Remove Virus

AVG PC TuneUp Utilities

2015-01-16T12:05:00.001+07:00

AVG PC TuneUp Utilities is a department store program Latest from AVG to optimize your PC or laptop, fix the problems that affect the performance of your PC and enjoy your PC running more cepat.Singkirkan trail that tells your activity and remove the files you want to increase the speed of your pc.

Fix register problem causing traffic jams and crashes

Registry Cleaner and Registry Perapi

Fix register the scattered and damaged that memory spending, slow down your application and cause stability problems overall.
Disk Cleaner scans your hard drive to find files that spend disk space and slow down your computer. This may include temporary files, Internet browser cache or a file dump. Registry cleaners scan your registry to fix problems that cause computers to slow down, freeze or even crash.

Optimize your Internet connection
Internet Optimizer

Internet Optimizer automatically adjust settings for your Internet connection to speed up your online activities.
This tool will speed up your Internet connection by optimizing the arrangement - including the Max MTU and RWIN - especially for the type of Internet connection you use. In addition, Internet optimizer will test your connection settings before applying the changes.

Restoring accidentally deleted files
Recovery files

AVG PC TuneUp comes complete with a file recovery tool so you can recover files damaged or accidentally deleted in Windows.
This tool will restore files accidentally deleted or damaged file. Recovery of files also allows you to see samples of photos and documents while exploring the list of found files.

Deleting files and cleaning the disk permanently
Destroyer file and disk sweeper

Deleting a file or folder references eliminate them but did not delete the actual data stored in files. This means that files that you consider to have been deleted can be easily restored.
Destroyer files permanently delete files so that your personal data can not be recovered. This tool provides four options the destruction process, which ranged from the destruction process quickly until the level of military security. Disk cleaning tools can be used to clean the whole drive and to provide extra security. You can also turn off system restore while cleaning the disk to ensure there is no copying files during cleanup.

Protecting your privacy
Trace eraser

A lot of information about your activity recorded in PCs. Trace eraser will help you protect your privacy by deleting personal information from your computer.
When you surf the Internet, open a document or run a program, your activities recorded. Trace trace eraser hide this so no one can see which website you have visited or where the document you just opened.

Increase your disk speed
Perapi disk and registry

Disk defragmentation optimizes your file system to optimize your hard drive. Enjoy your hard disks for faster and more stable computer running smoothly.
Perapi reorder disk files on your disk so it can be read and written quickly. It improves application response time, system boot speed and overall computer performance. The same tool to clean your Windows registry with re-writing to eliminate fragmentation, the fragmented space and damage to structures

Trick for AntiVirus Program

2013-08-28T00:44:00.001+07:00

Online Research

The main reason for performance testing antivirus products is that not all antivirus packages are created equal when it comes to providing PC and web browsing protection, memory usage, background scanning speeds, virus detection and removal, etc.

Antivirus suites should have at least the following modules:

Online Antivirus Scan

If you do not have any antivirus software currently installed on your PC and you have been surfing the web, then I strongly suggest you scan your system with an online antivirus scanner before you download and install any trial antivirus suites.

Installed Antivirus Software

If you currently have any antivirus software already installed on your system then this must first be uninstalled completely and your system restarted before installing any trial antivirus packages.

Recommended Uninstaller Program

After you have downloaded and installed Revo Uninstaller, use it to uninstall your current antivirus program. If for some reason, when you go to install an antivirus trial and it will not install due to some leftover files from the previous antivirus program then download the previous installed antivirus programs removal utility from the vendor's web site and run it.

N.B. Restart your computer after you have uninstalled the antivirus program.

System Resource Usage

How to Check System Resource Usage

This screen shows memory and CPU usage of your computer.

Once you have noted the memory and CPU usage without the trial software installed on your system you can now go ahead and install the trial antivirus package.

You then need to run a full antivirus scan of your system and repeat the memory and CPU check while the antivirus scan is running. Again, note the memory and CPU usage.

Once you have completed your testing of the first antivirus trial suite, uninstall it as per the instructions above with the Revo Uninstaller program and repeat the testing process for the other antivirus trial suite software you have downloaded.

Results

If your PC performed badly with all of the antivirus trial software, the memory cannot be upgraded and you ran the Advanced System Care before testing the trial software then your system may require a re-installation of the operating system.

The need for antivirus protection is of paramount concern for virtually all PC users.

First Things First: What IS a Computer Virus?

A computer virus is just one of three types of programs known as "maliceware". Most antivirus programs are designed to detect and defend your PC from all three threats.

What Does an Antivirus Program Do?

Antivirus programs take two common approaches to recognize threats to your computer.

1. Signature Detection: Via Signature Detection an antivirus application scans your computer, drives and storage devices for files that contain a code it recognizes as a virus variant.

Antivirus applications that scan for potential computer virus activity can be more useful at detecting the latest threats than those reliant on signature detection. Most of today's "solid" antivirus programs utilize a combination of both signature detection and virus activity to protect your computer against threats.

How to Choose the Antivirus Program that is Right for You.

Risk generally equates to your computers exposure to outside applications, files or connections. If you were to operate a computer that would never come into contact with any program or file not manufactured by a secure source, then you have virtually no need for an Antivirus application. There are many good antivirus programs that will fit this need available as shareware - a free download - throughout the internet.

Antivirus software manufactured for business and home can be two very different applications both in cost and effectiveness. Home versions generally cost less and come with fewer options than business based antivirus programs. Most corporate versions of antivirus applications allow for a central point of control over entire networks. Protection can be divided between internet or application servers and individual PCs. Exchange/mail and internet server protection is a must, as well as protection for mission-critical file and application servers. Usually business antivirus programs come as a server based application. Clients, or additional licenses, are purchased for each computer or user that connects to the antivirus server.

