Wednesday, August 31, 2011

Malware Win32/Delf.QCZ




The spread of malware using social networking is growing. One of the malware that interest is Win32/Delf.QCZ. ESET Antivirus detects this malware as a Trojan capable of downloading other malware from the internet.

However, this Trojan is also known to be able to intervene in several security applications to disable security applications such detection. Win32/Delf.WCZ deployment mode is using the old application "fake codec / media player" and links to malware-laden sites that spread via Facebook chat. Sophisticated, the malware authors now also been upgraded to more personal attacks against users who are targeted.

In its distribution, but appears as though the spam messages sent from our Facebook friends or sending messages on a Facebook wall post general, this malware is also capable of falsifying our conversation before sending malicious URL.

Links that appear to the webs are very similar to the look on YouTube. Typically, this malware usually will require the user to upgrade the Adobe Flash Player in advance to be able to watch a video that was sent. One trick is used so that prospective victims are interested in is to ask the user running the malware sent. While the name of the user who submit false because it is certainly derived from Facebook. The title video shown on YouTube was used to suggest additional titles sensational.

Computer Virus Via Email




Virus mostly spreads through email attachments and instant messaging, and very commonly used by bad guys. By submitting a virus via email, the attacker has a better chance of the recipient opening an email attachment if it is addressed to them. Viruses can be hidden in attachments such as audio and video files, images, document files, greeting cards, and more. Email is a necessity for more effective communication between friends, coworkers, or customers to a business relationship. People email their friends whether they live next door or across the world. Co-workers have to use email as a relay mechanism / response to get the job done on the job. Business Consumer email for information about products and services, business customers using email to send newsletters, coupons, and other advertising, etc. 

Another reason why the virus comes in the mail now more than a few years ago is the advancement of computer knowledge for malicious users. Hacker, enemy, evil people have access to IT classes and the same material as everyone else. Technology has advanced rapidly over the years and there are many valuable online resources that can teach people how to make a virus. Then you have those same evil that has been enhanced coding, networking, and other IT the way that they can now use against unethical users. 

There are ways to protect yourself from most viruses and limit the chance you are infected by it. First, get a good antivirus that blocks viruses, scans emails for viruses, and scan the system for a virus to quarantine and deletion. There are some good antivirus tools are available for free and purchase. One of the best tools available for free antivirus AVG and Windows Security Essentials that you can download from their site. Panda is another good antivirus available for purchase. Spam blockers, spyware blockers, anti-phishing tools and other services to consider when protecting computer networks from viruses and worms, phishing emails, and Trojans. Always remember to keep the antivirus updated, complete virus scan on a regular basis, and very careful about opening certain emails.

Tuesday, August 30, 2011

Beware Android.Dogowar




Security vendor Symantec reported the existence of hacktivism, which paved the activity (hacking) in the mobile world. These activities allegedly occurred in March when the lovers of the digital world was heavily utilize Android.Walkinwat gadgets to send their messages about the use of pirated software.

an indication of a growing trend, individuals who protested controversial application "Dog Wars" for Android now also protested digital seccara by creating versions of an application containing a Trojan and spread it across multiple sites third-party downloads.

Applications controversy "Dog Wars" which attacked the Android was bombarded with protests digitally by creating a version of the application containing a Trojan and spread it across multiple sites third-party downloads.

Applications Android.Dogowar by Symantec called this work using the software and services package called "Dogbite" and "Rabies". This application will initially send a text message that read: "I really like hurting small animals, I think you should know it", to every person in the contact list of infected devices.

To learn more about the Android threat can be found at: http://www.symantec.com/connect/blogs/animal-rights-protesters-use-mobile-means-their-message.

Morris Worm




The first malware to be spread widely through the Internet, or the Great Worm MorrisWorm attack about 6,000 of the 60,000 computers on the internet in 1988.

Robert Morris a student at Cornell University, stated that his worm was not malicious,but is designed to measure the size of the internet. Others take a different view,because the worm takes advantage of security loopholes in Batch Unix to launch an attack in secret.

