Original Article here

Delete these files if they exist:
C:\WINDOWS\SYSTEM32\RVHOST.exe
c:\windows\rvhost.exe
%all drives%\new folder.exe
C:\Windows\Tasks\At1.job
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run in the registry, and you need delete the entries which contain RVHOST.exe in them, or better yet, change them back to their appropriate paths.
Go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System
"DisableTaskManager" = 1 (CHANGE IT TO 0 )
"DisableRegistryTools" = 1 (CHANGE IT TO 0 )

Go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer
"nofolderoptions" = 1 (CHANGE IT TO 0)

Go to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Schedule
"attaskmaxhours" = 0 (CHANGE IT TO 24)

Because this threat may make it unable to access the registry editor, you may need to Merge a .REG Program.

I have attached one for you ehich i made, that will re-enable task manager, folder options, and allow you to use the registry editor.

Comments on this post
Antony dot f dot agrees: Exactly what must be done
Attached Files
File Type: zip ANETGAMES-PKG_0023349.zip (360 Bytes, 7443 views)
Reply With Quote

ANETGames
View Public Profile
Send a private message to ANETGames
Visit ANETGames's homepage!
Find More Posts by ANETGames
Support ANETGames

Old Apr 12, 2007, 01:22 AM #4
Zaithe
New Member
Zaithe is offline

Join Date: Apr 2007
Posts: 1
Zaithe See this member's comment history on his/her Profile page.

Follow these steps to completely remove this worm:
1-Start>RUN
2-Write CMD
3-In CMD,write "Taskkill /T /IM "RVHOST.EXE"
then open a Notepad Start>RUn
4-Write "NOtepad"
5-in notepad paste these lines below
On Error Resume Next
Set shl = CreateObject("WScript.Shell")
Set fso = CreateObject("scripting.FileSystemObject")
shl.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableRegistryTools"
shl.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableTaskMgr"
shl.RegDelete
6- save the notepad as "Enable.VBS" and the change the file type to "All"
7-double click "Enable.VBS"
8-now Start>Run. Write "Regedit" in it and press enter
9- Do the following changes in Registy

In the left panel, double-click the following:
HKEY_CURRENT_USER>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:
Yahoo Messengger = "%System%\RVHOST.exe"
(Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, and C:\Windows\System32 on Windows XP and Server 2003.)-->
Removing Other Entry from the Registry

Still in Registry Editor, in the left panel, double-click the following:
HKEY_CURRENT_USER>Software>Microsoft>Windows>
CurrentVersion>Policies>Explorer
In the right panel, locate and delete the entry:
NofolderOptions = "1"
Restoring Modified Entries from the Registry

Still in Registry Editor, in the left panel, double-click the following:
HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows NT>
CurrentVersion>Winlogon
In the right panel, locate the entry:
Shell = "Explorer.exe RVHOST.exe"
Right-click on the value name and choose Modify. Change the value data of this entry to:
Explorer.exe
In the right panel, double-click the following:
HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>
Services>Schedule
In the right panel, locate the entry:
NextAtJobId = "2"
Right-click on the value name and choose Modify. Change the value data of this entry to:
1
Close Registry Editor.
Deleting the Malware File(s)

Right-click Start then click Search... or Find..., depending on the version of Windows you are running.
In the Named input box, type:
AT1.JOB
In the Look In drop-down list, select My Computer, then press Enter.
Once located, select the file then press SHIFT+DELETE.
Note: AT1.JOB is a Sheduled Task so you can find this in C:\WINDOWS

Due to insecure Internet browsing your PC can easily get infected with viruses,
worms and trojans without your knowledge, and that can lead to system slowdown, freezes and crashes.
Also insecure Internet activity can result in revealing your personal information.
To get full advanced real-time protection for PC and Internet activity, register KvmSecure.
We recommend you to protect your PC now and continue safe Internet browsing.
Click here to get full advanced real-time protection and continue browsing.(this is link)
Continue to this website unprotected (not recommended).(this is link) (but when i click this option there's nothing - nothing happen's)

And when you click continue without it will not work it work only if you click on get the full version bla blah.. then of course it tells you buy the virus thing, but as all know it just a SCAM! it is not a freaking virus protection. but lucky me that I'm a pro i just then ddownload superantispy ware!That programs help a lot i can say. It removes all those virus and spy ware from my computer and now i can surf were ever i want! :D

So if any of you got the same problem just download the free edition superantispy ware!

Mega Upload adalah suatu web site yang tujuannya adalah sebagai tempat sharing data. Rada mirip dengan Rapidshare, tetapi bedanya, di Mega Upload banyak keterbatasannya. Misalnya dalam 1 hari hanya di batasin download beberapa file saja, dan yang paling utama adalah, Jika ingin mendownload sebagai free user, maka kita harus mendownload Zango Toolbar.

Zango Toolbar ini sendiri walaupun di bilang aman di Mega Upload, tetapi banyak yang bilang kalau dia ini sebenarnya Spy Ware dan ad Aware dan bakal bikin berat dan banyak nyuri data yang kamu miliki selama berinternet. Yang jadi dilema adalah, Mega Upload tidak mengizinkan kita untuk mendownload file yang ada di servernya jika kita tidak terlebih dahulu mendownload dan menggunakan Zango Toolbar di Browser kita. Tapi fear not, karena sekarang ada solusinya. Anda tetap bisa mendownload dari Mega Upload tanpa perlu meningstall ataupun mendownload Zango Toolbar.
Read the rest of this entry »

One of the comments left after the article raised a good point, why hasn't there been a major security breach of Mac OS X? Now that the Mac's market share is growing there would be a lot of publicity for whoever writes the first widespread security threat, so where is it? is this luck, or is Apple doing something right?

