As told by analysts from Vaksincom antivirus, Adi Saputra, in his statement on Friday (30/07/2010), also known as Winsta Stuxnet. In addition to a full hard drive, files Winsta also hide a legitimate DLL file from Realtek, so a bit difficult to detect.
Initial spread of this virus, according to Adi, is through malicious websites. These include sites with pornographic content, illegal software and sites 'gray' other.
According to analysts Vaksincom Alfons Tanujaya, to ITGazine, Friday (7/30/2010), the spread Winsta in Indonesia is quite large. Even Indonesia ranked second this Stuxnet alias Winsta infection after Iran.
Virus Files
Furthermore, Adi said, if the script Trojan Stuxnet from dangerous sites were already running, it will appear three files on the victim's computer. All three are Winsta.exe, mrxcls.sys and mrxnet.sys.
Files named Winsta that will swell in size as the existing hard disk space. Usually the victim partition is the partition where the Windows operating system are located.
The name of the file, Winsta, dicatut of native Windows file name for the program called WinStation Monitor. This application is a tool that is used on Windows 2000 and is located in C: \ Program Files \ Resources \ Winsta.exe.
Virus Symptoms & Effects
The most visible effect of this virus is of course the hard drive is suddenly full. As a result of the hard drive is full, some programs may not run properly.
In addition, Stuxnet infections also occur in the following system files:
* Scvhost, so the computer is difficult to connect to the network.
* LSASS, the computer can be slow, hang or restart by itself.
* Spoolsv, the computer can not print a document / image through the printer. Source: Detikinet
Tidak ada komentar:
Posting Komentar