Ukuqonda i-Sality Virus kunye nendlela yokuCima
Sality yintsapho ye- software echaphazela iifayile ezichaphazela iifayile ezichaphazela iikhomputha zeWindows ngokusasaza izifo ngokusebenzisa iifayile ze- EXE ne-SCR.
Ukuziphatha, okungenzeka ukuqala eRussia ekuqaleni, kuye kwavela ezininzi kwiminyaka, ukuhlukahluka kwe-malware kubonisa iimpawu ezahlukileyo. Nangona kunjalo, iinguqu ezininzi zeSality ziyimpompo kuba zisebenzisa enye indlela yokusebenza kwe-autorun ukusulela iifayile eziphathekayo ngeendlela ezikhutshwayo okanye ezifunyanwayo.
Ezinye zidibanisi ze-Sality zidibanisa iikhompyutheni ezinegciwane kwi-network ye-P2P ukuze iikhompyutha zizonke zibancedise ukucwangcisa izinto ezifana nokweba idatha yangasese, ukupasa amaphasiwedi, ukuthumela ugaxekile kunye nokunye.
I-virus ye-Sality inokuquka kwakhona i-Trojan downloader eyenza i-malware eyongezelelweyo nge-intanethi, kunye ne-keylogger ejongayo kwaye ibhale ii-keystrokes.
Qaphela: Ezinye iinkqubo ze-antivirus zibhekisela kwii-virus ze-Sality ngamanye amagama afana neSaiload, iSaliCode, Kookoo, ne-Kukacka.
Ingaba isebenza kanjani
Njengoko kuchaziwe ngasentla, i-Sality malware ichaphazela iifayile ezifezekileyo kwiikhomputha.
Iinguqulelo ezininzi ze-malware zifaka ifayile ekhethekileyo yeDLL kwikhompyutyana ngaphakathi kwi- % SYSTEM% ifolda kwaye ingayibiza ngokuthi "wmdrtc32.dll" okanye, ngenxa yenguqulo ecacisiweyo, "wmdrtc32.dl_."
Nangona kunjalo, akuzona zonke iindidi ze-Sality virus eza kusebenzisa ifayile yeDLL ngale ndlela. Abanye balayishe ikhowudi ngqo kwimemori, kwaye ifayile yeDLL ayiyi kufumaneka naphi na kwiifayile zangokwezidiski zangempela.
Abanye banokuze bagcine umqhubi wecandelo kwi- % SYSTEM% \ ifolda ifolda. Yintoni eyenza le nto ikhohlisayo kukuba ingagcinwa ngegama lefayile ehleliweyo, ngoko ukuba isofthiwe yakho ye-antivirus ifundela kuphela amagama eefayile ukujonga ii-virus, kwaye ingenayo ifayile yezinto ezikhoyo, kukho ithuba lokuba ayiyi kubamba i-Sality virus .
Ukuhlaziya kwi-Sality malware kwondliwa nge-HTTP ngokusebenzisa uluhlu olumiselweyo lwe- URL . Xa sele unesifo, i-malware ifuna kuphela ukuhlaziywa emva kweemifanekiso ukuguqula nokukhula ngokwakho, ukukhuphela iifayile ezintsha ukuthelela ezinye iikhomputha.
Izimpawu zoGawulayo
Kubalulekile ukuba uqaphele iimpawu zentsholongwane ye-Sality virus-into eyenziwa yikhompyuter yakho okanye ingazenza njani xa igciwane lesandulela ngculaza likhoyo.
Njengokuba kukho enye i-malware, iSality inokuyenza nayiphi na elandelayo:
- Khubaza isofthiwe ye-untivirus kwaye ukhusele ukufikelela kwiziko le-antivirus kunye nezokhuseleko.
- Ukuthintela ukukhutshwa kwindlela yoKhuseleko .
- Susa ifayile, iinkqubo kunye neenkonzo .
- Gcina i-CMD, i-PIF, kunye / okanye ifayile ye-EXE kwingcambu ye-drives etholakalayo, kunye nefayile ye-autorun.inf equlethe imiyalelo yokulayisha iifayile eziphosiweyo xa i-drive ifikeleleke.