The most important thing you can do to protect your computer
is to make sure you know the reputation of the software production company
before you install any software on your PC.
Here are some other dos and don’ts to help you get started.

1. Know your computer.

DO

• Keep hard copies of important software, especially the system restore and productivity software that come with your computer and your device drivers.
• Be sure to keep track of the product key, which might be required if you have to reinstall the software.
• Make a list of the programs you have installed.
• Check the Add/Delete programs list frequently to make sure you recognize everything there.
• Remove software you don’t recognize or don’t use.
• Watch for unusual behavior such as slow processing, excessive popups, and frequent crashes or freezes.
• Maintain your PC by using the system tools that came with Windows.
• Back up your data.
• Clean your hard drive.
• Defragment your hard drive.
• Create frequent system restore points.
• Empty your temporary internet folder regularly.

DON’T

• Allow malware to remain on your PC any longer than necessary. It will probably install more harmful software.

2. Be aware of threats.

DO

• Read the End-User License Agreement (EULA) before clicking “I agree” to install new software.
• Use Google and other search engines to check a company’s reputation.
• Visit trusted and knowledgeable sources like bleepingcomputer.com and cnet.com to get information on common computer solutions.

DON’T

• Recklessly download files from the Internet even if they seem fun and useful.
• Click on questionable screens, not even to close them. Instead right-click on the Windows Taskbar or use Windows Task Manager (ctrl+alt+delete).
• Download these common types of adware unless you trust the source: auto-completers (wallets), games, calendar/clock functions, news/sports tickers, search bars, screensavers, toolbars.

3. Protect yourself.

DO

• Use more than one approach.
• Try combining the following elements: virus protection software, spyware protection software, registry scanners, and pop-up blockers.
• Update your protection software frequently.
• We strongly recommend creating automatic updates.
• Consider changing your browser settings not to allow downloads.
• You can always remove the restriction when you want to download something.
• Add dangerous websites to your “restricted sites” in the security menu of your Internet browser.

DON’T

• Use software from a company with a questionable reputation.

Definitions

Adware

spyware that often comes bundled with freeware or shareware and generates popups and other advertisements even when you aren’t using the software that it originally came with

Driver

software that allows hardware to work with your operating system (ex. the cd that came with your printer)

Firmware

semi-permanent instructions that come with a piece of hardware (ex. it came already installed on your digital camera)

Freeware

shareware you aren’t expected to pay for

Hardware

a physical device (ex. speakers)

Malware

(short for malicious software) designed for the specific purpose of harming your computer or performing functions you don’t want

Operating System

installed before any other software, this program manages all of the other programs and controls how they work together (ex. Windows)

Shareware

inexpensive software designed by private individuals

Software

a set of instructions that perform a complete and specific function, a computer program

Spyware

collects information about your computer and your user habits and sends it to another computer

Toolbar

a set of buttons that perform a function without your having to use the program’s menus

Trojan

harmful software that comes hidden or bundled with seemingly useful software

Virus

software that copies itself and spreads to other computers through file sharing and usually hides inside another program

Widget

(short for windows gadget) usually located on your desktop, and performs a useful function like providing weather updates or sports tickers

Worm

software that copies itself and spreads through network connections and the Internet but doesn’t usually hide inside another program

Why is cosmology a tug of war between religion and science?

The answer is very simple.

• Religion is practiced by professional Doctors of Theology.
• Science is practiced by professional Doctors of Philosophy.

Both doctors claim ownership of cosmology. This is an academic border dispute between two types of doctors.

Before the reign of Newton DOT had the sole authority on designing, hiding, packaging and marketing their cosmogonical mythology under the True and Genuine Faith brand. Newton grabbed cosmological authority from DOT and gave it to his brethren DOP as part of his Scientific Revolution. Now DOP have been designing and packaging and marketing their cosmogonic mythology under the True and Genuine Physical Cosmology brand.

DOT never forgot this humiliating loss of authority and they are still fighting to get it back. This is not like a friendly competion between two corporations. No, this is more like an ugly academic turf war. As a consequence consumers are the biggest losers.

My advice to both DOT and DOP: Forget about old enmities and academic blood feuds with your brother doctors and sit down and resolve this issue like civilized politicians that you are at heart. The Pope already implied support for the Big Bang. But if you read the fine print of his Bull which is written in Latin you would see that it could be interpreted to support the Big Bang, the Big Bounce, the Steady State, and various native American cosmologies if need be, it is all inclusive and generally relative just like standard physical theories. So, what I mean is that there is room for negotiations. Just agree to disagree and draft a modified version of the Bible and market it as the new translation of recently discovered clay tablets in caves somewhere near Dead Sea.

Here are three useful bullet points for you to get started:

1. Start from Genesis I.

Don't question who wrote Genesis I. Accept Genesis I as a physical initial condition. This assumption is as scientific as exotic assumptions physicists routinely make to obtain a class of solutions to Einstein equations called exotic solutions. So you see religion and science use similar methods of reasoning. In fact, it can be argued that God lifted Genesis I verbatim from a modern cosmology textbook, so you guys may be closer than you think.

2. Agree on the true value of Cosmological constant

Even before sitting on the table have your graduate students and minions negotiate a preferred value of the cosmological constant and approve it as the true value of the vacuum energy that god used to create the expansion. Remember God is not a blunderer. Don't ever change the value of the Cosmological constant again. Ever. There is no more negotiations on the cosmological constant. Understood? Then apply that true value lamba_T of the cosmological constant to Genesis I to obtain a well-gauged and finely tuned Genesis I that both parties can agree on.

