virus

8 Step to Remove W32/Sality.AE

Sality is an computer virus which will infected any files with extension .exe .com and .scr , sality will using your default share folder to spreading in your network area beside that sality using old autorun.inf technique also to spreading. Your application will become a little bigger in size around 60kb-80kb after sality infected it. No need to hide this virus was created in China /Taiwan it have some website list to update himself with new varian some of them pedmeo222nb.info, pzrk.ru, technican.w.interia.pl, www.kjwre9fqwieluoi.info and many more. Blocking this site list using hosts file might help you in short condition… Read More »8 Step to Remove W32/Sality.AE

ARP Spoofing: Genius code from China Series 2, Microsoft.vbs Microsoft.bat Microsoft.pif

D**n those f***ing China! *joke* 😛 This is new variant for Microsoft.vbs virus which I write formula how to clean it around a month ago when it hit my cybercafe until totally broken he he… Now most people know this virus as ARP virus. Why? Because after learning it more deeply this virus categorized as HIGH RISK and should removed as soon as possible before it infected total your network. First.. To know this virus is active on your computer is you will get most error pages message when browsing, or error when using messenger, PLUS you will find this… Read More »ARP Spoofing: Genius code from China Series 2, Microsoft.vbs Microsoft.bat Microsoft.pif

Remove virus AMBURADUL (all varian)

They never been stop spreading their knowledge…. and we also never let them alive forever. This is the article how to remove amburadul virus for all varian no need for antivirus program you can simply clean it using manual technique. The simple way to know if your computer infected by this virus is you will see JPEG files with aplication extension. Now let’s start to remove it! 1. Unplug your infected computer from your network to stop this virus spreading. 2. Disable “System Restore” when in cleaning process. 3. Kill the virus process using power tools “currprocess” kill all process… Read More »Remove virus AMBURADUL (all varian)

Remove W32/ALMAN Virus

Computer virus again.. Today my Laptop and PC got infected by W32/ALMAN. All I can say this virus is smart and not easy to killed It’s cannot stopped by just view in background process, in services, and startup list. This virus will make 2 master source files on %SystemRoot%\System32 first wmdrtc32.dll (40 KB) and wmdrtc32.dl_ (26,5 KB) Once it active it will injected code to any executable files and infected it. If you got message box with message “There is no disk blabla” or you cannot run any executable files you should check on your system files about those 2… Read More »Remove W32/ALMAN Virus

Securing my CyberCafe Computers

I really hate when people claimed using shared computers always not secure. To stop that words from spreading I do lot of software review and implemented it on my own cybercafe to attract people for use it. 1. I do reinstall all Windows XP home edition from zero (clean install) to make sure my windows on top performance I’m not doing any windows software update, I just updated the driver and security patch. 2. Buy deepfreeze standard edition from faronics company to help me keep my cybercafe computers keep clean from any virus, mallware, spyware or anything each time it… Read More »Securing my CyberCafe Computers

Stop Virus Stargate

There is virus attack my cybercafe server again yesterday. It’s identified as “Stargate” It’s Really hard to stop it first time my server got infected. I lost almost my public data caused by this virus 🙁 Here is the way for people looking to stop this virus, I’m not guarantee this way will make your system clean 100% but sure it will stop the virus. 1. Unplug all cable connected to and from your computers network. 2. Better clean your computer in safe mode 3. Kill Virus process, you can use KillVB to do this. Before you kill virus process… Read More »Stop Virus Stargate

Watchout your network from: invisible worms/virus

This is Madness, my BIGGEST failure since 2001 in manage my own cyber cafe. 2 or 4 days ago I fell something strange happen with my ADSL connection it’s run very slowly and I’m pretty sure there is something run in my background. I do checked my background, I scan my computers with trusted antivirus, what I found.. NOTHING! To bad, I let that worm run on my computers until yesterday and I found something. I tested my ADSL connection by unplug my lan wire then connect it again… and you bet what I found DSL modem blinking tell me… Read More »Watchout your network from: invisible worms/virus

Repair your document files infected by kspoold.exe

Last night one of my costumer on cybercafe complaint to me….. she say can’t opening her important document files and I look on it.. I’m not surprised…. kspoold.exe is infected on her flashdisk, all important document changed to executable files. We talk for a moment then she asking me to help her get that document files back again. first I said can’t, because I’m not already seeing hex code on that infected files and of course because I’m lazy boy.. :p but she keep pushing me and said she will pay me to get that important document back. *laugh out… Read More »Repair your document files infected by kspoold.exe

Kspoold.exe, eat your document files and flooding network

Just a few days ago I found this virus process on my computer server, it’s make my server running slowly and make my server as boot flooding zombie. I know it after dal.net autokill my IP address with reason flooding network. Kspoold.exe virus is not totally broken your computer and very easy to remove I rate it as low risk virus, but.. if you let it stay for a days the virus will checking for any shared folders on your network and make clone on other computer in same network. And the bad news… This virus will change all yours… Read More »Kspoold.exe, eat your document files and flooding network

How To Repair Trojan Virut.56

After 2 days ago my server already cleaned from mso.sys yesterday it’s spreading again in my local networks and download new Trojan called Virut.56 then infected one of my computers client. I think I’m lucky because I detect this Trojan early before it infected all clients. I’m pretty sure this is a new virut variant which coming from mso.sys , It’s really bad bad Trojan and very hard to remove it using manual technique. To detect when you’re infected by this Trojan: When your computer start-up you will see 2 IEXPLORE.exe running on process background. When It’s already totally control… Read More »How To Repair Trojan Virut.56