With Regard to the Antivirus Program Itself:

The best antivirus manufacturers release updates on a daily basis and often offer updates to their programs on a real-time, as needed basis. The ability for an antivirus software manufacturer to release constant, and relevant, updates to their programs should be of great concern to the user. - Just like all applications and operating systems, antivirus applications will use your computers processing power, memory and storage space to function.

Flame, Super Sophisticated computer viruses and dangerous attack Iran

2012-07-10T03:01:00.000+07:00

Kaspersky Lab, is conducting an investigation with a new computer virus that was mentioned the most sophisticated in the world. The virus, dubbed the "Flame" is intended to attack Iran and several countries in the Middle East.

Kaspersky party suspected, the virus is made by the government of a country. The complexity to Kapsersky own needs help to cope with this virus.
Kaspersky suspect, the virus is made by the government of a country. Viruses are tricky to overcome, so Kapsersky need help to cope with this virus.

Reported, the new virus code has a size of 20-fold compared to the size of the majority of malicious software programs generally include Stuxnet. Worse, the new virus is suspected to have been circulating since last five years and infect a computer in Iran, Israel, Sudan, Syria, and Egypt as well.

Iran has repeatedly accused Western countries and Israel to make malicious programs to attack them. In addition to Stuxnet, other malicious programs that have hit Iran is Duqu.

Some of these viruses such as the ability to collect confidential data, change the settings in remote computer, turn on a computer microphone to record conversations, take a screenshot and copy the conversation in instant messaging. Israel accused of being behind this after Kaspersky detects virus infection in several Middle Eastern countries. This was confirmed a statement by Israel in the American observer states Flame is part of the action of the Jewish state cyber warfare

5 Kick-Ass New Virus Attacks

2012-07-10T02:44:00.001+07:00

Many new ways that do hackers to spread viruses in cyberspace. Here are some new type of attack that was launched by Kaspersky.
In April 2012, reported 700 thousand Mac OS X computers worldwide are infected with Trojan Flashback. Infected computers to be combined into a botnet that was given Flashfake, allowing cybercriminals to add other malicious module into the computer.
Way is quite unique and relatively new in cyberspace. Even Flashfake attack had begun seeping into the WordPress blog in late February to early March 2012. About 85% of these blogs are in the United States.
Here is another type of attack is also very dangerous.

Blackhole Exploit Kit

Kaspersky Lab reported the presence of two activities that use Spam Blackhole Exploit Kit to install malware. The first occurrence is found on Twitter, where more than 500 infected accounts.

Activity is sending spam to the users twitter link that directs them to malicious sites that have Blackhole Exploit Kit, then the site will be installing scareware into the computer in the form of fake anti-virus notification is sent to computer users scan their systems to look for infection.

Email Phishing

This method is actually quite old school, but now increasingly enhanced by various acts of deception that spit. One case in point occurred in late March when many users receive a spoofed email U.S. Airways.

The cyber criminals phishing email in an effort to deceive the people are clicking on the email sent. The link offers a 'reservation details online', including a choice of check-in flight with U.S. Airways.

If a link is clicked, the user will be redirected to a fake website which contains the Blackhole Exploit Kit contains a banking malware. Banking malware will install itself into the computer and steal confidential data online banking users.

These spam messages sent in bulk while the criminals the people who will be waiting to book flights with U.S. Airways, and directing them to click a link in the email you send. mobilize them to malicious sites that have Blackhole Exploit Kit, then the site will be installing scareware into the computer in the form of fake anti-virus notification is sent to computer users scan their systems to look for infection.

Malware Ponsel

Early April, a new type of Android malware found in Japan. Unfortunately, the incidence in Japan is nearly 30 malicious applications are available on Google Play and at least 70 thousand users have downloaded one of 30 such applications.

Malware of this type can be connected to a server that has been determined. If a connection occurs, the malware will download the MP4 video file. This malware is also capable of stealing confidential information from the infected device, including contact names, email addresses and a list of telephone numbers available in the Android device. Kaspersky Mobile Security detects this malware as Trojan.AndroidOS.FakeTimer.

TigerBot

Another type of attack that strikes a smart phone users are TigerBot, malware is controlled via short messages are increasingly popular.

Some time ago this malware infects a number of devices found. Remarkably, these malicious programs do not perform any suspicious activity. But if there are further examined various commands allow cyber criminals to record phone conversations, stealing GPS coordinates, text or change the network configuration.

Fortunately, this malware is not up to Google meyambangi Play. However the owner of the phone should still be careful when installing the application from anywhere. Kaspersky Mobile Security detects this malware as Backdoor.AndoidOS.TigerBot.

Remove virus manually

2011-08-25T00:22:00.004+07:00

When a virus is active in a PC before what that ago is to worry itself of disattivare the programs for the emergency and the antivirus in primis. For this reason it turns out obvious that in order to remove a virus it must take part in various way.

Like removing a virus manually

If it were decided to take part with the manual removal, must keep in mind who will go itself to take part in the registry; therefore it must be aware of the risks and of what it is being made. Generally a virus when it is active has a process in memory and inserts a key in the registry for autoattivarsi to every start, therefore once removed (e) this key (you) enough then to remove the rows inserted from the present virus and if to
disabilitare the System present Restore in win Me and Win XP. The question that is made is the following one: How I recognize the process of the virus and the key of the registry? The answer is simple, enough to visit the sites of the TrendMicro, Symantec, etc and to try own present virus. Of this reason I have inserted a search engine for virus of the TrendMicro in order to render the search of the virus easy. Like already said if in a PC c' it is a virus is present a process in memory and keys in the registry. We suppose of being by now infects from the MsBlast.A virus much famous one. In the information of the TrendMicro besides an introduction of the virus with the characteristics the Solution section is present:

Here they come exposed the two methods of disinfestazione, first (AUTOMATIC REMOVAL INSTRUCTIONS) through the Tool Trend Microcleaner and according to through a manual removal (MANUAL REMOVAL INSTRUCTIONS). The steps that are completed in the manual removal are always the same ones, that is change only to the actors the viruses but even if it is not comprised well. It’s The procedure for the other viruses the method is the same one:

In the manual removal Trend Micro it begins thus:
Terminating the Malware Program
This procedure terminates the running malware process from memory.