3. Agree to disagree on interpretations

Remember that unless you are fluent in Aramaic, you are reading a particular interpretation of Genesis I in your language. Just like in Quantum Mechanics, in the realm of the Bible too, interpretation rules. There are some fundamental things that are lost in translation. Bible is not Lorentz invariant and it is not even invariant under Galilean transformations. The Bible may have its roots in Galileo but does not give a  hoot to Galilean transformations. In fact, any kind of translation is known to introduce new physics into Bible. So don't do it. Agree on this in the preliminaries. Example: It happens to be that in the original it is not God but Gods who created the cosmos. There goes your monotheism. So if you dig deep enough you will reach semantic Hell and your negotiations will go there. So, as sensible professionals we must assume Genesis I in modern English as given just to start the negotiations.

Let me throw in some ideas:

• In the beginning God created the universe with a Big Bang.

I think this should be an acceptable compromise to both parties. Or if that's too explicit, try

• In the beginning God may have created the universe with a Big Bang.

Or make it as subtle as you want

• A hypothetical supernatural being called God G with physical characteristics of vengence V and cruel punishment P toward his creatures C_n may have created the universe with a singularity S called Big Bang that only he could have created and only physicists could have discovered.

I think this version pats nicely the egos of both Doctors of Theology and Doctors of Philosophy. The main thing in a negotiation is to save the egos of both sides, so we are on the right track here. Well, you see that there is hope for reconciliation. I look forward to a peaceful resolution of this longstanding dispute between the two honorable types of professional doctors so that we as consumers of cosmogonic mythologies know where we stand in the cosmic order of things. Now we are divided and confused.

Actually, after some googling I've found that there is already a version of an ancient Bible that I.B. Cohen found in Newton's library. Newton had translated this primordial Bible while he was waiting his mercury to boil in his little alchemical shop in Cambridge as evidenced by traces of mercury fumes on the manuscript. This may be just what you need. I copy it below:

In the beginning God created the heavens and the earth according to the theory of the Big Bang. Now the earth was formless and empty because geology departments were not yet populated with great European geologists; darkness was over the surface of the deep, and the Spirit of God was hovering over the waters according to Newton's laws.

And God said, "Let there be electromagnetic radiation," and there was electromagnetic radiation. God saw that electromagnetic radiation was good, and he created Maxwell to enshrine electromagnetism in physics as Maxwell's equations and connect Newtonian mechanics with Einsteinian relativity. God called the speed of light c, and the spacetime he called many names but most famous of them he called Schwarschild solution.

And God said, "Let there be an expanse between the waters to separate water from water." So God made the expanse and separated the water under the expanse from the water above and called it space so that NASA can explore it. And it was so. And there was evening, and there was morning--the second time the earth went around the sun. Or vice verse according to Ptolemy. Ptolemy was a necessary evil so that God could create Copernicus and set things aright and teach a lesson to anyone who was crazy enough to believe that God could not make the earth move.

And God said, "Let the water under the sky be gathered to one place, and let dry ground appear and he called dry ground Gondwanaland and it was so and God carefully fine-tuned the motion of tectonic plates so that they formed the continents as we observe them today. And God created Alfred Wegener to discover the plate tectonics. And God created Jimbo Wales who created the Wikipedia so that we can know all this. God called the driest ground desert and sent various clans and families of his chosen people to that godforsaken hot place to murder each other with relish for generations to come and then God gathered waters and he called them Atlantic ocean, Pacific ocean, Dead sea, Mediterranean, etc etc. . . God was a great geographer and enjoyed being a great geographer. And God saw that it was good, everything fell where they fell according to Galileo's time squared law.

Then God said, "Let the land produce vegetation and let global corporations grab the produce from honest farmers for cheap and sell the vegetation to humans with a hefty profit leaving half humanity desperately hungry: Let these global corporations corrupt all natural seed bearing plants and trees on the land with genetically modified fruit with seed in it so that they look good on shelf but taste like wood pulp. And let plant biologists classify vegetation of the land into neat taxonomies and make academic careers. And it was so. God was happy that he created yet another academic department and that he modeled nature according to academic departments so that each and every academic can make great discoveries and have good careers and each to its kind. The land produced vegetation as planned and banana plantations produced slavery and the great music of blues. God loved blues. And made sure that humans loved it too. And God gave humans a lot of suffering so that they can enjoy the blues. And there was evening and there was a lot of drinking and fooling around listening to blues and there was morning and there was a lot of hangover -- the third day.

And God said, "Let there be lights and he created New York skyline to separate day shift from the lobster shift and let workers serve giant private banks lodged in skyscrapers by punching clocks in and out of their cubicles. And it was so. God made two great lights -- the greater light to give a good tan to the leisure class in Cote d'Azur and the lesser light for lovers to whisper sweet nothings to each other under its light looking at its reflection on the Mediterranean. What a great God he was creating such beautiful places for His people. And he also made the stars. God set the stars so that they expanded according to Hubble's law so that his favorite sons the physicists can discover how he created the universe with a Big Bang as we proved above in Genesis I. And God saw that it was all so far so good and all according to the laws of physics -- the fourth day.

