Tanda PC Terserang Malware dan Penangananya

Sebuah Virus computer berbagai macam jenis dan juga criteria,nampaknya selalu merepotkan .,virus dikatakan merepotkan karena cara kerjanya yang membuat kita kesal.

Humm merepotkan sekali apalagi buat kita orang awam,belum lagi jika kita menancapkan flasdisk dan flashdisk menancap ke computer laennya.,hum pasti pemilik computer akan berkata .,.,wah flashdiskmu AKEH VIRUSE YOWW itu dalam bahasa suroboyoan .,hehehe kurang lebih seperti itulah kata – kata yang muncul..

Nah disini Saya akan membahas salah satu varian virus yang bernama MALWARE ,

Malware adalah sebuah varian virus yang bekerja kurang lebih sebagai pengintai di computer kita ,bisa juga sebagai keylogger dan semacamnya .,soo jika anda pernah mendengar artis Hollywood yang foto-foto pribadi nya di computer dicuri oleh hacker.,,ya ini dia memakai sebuah malware untuk mencurinya.

Hemm jadi virus ini murni dari sebuah koneksi internet,dan semua computer yang terkonek internet pasti pernah mendapatinya ,entah itu sudah masuk ke siistem atau belum masuk karena di block oleh AV.

SO berikut dibawah ini EFEK DARI SERANGAN MALWARE  :

• Komputer akan jadi lambat karena malware akan menggunakan beberapa aplikasi tersembunyi yang dapat memberatkan kinerja anda (tidak hanya malware semua virus pasti akan memberatkan pc anda
• Adanya program yang akan dideteksi sebagai pencuri identitas seperti keylogger dan semaacamnya.
• Kerusakan system MICROSOF VISUAL C++ dan sringnya terjadi crash pada web browser anda.
• Proses start up dan Shut down yang lama
• Terdapat toolbar dan search engine aneh (tidak terkenal ) pada saat kita buka web browser ,bisa jadi ini adalah letak promosi si pembuat malware.
• Munculnya iklan yang berlebihan pada saat anda membuka web browser ,padahal sebelumnya tidak.

Oke kesimpulan diatas adalh bahwasanya MALWARE selalu ingin menuntun anda pada suatu jalan dimana jika anda memasukinya anda akan semakin terjerumus ,dalam artiannya  pemuat malware akan semakin mengetahui semua isi computer anda ,dan contoh lain sebuah iklan yang menjerumuskan dan tidak berguna .

Untuk menghilangkan malware lakukan scan dengan AV terpercaya .,beberapa AV yang sudah terbukti pernah saya ulas,dari yang gratis hingga berbayar .Baca artikelnya klik disini

DAN selalu matikan system restore dan Koneksi internet anda pada saat scan

Atau anda bisa membersihkan virus dengan cara tepat yaitu dengan menggunakan Rescue disk apa itu baca disini .,Dan Kali ini anda akan mendapatkan sebuah Rescue Disk gratis setiap pembelian Item PC rakitan dari web ini.

Terimakasih ,salam sejahtera dan damai selalu

Originally Posted : Erfiz Fahrizal

INFORMASI VARIAN VIRUS Agustus 2011

Agustus 2011 telah berlalu dan sepertinya masih ada tanda2 varian virus terbaru di bulan september ini yang dibuat di bulan agustus.,
Virus tetep tipe lama dan saya yakin antivirus anda juga pasti mendetect asal diupdate,Informasi Virus terbaru dibulan agustus ini sejenis trojan dan worm.
So jika anda mendapati virus ini segera lapor kepada pihak yang berwajib.,lho kog pihak berwajib sori .,yaa lapor bisa kepada si antivirus.
Ok well guys.,langsung saja Virus di akhir agustus 2011 ini adalah:

Win32/Rimecud.CZQ:yang didetect oleh av lain sebagai virus dengan nama sbb:
Win32.HLLW.Lime.4 (Dr.Web), WORM_PALEVO.AZ (Trend Micro), Trojan.Win32.Buzus.anxh (Kaspersky), Worm:Win32/Rimecud.B (Microsoft), Trojan.Win32.Buzus.anxh (VirusBlokAda), W32/Autorun.worm.gen (McAfee), Worm.Generic.45916 (BitDefender), Worm/Agent.W.45 (Avira)


So here we go.,virus WIN 32 /rinecud ini sejenis trojan dan juga worm.
yang dimana TROJAN dan worm memiliki bebrapa karakteristik yang berbeda diantarnya :


TROJAN : adalah sebuah virus yang menyerang komputer melalui internet,software gratisan ,email dan juga flasdisk.
Trojan ini bekerja sebagai media hacker untuk mengutak atik d/mengambil alih pc anda ke tangan hacker .,banyak sekali yang mereka cari mulai data pribadi anda.,dan nformasi2 lain serta parah nya lagi penghapusan data .