- Thumela ugaxekile kwi-imeyile yoonxibelelwano ngokufumana idilesi yedilesi yomthengi we-imeyile.
- Cima iifayile eziqulethe ukongezwa kwefayili ethile.
Indlela yokuCima
Indlela efanelekileyo yokukhusela intsholongwane ye-Sality intsholongwane kukugcina ikhomputha yakho isesikhathini kunye neenkcazo zangoku kunye neenkcazelo zokhuseleko. Sebenzisa i- Windows Update kwaye gcina isofthiwe yakho ye-antivirus ihlaziywe ukukunceda ukukhusela lo hlaselo.
Ukuba usuyazi ukuba unayo igciwane lesandulela ngculaza, ungayilahla ngendlela efanayo. Skena ikhompyutha yakho ye-malware ngeprogram yesilungisi esilungisiweyo kunye nekhono . Unokuba nenhlanhla usebenzisa i- spyware remover ukuze ubambe intsholongwane ye-Sality kuba isebenza njenge-spyware, nayo. Ukuba ezo zingasebenzi okanye awukwazi ukufikelela rhoqo kwiWindows, sebenzisa inkqubo yokukhusela i-antivirus kunoko.
Abanye abathengisi be-antivirus baquka isixhobo esikhethekileyo esithetha ngokukodwa ukujongana ne-Sality virus. Ngokomzekelo, i-AVG inikeza inkqubo ekhuselweyo yokukhusela i-antivirus kodwa iquka iSality Fix ukuba unokuyikhuphela ikhululekile ukususa igciwane leSality ngokuzenzekelayo. I-Kaspersky ikuvumela ukuba usebenzise ithuluzi le-SalityKiller yamahhala.
Ukuba ifayile ifumaneka ukuba ikhulelwe yiSality, vumela isofthiwe ukuba ihlambulule ifayile. Ukuba kukho enye i-malware ifumaneka, zama ukususa intsholongwane okanye ukuthatha isenzo esinconywayo ngu-scanner.
Ezinye iinkqubo ze-antivirus zingabonakali kwi-Sality virus. Ukuba uyakrokrela ukuba unayo intsholongwane kodwa isofthiwe yakho yokhuseleko ayifumananga, zama ukuyilayisha kwi-VirusTotal ukwenza i-intanethi ukukhangela ngeenjini ezahlukeneyo zokuskena.
Enye indlela yokwenza iifayile zentsholongwane ngokuzenzekelayo ngokucima ngekhompyutheni kunye nefayile yokukhangela ifayile efana nayo yonke into. Nangona kunjalo, kukho ithuba lokuba iifayile zivalelwe ekusebenziseni kwaye azikwazi ukususwa ngendlela eqhelekileyo. Iinkqubo ze-Antivirus ziyakuthi ziphephe oku ngokucwangcisa i-malware yokucima xa ikhompyutha ivalwe.
Oko Ukwenza Okulandelayo
Ukuba unesiqinisekiso sokuthi igciwane lesandulela ngculaza lisuswe, kufuneka ucinge ukukhubaza i-autorun ukukhusela ukusuleleka ngokutsha kwe- USB .
Kwakhona kubalulekile ukutshintsha amaphasiwedi kunoma iyiphi i-akhawunti e-intanethi oyisebenzisileyo ngexesha losulelo. Ukuba igciwane lesandulela ngculaza lalifake izicwangciso zakho zokukhangela, ke kukho ithuba elihle lokuba libhale ulwazi lwakho lwebhanki, iinkcukacha zentlalo yoluntu, iphasiwedi ye-imeyile, njl. Ukuguqula loo maphasiwedi ( emva kokusulela usulelekile ) kwaye ukujonga i-akhawunti yakho yokweba ibalulekileyo .
Faka inkqubo yokukhusela i-antivirus rhoqo, ngokuqhubekayo-yokusebenzisa, kulula ukuba kungenakwenzeka ukuba oku kuza kwenzeka kwakhona. Qinisekisa ukuba iyakwazi ukujonga ii-malware ezikhutshwayo kunye nokuseta izicwangciso ezicwangcisiweyo ukwenzela ukuba zihlolisise ngezikhathi zonke i-malware yazo zonke iintlobo, kungekhona nje kwi-Sality virus.