And if God wanted to he could have created Donald Knuth and written all this down in precise differential equations of physics making it easy for physicists but then how could physicists make their glorious careers discovering these equations and be awarded Nobel prizes so God decided to say all this in Latin and then said Let Newton be! and Newton put all this Latin into his Principia in the form of Newton's laws and revealed them to humanity as a gift. And God looked at the oceans he created and saw that there was nothing in them so God said "Let's not forget to populate the waters so that oceanographers can make their careers and God populated the water with living creatures, and then he remembered ornithologists and made nice looking colorful birds to fly above the earth across the expanse of the sky. So God created the great creatures of the sea and every living and moving thing with which the water teems, according to their kinds, and every winged bird according to its kind. And God saw that it was all soo beauutifuul. So cool! And God said I wished I lived on Earth, I made it so beautiful. And God blessed them and said, "Be fruitful and increase in number and fill the water in the seas, and let the birds increase on the earth." And God asked Darwin about the right way to do all this stuff for these beautiful animals that he created and Darwin said let them evolve and God created the theory of evolution and saw that it was good theory. And there was evening in some parts of the Earth and morning in some other parts as you can see in Google Earth and as the earth went around the sun or vice versa as the case may be the sun never set on Google and God saw that the universe existed so that he could create Google -- the fifth day.

God was getting tired so he started to rush things and it turned out that God was so tired when he created us humans that he made many design mistakes. But let's not dwell on God's mistakes here, this is God's Book after all and let God have his say and God said, "Let the land produce living creatures according to their kinds: livestock, creatures that move along the ground and cats that do not move around much and mice to give something for cats to play with. And God saw that it was good at least for cats.

Then God said, "Enough is enough, there needs to be a master creature of all that we have created in previous days and let's make man in our image, in our likeness, and let him rule over the fish of the sea and the birds of the air, over the livestock over all the earth and over all his women and over all the creatures that move along the land except cats. Man must clean up after cats and feed them and love them without expecting any love back. And man agreed.

So for the readers who have not gotten the message before, here in Genesis 27, God says again and again:

God created man in his own image, in the image of God he created him; male and female he created them in his own image; God in his own image created male and female . . .

Are there more permutations of this sentence? Maybe in extra dimensions discovered by Lisa Randall there could be. More dimensions means more permutations of meanings. God thought about extra dimensions too. And God created Lisa Randall to discover the extra dimensions. And God saw that extra dimensions were good for string theory.

God blessed them and said to them, "Be fruitful and increase the number of extra dimensions and fill every dimension of the Earth with toxic waste, greenhouse gases and plastic bottles. Rule over the fish of the sea and the birds of the air and over every living creature that moves on the ground. God saw that all was good but could be better. You see, God loved to double deal, so he told us humans that we were the total rulers over everyone and everything and then when we weren't looking he turned to virus and bacteria and said my little friends you are the real masters of this earth and of this human kritter that I wired with design flaws and I let you rule over humans and give them all kinds of diseases so that my favorite creatures global pharmaceutical corporations could make loads of money selling drugs to the sick with no intention of curing them. And God saw that it was all good and balanced.

Then God said, "I give you every seed-bearing plant on the face of the whole earth and every desolate crater on the Moon and I give you the red soil of Mars and toxic atmosphere of Saturn I give you all that and more and I invented NASA to take you there. And all the beasts of the earth and all the birds of the air and all the little chicks that you mass produce in conveyor belts -- everything that has the breath of life in it -- I give them to you for killing, kill them and then learn how to kill and love killing and be addicted to killing and if you want to make me happy go ahead and kill each other, every man and woman and child who has the breath of life he or she is your enemy all according to their kind go and murder them in the name of your God-- ME. And I give every green plant to you for salad. Make good salad. Put olive oil dressing on it. Put feta cheese. Sprinkle with myrrh. Of course, if you can afford it. There is a price for everything.

God saw all that he had made, and it was the best of all possible multiverse. And cosmologists and physicists were happy and there was evening and all went for a drink and there was morning and god said what a miracle! It's been six days and six nights and this universe is still working as planned according to Einstein's equations. Am I a genius or what said God and physicists and cosmologists stood up and applauded and thanked him for not writing the Bible in partial differential equations and let physicists die of hunger but they thanked God for hiding all these equations in everything that he created under the sea and above the sky and on the land for physicists to find like Easter eggs. And Doctors of Theology in their churches and temples and mosques also saw that God created everything in their favor and they said the world is a wonderful place. You just have to be a professional doctor to enjoy this world created by God. There is no room for skeptics here who say that professional doctors themselves designed this system in their favor in the name of God. Well, whatever. God, saw that it was all good. So it must be good.

So dear DOP and DOT, you see that there is room for negotiations. You can find a common ground and issue a cosmogonic mythology blessed by God and by physicists. We are anxiously waiting for it.

(click en la imagen para abrir enlace a página)

En esta sección se ha recogido una recopilación de útiles o herramientas que pueden ser de utilidad para prevenir ataques e infecciones en su PC, ayudar en la reparación de daños, o, simplemente, facilitar el uso de un PC conectado a Internet.

En cada uno de los apartados se introduce brevemente el asunto del que trata y se enlaza a soluciones gratuitas que se pueden encontrar en la Red.

FUENTE:

alerta-antivirus.inteco.es

(Centro de Alerta Temprana sobre Virus y Seguridad Informática)

(click en la imagen para abrir enlace a página)

En esta sección se ha recogido una recopilación de útiles o herramientas que pueden ser de utilidad para prevenir ataques e infecciones en su PC, ayudar en la reparación de daños, o, simplemente, facilitar el uso de un PC conectado a Internet.

En cada uno de los apartados se introduce brevemente el asunto del que trata y se enlaza a soluciones gratuitas que se pueden encontrar en la Red.