It is certainly not desirable, because it is far more aggressive to make copies of itselfthan it should, often infecting the machine several times, making the target computer is a denial-of-service is strong. Morris became the first person convicted under a1986 U.S. Computer Fraud and Abuse Act (Act Computer abuse), and the incidentthat led to the establishment of Computer Emergency Response Team CoordinationCenter.

Monday, August 29, 2011

Antivirus PCMAV




PCMAV antivirus Advantages: 

1. Rapid scanning
2. PCMAV can remove the virus without damaging or removing the infected files
3. Automotive Update
4. easy to operate
5. PCMAV able to detect viruses "local" and "outside"

Disadvantages antivirus PCMAV :

1. PCMAV relativ initial loading time.
2. PCMAV require additional database (ClamAV)
3. make the computer slow at resident mode.
4. PCMAV is often considered a virus by any other antivirus.
5. Antivirus PCMAV susceptible to viruses.

So is some of the advantages and disadvantages of antivirus PCMAV.

Virus "STAR' Attack Iran

Officials in Iran say they have discovered a computer virus that has been designed to target sites of government agencies in the country. Malware - Dubbed the "Star" only cause minor damage. if reports are true, then it will be the second in a year cyberattacks against Iran. recently discovered Stuxnet virus, worm created to infiltrate theequipment used in Iran's nuclear program.

Gholam parings Jalali, the Iranian civil defense organizations say it takes time toknow the purpose of "star". virus has been investigated in the laboratory but it is stillunder investigation. This virus has disrupted several government sites, but have notknown the true intentions of this antivirus makers.

officials accuse Iran before his serikan America and Israel is behind the virus attack.although there is no strong evidence.


Sunday, August 28, 2011

Hybrid Viruses




A computer virus is a program that is unique and different from one another. A viruscan we know exist simply because the effects are easily known, but there are alsoviruses that effect is not seen directly but cause severe damage to data.

These viruses include computer viruses are difficult to treat because it has two abilities at once. Usually the virus will attack the boot sector and can also infect a fileon the computer.

Once we know the kinds of computer viruses and their characteristics, we can deal with viruses that infect our computers the way look at the process manager and delete the program file virus.

To prevent the spread of computer viruses, there are several steps that can be done.Among them is to turn off the Auto Play function of the flash disk. Auto play function is useful for automatically booting a storage medium connected to the computer. The trick is to type gpedit.msc in the run menu-> configuration-> administrativetemplates-> system-> Turn Off Auto Play.

In addition we can also disable the function of the registry by logging in using UserGuest. Do not forget to regularly update anti-virus anti-virus so that we can recognizenew viruses are circulating.

Saturday, August 27, 2011

Kaspersky Antivirus 2012 : SIMPLE, EASIER, FASTER




Indonesia is considered as a potential market by Kaspersky. On this basis, Indonesia to be honored as a place to launch Kaspersky 2012 in Southeast Asia.

"Based on some research, Kaspersky won more than 60% market share in Indonesia," said Jimmy Fong (Channel Sales Director for Kaspersky Lab, Southeast Asia) at Hotel Le Meridien.

Kaspersky 2012 series consists of Kaspersky Anti-Virus (KAV) and Kaspersky Internet Security 2012 (KIS) 2012. Keywords that are carried are: Simpler, Easier, Faster, to represent the four main features, namely:

1. Simple - elegant display and easy to use

2. Cloud Technology - The database is stored online and detect malware based on the recommendations of Kaspersky Security Network (the network users worldwide Kaspersky)

3. Safe Run - Run the desktop and web applications are secure thanks to the feature "Sandboxing"

4. Smart Update - Just download the updates for application modules are actively used by the duration of the updates in under 5 minutes

Some other features such as Kaspersky mainstay Reputation Engine Software (check the reputation of the online application), System Watcher (monitor and analyze application behavior behind the scenes), the URL Advisor, and Anti-Spam.

"Applications that have been exposed to the virus, after cleaning, can also be rollback to the initial conditions prior to infection,".