Open Windows Task Manager, press CTRL+SHIFT+ESC, and click the Processes tab.
In the list of running programs, locate the process: MSBLAST.EXE
Select the malware process, then press the End Process button.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager

Note: Windows 98 /Me does not allow to see all the processes in the Task manager therefore is necessary to use a program of third parts as ProceXP9x
Successive step :
Removing Autostart Entries from the Registry
Removing autostart entries from the registry prevents the malware from executing during startup.

Open Registry Editor. To do this, click Start>Run, type Regedit, then press Enter.
In the left panel, double-click the following:HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>CurrentVersion>Run
In the right panel, locate and delete the entry:"windows auto update" = MSBLAST.EXE
Close Registry Editor.

NOTE: If you were not able to terminate the malware process from memory as described in the previous procedure, restart your system.

Dangerous Virus In Ambush On The Mail

2011-08-24T23:46:00.000+07:00

ATTENTION TO THE VIRUSES! An email circulates on Internet that offers the possibility to be connected to sites for the video vision porno. Draft of a virus that s' he inserts in the rubrica of the e-mail case, and king sends to all the addresses. The mail, apparently innocuous, contains a simple connection to an attached pdf. Once opened l' attached, the virus is extended to the other contacts. The main difference with the other viruses, is that the mail does not demand a download from other sites but is autoinstallante. Insomma enough to open it is the damage is made.

HP TABLET

2011-08-21T13:32:00.005+07:00

HP’s Website, along with Amazon, continues to sell the HP TouchPad, despite announcing the tablet’s ignoble death.

Hewlett-Packard’s Website is still selling the HP TouchPad, the webOS tablet it has condemned to history’s dustbin of dead tech.

Those interested in purchasing a piece of future geek trivia can find the 16GB and 32GB versions on HP’s official shopping page for $399.99 and $499.99, respectively. Another HP page sings the virtues of webOS, complete with text claiming it’s “the smartest OS ever created.” For the moment, the tablet is also available on Amazon.

THE much awaited HP TouchPad tablet was withdrawn from the Australian market today just 4 days after its launch, making it one of the shortest-lived electronics products in Australian history.

Retailer Harvey Norman, which sold the HP TouchPad tablet exclusively, said it had instructed franchises to remove all stocks from shelves and to contact customers who had bought it and offer them a full refund or credit for another purchase.

The HP TouchPad’s dramatic demise in Australia is the result of HP’s decision in the United States yesterday to axe it and smartphones powered by its in-house webOS mobile operating system, after astonishingly poor sales since its United States launch in July.

The problem for the Palo Alto, California-based tech company was that webOS was neither Apple nor Android. It was a mobile operating system HP acquired when it bought smartphone manufacturer Palm for $1.2 billion last year.

With relatively few apps available for download, and several exhibiting serious bugs, many commentators believed the HP TouchPad was doomed from the start.

Obama Briefed On Tripoli Fighting

2011-08-21T13:20:00.002+07:00

VINEYARD HAVEN, Mass. — A vacationing President Barack Obama was being kept up to date by aides on developments in Libya and U.S. officials were in touch with their contacts in that country Saturday to determine the progress of rebel troops advancing on Libya's capital, Tripoli.

A senior administration official said the president was briefed during the day on Martha's Vineyard, Mass., and would continue to get regular updates, including through the night if necessary. A second senior official said the administration was in close contact with the Libyan opposition and U.S. allies and partners, and believes that Moammar Gadhafi's days in power are numbered.

It is unclear to some U.S. analysts, however, whether these latest developments translate to a tipping point.

Analysts have concluded that Gadhafi's well-known mercurial decision-making style means he could decide within hours to flee, or stay to the bitter end.

If Gadhafi flees or is otherwise deposed, the administration plans to voice the support of the U.S. and its partners in the international community for the opposition and assist it as the country makes a transition to democracy, officials say. But the administration will also continue to stress that this is a matter for the Libyan people to decide.

The officials, both with the White House and with other agencies, spoke anonymously to discuss sensitive diplomatic matters.

Reporters in Tripoli heard gunfire and explosions after rebel troops seized control of Zawiya, a major coastal city not far from the capital. Rebel leaders called it the start of an attack on Gadhafi's main stronghold.

Obama spent most of Saturday at his vacation compound on this island off Cape Cod. He dropped in briefly at a reception hosted by his friend and former law school professor, Charles Ogletree, but was back at the complex in just over an hour.

No Tsunami Threat to Hawaii After Two 7+ Vanuatu Quakes

2011-08-21T04:50:00.000+07:00

Hawaii remains clear of any tsunami threat following two large quakes and several smaller tremors in the Vanuatu Islands region this morning. An initial 7.1 magnitude quake (downgraded from an earlier 7.5 measurement) occurred at 6:55 a.m., followed by several smaller 5+ magnitude earthquakes, and a subsequent 7.0 magnitude quake at 8:19 a.m. HST.

The following information details the list of activity in the region this morning:

6:55 a.m. HST: 7.1 magnitude quake 39 miles SSW of PORT-VILA, Efate, Vanuatu
7:11 a.m. HST: 5.6 magnitude quake 53 miles SW of PORT-VILA, Efate, Vanuatu
7:13 a.m. HST: 5.9 magnitude quake 41 miles SSW of PORT-VILA, Efate, Vanuatu
7:44 a.m. HST: 5.1 magnitude quake 75 miles SSW of PORT-VILA, Efate, Vanuatu
8:02 a.m. HST: 5.2 magnitude quake 65 miles SSW of PORT-VILA, Efate, Vanuatu
8:19 a.m. HST: 7.0 magnitude quake 42 miles SSW of PORT-VILA, Efate, Vanuatu

The Pacific Tsunami Warning Center advised that there is NO tsunami threat to Hawaii based on available data.

