Deadly virus in YM Computers Can Plow

Instant messaging applications like
Yahoo Messenger, MSN Messenger and Skype can now be said to be one's favorite application makers virus to spread malicious programs to users.
One reason, because the spread of the virus file through messenger relatively less attention by
antivirus vendors. In contrast to the mail server that his anti virus bak into the liability for
administrators.

In the last one week only, get a wave of reports of attacks Vaksincom viruses that spread
themselves using messenger such as Skype and Yahoo Messenger. The first virus to be discussed
in this article is the Worm: W32/Palevo.BQZ that exploits MySpace.
As for Facebook, Twitter and Myspace has its own fascination and slit to be used by viruses to
spread themselves. One way that is used is to send a link or file that has a relationship with these
social networking sites that attract users to run the file.
This is already evidenced by Bredolab viruses (viruses Facebook) that will send a link to
download the files as if sent by the administrator of a facebook site administrators, the spread was
more successful by utilizing media applications chat (YM) to send itself to all addresses ID contained in the application of YM in the infected
computers.
Once Facebook users who became victims of the virus bredolab, now gililran Myspace users who will be the target of virus attacks. Although not as many MySpace users Facebook users but this will
still be exploited by viruses to solicit the victim.
Just as happened in the case Bredolab virus, this virus will also use YM to spread the application
itself to every address ID in the form of a link to download a file that has been determined.
At W32/Palevo.BQZ infected files that have been executed, he will run the command 'explorer.exe
http / / browseusers.myspace.com / Browse / Browse.aspx' to display a web page myspace.
This is done as an effort to make its action was not suspected by the user, so that the virus activity was not blocked by Windows Firewall it
will register itself by creating firewall rules by running the command netsh firewall add
allowedprogram 1.exe 1 Enable.
W32/Palevo.BQZ will try to connect to multiple server IP addresses that have been determined using the port in 2345 with the purpose of
downloading files that have been determined.

Spread

Currently the media in particular chating YM had to be excellent for the virus to spread itself this is
done to speed up the process of its spread, because now almost all computer users use the address of YM.
To propagate itself, W32/Palevo.BQZ will also be using media such as YM chanting by sending a file that is infected with a virus to all the ID address contained in the application of YM in the victim's computer a link to download the file viruses have been determined. For example: filename www.myspace.com.exe IM87654.JPG-
or-www.myspace.com IM25394.JPG size around 102 KB or 109 KB.
So for users who get a message like the one above YM, beware. Because it could be a teaser of
this virus to spread his seed.

Category: General news, Tips and tricks