Beware of Computer Virus Brings Friend

Computer viruses this one includes unique. Not only interfere with the victim, the virus also has the ultimate weapon is more dangerous. If the victim's computer connected to the internet, the virus will download other viruses. 

Remarkably, the names and types of viruses that are downloaded is different for each target computer either from the name and size. This is what causes many antivirus programs although difficult to perform detection and cleaning. If the file is successfully downloaded, it will automatically activated on the computer and perform a series of malicious code that has been planted in his body. 


In general the class of virus trojan / backdoor is a bit tedious. He will always connect to the internet to call a predetermined website address which will be shown continuously causing a computer to be slow. When accessed this virus will inject a file that has the extension EXE, DLL, and HTM / HTML either program files or Windows file system so that needed special cleaning steps. 


Characteristics and symptoms
Antivir5us detect this virus as Win32.Siggen.8 while for the other files are recognized as the Trojan.Packed.21232, Trojan.Hotrend.34 or Trojan.Starter.1602 so-called W32/Ramnit (Win32.Siggen.8). Here are some characteristics and symptoms if the virus infected computer W32/Ramnit (Win32.Siggen.8) 


1. Internet Explorer will display the application containing the offer or advertisement of investment, gaming and promotion programs (sometimes displaying porn ads) in significant amounts continuously for internet connected computer that spends a lot of bandwidth for the ads displayed and resulted in a slow internet access. 


2. Icon Removable media (USB Flash) turned into a folder icon. 


3. Users can not access the USB Flash to display the message "Access is denied" 


4. The message "Compressed (zipped) Folders" at the time of accessing the Flash disk 


5. It comes a lot of files with the file name "Copy of Shortcut to (1). Lnk" s / d "Copy of Shortcut to (4). Lnk" in the USB Flash. 


6. One of the unique and very easy to make this virus is active and difficult to eradicate is that every time a user right-click, in addition to displaying the right click menu, indirectly computer users also run the virus.
To spread itself, it will use the USB Flash to take advantage of the autorun feature of Windows. 


How to clean up
As already explained that this virus will inject a file that has the extension EXE, DLL and HTM / HTML both program files and Windows file system. Therefore, cleaning should be done in DOS mode. To facilitate cleaning please use the Windows Live CD Mini PE (please search on the internet). Then download Dr.Web CureIt tools! in http://www.freedrweb.com/cureit/?lng=en and should be done on a computer that is not infected with the virus. Tools for Dr.Web CureIt! not infected, should be in ZIP and the password. 


1. For cleaning can be done optimally, you should scan all the HDD including USB flash or external HDD, this is because the virus is akaan drop some files on a USB flash or external HDD. 


2. Before doing the cleaning should block viral duplicate files by using the "Software Restriction Policies". This feature is only there on the operating system Windows XP Pro, Vista, 7, Server 2003 and Server 2008 in the following manner:
· Click the [Start]
· Click [Run]
· In the Run dialog box, type secpol.msc and then click the [OK]
· After the screen appears "Local Security Policy", right-click menu "Software Restriction Policies" and click "Create New Policies" or "New Software Restriction Policies" if using Windows Vista / 7 


· Then right click on the "Additional Rules", then select "New Hash Rule ..."
· Then the screen will display "New Hash Rule." In the column "Hash Files", click the [Browse] and specify one of the viruses that have duplicate file icon "folder" with a size of 105 KB (example C:-Windows-Explorermgr.exe) and click the [Open]. In the "Security Level", select [Disallowed]. Then click the [OK]
3. Connect the USB flash and external HDD to the computer. 


4. Use the Web Dr. Live CD to eradicate this virus completely. Please download the software at http://www.freedrweb.com/livecd/?lng=en address you are advised to always download Dr Web Live new CD every time you want to use to clean up and eradicate the virus. If you use the DR Web Live CD a long time, then the virus definitions contained in the CD will follow the last time you download Dr Web Live CD. 



Another alternative is that you use antivirus software Dr. Web Pay is distributed by virusICU http://www.virusICU.com.
a. After the software is successfully downloaded Dr.Web LiveCD, burn into CD / DVD b. Connect the USB flash and external HDD to the computer c. Booting the computer through a CD / DVD ROM d. Then the screen will display "Welcome to Dr.Web LiveCD" e. Select "Dr.Web LiveCD (Default)" and then press the "Enter" on your keyboard f. 

Wait a few moments to appear Dr.Web LiveCD interface that will display the application "Dr.Web Scanner" automatically. Dr.Web Scanner is working to examine your computer from viruses. g. To scan the HDD, the screen "Dr.Web Scanner" select a location that will drive in check and make sure you check list option "Scan subdirectories" for Dr.Web can conduct examination on the directories and subdirectories for optimal cleaning. 

If the screen does not appear Dr.Web Scanner double-click the icon "Dr.Web Scanner" contained on the Desktop. h. Then click the [Start] to begin the process of examination (scan) i. Wait a while until the scan is completed. If you find any viruses, Dr.Web will inform the infected file and the type of virus that infects the virus information is available column. j. 

Click the [Select All] to select all the objects / files to be in the clear or you can specify which files would you clean it with a check list on the options available k. then click the [Cure] to clean up files that have been infected with the virus l. Wait until the cleaning process is completed m. Scan the computer to ensure clean your computer from viruses n. Restart the computer. by:vaksincom