(Posted at 7:20 a.m. 8/20/11)

There is no tsunami threat to Hawaii following a 7.5 magnitude quake near the Vanuatu Islands, according to the Pacific Tsunami Warning Center.

The quake occurred at 6:55 a.m. on Saturday, August, 20, 2011 (Time at the epicenter: 3:55 a.m. Sunday, August 21, 2011).

The earthquake was centered 38 miles SSW of PORT-VILA, 118 miles NW of Isangel, 198 miles SSE of Santo (Luganville)and 1151 miles ENE of Brisbane, Australia.

Digital TV overshadowed the risk of virus infection

2011-02-06T19:43:00.000+07:00

One of the pioneer of digital TV, Ocean Blue Software (OBS), warned the latest generation of television is to save the risk of virus infection.

According to the OBS, unless the manufacturers take anticipative steps by offering a built-in protection system, the majority of digital television, which connect to the Internet network, are vulnerable to new types of virus that had not previously been associated with this device.

“Almost all television products to the processor, memory capacity and an internet connection overshadowed the risk,” said founder and CEO of OBS, Ken Helps, as quoted from ITProPortal.

Previously, digital television sets will only accept new software updates from the broadcaster. However, now almost all devices have an internet connection and a browser equipped with a built-in, allowing the owner to download anything.

“(But) the television does not have enough ability to run anti-virus protection,”said Helps.

To protect your digital TV, OBS suggested to complement the television with the services cloud-based anti-virus to scan all downloads before reaching the device. In addition, you also have to ensure the protection you have is the latest version.

Beware SUPER TROJAN lurks !!!

2011-02-05T23:46:00.004+07:00

Security experts warn that a new “supertrojan” is lurking in the cyber shadows, which may make ordinary viruses seem as harmless as the common cold.

The two most forbidding pieces of spyware on the Net have James Bond-worthy names: SpyEye and ZeuSTwo. Once competing tools for cybercrooks, now they’re teaming up to form a hybrid being hailed as SpyZeuS — and security analysts warn companies and users to be on their guard.

“Conventional security solutions will find it hard to detect and handle this type of new threat,” wrote fraud expert Aviv Raff on his blog.

Shouldn’t rival gangs of cut-throat badware makers be enemies? Not so, experts tell FoxNews.com: According to those in the security realm, building Trojan horse software that steals users’ banking information is a business just like any other.

Indeed, the merger is comparable to the dealings of the banks and companies they target.

“The underground malware world functions essentially as a business,” Alex Cox, principal research analyst at network-security firm NetWitness, told FoxNews.com. “So just like in big business, it’s normal for those with a well-known product to have competitors, as well as make big mergers such as this.”

In other words, a major business merger is underway — and those profiting from the deal may be drawing from your bank accounts.

ZeuS is considered king of the botnets, having been used to hack the websites of such reputable groups as Bank of America, NASA, and Amazon. SpyEye surfaced last year, with many assuming it would become the next ZeuS — and now in a way, it has.

How to protect yourself from Trojan horses

The security industry had suspected since October that the criminal masterminds behind ZeuS were abandoning their creation and sending the leftover codes to the creators of SpyEye. And now traces of the updated Trojan are popping up, as authors have been shipping out beta releases of SpyZeus almost daily.

The evolution of these infamous malware tools has those tracking the criminals calling for banks and companies to evolve along with them.

“It’s all about understanding the way your network works, such as the amount and kind of traffic that is going through your system,” Cox told FoxNews.com. “Detection used to be primarily signature-based” — a technique that involves finding a common thread in the software and detecting it by looking for that signature.

“But bad guys have gotten too good at bypassing those signature-based detection systems,” Cox said. “We’re trying to push the move to more behavioral-based detection.”

Threat-alert service Seculert has included some screenshots of the administrative panel of SpyZeus on its blog. The shots reveal the authors of the hybrid malware trying to cater to users of both Trojans. Co-founder and CTO of Seculert Aviv Raff thinks that it is important for the public to be aware and alert.

“Before the merge, these were the only two important Trojans in the cybercrime world,” Raff told FoxNews.com. “But we felt this was newsworthy because there will probably be new rivals out … we’re already seeing new faces and new families of this type of malware.”

And for the average consumer, there are simple detection techniques that can help those hoping to fend off cyber criminals.

“Just be aware,” Cox told FoxNews.com. “There should always be a red flag when you’re using a computer at home and you are asked for something that your login doesn’t normally ask you for. That should give you a heads up that something’s awry.”

Method remove & uninstall PC Protection Center Virus

2010-12-12T17:46:00.007+07:00

Are you looking for a way to uninstall and remove PC Protection Center Virus? Have you tried many methods, but you still can't remove PC Protection Center Virus? Now you are at the right place! This article is written for the purpose to help you fully remove PC Protection Center Virus security-wire.com.

What's PC Protection Center Virus?

PC Protection Center is a rogue security utitlity developed to mislead computer users and swindle their money. PC Protection Center comes from the same rogue group as Privacy Corrector, PrivacyGuard 2010 and PCOptimizer 2010. It intrudes into your workstation thru system loopholes and software vulnerabilities. Once on board, PC Protection Center loads every time your PC warms up due to the distortions made to the system. The rogueware will create several harmless files which are reported by PC Protection Center as dangerous malware.
Furthermore, this rogue can even disable most of the applications on your computer. To convince your purchase, PC Protection Center will keep changing your URL destinations into its affiliated websites. Don't be flattered by its promise that it will get rid of all viruses.

Why You Get PC Protection Center Virus?

Many people do not know how their computers are infected by PC Protection Center Virus until their PCs are in bad performance. Actually, in many cases, it is the users themselves who give the chance for malware into their PC, not anyone else! Many people are lack of self-protection awareness and know little about how to maintain computer security. It's suggested that you get a 100% real time protection!