Signs your computer is exposed to the Virus STUXNET




Almost all the antivirus companies put Stuxnet as a future threat that could trigger war cyberspace. How not, the virus has the ability to infiltrate the industrial machinery and potentially disruptive essential facilities controlled by the maker of history away. The last case is Stuxnet attacks to Iran's nuclear facilities.

The attack causes the computer to not function normally and are definitely going to interfere with activities of its users. Not to mention, if malware (malicious software) or malicious software is to mess up the data or steal critical information from your computer.

Virus Symptoms & Effects

Some symptoms that occur if your computer is already infected Stuxnet namely:

1. Install new driver (replace the old driver) When Stuxnet worm has infected, the worm will attempt to remove the drive from Realtek or JMicron and replacing it with a new driver version Stuxnet worm. Stuxnet install the driver using two virus files are: MRXCLS.SYS and MRXNET.SYS.

2. Print Share Worm lethal activity inject spoolsv file, so that the activity of the print (print data) to a standstill. Computers that are infected will not be able to print. In place of the worm makes the print activity 2 files namely:

- C:-WINDOWS-system32-winsta.exe (Stuxnet worm main file) - C:-WINDOWS-system32-WBEM-mof-sysnullevnt.mof

3. Low Disk Space As a result of forced activity that continues to print, create a file Winsta will continue to swell, making your hard disk space becomes exhausted and will certainly get a Low Disk Space warning of a Windows system.

4. Can not store data or run certain programs. Because the files are getting bigger Winsta and make your disk space is reduced, causing you can not store the data. In addition the program / application was unworkable because it requires the cache (storage space) all of which are spent by the file Winsta swollen.

5. Make the computer hangs / slow and even the network connection becomes disconnected. Windows system files that will be targeted injection of worm Stuxnet namely:

- C:-WINDOWS-system32-svchost.exe (file system associated with a network connection, by injecting will make the network disconnected) - C:-WINDOWS-system32-lsass.exe (file system-related computer activity, by injecting will make the computer hangs / slow).

6. Creating a Scheduled Task files the same way done by Conficker, Stuxnet worm also makes files Scheduled task that can be active and infect a computer.

Friday, August 26, 2011

The More Fake Antivirus Encountered




Internet users commonly use the wifi service requested in order to be more careful.According anitivirus company Symantec warned of the risk of the virus in a public room.

"Public facilities such as wifi is in fact much more vulnerable to compromised byhackers, and insert a fake antivirus, to fool users," explained Symantec's senior NickJohnston. In fact, he claimed to find a terminal in the larger airports in the UK that its security systems were using fake antivirus aka "scareware".

According to him, using scareware, fake anti-virus malware will insert a duty todisable or remove the antivirus is legal. So they are free to install illegal software on the user's PC.

"Scareware is a type of malware or hackers can force computer users to use the full version infected with software that can eradicate the virus fictitious,". When the software is not forcibly installed by hackers, it will easily rip and stealpersonal information such as bank accounts, email accounts, social medianetworking, through personal accounts.

"Be careful to use wifi in public areas, a weapon that is safe to avoid the trap of cyber criminals,"

"ANDROID VIRUS" Can Manipulate SMS




A new malicious programs that target the virus re-found Android. This Trojan sabotage the SMS feature on the infected phone and the edges will make bags of the broken cell phone owner.

HippoSMS known, the virus infiltrated the Android device features a short message to then take over and sign up to the premium SMS service. Whose name is premium SMS, of course there are costs above the average that must be borne by the owner of the phone. Yet another evil, the action does not necessarily detrimental HippoSMS stop there.

followed by monitoring incoming SMS and delete messages that come from telecom operators. As is known, usually the user will receive notification if the message has to register a service, as well as the number of bills.
However, if the cell phone owner can not receive messages from the service blocked because of this virus, it is a matter of time until they find out that the bill has swelled due to premium services continue to be registered.

Researchers from North Carolina State University found HippoSMS on 10 July. It is estimated, the circulation of this program are in the Android market China. "Our investigations show that HippoSMS directly target the host application so that when the application is run it will soon turn on themselves to send SMS messages to premium numbers," said Xuxian Jiang, assistant professor of computer science department of North Carolina State University.

