Redirect viruses are not only annoying, but they can also be dangerous to your bank account.
This virus is in fact twofold; it is a Rootkit and Trojan. The rootkit was originally a legitimate program which started out on Linux systems. The program, which ran with administrative privileges, was used to remotely fix issues on Linux systems.
That soon became a main tool for hackers, who used this technology, not for repairing issues on remote systems, but instead, causing issues on remote systems.
The rootkit, apart from hiding the Trojan activity, also allows the attacker to come back into your system whenever they want.
The Trojan is part of a family of Trojans known as Backdoor.Tidserv; this includes the TDSS Trojan, Alureon, TDL3 and the TDL4.
Dangers that can come from these Trojans include keyloggers, which record all keystroke activity on your PC, then send that information to the attacker. This could be passwords or documents that could then be subsequently altered by the hacker.
This virus is spread normally from downloading software from pirate sites; it can come from music files, video, even screensavers. So the advice is, do not download from pirate sites. It may well be free and relatively easy to do, but apart from the legalities of pirate sites, it can also lead to these types of virus.
The problem with explaining exactly what a Trojan can do is difficult, as it can do so much. It depends on what it has been programmed to do.
Redirection is one of the first things that users notice; being sent to fake or random sites adding malware, to an already vulnerable system.
Within the configuration of the virus is a setting which is known as disallowed; this can stop any program such as anti-virus, from starting. With no error messages displayed, it can become extremely frustrating, for the unfortunate user.
The removal of this virus can be tricky; there are various checks that can be done such as Local area network settings (LAN) Domain Named Server (DNS) settings and host files. It can show up in device manager under hidden devices.
There are set procedures that can help in all of the above checks; if luck is on your side you will get rid of the virus, but in some circumstances a complete reinstallation of system may be required.
To avoid this virus here are three precautions that you can take:-
1: User Accounts.
We all know and understand the importance of antivirus software, but tend to overlook the importance of windows user accounts.
User Account Control (UAC) is used to help stop any unauthorized changes to your system. This works by asking the user for permission or password when carrying out any action that could affect PC operation; such as setting changes.
2: Be wary of pirate sites.
3: Anti-virus.
Use a good anti-virus and keep it updated. If you have the CD that came with it, then occasionally run it to make sure that the version on your system has not become corrupted.
Hopefully you will never come across this virus, but with more business being done online, it has become more prevalent. Data theft is on the increase. Don't become a victim.
Luke Clayhill is a writer who specializes in redirect viruses. You can check out his latest website at googleredirectvirus where he provides information on rootkit viruses including the history and also how to remove a redirect virus.
Posts
0 comments:
Post a Comment