How to Remove PC Protection Center Virus?

If you're feeling lucky, an advanced user, and you aren't too busy, you could try to manually remove PC Protection Center Virus.
First of all, backup your registry and important data. Then you need to open registry and delete registry entries related to PC Protection Center Virus and .exe, .bat files, .dll and .lnk files. You must be more careful, patient and prudent when you manually remove PC Protection Center Virus.

But it's advised that you use a professional designed tool to remove PC Protection Center Virus. A professional designed removal tool can not only completely remove PC Protection Center Virus but also those malware that hide in your system. And it's not only for one time removal. It can provide you with 100% real time protection and patch your system vulnerabilities so as to prevent your system against potential threats. The infection of PC Protection Center Virus should be attributed to the bad protection of your current antivirus. Now save your time and start to get rid of PC Protection Center Virus now!

Article Source: technology.ezinemark.com

German hackers "gained access to Lady Gaga’s computer"

2010-12-04T13:23:00.001+07:00

German- Two German hackers gained access to the computers of over 50 pop stars, including Justin Timberlake and Lady Gaga, in an attempt to steal unreleased songs and issue blackmail threats over intimate photographs, prosecutors have alleged.

The pair, according to German police, used nothing more than perseverance and simple invasive programmes called Trojans, which can break into private computer networks. But they are alleged to have hacked into the computers of a string of world famous stars and downloaded hundreds of documents including music, credit card details, emails and photographs.

Their haul included a picture of the American singer Kesha, reportedly naked and having sex. Prosecutors said that the two had tried to blackmail the 24-year-old singer, but no money changed hands.

Happy with their success, the duo allegedly bragged on internet forums about their ability to hack into the computers of A-list celebrities. But prosecutors believe their main goal was unreleased musical material, which can fetch high prices on the internet. They sold some of the music they had obtained.“Basically we are talking about illegal, bootlegged publication, and spying using Trojans,” state prosecutor Rolf Haferkamp, told the newspaper Neue Ruhr/Neuer Rhein Zeitung. “The trick itself is nothing special. All it requires is a bit of know-how and perseverance to achieve criminal success.” He added that the hacking had forced a number of singers to bring forward record release dates.

The alleged crime came to light only when fans of Kelly Clarkson, another targeted singer, tipped her off about unreleased music available on the internet. She informed the police, triggering an investigation involving the FBI and the German Federal Police Service.

While the two, a 17-year-old from Duisburg and a 23-year-old from the nearby town of Wessel, have not been charged, some newspaper reports claimed they had already confessed to the police.

Sven Kilthau-Lander, Universal Music’s director of public relations in Germany who is responsible for the publicity of stars Lady Gaga and Rihanna, told a local newspaper: “It’s really frightening. One can’t feel safe anywhere.”

The Stuxnet worm Mutation

2010-12-04T13:10:00.002+07:00

TEHRAN - The Stuxnet worm is mutating and wreaking further havoc on computerised industrial equipment in Iran where about 30,000 IP addresses have already been infected, IRNA news agency reported on Monday.

"The attack is still ongoing and new versions of this virus are spreading," Hamid Alipour, deputy head of Iran’s Information Technology Company, was quoted as saying by IRNA, Iran’s official news agency.

Stuxnet, which was publicly identified in June, was tailored for Siemens supervisory control and data acquisition, or SCADA, systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

The self-replicating malware has been found lurking on Siemens systems mostly in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, according to researchers.

The hackers, who enjoyed "huge investments" from a series of foreign countries or organisations, designed the worm to exploit five different security vulnerabilities, Alipour said while insisting that Stuxnet was not a "normal" worm.

He said his company had begun the cleanup process at Iran’s "sensitive centres and organisations," the report said.

Analysts say Stuxnet may have been designed to target Iran’s nuclear facilities. But Iranian officials have denied the Islamic republic’s first nuclear plant at Bushehr was among the addresses penetrated by the worm.

"This virus has not caused any damage to the main systems of the Bushehr power plant," Bushehr project manager Mahmoud Jafari said on Sunday.

He, however, added the worm had infected some "personal computers of the plant’s personnel."

Alipour, whose company is tasked with planning and developing networks in Iran, said personal computers were also being targeted by the malware.

"Although the main objective of the Stuxnet virus is to destroy industrial systems, its threat to home computer users is serious," Alipour said.

The worm is able to recognise a specific facility’s control network and then destroy it, according to German computer security researcher Ralph Langner, who has been analysing the malicious software.

Langner said he suspected Stuxnet was targeting Bushehr nuclear power plant, where unspecified problems have been blamed for delays in getting the facility fully operational.

Iran’s nuclear ambitions are at the heart of a conflict between Tehran and the West, which suspects the Islamic republic is seeking to develop atomic weapons under the cover of a civilian drive.

Tehran denies the allegation and has pressed on with its enrichment programme -- the most controversial aspect of its nuclear activities -- despite four sets of UN Security Council sanctions.
© Copyright (c) AFP

Remove HDD Control malware

2010-11-29T21:59:00.003+07:00

HDD Control is a malicious program that pretends to be a computer defragmenter and optimization program. It hijacks your PC, blocks Windows legitimate applications from running, presents various fake critical errors alerts that the computer’s hard drive is corrupt in order to frighten you into purchasing this useless application. It is a new malware from Defragger malware family as Check Disk, Scan Disk, Ultra Defragger, HDD Defragger, etc.

The main method for distribution of HDD Control is by trojans. When the trojan is started, it will install the program into TEMP folder under different random names. Next, it will be configured to run automatically when Windows starts.

