The spread of the virus is done through the script. The script copies the files into the berekstensi. Htm,. Html,. Vbs,. Asp,. Htt,. Jsp on the hard drive. When someone execution of the file, the script will automatically copy the script into a file that is other. And so on. This process will continue to take place if the files over executed.
Vbs / Redlof.A @ m run through the messages that have been affected by this virus, through vulnerbility security on the Internet Exlorer regular known as Microsoft VM ActiveX Control Vulnerability. More information about this case please open Microsoft site: http://www.microsoft.com/technet/security/bulletin/ms00-075.asp
Menginfeksi this virus can file a berextensi as "htm", "html", "asp", "php", "jsp", "htt" or "vbs".
Redlof also drops several files menginfeksi such as:
\ Program Files \ Common Files \ Microsoft Shared \ Stationery \ blank.html
\ Windows \ System \ Kernel32.dll
\ Windows \ web \ kjwall.gif
\ Windows \ system32 \ desktop.ini
"blank.html" is used to replace the default stationari in Outlook and Outlook Express through the system registry, which cause each message sent by this computer will contain the virus load.
"Kernel32.dll" is used to make the system registry to save the virus to run the operating system to restart:
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ Kernel32
So if the above have been infected file2, automatically and quickly the virus spread and menginfeksi on the computer and other computers.
Download Removel tool
http://www.gdata.pl/kmdownload/download.php?op=getit&id=61
http://www.softpedia.com/get/Antivirus/Redlof-Remover.shtml
Other related articles :
- Prevent the virus from active autorun.inf with USB Firewall
- Beware, virus attacks' Hopeless' in First Year
- 10 Tips for Securing Computer When Vacation
- Tips for Reducing Risks are Computer Virus
- 7 Step to eradicate virus' K0pL4xZ '
- 4 Step Virus Prevention Conficker
source : pcguru.okihelfiska.ne
Translate by : Me
0 comments:
Post a Comment