Watch Out For the Gumblar

June 4, 2009 – There is a new virus in town and its name is the Gumblar. This virus’ first attack is as an infectious code that was planted in Web sites and then downloaded as malware, malicious software intended to damage or disable computer systems, from the gumblar.cn domain on to unsuspecting computer users. Then when the Web site tries to clear the problem from their pages, the Gumblar replaced the original material with a Web site code that was created on the spot instead of a pre-determined code which is extremely for security software to detect and remove.

How many sites has Gumblar infected? Of recent, security firms have agreed that Gumblar accounts for 40 percent of all new malware infections. With virus infections becoming more affluent everyday how sure are you that your computer is safe?
Detecting an infection can be very complex, but ScanSafe, a managed Web security firm, has given some steps to finding out if your PC has been taken over:
1) Locate the file sqlsodbc.chm in the Windows system folder (in Windows XP open My Computer then go to Local Disk (C :) à Windows àSystem32)
2) Obtain the Sha1 of the installed sqlsodbc.chm using FileAlyzer
3) Compare the obtained Sha1 code and the file’s size to the list located on the ScanSafe STAT Blog
4) If the Sha1 and corresponding file size do not match with a pair on the reference list, it’s a potential sign of a Gumblar infection
If you are still having trouble or are looking at these steps in complete bewilderment, then call Dolomite Technology today. We have multiple technicians who can help you or your company become more efficient. We have the skills to plan, design, implement, monitor, manage and support your information technology solutions. For more information see our website at http://www.dolomitelv.comor call our office at 1-866-575-3690.

Materials for this article were sourced from "Thought the Conflicker Virus Was Bad? Gumblar Is Even Worse." by Terrence O’Brien