Like other fake defragmenter programs, it does a fake scan of your computer then tells you it has found numerous critical errors such “Read time of hard drive clusters less than 500 ms”, “32% of HDD space is unreadable”, “Bad sectors on hard drive or damaged file allocation table”, etc. HDD Control requires you to pay for the fake software before it “repairs” your machine of the problems. Of course, all of these errors are a fake. The misleading application only imitates functions of computer defragmenter software and unable to detect any problems. Most important, don`t pay for the bogus program and just ignore the false scan results.

HDD Control will also prevent you from using other programs or the internet by shutting down programs every time they are opened. Moreover, this malware will flood your computer with nag screens and fake alerts. Some of the alerts are:

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Windows – No Disk
Exception Processing Message 0×0000013

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Of course, like false scan results above, all of these alerts are just a fake. This is an attempt to make you think your computer in danger. Like false scan results you can safely ignore them.

If your PC has been infected with HDD Control malware, follow the removal instructions below in order to remove HDD Control and any associated malware from your computer for free.

Automated Removal Instructions for HDD Control

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Clean temp folder

HDD Control stores its files in Windows temp foder. You need to clean it.

Please download ATF Cleaner by Atribune from here, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.

Start ATF-Cleaner.exe to run the program. Under Main choose: Select All and click the Empty Selected button.

Step 3. Remove HDD Control and associated malware

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Select Perform Quick Scan, then click Scan, it will start scanning your computer for HDD Control infection. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove HDD Control. MalwareBytes Anti-malware will now remove all of associated HDD Control files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

HDD Control creates the following files and folders

%UserProfile%\Desktop\HDD Control.lnk
%UserProfile%\Start Menu\Programs\HDD Control\HDD Control.lnk
%UserProfile%\Start Menu\Programs\HDD Control\Uninstall HDD Control.lnk
%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat

HDD Control creates the following registry keys and values

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

One million Chinese cellphone users reportedly infected with zombie virus

2010-11-28T07:36:00.005+07:00

Some disturbing news has come to light for our Chinese readers now, with the news of a new “zombie virus” that is sweeping the country and has infected over 1 million cellphones.

Viruses built to exploit and takeover cellphones have had a moderately short lifespan compared to computer viruses, but it seems as the more that time passes, the more deadly they become.

China are the latest victims in the cellphone virus rise, with a “zombie virus” that disguises itself as an antivirus application.

The virus spreads quite easily, and then cashes in by spamming the cellphone with money-making links and other general popups and advertisements that seem to have built up around $300,000 per-day in added text message charges.

We are told that the authorities have tracked down the people who designed the virus, but in a strange twist it seems as though they have nothing to do with the virus, as they are also a victim too, so they say.

Have you been affected by the “zombie virus,” or any other cellphone virus for that matter. Let us know your stories.

source : enggadget

Eliminate All types of Viruses

2010-11-25T22:04:00.005+07:00

Given the numerous questions about the security we have decided to write this simple but effective guide on how to remove the most viruses, spyware, trojans, and malware using only free tools.

Taking inspiration from the last question also resolved to our forums and some previous guide: "Removing virus-worm-spyware" and "Repair pc without formatting" summarize the various operations in a practical way forward.

1 - Slight

1. Get a good antivirus such as Avira AntiVir or in extremis KAV (although trial version)
2. Updated anti-virus (the virus signatures should be updated before the scan)
3. We set up the anti-virus in order to obtain a full scan.
4. We start the computer in Safe Mode (press F8 before win or read here)
5. Proceedings brought to the antivirus scan the entire system
6. Check whether the virus or virus were removed retracing the scan.

2 - Middle

1. Disable System Restore.
2. We start the PC in Safe Mode.
3. Re-try scanning the system completely.
4. Always check if residues remain

3 - With removal tool generic

If previous attempts are unsuccessful it is likely that our anti-virus does not recognize and therefore does not know how to delete the viruses found, so proceed installing some generic removal tool. Download this software and run it one at a time:

1. A-squared Free 3.5 - Powerful tool removes spyware, trojans, dialers, adware and malware
2. AVG Anti-Spyware 7.5 - One of the best anti-spyware software for free
3. Ad-Aware SE - A good removal tool virus / trojan generic.
4. Spybot - very comprehensive tool like Ad-aware-se.
5. Spywareterminator - Effective anti-spyware protection with real-time.
6. CWShredder Tool-specific browser hijackers / unwanted ads / pop-up.
7. Prevx CSI - Anti-malware generic stand-alone (scan only the most sensitive part of the system)
Once installed and configured the program to turn to follow the same methods described in the attempt 1 and 2 obviously acting on the newly installed program

4 - Tool database online

We search the following databases by writing the exact name of the virus in our attempt to find a specific tool, which is a small program designed solely or rather specialized in the removal of a single threat.

Here's where to look for the database:

1. Kaspersky Removal Tool
2. Symantec Removal Tool
3. Nod32 removal tool
4. BitDefender Removal Tool

5 - Online Virus Scanner

Let us consider this time in the scanner online. The virus scanners are online versions of antivirus running directly through the browser (Internet Explorer) that do not require installation (except for some plug-in for communication) and are supplied by the manufacturers themselves antvirus of classics (like Norton). Since residing on servers operated by the same manufacturers of antivirus-date on the latest virus definitions. Also in this case with the System Restore off.

Here are some of the most effective scanner:

1. Kaspersky - http://www.kaspersky.com/virusscanner
2. NanoScan - New works with firefox!
3. Trend Micro - http://housecall.trendmicro.com/
4. Panda - http://www.pandasoftware.com/products/ActiveScan.htm
5. Bit Defender - http://www.bitdefender.com/scan8/ie.html

6 - HijackThis Logs

HijackThis is a special software which takes care of generating a log or a text file which shows the most sensitive part of our system, as the record or particular locations within the system folders. This may well be useful for identifying suspicious files, the key suspect, and finally virus.