WORM :adalah sebuah virus yang cepat sekali menyebarnya terutama melalui koneksi jaringan bisa lan maupun bluetooth..
Worm ini bersifat pengintai dan pencuri.,diam tapi mematikan .,


Kesimpulan yang diambil adalah bahwa kategori virus diatas masih berada pada level rendah.,Win32/Rimecud.CZQ dibuat pada 31agustus 2011 dan bisa dibasmi dengan antivirus luar .,bisa saja pakai lokal tapi ya kurang afdol lah.,pakai av luar yang terupdate tentunya yaa.


Sekian dan Terimakasih

Types Of Virus

To further refine our knowledge about the virus, I'll try
provide an explanation of the types of viruses that often roam
in the cyber world.

1.Virus Macro
This type of virus must have been very often we are Listen.Virus 
with the programming language of an application rather than by language
programming of an Operating System. This virus can walk if
constituent applications can run well, that if the
mac computer can run the application of this word then the virus works on
 computer. with Mac OS system. 
virus samples:

W97M-variant, for example W97M.Panther
1234 bytes long,
  Will Infect Normal.dot and infect the document when opened. 
-WM.Twno.A; TW
41,984 bytes long,
Ms.Word document will infect that use macro languages, usually
  DOT and Have extension *. DOC *. 
-etc

2.Virus Boot Sector
Boot sector virus is very common in doubles SPread.Virus 
he will move or replace the original boot sector with the program
boot virus. So when there is booting the virus will be loaded to memory 
and then the virus will have the ability to control the standard hardware
(ex:: monitor, printer, etc.) and from this memory is also the virus will spread
to all existing drives and connected to computer (ex: floppy, drives 
other than drive c).
virus samples:

-wyx virus variants
ex: wyx.C (B) to infect the boot record and floppy;
length: 520 bytes;
characteristics: memory resident and encrypted)
-variant V-sign:
infect: Master boot record;
520 bytes long;
characteristics: living in the memory (memory resident), encrypted, and polymorphic)
-Stoned.june 4th / bloody!:
infect: Master boot record and floppy;
520 bytes long;
characteristics: living in the memory (memory resident), encrypted and display
message "Bloody! june 4th 1989" after booting the computer as much as 128 times

3.Stealth Virus
This virus will dominate the table with DOS interrupt table that often we know
with "Interrupt interceptor". These viruses capable of controlling
DOS level instruction instructions and they are usually hidden as its name
either in full or in size.
virus samples:
-Yankee.XPEH.4928,
infect files *. COM and *. EXE;
4298 bytes long;
  characteristics: settled in memory, SIze is hidden, has a trigger 
-WXYC (which includes any category because the boot record into stealth category 
  also included here), to infect the floppy motherboad record; 
520 bytes long;
settled in memory; size and hidden viruses.
-Vmem (s):
infects files *. EXE, *. SYS and *. COM;
fie 3275 bytes long;
characteristics: living in memory, the size of the hidden, in the encryption.
-etc

4.Polymorphic Virus
The virus is designed for misleading antivirus program, meaning the virus is always
trying to avoid being recognized by the anti-virus is always changing by the fox
structure after each infects files / other programs.

virus samples:

-Necropolis A / B,
infect files *. EXE and *. COM;
file 1963 bytes long;
  characteristics: settled in memory, the size and viruses is hidden, encrypted and 
can be changed to change the structure
-Nightfall,
infect files *. EXE;
file 4554 bytes long;
  characteristics: living in memory, the size and viruses is hidden, has a trigger, 
  with encript can change the structure 
-etc


5.Virus File / Program
This virus infects files that can be executed directly from the operating system,
good application file (*. EXE), or *. com infections usually also result
of this virus can be identified by changing the file size is attacked.


Partition 6.Multi Virus
This virus is a combination  from Virus and boot sector viruses File: means 
the work performed resulted in two, that he can infect a file -
*. EXE file and also infect the Boot Sector.
Read also other article about computer virus:
The origin Virus  
Definition of Virus  
Character and Criteria   
Virus life Cycle 

VIRUS LIFE CYCLE

Viral life cycle in general, through 4 stages:

o dormant phase (Phase Rest / Sleep)
In this phase the virus is not active. The virus will be activated by a condition
specific, such as: the date set, the presence of other programs / execution
other programs, etc.. Not all virus through this phase

o Propagation phase (Phase Distribution)
In this phase the virus will mengkopikan itself to a program or
to a place of storage media (both hard drive, ram etc). Every
an infected program will be the outcome "klonning" virus
(depending on how the virus menginfeksinya)

o Trigerring phase (Phase Active)
In this phase the virus will be active and this is also the trigger by a few
conditions as in the dormant phase

o Execution phase (Execution Phase)
In this phase of active virus has been going to function.
Such as deleting files, display messages, etc.

search

Characteristics and Criteria Virus

C. CRITERIA FOR VIRUS

A program called the new virus can be said is really true
If the virus will have at least 5 criteria:

1. The ability of a virus to get information
2. Ability to check a program
3. Ability to multiply and transmit
4. His ability to manipulate the
5. Ability to hide themselves.

