Menu



error This forum is not active, and new posts may not be made in it.
1
Being Shuvo

617
237 Posts
237
Invite Me as a Friend
Tutorial Malware Description and Removal Guide
8/12/2013 10:15:32 AM
Hello all , After the Silent , it's time to posting something .


Purpose of the Thread

Computer/Network Protection.
This Guide is dedicated to every reader of this thread!


Whats included in this thread?

Well it will include descriptions, and how to remove part outsource.

What else?
In this thread I will quote some other threads , comments , and side notes to make this thread much more useful. So if I somehow forget to mention source writer please ignore it.

What are the things/ Apps causing damage to the system?


Virus

Adware

Trojan

Worm

Spyware

Malware

Types of Computer Viruses




What is a Computer Virus?


A potentially damaging computer program capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user.


Types of viruses :-

The different types of viruses are as follows.

1)
Boot Sector Virus :- Boot sector viruses infect either the master boot record of the hard disk or the floppy drive. The boot record program responsible for the booting of operating system is replaced by the virus. The virus either copies the master boot program to another part of the hard disk or overwrites it. They infect a computer when it boots up or when it accesses the infected floppy disk in the floppy drive. i.e. Once a system is infected with a boot-sector virus, any non-write-protected disk accessed by this system will become infected.

Examples of boot- sector viruses are Michelangelo and Stoned.


2)
File or Program Viruses :- Some files/programs, when executed, load the virus in the memory and perform predefined functions to infect the system. They infect program files with extensions like .EXE, .COM, .BIN, .DRV and .SYS .

Some common file viruses are Sunday, Cascade.


3)
Multipartite Viruses :- A multipartite virus is a computer virus that infects multiple different target platforms, and remains recursively infective in each target. It attempts to attack both the boot sector and the executable, or programs, files at the same time. When the virus attaches to the boot sector, it will in turn affect the system’s files, and when the virus attaches to the files, it will in turn infect the boot sector.
This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.

Ghostball was the first multipartite virus, discovered by Fridrik Skulason in October 1989.

Other examples are Invader, Flip, etc.

4)
Stealth Viruses :- These viruses are stealthy in nature means it uses various methods for hiding themselves to avoid detection. They sometimes remove themselves from the memory temporarily to avoid detection by antivirus. They are somewhat difficult to detect. When an antivirus program tries to detect the virus, the stealth virus feeds the antivirus program a clean image of the file or boot sector.

5)
Polymorphic Viruses :- Polymorphic viruses have the ability to mutate implying that they change the viral code known as the signature each time they spread or infect. Thus an antivirus program which is scanning for specific virus codes unable to detect it's presence.

6)
Macro Viruses :- A macro virus is a computer virus that "infects" a Microsoft Word or similar application and causes a sequence of actions to be performed automatically when the application is started or something else triggers it. Macro viruses tend to be surprising but relatively harmless.A macro virus is often spread as an e-mail virus. Well-known examples are Concept Virus and Melissa Worm.

▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇


Adware


the programs which delivers ads to your computer most in POP-UP's form.

also software that is given to the user with advertisements embedded in the application


▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇
Spyware

The programs which are used to monitor/Log the activity performed on a computer. These are used to spy on some one either for legal or illegal purpose. Example: Keylogger applications.

▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇
Worm

Computer worms are programs which reproduce and function independently after jumping through different computer networks. Unlike a computer virus, which depends on a host file or a boot sector, rely on its own programming.

Email Worms

Infects computers through attachments or an HTML link that will navigate readers to an infected website. If either are opened, the worm will be downloaded and infect the computer.

Instant Message Worms

Appear in IM(Instant messenger) applications and send links of infected websites / Files to your contacts
Such as Omelga Spreading


Internet Worms

An Internet worm will scan network resources using a local operating system service to find vulnerable machines, then try to connect and gain full access to those machines. They also scan for systems that have usable exploits, some of which allow the worms to send data packets or requests to install itself.

IRC Worms

Targets chat channels by either sending infected files or links to infected web pages to users. Unlike other worm types, this one is usually less effective, as IRC recipients must confirm the file request, save the file then open it before the worm can infect their computer.


File-Sharing Network Worms

These worms copy themselves into a shared folder and appear as a harmless name. Once the file begins to spread in the file-sharing network, so will the worm, which will continue to infect other systems in the same fashion


Source for the Worms From WikiHow

▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇
Trojan
Trojan is a program which is used to gain access to a computer by installing a program on infected PC to open some backdoor. Trojans are also known as Backdoors.

Types of Trojan


Software Detection Killers(Botkillers/ AV killers)


As the title states this kind of trojan is used to Kill , Delete , Stop the Anti-Virus Software that is installed in your system

Password Sending Trojan / Stealers


Stealing your details such as , User logging , address lists, credit card or banking information and send to the hacker who made the trojan.


Destructive trojan


Destructive Trojans delete files. They can be instructed to automatically delete all of the core system files in an operating system, including DLL, EXE or INI files, on the host PC


Denial Of Service(DoS) Attack Trojans


Multiple PCs are infected with a zombie that is scheduled to attack specific websites simultaneously so that the heavy traffic volume will overload the site's bandwidth

Remote Access Trojans(RAT's)


Remote Access Trojans are simply every one knows in the Hacking Community i guess ,

Which can Control Almost every activity on your PC like TV but without knowing the User

Server Trojan(Proxy, FTP , IRC, Email, HTTP/HTTPS, etc.)


This Server Trojan is a Sub Title for Trojan as well , it include


FTP (File Transfer Protocol) Trojan


If you know , your computer have port to connect to the network.
this trojan open the port 21 which Transfer the FTP Datas and it can Upload or Download from it

Downloader


Downloader Trojan downloads Trojan from another system or host

Proxy/ Wingate Trojans

Proxy Trojans transform a computer into a proxy server, either making it available to all Internet users or just to the hacker. This type of Trojan is developed to create "economizers" that are then used to provide complete anonymity for illegal actions, including buying merchandise with stolen credit cards and initiating Denial of Service attacks. If the hacker's actions are tracked, they are then traced to the victim's host PC rather than the actual hacker. Legally, the computer where the attack is launched is responsible for any damage the attack causes.


^wikihow


▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇


Malware


Malware is another name for virus software which is designed to delete, block, modify or copy data, or disrupt the performance of computers or computer networks


Generally, malware includes any virus software used to automatically conduct malicious activity, such as:


  • A computer virus
  • A worm virus
  • Adware, scareware and crimeware
  • Malicious tools such as spyware and rootkits
  • A trojan virus or trojan horse virus


Thats all for those and i much appreciate if Someone have better thought modify the thread



So After that what cause Critical issue to our system ?

▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇

Software Vulnerability

if you are aware of Daily Hacker News and Security News sure you do not belong to here

like Internet Explorer 7,8
, Java Vulnerbility - an attacker could use the exploit to run arbitrary code on, and remotely compromise, a vulnerable system.

Drive-by's


Commonly known to Java Drive-by most of . This is Perform a Action to User download a Infected file

Silently ,
Asking for Updates , More Video player , plugin is specified for this

freeware / file sharing site/Fake Apps / USB Stealers


Like Some People Posting on the Site saying, Auto Clicker , Crypter , such thing ,


no-longer going to give information about Spreading , since you can find more .




▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇

Hacker Have some favorite tools also otherwise above mentioned Malwares

  • Binders
  • Crypters


What is Binder


A tool that combines two or more files into a single file, usually for the purpose of hiding one of them. Commonly associated with Trojan horses, where the Trojan is bound to a real file, such as a text file that opens with Notepad or other program. The users believe they are opening a safe file, and that is what appears on the screen, but at the same time the file is running, the Trojan is also running, usually undetected by the user.


What is Crypter


A crypter is used to make well known hacker's viruses (Malware) undetectable by anti-virus software by changing the virus program signatures that anti virus programs have in their databases to make them easier to spread


▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇


So Now you have good Amount knowledge about how you getting infects from malware .

Let's do some clean

Lets starts with the Anti-Virus guard protection


  • #1 Bit Defender Anti Virus
  • #2 Kaspersky Anti-Virus
  • #3 Panda Antivirus Pro
  • #4 F-Secure Anti-Virus
  • #5 AVG Anti-Virus
  • #6 Avast! Pro Antivirus
  • #7 G Data AntiVirus
  • #8 BullGuard Antivirus
  • #9 Avira AntiVir Premium
  • #10 ESET NOD32 Antivirus


Above List has listed with 2012 Vote ratings is

Best of 2012 Antivirus
site .

if you can find / buy a Key it is great , but also free versions are good with the situation ,

Note that : Don't ever Use any cracked software which saying , "Close your FF , AV before crack" or else.

and Okay , we have the virus , is it enough ? if you read above Malware description Clearly figure out Only AV is not enough


Threat Fire




Simply it is doing When you are pressing key board key it is Crypting the key stroke so key-logger function useless with this


Goto Site and see more: Click Here



Also Key Scramble Doing the Same Job


KeyScrambler Personal promises to encrypt your keystrokes at the level of your keyboard driver and decrypt them when they reach your browser so they're visible to you


Click here to Download


Installing Anti-Malware


I have 2 suggestions Malware Byte or Super Antispyware , Just download One Application as your Opinion ,

Most users Rate Malware Byte is good ,

Click On Image to Download and more info




Note : if you need MalwareByte Pro Premium Key Post here or , Just Send me a PM






Lets goto Next Step : Installing Firewall


In the Windows , inbuilt Firewall / Windows Defender pre installed into your PC , it also a good one .


But in case we need some times much protection,

So my suggestions are Comodo Firewall

Click on the image to Download :





Last Not least : Tweaking up your PC after All .


Install Good System utilities Tool Such As Advance System Care Pro , Tune Up or CCleaner ,


and Make a Scan for your System Perform Increase , Registry Cleaning , Old Files Deleting , Etc



This image has been resized. Click this bar to view the full image. The original image is sized 804x534.



Note : if you need Advance System Care Pro Premium Key Post here or , Just Send me a PM (Out of Stock , Use google)




This image has been resized. Click this bar to view the full image. The original image is sized 700x500.


And When you are running Specious File Always run it inside SandiBox Or VM (Virtual Machine)


I Will Quote
The 7th Sages This SandiBox Thread

This image has been resized. Click this bar to view the full image. The original image is sized 648x252.

Introducing Sandboxie


Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.




The red arrows indicate changes flowing from a running program into your computer. The box labeled Hard disk (no sandbox) shows changes by a program running normally. The box labeled Hard disk (with sandbox) shows changes by a program running under Sandboxie. The animation illustrates that Sandboxie is able to intercept the changes and isolate them within a sandbox, depicted as a yellow rectangle. It also illustrates that grouping the changes together makes it easy to delete all of them at once.


Benefits of the Isolated Sandbox

Secure Web Browsing: Running your Web browser under the protection of Sandboxie means that all malicious software downloaded by the browser is trapped in the sandbox and can be discarded trivially.
Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.
Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.
Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.

Download:

http://www.sandboxie.com/SandboxieInstall.exe

Have a NICE day!
BeingShuvo
+1
1


facebook
Like us on Facebook!