FUENTE:

alerta-antivirus.inteco.es

(Centro de Alerta Temprana sobre Virus y Seguridad Informática)

22 Sept - horee!! THR + Gaji

23 Sept - kompet ku kena virus Eskimo dan Blue Fantasy (prasaan ni virus jaman dahulu kala)

24 Sept - Yani (temen kantor) bilang ada Dunkin' Donuts, baru buka di Duta Mall, haa, ngilerrr....

27 Sept - mp3 player ku ketinggalan di kantor :cry: bakal bosen semingguan

28 Sept - untung aja hape ku GPRS-nya lagi hepi2nya, jadi bisa internetan. Lumayaann....

29 Sept - liat berita, untuk Muhammadiyah, hari raya jatuh tgl 1 Okt. Alhamulillah, ga selisih lagi.

30 Sept - sendirian di rumah, bete, nya udh, nyuci ajah, cucian dah setumpuk (ijaaaahhhhh........)

1 Okt - Met Idul Fitri 1429 H

3 Okt - solat Jumat dekat rumah, kangennya. soalnya kan biasanya solat Jumat di mesjit deket kantor

4 Okt - ke rumah Adit, my old best friend.

5 Okt - tidur2 an, eh mimpi dapat kata "Häth & Diggins" . Apaan tu ya?

6 Okt - kuliah pertama habis lebaran nie, maaf lahir batin ya temans

10 Okt - YM byarpet mulu :mad:

Notes :

22 - THR + gaji, bakal abis seminggu nie :lol:

29 - biasanya, (kadang2) aku hari raya kami (Muhammadiyah) sehari lebih cepat, aku sih terus terang lebih suka kalo barengan, kan pasti rame. Nah ini, yg hari raya cuma kami aja. :sad:

4 - Adit, my soulmate when Junior High

5 - koq bisa mimpi itu yach? Anech!!

Virus yang masuk dalam Top-10 periode lalu, beberapa masih mendominasi di bulan ini, hanya terjadi pergeseran peringkat pada beberapa virus. Selain itu, ada dua virus baru yang masuk dalam peringkat sepuluh besar kali ini yakni Zifoe dan Tiara-Alimah. Virus Zifoe masih menggunakan teknik sederhana dengan menirukan dirinya sebagai sebuah folder. Sementara untuk virus Tiara-Alimah, ia dapat menginfeksi file .DOC Anda. Maka dari itu, selalu waspada dari serangan virus, dan jangan mudah tertipu olehnya. Berikut daftar selengkapnya:

1. GadiHot
Jika Anda masih ingat dengan virus Tati, GadiHot menggunakan teknik yang sama dalam pembuatannya. Virus Tati dibuat menggunakan program semacam automation scripting, yang di compile hingga menjadi sebuah executable. Virus yang memiliki icon mirip dengan folder ini saat menginfeksi akan membuat beberapa file induk pada direktori Windows dan direktori di bawahnya dengan nama file seperti servicess.exe. Sistem320.exe. Seperti halnya virus yang meniru folder, pasti ia akan membuat folder gadungan. Salah satunya, virus ini akan membuat sebuah file dengan nama GadisHot.SCR dan New Folder.SCR pada root drive. Selain itu, ia pun akan membuat file autorun.inf di setiap drive yang ia temui. Pada root drive C, juga dapat ditemukan sebuah file dengan nama READY TO READ.txt yang merupakan file pesan dari sang virus.

2. Windx-Maxtrox
Virus yang dibuat dengan Visual Basic ini memiliki ukuran tubuh asli sekitar 77Kb, tanpa di-pack. Virus yang diduga kuat berasal dari daerah Sulawesi Utara ini memiliki kemampuan infeksi file executable. Tepatnya, ia akan menginfeksi program yang ada di direktori Program Files. Teknik infeksi yang cukup cerdik ia terapkan untuk menghindari pendeteksian engine heuristic dari antivirus. Ciri khas yang dapat dikenali pada komputer terinfeksi adalah berubahnya gambar wallpaper dari desktop menjadi gambar animasi, Maxtrox.

3. Virgear
Ia hadir dengan icon yang mirip dengan file multimedia milik WinAmp. Varian B memiliki ukuran file 49.152 bytes, tanpa di-pack. Sementara itu, varian C yang kami temukan, memiliki ukuran file sebesar 19.968 bytes, dan di-pack menggunakan UPX. Seperti yang lalu, ia akan menggantikan seluruh file multimedia yang ia temukan seperti MP3, 3GP, AVI, WMV, ASF, MPG, MPEG, MP4, pada komputer korban dengan dirinya sendiri, dengan menggunakan nama yang hampir sama, hanya ditambahkan extension .EXE di akhirnya. Virus ini juga akan mengubah setingan di registry untuk mendukung kelangsungan hidupnya, seperti menyembunyikan Folder Options, mem-blok Regedit, System Restore, dan lainnya. Diketahui, Virgear juga mencoba untuk mem-blok antivirus dan virus lain. Untuk itu, rename (ubah nama) dari PCMAV-CLN.exe sebelum Anda menggunakannya, misalkan menjadi 123456.exe. Dan, pada komputer terinfeksi, ia akan menampilkan kalimat “++++ Makanya jangan handak buka BF ja, neh rasain oleh2 dari amang hacker ++++” pada caption Internet Explorer.

4. Koplax
Virus berukuran sebesar 31.232 bytes ini menggunakan icon mirip seperti file multimedia, tepatnya milik Media Player Classic. Ia dibuat menggunakan Visual Basic, dan di-pack menggunakan ASPack. Jika komputer terinfeksi virus ini, akan banyak sekali duplikat file virus yang dapat Anda temukan di setiap sudut direktori harddisk maupun flashdisk Anda. Selain itu, akan terdapat beberapa pesan dari si pembuat virus yang salah satunya terdapat pada root drive dengan nama “A Letter 4 Ghe@.txt”.