Now will try to explain briefly what is meant by each
Each capability is and why it is needed.

1.Ability to obtain information

In general, a virus requires a list of file names contained in
a directory, for what? so that he can identify what programs
Just what will he infect, such as macro viruses that will infect all
extension *. doc files after a virus is found, this is the ability
gather information necessary for the virus that can make a list /
all data files, continue to sort them by looking for files that can be
to infect.Usually created when a program infected / infected
or even a virus program is executed. The virus will soon make
data collection and put it in RAM (usually: P), so that if
computer is turned off all the data lost but will be created each program
virus and usually runs as a hidden file created by the virus.

Suat 2.Ability to check program

A virus must also be can to examine a program that will
infected, for example, he served infect program with extension*. doc, he
must check whether the document files have been infected or not,
because if it is then he will be useless infect 2 times. This is
useful to improve the ability of a virus in terms of speed
infects a file / general program.the generally virus is
have / give a sign to the files / programs that have been infected
so it is easy to recognize by the virus. Sample labeling
is such as to give a unique byte in every file
infected.

3.Ability to multiply
, meaning without this is not a virus.
The core of the virus is the ability multiply itself by infecting
other programs. A virus has been discovered when the victim
(either a file or program) then he will recognize it by check,
if not infected then the virus will start actions to infect
byte by writing the identifier of the program / file, and
so copied / write virus code above object files / programs
infected. Some common ways for viruses to do
infect / reproduce itself are:

a.File / infected program will be deleted or renamed. then
created a file using the name by using the virus
it (meaning the virus had changed his name to the name of the deleted file)
b.Program virus already in the execution / memory load to be directly
infect other files in a way include all files / programs
available.

4.Ability a manipulation

Routine (routine) owned by a virus will be executed after the virus
infect a file / program. the contents of this routine can be varied
starting from the lightest to the destruction. This routine is generally used
to manipulate the program or popularizing the creators! This routine
take advantage of the ability of an operating system (Operating System),
so have the same ability to those of system
operation. example:

a.Make images or messages on the monitor
b. change the label change of each file, directory, or the label of
drive in the pc
c.Manipulation programs / files are infected
d.Destruction programs / files
e.Destruction printer work, etc.

5. Ability to Hiding self

This ability to hide himself possessed by a virus so that all
good job from the beginning to the success of transmission can be accomplished.
the usual steps taken is:

-Original program / virus is stored in the form of machine code and combined with
Other programs that are considered useful by the user.
-Virus program is placed on the Boot Record or rare tracks
considered by the computer itself
-Virus program is made as short as possible, and the results are not infected file
changing size
-The virus does not change the description of time a file
-etc
So now you Know how virus can infected and destruction our computer /program,if you want to know the origin of virus see and read this article

DEFINITION OF VIRUSES

"A program that can infect other programs by modifying them to include
a slighty altered copy of itself.A virus can spread throughout a computer
system or network using the authorization of every user using it to
infect their programs. Every programs that gets infected can also act as
a viral infection that grows "
(Fred Cohen)

The first time the term "virus" is used by Fred Cohen in 1984 in
United States. A computer virus called "virus" because it has several
fundamental equation with the virus in medical terms (biological viruses).

Computer viruses can be interpreted as a computer normal program .But
have fundamental differences with other programs, namely
virus designed to infect other programs, change,
manipulate even destructive. There is to be noted here,
the virus will infect only if the trigger program or programs that have been
infected was executed, this is where the difference with the "worm". Posts
This worm will not be discussed because the later will divert us from
discussion of this virus.read also about virus history

The Origin Virus

While this, surely we all as consumers / users and computer services
network (Internet) is very often heard the term 'virus' which
sometimes troubling us. This paper will explore more about
virus, which is then expected to make us all understand and
understand about the virus.

A. The Origin VIRUS

1949, John Von Neuman, mention "altering self automata theory"
which is the result of research mathematicians.

1960, Bell labs (AT & T), the experts in the lab BELL (AT & T) trial and error theory
expressed by John V Neuman, they played with the theory
for a type of game / game. The researchers made
program that can reproduce itself and can destroy the enemy program
.Program made that survived and destroy all programs
others, it will be considered a winner. This game finally
be every favorite game each time they computer.Most lab
realized and began to be aware of this game because the program
created more and more dangerous, so they do
supervision and strict security.

1980, the program that became known as the "virus" is
managed to spread beyond the laboratory environment, and began to circulate in
cyberspace.

1980, began to familiar viruses that spread in the cyber world.