According to recent monitoring, HippoSMS activity was detected only in China. But that does not mean Android users of other countries, should continue to be vigilant

Thursday, August 25, 2011

Computer Viruses Indonesia "More Powerfull !!"




Virus made ​​in Indonesia is believed to be more dangerous than foreign production,because the virus is able to eliminate the local data files.

"Meanwhile, foreign virus does not delete important files to the user. Manufacturersvirus windows just want to point out weaknesses that exist today," says TechnicalSecurity Consultant, ESET Indonesia, a company in the field of digital security.

However, from a number of viruses that spread across computer networks in theworld, viruses from Indonesia accounted for only 0.1 percent.

"Despite fairly minimal international control, computer users need to realize the importance of antivirus to protect data,"

Until now, variations of the virus in the world is very diverse. However, who is now adangerous trend and 'configure' virus. The nature of this virus can copy itself, so nowits variants can reach a derivative of 30 ('configure' variant AQ).

"The majority, has been attacking the computer where the generic` configure `,`configure `variant A, and configure` variants `AA '. Local varieties of viruses that also harm the computer user data such as baboons, aksika, 'coolface coolface & MP3player', W32/Kill AV, 'empty' soldier, the court, 'blue fantassy', "Windx-Matrox".

Wednesday, August 24, 2011

Avira Antivirus




Avira antivirus advantages and disadvantages:

Avira antivirus advantages:

1. Avira antivirus scanning more quickly and thoroughly
2. Avira can detect viruses that are usually not detected by other antivirus
3. setting options on avira easier (its active and non active).
4. avira system does not burden the computer work
5. updates faster than other antivirus
6. avira have the option to search the virus name
7. All these features have schedule options
8. have avira anti spyware

Avira antivirus deficiencies:

1. such as avg, Avira sometimes often assume that air-file extention EXE as a virus, especially in the files crack and keygen.
2. file to update avira capacity large enough to be downloaded
3. when finding a virus is unbelievably annoying when working
so is some of the advantages and disadvantages of avira antivirus. 

Tuesday, August 23, 2011

Computer Virus Celebrates 40 Years of Existence

The first computer virus was recorded in the name of The Creeper worm. This is an experimental self replicating program that was written in 1971. The term 'computer virus' itself was first used in 1984 to describe a program that can infect other programs by modifying them to include a copy of which later evolved.

"Since then, other viruses continue to evolve, spread and mutate. And with the wide availability via internet, the virus has become scary because it could cause a global catastrophe," said Trend Micro

In addition, the pattern of virus attacks have changed over time. In the late 1990s, two well-known virus 'Melissa' and 'I Love You', spread rapidly on the internet and causing losses of millions of dollars in damage to computers around the world.

Now, many threats have become more subtle and dangerous. Instead of causing a global pandemic, cyber crimes choose to perform discrete, deliberate attacks on targets a specific organization, such as government agencies, private, and school, writing malware is unique for each target.

"Over the last several decades, we have witnessed a wave of technological advancement, while a computer virus attack that has evolved through innovation. From Michelangelo to the Creeper virus, a virus that struck hard drive users," he continued.

The Following is a brief recap of the five major causes :
  • 1986 : Brain is the first IBM compatible PC virus and who first attracted media attention. 
  • 1992 : Michelangelo was the first virus that targets the attack on the hard disk. 
  • 2000 : Social engineering is a set of tactics and tricks that use a web link to take advantage of the curiosity. It remains one of the most common threats.
  • 2001 : Code Red is the first virus to successfully penetrate the thousands of systems running microsoft windows. 
  • 2004 : Botnets ever has infected 15 million computers.

Monday, August 22, 2011

virus 'MINE MONEY'

Technology such as digital currency unit is reported to have used a number of hackers to gain money simply by spreading the virus.

Bitcoin, a unit of virtual currency that began widely used to transact online. In addition to this there are still other currencies such as e-Gold, Liberty, e-Bullion and Pecunix. In addition to functioning as a digital currency, BitCoin have one program called BitCoin Mining, which is one of the developers of bussiness solutions offered to all users BitCoin.

