Miscellaneous

Miscellaneous Article

Remove DeadLock Virus (W32/Tibs.DKKR)

This time-bomb virus will deleted all your data in your hard-disk and flash-disk including system files for each file founded on date 12-13 around 8-9 AM each month. If you got this message in your computer then you have infected by this Deadlock Virus.

deadlock-1

This virus has strange master files, I don’t know why this virus creator choose apache.exe (popular web server) and mysql.exe (popular database) if users familiar with computer process they will found out this master files easily. Deadlock has been compressed by petite 2.x. with size 80KB, using application icon.

deadlock-2

Spreading Technique:

No autorun.inf, Deadlock using desktop.ini then folder.htt to execute flashguard.exe, so… if you’re infected by this virus each folder will contains this 3 files.

  1. Desktop.ini
  2. Folder.htt
  3. Flashguard.exe

deadlock-4

deadlock-5

Virus Affect:

This virus will deleted all files, not only data or document, virus will removing them all. If this happen to you I really don’t have smart solution for this… You can try using recovery programs, badly this programs not free. Maybe you can try to searching for free recovery programs, Anyway in my experience not all recovery programs working 100% sometimes you can’t get back lost files in 100% if you lost it in long time ago (ex: 1 year ago).

Virus also will deleted system files and make your computers fails to start, consult with your OS vendor how to fix this (In windows XP there is repair tools from CD but don’t know other) if there is no repair tools you have no choice to reinstall your OS then recover back your lost files.

HOW TO:Remove DeadLock Virus Manually:

1. Disable System Restore when in cleaning process.

Read More »Remove DeadLock Virus (W32/Tibs.DKKR)

RELATED SEARCH TERMS:

DMEHOSTING Short Review

Well, This is my short review again. This time I will review DMEHosting, First month it was run smoothly until I decide to moving all my sites into DMEHosting, the problem coming next month after I pay my billing for 3 months (usually I billed per month to make sure they give me the best service as they promise in their promotion). DMEHosting started complaint to me ,they say I used to much CPU resource on their budget VPS (this package sucks) and I decide to change apache into lighttpd. Neither the problem was not done yet they keep contact… Read More »DMEHOSTING Short Review

Remove Worm VBS/Cryf.A, Shemale by CRY

VBS/Cryf.A was created using visual basic scripting (not visual basic), first case happen on my cyber cafe on date 18 July 2009 it spreading from user flash disk and try to infected all PC in my network.

I’m not sure why so much Indonesian virus maker using lot of this VBS technique (maybe they know without msvbvm.dll VBS can executed on a lot target), Since I write about VBS article long long time ago (I forget maybe around year 2003-2005) in jasakom website with title “VBS sederhana yang berbahaya” many people has try to manipulate that simple code to become advanced code. Now I’m fell really stupid by share that Article to public…

How to know if you’re infected by this worm VBS/Cryf.A:

1.First time your computer turned on it will open web browser and show this pictures.

VBS-Cryf.A-3

2. VBS/Cryf.A will change your web browser start page become:

VBS-Cryf.A-4

3. There is folder “album bokep” (in Indonesian language this mean p**n) in all folder.

4. VBS/Cryf.A will change your system properties become like this:

VBS-Cryf.A-5

5. Change file type .lnk become “movie clip”

VBS-Cryf.A-6

6. It will control your DVD/CD-rom by make it open and close to make you panic.

Read More »Remove Worm VBS/Cryf.A, Shemale by CRY

RELATED SEARCH TERMS:

PHP: Creating Custom Title and Meta (Simple Way)

In this article we will learn how to create custom title and meta description for each pages of you website. If you’re using WordPress or script that already have this standard SEO settings, all title and meta can be done setup in easy way. Anyway how if your website using your own design? I mean you designed it from zero! some of us didn’t notice if actually we are using global title and meta that was caused search engine didn’t give good result in return because all categorized as “duplicated“. *sample on false title and meta making my site poor… Read More »PHP: Creating Custom Title and Meta (Simple Way)

How To:SETUP Google Sitemap Generator

Having automatic renewed sitemap like google sitemap plugins for wordpress is really needed when you want to get indexed faster on top 5 search engine. Anyway if you’re not using wordpress CMS then how to build your sitemap manually? Lucky you, there is a lot free sitemap generator out there. Small sites are easy and fast to generated sitemap in just minutes, but how if the situation is your sites big and…. said it have at least 1,000 static URL inside it. You will get crazy on waiting sitemap generator working for it and of course the problem will coming… Read More »How To:SETUP Google Sitemap Generator

TIPS:Making Your Website/Blog Loading Faster.

Hi all, this is my free tips and trick for you all on how to making your website or blog loading faster. After a few months I notice there is a high time consuming on open my own blog, after analyze it I found out there is some optimization we can do to make out website or blog loading faster.

1. Keep your images file size as low as you can.

Making your images file size lower are great option to make your website/blog loading faster, You can do it by converting your images using 3rd tools you like (I used acdsee converting to 65% quality) This will help your website or blog loading faster because it will only take a small consume bandwidth, remember not all country in this world have standard internet connection that would help them if you lower your images quality to catch your images file size to help them load it faster.

Badly this will low your images quality, if you run wallpapers/photos website better keep it as high as you can.

2. Optimize your SQL query.

This is a hard to follow, please refer to your database documentation website and find out the way how you can optimize your database query. If you meet problem then you might rent some programmer out there to help your problem (Usually you have to pay).