5. HelloBaby
Saat menyebar, ia akan membuat file Desktop.ini dan autorun.inf dengan attribut hidden dan system. File tersebut akan disebarnya ke setiap drive yang ia temukan pada komputer terinfeksi. Ia juga akan berusaha untuk menyebarkan dirinya pada jaringan setempat dengan sebelumnya telah mematikan fasilitas firewall milik Windows. Pada komputer terinfeksi, akan terdapat beberapa file induk virus. Diantaranya, pada direktori System32, akan ada file dengan nama wmiprvse.exe dan mgrShell.exe, lalu file inti ini akan men-drop file lainnya dari dalam tubuhnya pada direktori Temp dengan nama ctfmon.exe dan pada direktori Windows dengan nama svchost.exe. Dan untuk mempercepat aksi penyebarannya, virus ini pun men-set registry NoDriveTypeAutoRun agar mendukung autorun pada floppy disk.

6. Zifoe
Satu lagi virus lokal yang memanfaatkan icon folder sebagai media penyamarannya. Zifoe, begitulah PCMAV mengenal virus ini. Ia dibuat menggunakan Visual Basic dengan ukuran tubuh sebesar 40.960 bytes, tanpa di-pack. Virus ini akan membuat beberapa tiruan folder. Pada komputer terinfeksi, akan terdapat direktori baru yang ia beri nama indomuzic yang berisi pesan dari si pembuat virus, yakni tentang saya.txt.

7. Tiara-Alimah
Virus yang satu ini memiliki icon mirip dengan dokumen Microsoft Word. Ia memiliki ukuran sekitar 107KB, dalam kondisi di-pack menggunakan tElock. Virus ini diketahui dapat menginfeksi dokumen Word atau .DOC. Dan file .DOC yang telah ia infeksi akan memiliki extension .SCR yang sebenarnya merupakan file executable.

8. Autorunme
Virus yang bukan produksi programer lokal ini memiliki ukuran sebesar 26.835 bytes, dan diperkirakan di-pack menggunakan PECompact. Ia tidak memiliki icon, hanya menggunakan icon standar applications dari Windows. Saat menginfeksi, ia mencoba untuk menanamkan file induknya pada direktori C:\Windows\System dengan nama msvc32s.exe dan dengan attribut hidden dan system, serta membuat autorun baru di registry dengan nama “Windows msvc Control Centers”. Virus yang dapat menyebar melalui media penyimpan data seperti flash disk ini juga dapat menyebar melalui aplikasi Instant Messaging. Pada flash disk, ia akan membuat folder tiruan Recycle Bin yang berisi file dengan nama autorunme.exe, lalu mengarahkan autorun.inf untuk menjalankan file virus tersebut. Jadi, saat user mencolokan flash disk tersebut lalu mengakses drive yang dimaksud, virus tersebut akan aktif.

9. Microso
Virus ini hadir dengan 3 buah file, yakni MicroSoft.pif, MicroSoft.bat, dan MicroSoft.vbs. Ketiga file tersebut saling terkait. Namun, ada satu file yang merupakan induk dari ketiganya, yakni MicroSoft.pif. Ia memiliki ukuran file sebesar 18.432 bytes. Virus luar ini saat beraksi akan mengeluarkan beberapa file .DLL dari dalam tubuhnya yakni Jview.dll dan AcXtrnel.dll yang akan mencoba aktif dengan menginjeksikan pada explorer.exe atau dijalankan melalui Rundll32.exe.

10. Allya.vbs
Virus jenis VBScript ini memiliki ukuran file sebesar 6030 bytes. Saat menginfeksi, dia akan menanamkan file induknya pada direktori Windows dengan nama Thumbs.vbs. Dan dia akan membuat autorun di registry pada HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avctrl. Virus ini juga akan mencoba meng-copy-kan dirinya pada drive flashdisk dengan nama file Thumbs.vbs dan autorun.inf. Jika user mencoba melihat isi file VBS virus, di bagian atas hanya akan terlihat tulisan “‘MICROSOFT WINDOWS SYSTEM DRIVER”, yang disertai banyak enter. Namun jika di-scroll terus ke bawah, baru akan terlihat kode virus sebenarnya. ]]> http://onestopnews.wordpress.com/?p=86 Sat, 11 Oct 2008 03:39:36 +0000 d101m http://onestopnews.no.wordpress.com/2008/10/11/menghapus-virus-tanpa-menggunakan-antivirus/ Dibandingkan dengan saat pertama kali virus komputer muncul di PC pada tahun 1986, ternyata virus komputer generasi sekarang jauh lebih mudah untuk dibasmi. Berbeda dengan virus komputer generasi pertama yang lebih banyak menyerang dan bersembunyi pada master boot record (MBR) dan program executable (.exe dan .com), virus komputer generasi sekarang ternyata lebih banyak ‘menonjolkan diri’ … sehingga menjadi mudah terlihat dan tentu saja menjadi semakin mudah untuk dibasmi.

Virus generasi pertama dibuat dengan menggunakan assembly language (bahasa mesin) sehingga mempunyai kemampuan menyembunyikan diri, bahkan di tempat sulit seperti di MBR ataupun di file executable. Sedangkan virus modern biasanya dibuat dengan menggunakan script language (misal VB Script) - yang secara tehnis berada di bawah tingkat assembly language - sehingga virus-virus ini tidak terlalu pintar menyembunyikan diri.

Di komputer dengan sistem operasi Windows, virus ini memang terlihat cukup ahli menyembunyikan diri. Sebagai contoh, digambar samping virus menyamar sebagai file executable. Hal ini dilakukan karena virus modern tidak bisa bersembunyi di dalam file executable (cmiiw), sehingga yang bisa dilakukan hanyalah sebatas melakukan penyamaran.