The program aims to make money by 'borrowing' a user's computer resources to encrypt a series of numbers needed in the transaction process BitCoin. The volunteers are rewarded in accordance with blocks BitCoin generated.

The system rewards those who tricked the cyber criminals to make money. They made a virus that will 'borrow' the victim's computer resources in order to produce block BitCoin for use on the perpetrator's Chain Block. Chain Block inself is a transaction database which is owned by all the node / points on the network BitCoin participating in transaction processing and verification of digital currency BitCoin.

In effect, the players get rewarded for the resources loaned resoruces when the computer was hijacked perpetrators of his victioms. Based on the catch antivirus Norman, since June 2011 this virus has begun to be detected as W32/BitCoinMiner.B. This malicious program is also quite difficult to eradicate.


Sunday, August 21, 2011

Remove "Recycler Virus"

Here Are Steps To Remove Viruses From Your Computer Recycler :

Make sure beforehand that your computer actually are infected by the virus, here are some checklists that you can use as a reference.

  • Usually the infected computer can not be used for browsing to the address http://www.microsoft.com, http://symantec.com, antivirus and other sites. If this happens you can run the command netstat-stop dnscache Command Prompt in Windows so that you can download the latest antivirus from the internet.
  • By opening the site http://www.talkbiz.com/confickertest/. Make sure the six picturesat the top of featured all use the refresh several times to get the results that actually match. If the picture does not look all it's likely your computer has been infected by the virus recycler.
Warning : If you find a recycler folder on your computer, it is not necessarily a virus recycler, do not panic because the virus recycler first to have a random file name with the extention. VMX.

Clean with conficker removal of norton antivirus, wait until the process is complete and then restart the computer.

Next do the windows updates that recycler is not coming back. make sure that windows is using a firewall when accessing the computer network.

Install the latest Anti-virus such as Free AVG and AVIRA 9, or antivirus microsoft antivirus because it is not able to detect the virus recycler.


Saturday, August 20, 2011

Virus "ALMAN"

Alman is a virus that has similarities with the "Mbah Surip", they both liked the full. If Mbah Surip like saying "I Love You Full", then Virus Alman like folder-sharing in full and inject .exe file. If previously we are preoccupied with the spread of the virus locally so carried away with foreign concoction, is now widely spread viruses that can inject all the files have the extention exe. This virus can spread rapidly through the network by utilizing the shared folder that has "Full" and use "Default Share" [C $ / D $ / ADMIN $].

In addition, the virus will also spread by exploiting the flash disk by injecting all the exe files that exist and create the file [boot.exe] and [autorun.inf] that serves to keep herself can be activated automatically every time the user accesses the flash disk. In order not known to the second user, this file will be hidden. This virus will disguise it self as a service that will infect a file library [.etc.] from file [explorer.exe] as well as monitoring the internet connection which will then download other malware from address that have been determined and will automatically run the file. The virus is made using a program language "Microsoft Visual C + + 6.0".


Friday, August 19, 2011

"CHINA VIRUS" Attack Android Smartphone

A type of virus that can invade a cell phone that uses the Android operating system made by Google have been reported in China. This weakness allows hackers to gain access to personal data of smart phone owners remotely.

Lookout Mobile Security declared a new type of Trojan virus that attacks the Android device has been dubbed "GEINIMI". Infection with this virus may collect personal data very much on the user's phone and sends it to the server where it automatically. The company is even called the virus as malware (malicious software) Android's most powerfull at this time.

"Immediately after the device is plugged into the phone malicious user, malware that has the ability to receive commads from a remote server that allows server owners to control the phone," said Lookout. Virus was working with techniques that are not easily detected.


Thursday, August 18, 2011

Advantages and Disadvantages of AVG Antivirus




Advantages and Disadvantages of AVG Antivirus.

