variant that is usually part of other malware. By utilizing kerentanaan, an attacker could enable arbitrary code remotely on vulnerable systems.
8. Win32/Bflient.K
Percentage of Detection: 0.88%
Win32/Bflient.K is a kind of worm that spreads through the medium of movement and contain a backdoor. Can be controlled remotely and ensure that the media will be active when inserted into the infected computer.
9. Win32/Spy.Ursnif.A
Percentage of Detection: 0.81%
spyware programs that steal information from infected PCs and send it to another computer, is done by creating a new account that is hidden to open lines of communication to another desktop.
10. HTML / ScrInject.B
Percentage of Detection: 0.64%
It is a Generic detection of HTML web pages consisting of obfuscated script or iframe tags that automatically redirect to download malware. There are 2 main causes of viral infections such malware is malicious scripts and malicious iframes, and therefore the user should disable the script with mendefault if possible, not only in the browser application but also PDF. As well as open-source NoScript extension for Firefox which allows useful to determine the disabling / enabling of JavaScript and other potential vectors.
0 comments:
Post a Comment
please leave a comment