Namun Anda bisa melihat virus komputer ini dengan sangat jelas jika Anda menggunakan sistem operasi Linux. Gambar diatas memperlihatkan virus-virus yang ‘tertangkap basah’ di file manager Konqueror dari Linux. Nah, virus-virus komputer ini bisa Anda hapus - tanpa menggunakan program bantu apapun - dengan mudahnya seperti  menghapus file-file biasa, yaitu dengan menggunakan tombol Del.

Bandingkan jika Anda menggunakan program anti virus, sekalipun nantinya virus bisa terdeteksi, namun cukup banyak waktu berharga Anda yang terbuang hanya untuk men-scan keberadaan virus-virus ini. Gambar berikut memperlihatkan tertangkapnya virus-virus tersebut oleh program KlamAV (di Linux) dan PCMAV (di Windows).

Jika diperhatikan, pada screenshot PCMAV ternyata ada virus yang belum bisa ditangani oleh PCMAV (versi terakhir saat artikel ini dibuat). Dengan menggunakan cara ini, Anda bahkan bisa menghapus virus yang belum ada penangkalnya tanpa perlu menunggu hadirnya antivirus terbaru lagi.
Menarik …?!!!

Link | Download MSN Cleaner (softonic)

Look my photo - Internet link: The worms " worm_kelvir.be" y "worm_fatso.a" are circulating on the internet, looking for MSN users.
The virus are distributed in a message that includes a link to a website with the virus. The worm "worm_kelvir.b" downloads a program that can open backdoors in the net, and the "worm_fatso.a", when is executed looks to propagate in the user's contacts net.

Now there is a software that let us to erradicate this virus. Read more about the program

En effet, ont été contaminés par le virus des subprimes beaucoup d'institutions financières sur la planète . On ne connaît ni leur nombre, ni l'état de contagion de chacune d'entre elles.
S'en est suivi un état de panique mondialisé ou chaque institution bancaire ou financière s'est méfiée de ses confrères avec lesquels elle entretenait des rapports commerciaux, et ce par peur de se retrouver elle même contaminée au cas ou elle lui prêterait des liquidités.
La peur de la propagation du virus a crée un état de panique general et l'annulation des échanges. Paralysie totale! .
Chacun a donc essayé de ne compter que sur lui même et de vendre ses propres actions, d'où un marché sans issue, pessimiste, illogique et tourné a la baisse.

Les solutions proposées par les experts professeurs-économistes et chirurgiens-politiciens , en autre d'injecter une aspirine-700M n'ont guère aidé a retablir l' equilibre et a ce jour la panique domine. Fermer l'hôpital Wall-Street qq jours pour le désinfecter ne fera qu'accroître les suspicions.

Souvenez vous la panique des années 80 due au Sida?
Depuis d'ailleurs tout a changé dans les relations sexuelles. On se méfie, on se protège et on éduque différemment les jeunes mais le virus n'a pas disparu et menace chacun qui enfreint certaines règles de base.
C'est exactement ce qui va se passer avec les bourses et le système financier. Tout va changer , fini le libre échange sans maître et sans loi, sans peur et sans conscience. Les grands perdants sont deja atteints du virus du sida financier et pour eux rien a faire, ils sont condamnes a disparaître.
Pour les autres une nouvelle époque commence. En rentrant dans une banque ou chez un investisseur vous saurez dorénavant qu'il faut se protéger, qu'on ne peut plus choisir comme partenaire n'importe qui et qu'une protection de base est nécessaire.
Jouer en bourse ne sera plus le plaisir d'antan. Les temps ont changé. Fini l'insouciance et le gain facile.

Mais ne vous inquiétez pas les nouveaux professeurs de Wall Street nous inventeront un nouveau vaccin destiné a nous protéger du sida financier. Serons nous assez naïfs pour les croire ?

They generate an encrypted with the condition. How in the handling of viruses such as this? Follow this discussion more times!

Closer trends of VBScript is not yet finished. Tthe virus to make local action. This time we will try to discuss one of the VBScript viruses diversified, which use other techniques in infection. Indeed dike tahui virus is likely the virus is not the latest release, the TAP technology is carried other than the virus usually VBScript and there are still some readers who complained about the virus. This virus has the original file size of 5,915 bytes. Small enough, huh?This is one of the advantages possessed by the virus types VBScript, because the size of the file the virus is a relatively small feed for value-added rate can accelerate the spread of this virus.

The virus can run smoothly on the Windows XP operating system that we test it. Glance, if seen in the visual use Notepad, type of virus that has extension .Extension. vbs in this present condition encrypted. We can know when opened, because the only characters that appear strange, however, if more circumspect, at the top of there string string "RPVBLK = True" or "RPVBLK = False", and at the bottom there is a normal routine as the decryptor which can be read.

Enkripsi Encryption

Not difficult to do in the body of the description of the virus.Because any encryption, which also apply it, the past can be disclosed because the body is actually in there decryptor routine, which will translate to byte-per-byte in its original form. Encryption that he do is just play the game characters, only the progress or reverse the characters are, usually known as the Caesar Cipher. The camp only do insert some routine that will make dumping in the text that has indicated camp and can easily learn gestures from the virus source code.

When the whole body of the virus successfully in-Decrypt, right at the top of the script source, the visible string some comments that marked as "Repvblik Ver 2.0 ^_^!", and also beberapa pesan yang ia sampaikan. some of it to the message.

Virus di StartUp Virus in the startup

The first is, of course, he did create the master file. So, when the virus executed on a clean computer, it will create an original master file that he placed in the directory of your start up, which can be found in the Start Menu> startup by the name Repvblik.vbs. itself, if the file is the master file or files that have been infected? ling over the script's source, namely, "RPVBLK" that can be valuable True or False. File parent virus will also be running automatically when Windows starts.