AVG Antivirus excess are as follows :

1. AVG Installation is quite easy
2. Auto update over online ( Schedule Update )
3. AVG can be installed on the Mozilla Firefox browser as a plugin so it is safer surfing
4. Virus scanning is faster
5. Memory used on the PC is not too much
6. Resident option does not slow down computer performance
7. Fiture have Anti-Spyware, Link-Scanner, Email Scanner
8. Anti Spam

AVG Antivirus deficiencies are as follows :

1. To AVG lates version ( AVG 9 ) The first installation is quite long
2. Setting operation is rather complicated
3. file that the virus was removed by usual along with the AVG Virus
4. AVG usually rely on computer operating systems used
5. AVG sometimes assume .exe file as a virus, especially in crack
6. Update antivirus longer

VIrus "STUXNET"

Indonesia recordet the second highest country in the world are infected by the VIRUS STUXNET, Malware (malicious software) or malicious program types worm which was rampant in the world today. According to Kaspersky Lab's analysis, based in RUSSIA.

Stuxnet is a specific windows computer worm was first discovered in June 2010 by a security company from Belarus. The worm became famous because it is the first worm to spy on and reprogram the industrial system. Lately, Stuxnet worm attacks has led to much speculation and discussion about the intent and purpose, origin, and - crucially - the identity of the attacker and the target.

Kaspersky Lab has not seen enough evidence to identify the attacker or the target, but Kaspersky can confirm that this is the only sophisticated malware attacks are supported by substantial cost, a team of attackers with high expertise and knowledge of SCADA technology is good.

Researchers at kaspersky Lab found that the worm exploits two of the four zero-day vulnerabilities that have been reported directly to Microsoft. Kaspersky analysts have been working with Microsoft to ensure the smooth launch of the patch, and ensuring customers are protected and to obtain information about the attack. ALL product Kaspersky Lab has managed to detect and neutralize Worm.Win32.Stuxnet.


Wednesday, August 17, 2011

Computer China

Pretty soon, China will likely become the superpower of the world super computer. This can be seen with the advent of computers nebulae are located at the National Center for Super Computer Shenzhen as the second fastest supercomputer in the world.

Ranked first in the world's fastest computer is still held by the U.S. with a computer that is named Jaguar. This computer has a speed of 1.75 petaflops. One petaflops equals 1,000 counts per second trillion.

Starting today the country is predicted China will become a key player in the computer world. Currently, Dawning, a companya that is behind the creation of nebulae, is reportedly building a super-fast computer again the National Supercomputer Center in Tianjin.

In addition, the company is also developing silicon chips with huge capabilities.


Tuesday, August 16, 2011

New Computer Virus 2011

New Computer Virus 2011 - One of the computer viruses that attact mobile phones that use google's Android operating system have emerged in China, so computer virus attacks the android operating system. A report this week from lookout mobile security stating the latest Trojan Virus that attacks the android device has beed dubbed "Geinimi" and "can muster so much personal data in the user's phone and sends it to remote server". The airline called the virus "Android is the most advanced malware we've seen until now".

"Immediately after the device is plugged into the phone malicious user, malware that has the ability to receive commads from a remote server that allows server owners to control the phone, "said Lookout. "Creator Geinimi has significantly raised the sophistication of malware Android thereby overcoming the previously overseen by operating a variety of techniques to make a run all its activities, " he said.

The motive behind the virus is not clear, Lookout said, adding that it can be used for anything ranging from "malicious ad networks to attempt to create a botnet Android".


Virus Boot Sector

Boot Sector Viruses are spread is very common. The virus is in the double he will move or replace the original boot sector with the program boot virus. So when there is booting then the virus will be loaded into memory and then the virus will have the ability to control the standard hardware (example : monitor, printer, etc.) and from memory is also the virus will spread throughout the existing drive and connected to the compputer (example : floppy, another drive axcept c drive).

Virus Samples :

- Variant Virus wyx
ex: wyx.C (B) infect the boot record and floppy
length : 520 bytes
characteristics : memory resident and encrypted

- Variant V-Sign :
Infect : Master boot record
length of 520 bytes
characteristics : resident in memory (memory resident), encrypted, and polymorphic.

- 4th - Stoned.june / bloddy! :
Infect : Master boot record and floppy
length of 520 bytes
characteristics : resident in memory (memory resident), encrypted and display message "Bloody! June 4th 1989" after the computer is booting 128 times.


Popular Posts