Following operations:

1. Download HijackThis 2.0.2
2. Open the HijackThis program
3. We click on the "Do a system scan and save a logfile"
4. The text file is saved in "C: \ Program Files \ Trend Micro \ HijackThis"
5. Now we got the infamous Log.
6. For the interpretation of the log we can connect to this site
7. If we have doubts about the analysis please contact us via the forum

Note: I point out that HijackThis was recently purchased by TrendMicro known security companies. The network still run older versions are not marked. Do not worry it's not fake (fake) but it is always better to use the latest version.

Win32.Polip.A

2010-11-20T20:45:00.006+07:00

Win32.Polip.A is a dangerous, polymorphic file infector, with a worm-like spreading capability. It's targets are EXE and SCR files.

It is a memory-resident virus, because once executed, it injects code in the running processes. The first files it infects are those located in %ProgramFiles% and %WINDIR% directories. But it hooks imported functions for the infected proceses, so that all executables accessed by those processes will be infected.

This infector uses different encryption layers, the first of them being the hardest to decrypt. It is a simplified version of XTEA (eXtended Tiny Encryption Algorithm), but decrypting it could take a long time.

It also has an advanced polymorphic engine, combined with a junk-code generator, antidebugging and antiemulation techniques, making it's detection more difficult.

FILE INFECTION METHOD:

Using different entry-point obscuring techniques, Polip makes itself a hard to detect virus:

* It chooses a random imported function from the victim, and hooks all calls or jumps to that function.

* It searches for functions that have the same stack-frame-restore code, and patches all instances of that code, with a call to its own body.

If it finds unused space in victim's code sections, it inserts code into them, as much as it can, without increasing those sections' sizes.
It increases the VirtualSize for the data sections of the victim, and will use that space from it's junk code.
If a resource section is found in the victim, sometimes it shifts that section, and inserts a new section after the last data section, and before the resources (other times it appends it's section after the resources), and repairs the resource section (otherwise it would damage the victim).

When infecting a file, it searches for the following files in same directory as the file that is going to be infected:
* drwebase.vdb
* avg.avi
* vs.vsn
* anti-vir.dat
* avp.crc
* chklist.ms
* ivb.ntz
* ivp.ntz
* chklist.cps
* smartchk.ms
* smartchk.cps
* aguard.dat
* avgqt.dat
* lguard.vps

It will delete these files if they are found.
Once the control of an infected file is passed to the virus body, it cleans the memory copy of the file (restores the original code at the patched locations), to make sure it is run only once from a certain file.

When the virus is executed from an file with overlay, it makes a copy of that in the %TEMP% folder, disinfects it, and runs it from that location. This is useful in case of installers or SFX archives that use integrity checks.

The virus will not infect the files matching the following names:

* vtf tb dbg f- nav pav mon rav nvc fpr dss ibm inoc scn
* pack vsaf vswp fsav adinf sqstart mc watch kasp nod setup
* temp norton mcafee anti tmp secure upx forti scan "zone labs"
* alarm symantec retina eeye virus firewall spider backdoor
* drweb viri debug panda shield kaspersky doctor "trend micro"
* sonique cillin barracuda sygate rescue pebundle ida spf
* assemble pklite aspack disasm gladiator ort expl process
* eliashim tds3 starforce sec avx root burn aladdin
* esafe olly grisoft avg armor numega mirc softice norman
* neolite tiny ositis proxy webroot hack spy iss pkware
* blackice lavasoft aware pecompact clean hunter common kerio
* route trojan spyware heal alwil qualys tenable avast a2
* etrust spy steganos security principal agnitum outpost avp
* personal softwin defender intermute guard inoculate sophos
* frisk alwil protect eset nod32 f-prot avwin ahead nero
* blindwrite clonecd elaborate slysoft hijack roxio imapi
* newtech infosystems adaptec "swift sound" copystar astonsoft
* "gear software" sateira dfrgntfs

The decrypted virus body contains the following text:

* Win32.Polipos v1.2 by Joseph

source Bitdevender

Eater autorun.inf

2010-11-18T02:34:00.005+07:00

Autorun inf: remove virus from flashdisk
The virus, now, can spread from any instrument, and even through the USB flashdisk so sure ..
Autorun.inf is the primary file in the pen and is what is usually affected by worms, Trojans and viruses in general, This tool absolutely free a little program that will analyze and eliminate, if infected, this file.
The process will take before entering into, because the software in fact remove autorun.inf immediately creating a backup file, thanks to it we can restore the file "clean" with no other problems. I remind you that USB Autorun Eater is of course free and is supported by all versions of Windows (XP, Vista, Seven)

DOWNLOAD here

The name is Murofet

2010-11-13T15:21:00.004+07:00

The name is Murofet and is a new virus for Windows that has the vague resemblance to the known Conficker.
This virus is very treacherous, is capable of infecting many files saved on your PC and is also able to steal passwords and send them saved on the remote server through a computer hacker.
Murofet infected PCs in the same way many other viruses: 2,000 bytes injected into an exe file that, once started, download the virus on the hard disk.
The attitude of this malware is very ambiguous, it is able to start downloading the virus but at the same time generates unique domains based on time of the computer virus is still groped to reach them cyclically one by one.
In 24 hours appears to be able to connect to the domain until 1020 can not download the virus. If the virus can infect two executables, trying to clog the network, in a cyclic way to connect to sites.
If you downloaded Murofet steal your data from your browser and the hacker will be sent to the remote server.

source: from the web

Tool for free Win32.Worm.Stuxnet

2010-11-12T00:38:00.002+07:00

BitDefender has released a removal tool for free Win32.Worm.Stuxnet, This tool is able to remove all known variants of Stuxnet, as well as the driver rootkit used to hide critical components of the worm. Win32.Worm.Stuxnet is a new type of online threat established around the middle of last July.