3. Make sure there is no error/lost files.

This is happen to my blog last few months ago, I did notice it because usually I open this blog using firefox, after realize it using internet explorer I found some missing images and error on page. This is a little hard to follow, you have to analyze which code making your website or blog showing error, for my problem it was happened not because code error but from this “addthis plugins” after remove it and added the code manually this error gone 😀

4. Choose the best hosting option.

Making sense, you have to choose the best hosting by category:

Read More »TIPS:Making Your Website/Blog Loading Faster.

Remove Sandra Dewi Bugil Virus W32/Sadra.A

Sandra Dewi Bugil….? This is not p**n! this is an computer virus! 😛 but surely this is a noob virus creator *again*

sandra_dewi

Virus characteristic:

  • Virus size 132kb
  • Virus file type “application”
  • Virus extension .exe
  • Using images icon

Sandra Dewi Bugil Virus has been created using visual basic, If virus success on infected your system he will created some files:

  • \Sandra Dewi Bugil.exe (In all root drive)
  • \Documents and Settings\%user%\Start Menu\Programs\Startup\Sandra Dewi Bugil.exe
  • \WINDOWS\Sandra Dewi Bugil.exe
  • \WINDOWS\system32\ Sandra Dewi Bugil.exe
  • Creating duplicate virus on all folder in removable drive/usb.

This virus will show message when your computer active, the easiest way to know is you’re system infected by this virus.

sandradewibugil-virus-1

This virus will blocking some windows function to make him hard to removed.

  • Disable Folder Options
  • Disable Registry Editor
  • Disable Search/Find
  • Disable Command Prompt
  • Disable Task Manager
  • Disable Control Panel
  • Disable Msconfig/System Configuration Utility
  • Disable Right Click on Desktop
  • Disable “All Programs” on Start Menu
  • Disable Log Off/Turn Off

Read More »Remove Sandra Dewi Bugil Virus W32/Sadra.A

RELATED SEARCH TERMS:

Remove MaHaDeWa VBS.Autorun.AM

Look… Another lame virus maker… this virus not dangerous at all but it surelly can make you a little anger when your computers slow down and some configuration changed. Mahadewa virus has been created using visual basic scripting (not visual basic) it can simple deactivated by easily rename/deleted wscript.exe in your system32 folders.

This lame virus maker really noob hehehe.. he’s created a BIG size virus, LOL! usually virus has small size to help them spreaded fast but this one really crazy he have a BIG size that make me laugh really hard today.

mahadewa-1

Wait! I think I know this virus creator here’s him!

fat-blogger

Hahaha… I just joking don’t take it seriously people…

How to know your computer infected by mahadewa virus:

1. Your internet explorer header changed.

mahadewa-2

2. Your internet explorer start page changed to “https://webkom”

3. Your computer name and organization changed.

Read More »Remove MaHaDeWa VBS.Autorun.AM

RELATED SEARCH TERMS:

Remove Nadia Saphira Virus W32/VBTroj.AOQB

This virus has been infected my cybercafe server on 25/05/2009 not sure from where this virus coming from, it’s look like from my users flash disk in my cybercafe. After learn it surely this virus can be removed using manual technique.

This virus scripts almost same with bulubebek I think the creator is same person. Some people in forum said this virus is reincarnation of bulubebek. Badly, mostly antivirus company didn’t detected this virus, the only one can detect it only SMADAV but Norman detect it also as W32/VBTroj.AOQB.

Nadia Saphira virus characteristics:

  • File size 17kb and 69kb
  • File type “Application”
  • File extension .exe and .ini
  • Using folder icon
  • Created duplicated folder base on folder name and hiding the real folder
  • Remove folder options
  • Can’t used CD-rom
  • Can’t access command prompt
  • Can’t open registry editor

Same with bulubebek virus, Nadia Saphira virus has been created using visual basic. If virus success on infected your system it will created some file list:

  • autorun.inf (on all root drive)
  • NadiaSaphira.ini (on all root drive)
  • Documents and Settings\All User\Start Menu\Programs\Startup\lan.exe
  • Documents and Settings\%User%\NadiaSaphira.ini
  • WINDOWS\taskmgr.exe
  • WINDOWS\system32\.exe
  • WINDOWS\system32\allsys.exe
  • WINDOWS\system32\misconfig.exe
  • WINDOWS\system32\MS586.sys
  • WINDOWS\system32\System
  • WINDOWS\system32\wtoolsb.exe
  • WINDOWS\system32\dllcache\.exe
  • WINDOWS\system32\ dllcache\System

Same with bulubebek virus Nadia Saphira virus will hiding all your folder that already changed with “fake” folder to tricky some newbie out there to activate this virus. It also will blocking some windows function such as Folder Options, Registry Editor, Search/Find, and Command Prompt.

To make this virus more hard to removed his creator changed your registry and created autorun files when your computer start-up, the first file is lan.exe then it will calling another files to backup. take a look on picture…

nadia-saphira-virus

Infection Method:

As I said in the top articles this virus will using your flashdisk and hijacked windows autoplay function for infection method. Virus will created some autorun.inf files for make him spreading in your system.

nadia-saphira-virus-1

Alright enough let’s remove this sh*t *lol*

How to Remove Nadia Saphira Virus W32/VBTroj.AOQB

1. Disconnected your computer from networks

2. Turn off system restore when in cleaning process (Don’t forget to turn it on again when you already remove this virus)

3. Because this virus blocking your task manager you can use this 3rd tools CurrProcess Kill this process to stop active virus in your system:

Read More »Remove Nadia Saphira Virus W32/VBTroj.AOQB

RELATED SEARCH TERMS: