::[ ecam domain ]::

It's all about an otaku, half vamp and dot dot dot dot

Thursday, August 23, 2007

Rise of Trojan

Trojan come in all kind of form. Even a detergent. I miss the day when the virus is easily detected and most of them is TSR type and easy to know without antivirus software. I still remember the brain virus. It infect MBR. Virus during that time didn't propagate easily compared today. Not to mention all those ware ware. Spyware, adware, malware.

Floppy can transfer small file and virus to those unwary. But people know that virus can come with it. Nowadays, some peoples are ignorant enough to plug in here and there when they see 'USB hole'. In Malay, they said "pantang nampak lubang" .Think of it as free sex without condom. Some people like me have antivirus program such as avg or at least some form of condom but they get through. True to its name, it is an antivirus, not anti trojan. Remember brontok? and all those downloader virus.

All those multiware spread at high speed since the invention of pendrive or thumb drive. Easy to carry around and become smaller each year. This is the number one playboy. And very hard to deter. Nearly every student have one just like a handphone. Not to mention that the owner easily attracted to a computer. "What file you got? Got mp3? Want to copy la." Nooo, the pendrive goes in. Kaching.

I still remember my first pendrive. My first pendrive has size about 3inch long and half inch thick. Hard to reach the port especially at the back of the computer case. Then the computer case come with usb port at the front casing. Oh not to mention that the port is a lot too. So many 'lubang'. 2 increased to 4 then 8. Some computer even have 12 using USB hub.

Old window don't have this problem. I remember that each time I want to use pendrive at a win98 computer, i have to bring a driver disk. Then came the win xp. autoplay feature is the culprit. You didn't need driver and most of the computer easily infected by the autoplay virus. The autoplay start up the multiware and it replicate into the ram. then it find its way into the system32. ohh, don't forget that most of the multiware have rootkit. In other word they run as system service. These guy is the hardest to remove.

So how to know you're a carrier?


You have a pendrive. Plug it in. If it is your pc, it probably infected already. Go to my computer, right click it. See if you can see any autoplay option there. If you do, you're in trouble. Then checkout your pendrive. Search for any folder.exe or XXXX.exe where xxx is your folder. Trojan usually didn't infect file or program but to stay on the safe side, assume they do. Some of the trojan masquerade as jpg or txt. For example, hana.jpg.exe . A default windows view hide your file extension. So you probably see hana.jpg and click it.

How to detect them in your PC?

You have an antivirus program and it have the latest update. Then you realize that your pc is sluggish. That is a sign. And the antivirus program didn't say anything. I have a lot of these experience. Thrice I had to format due to incapable antivirus program. So here a few step to detect those hidden trojan.

  1. Close all application running in foreground and background. Close your antivirus program, download manager and all leaving only a clock and a speaker icon in the taskbar. Then press ctrl alt del. It will bring up the task manager. Switch to the process view. Monitor them for a few minute. Yes, you cannot see a virus process here but the point is a virus use cpu time and we want to check if the cpu time is used correctly. These process usually spike a little, explorer.exe, lsass.exe svchost.exe csrss.exe taskmgr.exe. All this process spike should not exceed 5 to 6%. If they do, there are something wrong as at this state, your computer should be idle. If the total CPU usage reach about 20% or more, there are hidden process running at the background.
  2. Open my computer then click tools. Check if your folder options is still there. If it is missing, you got multiware. The usual suspect is brontok. If it still there, proceed to step 3.
  3. Click folder option then the view tab. Scroll down and choose show hidden file. Untick the hide protected view. Then click apply and ok. Then create a new folder. Right click it and choose properties. tick the hidden attribute then ok. press f5. See if the folder missing. If it do, then you got a multiware. The hidden folder should stay in view but in gray mode indicating it as hidden.
Oh no I got the virus

First of all, panic!!. Then get another antivirus and do a complete scan. I suggest Kaspersky. You can use the trial version. Or you should scan using online virus scanner. google for it. After a complete scan, reinstall your windows. Backup your document and your saved program. It would be good to format the whole computer. Oh be warned of system restore. Turn it off before you do a complete scan. Sometime virus can be hidden in system restore data.

After that install the best antivirus you can afford. Disable autoplay function. To find the best antivirus, google for top ten antivirus performance. There are a lot of performance report out there.

Good Hunting

Monday, August 20, 2007

Convocation Day

First time I woke up early today. Well, up and surfing at 5am. Then watch the sunrise thinking that today will be the last day in UTM IF i didn't have the accident and broke my leg during my first year. I'll be graduating today with Zaidel supposedly. Well, the time will come sooner or later.

While wasting time watching sunrise, I remember something. It was during the trip to Auckland last time. I was wearing a slipper sightseeing around the town. It seems funny for a tourist to walk around wearing toilet slipper.My shoe was brand new that time plus it is heavy and it hurt my feet. And I think that the temperature is about the same as this morning.

Auckland have strong sunlight but the temperature was nice the last time i went there.

This year, all planning to go abroad went out of the window. My mother fell sick and had to undergo operation to insert impant into her neck. Scary. And the operation alone cost 40k. So no money left. And with here still recovering, well it will be rude to leave here at home right?

Later.

Friday, August 17, 2007

Errand Runner

Just finish watching logh. I told about it in previous post. It is good. Real good even it is an old anime. Well, have you guys heard of errand runner? Do you think that an owner of a restaurant buy all he needs at the market? Think again. Errand runner is people that bought things for you at a fee. Usually, you give some market price money to him and a small fee. Depending on how good is the runner at haggling, he can get more money and kept the rest. Interesting is it? All you have to do is get a transport, some referral or reputation and word power. Voila. That's a lot of money. I have an auntie who did the same thing and she bought a house, a car, and a lorry with it. And guess what, she only deal in vegetables. Imagine if she supply poultry, dry food, fish and other thing.

And a restaurant consumed those thing at a high rate daily. If you manage 3 to 4 restaurant, you can get around 800 per day, in a month working at 20 days earn you a hefty 16000. Woah, five figures.

See, it is a chance of business and doesn't need much.