Messages

Along with the addition, it will create a new directory on drive C: \ with the name Repvblik. In the directory or folder, you will find a text file with the name Repvblik.txt which is a message from the creator of the virus. Not only are there, because in each of the first directory level, he certainly will not find the file there Repvblik.txt. And while active in memory, if viewed using Task Manager, Task Manager, users will not be able to see the process with the name of the virus resembles vbs file name, because when a file is accessed or vbs clicked, Windows will automatically run a program that can be wscript.exe as a translator from the script. Jadi saat virus ini aktif, process virus yang tampak di Task Manager hanyalah process wscript.exe. So when the virus is active, the process of viruses that appear in the Task Manager is wscript.exe process. Quite difficult to specify whether the wscript.exe vbs file to run a virus or not, as some users can still utilize the VBScript language to create a small script that can ease the work. However, if you use the more advanced programs, such as Process Explorer, You can track every detail of process. Only by clicking on the desired process right, and then click Properties, you will find information on what the script is run by wscript.exe on the editbox Command Line in the Process Explorer.

Documents infection!

After the master file is created successfully, he immediately launched latest moment, namely, Files that will infect  by this virus is files with the extensions DOC, XLS, PPT, PPS, and that RTF is not foreign in your eyes. The infecting groove can be all learned to read with a clear routine functions that give it a name explore_folder_and_infect_file found on the body. How they actually do is very simple, he will find in the My Documents directory of files with the extensions included in the sub directory, if he find it with a sprightly, he will infect its. With previous he had to delete the contents of the folder that contains Recent data file that was last opened.

How infecting is the way to append files infected document that will be at the bottom of the body of the virus. So if you have files with names such as Projects. doc, the virus will read the entire contents of the file, then get the contents of the document file is in the bottom of the body of the virus, and give a sign of the string "RPVBLK = False" in the early part of the body of the virus, which means the virus has already infected files. This is also done by other viruses that have the ability injection, so the file infected is not infected again. And file the original document will be deleted. Of course, now have your document file into a file VBScript, which of course can not be opened with Microsoft Word. However, you do not need to confusing, let PCMAV do its work to restore the document to your circumstances such as when first document.Last time it infected file is run, the virus will be first to extract the files contained documents on his body in the current directory, then run again himself, and as if Coolest nothing happens.

Registry manipulation

Repvblik virus, it will be a canny attempt to change the default icon of each file vbs to use Microsoft Word icon. And change the file type is a "Microsoft Word Document," and the extension of the display. Vbs in Windows Explorer by adding items NeverShowExt on key VBSFile in the Windows Registry. Of course, if this is the case, the user public will not be able to distinguish between the original files are files with the virus.

Rename MP3 Rename MP3

Not only menginfeksi documents, he began to infect music files to your MP3 collection. Each MP3 file that he will be found in the rename-by. That he do is add the string "Repvblik_" in front of the name of the MP3 file that he will infected.

Flash Disk Flash Disk

Be careful if you find files with names such as "I am So Sorry.txt.vbs", "Free SMS via GPRS.txt. vbs”,”Indonesian and their corruption!! vbs "," English and their corruption! .txt.vbs”,”Never be touched!! . txt.vbs "," Never be touched! .txt.vbs”,”Make U lofty.txt.vbs”,”Thank U Ly.txt. . txt.vbs "," U Make lofty.txt.vbs, "" Thank U Ly.txt. vbs”,” The Power of Midwife.txt.vbs ", or" NenekSihir and her Secrets.txt.vbs "device on your removable disk, it is the name of the file that he normally use to spread.

Source paper: http://www.pcmedia.co.id by Arief Prabowo Arief Prabowo

Aşağıdaki belirtilerden biri yada birkaçı bilgisayarınız da mevcut ise dosyayı indirip ilgili virüsü temizleyebilirsiniz.
1-bilgisayarımda C,D,E.. sürücülere çift tıklama yöntemi ile açılamaması, sağ tıklayıp aç deyince açılması
2- Sürücülere çift tıklama yöntemiyle açmaya çalışınca hata vermesi
3-Sürücülere sağ tıklayınca Normalin dışında menülerin olması

Buradan dosyayı indirebilir, şuradan da virüsün neden olduğu hatanın fotoğrafını görüntüleyebilirsiniz...

Flash belleğinizi temizlemek için doğru kitin bu olup olmadığını, şuradaki resim aracılığı ile anlayabilirsiniz...

Kita semua sudah sedai maklum bahawa memuatturun aplikasi yang tidak diketahui asal usulnya adalah suatu amalan yang membahayakan.

Kini golongan tertentu telah menemui suatu kaedah, yang bukanlah suatu tektik baru, untuk memasukkan program mereka ke dalam komputer anda.

Senario yang berlaku adalah seperti berikut:

• Pengguna menerima 'link' untuk video dalam e-mail mereka.
• Bila pengguna klik pada 'link' berkenaan, mereka akan dimaklumkan bahawa video yang dicari itu tidak akan dapat dimainkan dengan betul hinggalah dipasang 'aplikasi' tertentu!
• 'Link' yang disediakan itu juga merujuk kepada program hacker berkenaan.
• Setelah program berkenaan berjaya dipasang pada komputer anda, ia seterusnya akan menjurus anda kepada lama YouTube yang betul, lantas menyembunyikan pencerobohan mereka itu.

Terdapat dua tanda yang ketara bagi mereka yang peka bahawa ia adalah palsu.

1. Ia adalah 'link' yang dihantar kepada anda!
2. Alamat YouTube pada lama web bukanlah alamat YouTube yang sebenar!

Yahoo! News

Full article w/ video: http://preview.tinyurl.com/webcamhackers