Although it may infect any Windows-based system, this worm is aimed primarily to SCADA systems (control and data acquisition) based on Siemens WinCC software. The worm spreads by taking advantage of several 0 day exploits of the current version of Windows. Moreover, it can auto-run from mobile devices as soon as the file. Lnk on the device is read by the operating system. Exploiting this vulnerability involves the installation of a backdoor and two rootkits that hide both files. Lnk files and. Tmp that accompany it. "Already 19 July BitDefender has added a generic detection than all the variations of Stuxnet, protecting their users from day one.

In addition, as part of its ongoing commitment to helping people around the world in the fight against online threats, BitDefender has created a removal tool to Stuxnet. In this way, users are not protected by a security solution can eliminate Bitdefender Stuxnet from their infected systems, "says Catalin Cosoi, head of the 'Online Threats in BitDefender Lab. The tool can be used on 32 and 64-bit and eliminates both the driver of the rootkit is the worm. The removal tool of Stuxnet is available for download in the section on Removal Tools www.malwarecity.com, an initiative dedicated to the community of BitDefender security software and free resource for anyone interested in their safety online

It 's virus free, portable, and real time scans

2010-11-09T23:38:00.009+07:00

This could be the slogan to advertise one of the best of its kind.

Exactly! In fact, it is already difficult (or impossible) to find virus that gather together all these features. And if the results are more than satisfactory, so I can not positively review this product.

Follow me to observe him more closely.

I refer to SmadAv. Surely many of you (like me), this name does not say anything, probably because it is a young software and Indonesian nationality (even if in English), and this aspect does not play in his favor.

SmadAV, however, has the potential to break through and be successful in this area.
In fact, thanks to its own scanning engine that works quickly and accurately, coupled with a good heuristic algorithm, is able to easily identify all the variants of the virus in circulation.

Its real strength, however, is the speed of scanning, and of course the accuracy of the work, making it one of the fastest compared to all other products in the industry.

Once the download (the link is at the bottom of the article) we open the store. Rar and unzip the contents to a folder of your choice (being portable, can be quietly about our USB key).
Let us now double-click on the green.

Followed by a notice on which we click ok.
Our antivirus will immediately begin a scan of running processes. I am not exaggerating when I say that I found 3 virus within a matter of seconds, as shown below
t also offers other interesting features like the ability to report and send suspicious files, a Process Manager to view running programs, a system editor to modify the settings of the Start Menu or Windows Explorer, and a useful tool to force the system to execute those processes as the Task Manager, Registry Editor, Command Prompt, etc.. etc.., possibly damaged by the virus.

it also offers other interesting features like the ability to report and send suspicious files, a Process Manager to view running programs, a system editor to modify the settings of the Start Menu or Windows Explorer, and a useful tool to force the system to execute those processes as the Task Manager, Registry Editor, Command Prompt, etc.. etc.., possibly damaged by the virus.

In summary, therefore, here is what are its salient features.

1. Scanning super fast, probably the fastest in the world!
2. Not only disinfects viruses but also cleans up the files from infection;
3. Protects your computer in real time;
4. Updating;
5. Portable, and therefore can also be used from a USB stick;
6. Free;

He also thanked the blog n web, for his article that I was teased the curiosity to seek out and review this virus.

SMADAV DOWNLOAD

Sality Remover

2010-11-07T17:10:00.002+07:00

Sality virus is a complex including keyloggers and backdoor capabilities.
Sality with his run, delete the files associated with security software including antivirus and firewall. Then run a keylogging module, which collects system information and network login names and passwords, steal confidential information stored in specific files and then sends all this data to a predefined email address. Sality can also open a back door (back door) that will provide access to the infected computer attackers. The intruder can then control the system and steal sensitive information.

Win32/Sality Remover will allow you to easily clean the virus infection from your PC. All you have to do is download the three files and run the executable file. You can also specify the disks (or partitions) as a command parameters, for example, "rmsality C: D:". If the command is used without parameters, it heals all disks (partitions) on computer. You can download the tool from here.

Note: To successfully run the remover requires administrator rights. For the correct operation of removal, you must save the rmsality.nt and rmsality.dos rmsality.exe in the same folder.

GUIDE ON HOW TO REMOVE VIRUS OR TROJAN

2010-11-07T13:07:00.002+07:00

FIRST ANALYSIS

Turn off system restore until you have been completely decontaminated:
1. Click Start-> Programs-> Accessories-> Windows Explorer.
2. Click the right mouse button on My Computer and click Properties.
3. Select the "System Restore".
4. Select "Turn off System Restore"
5. Press OK. You are prompted to confirm the action as they will delete all restore
points saved. Confirm by pressing YES.

Method for Win-Vista:

To enable or disable System Protection

1. To open System, click StartImmagine the Start button, click Control Panel, System
and Maintenance, and then click System.
2. In the left pane, click System Protection. Administrator permission required If
you are prompted for an administrator password or confirmation, type the password
or provide confirmation.
3. To turn off System Protection for a hard disk, clear the checkbox next to the
disk, and then click OK.

SECOND ANALYSIS

clean junk files in the system

1. Download CCleaner from this address http://www.ccleaner.com
2. Flegg after installing all the boxes and press and press down after cleaning

THREE ANALYSIS

scanning infected files

1.Download from these websites, the following programs:
malwarebytes: http://www.malwarebytes.org
avira antivir: http://www.free-av.com
Prevx: http://www.prevx.com

2. Begin with the installation and subsequent updating of malwarebytes update it and
run it then click on deep scan to remove all end scan

3. Or uninstall your antivirus and installed avira antivir update it and run it do
a full scan scan order eliminated all

4. Or installed Prevx full scan and end scan does not find anything if you're in is
a little bit as if the program is a fee you will never clear the virus but at
least tells you that file and you delete them manually.

ANALYSIS FOURTH GENERAL CLEANING

1.Download the following program "Spybot" from this address
http://www.safernetworking.org/it/index ...
2. install it - run it and update it then click on full scan and end scan remove all

I hope I have been very helpful Shoot down all the trojan and many are crused