Posts tagged ‘worm’

Conficker warning! Is your antivirus up to date?

By Joel Rivera, March 31, 2009

Well as many of you know the Conficker virus was programmed to scan all computers connected to the Internet on April 1, 2009 and create a Botnet to infect computers. But some security experts are saying that the Conficker virus could be a prank to alarm computer users or be launched another day to make believe it’s all over.

W32/Conficker. A first appearance was on November 21, 2008 and has 3 additional variants which are:

  • W32/Conficker. B
  • W32/Conficker. C
  • W32/Conficker. D

conficker virus Conficker warning! Is your antivirus up to date?

If for some reason your computer gets infected with the Conficker virus here are the steps to take to clean your computer. Below are some links that offers the Conficker virus removal tool.

Conficker Virus Removal Tools:

  1. Sophos Conficker Clean -up Tool – Here
  2. ESET Conficker Removal Tool – Here
  3. Downadup from F-Secure – Here
  4. Kido Killer by Kaspersky – Here
  5. Symantec Removal Tool – Here

Conficker Preventions Steps:

  1. Microsoft Conficker Details FAQ
  2. Microsoft Virus Prevention Guide

Remember don’t be alarm this isn’t the Y2K problem, scan your computer for infection and make sure the antivirus software is up to date. I believe that’s all folks!!

Happy April’s Fool

Link to this post Read/Leave Comments [0]

Rogue Virus: Total Defender

By Joel Rivera, January 26, 2009

New rogue virus called Total Defender is circulating over the Internet which is very similar to PC Defender that pretends to be an antivirus software confusing the users to make them buy the real software.

Total Defender Screenshot

total defender 300x216 Rogue Virus: Total Defender

This could be very tricky to computer newbies can can fall for this false warning.

The purpose of this rogue is to pop out false alarms telling your computer might be at risk which is not, if you have an antivirus why your computer is at risk? Think before clicking on it.

Steps to remove Total Defender if your computer got infected

For automatic virus removal - Download – Spyware Doctor [Not Free]

Manual Removal Instructions:

Stop PCTotalDefender Processes:
PCTotalDefenderInstaller.exe
pctdf.exe

Find and Delete these PCTotalDefender Files:
PCTotalDefenderInstaller.exe
pctdf.exe
%program_files%\pctotaldefender\tools\pblock.dll
%program_files%\pctotaldefender\scnkrnl.dll
%program_files%\pctotaldefender\tools\sbiebho.dll
%program_files%\pctotaldefender\engines\plugins\update\uadaily.dll
%program_files%\pctotaldefender\engines\plugins\update\ua27604.dll
%program_files%\pctotaldefender\engines\plugins\update\ua27603.dll
%program_files%\pctotaldefender\engines\plugins\update\ua27602.dll
%program_files%\pctotaldefender\engines\plugins\update\ua27601.dll
%program_files%\pctotaldefender\engines\plugins\unpepack.dll
%program_files%\pctotaldefender\engines\plugins\unpacks2.dll
%program_files%\pctotaldefender\engines\plugins\unpacks.dll
%program_files%\pctotaldefender\engines\plugins\unmime.dll
%program_files%\pctotaldefender\engines\plugins\scanwin1.dll
%program_files%\pctotaldefender\engines\plugins\scantroj.dll
%program_files%\pctotaldefender\engines\plugins\scantool.dll
%program_files%\pctotaldefender\engines\plugins\scanscr.dll
%program_files%\pctotaldefender\engines\plugins\scanothr.dll
%program_files%\pctotaldefender\engines\plugins\scanmcr1.dll
%program_files%\pctotaldefender\engines\plugins\scanfunc.dll
%program_files%\pctotaldefender\engines\plugins\scanemul.dll
%program_files%\pctotaldefender\engines\plugins\scandos1.dll
%program_files%\pctotaldefender\engines\plugins\scandldr.dll
%program_files%\pctotaldefender\engines\plugins\scanbcdr.dll
%program_files%\pctotaldefender\engines\plugins\scanadwr.dll
%program_files%\pctotaldefender\engines\plugins\borlndmm.dll

Remove WinReanimator Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCTotalDefender
HKEY_LOCAL_MACHINE\SOFTWARE\PCTotalDefender.com

If the above instructions don’t resolve the problem try Reimage, this will fix your PC with one single click

reimage box Rogue Virus: Total Defender Reimage Home Edition – $ 65.00
Fix your Windows XP at the click of a button. Money back guarantee.
The first ever automated PC repair technology that employs international patents, utilizing a spare parts from a remote server to repair your PC.
Only $65!
Link to this post Read/Leave Comments [0]

Remove adware and malware with freefixer

By Joel Rivera, January 20, 2009

If your computer is slow blame the traces left by a possible Trojan, ad-ware, Mal-ware, or worm. When these basters enters the computer they duplicate excessive files with-in the same files to hide so it can’t be found.

startscreen 300x281 Remove adware and malware with freefixer

FreeFixer can help you with the problem, this program will search for large location areas where unwanted programs normally store files, once the program has finished the list of unwanted programs will be displayed, at this point you have to decide which unwanted file you want to delete.

Download – FreeFixer

Link to this post Read/Leave Comments [0]

Get free PC Tools Internet Security License Key

By Joel Rivera, January 13, 2009

Good news for those who doesn’t have a good Anti virus software installed in their computers because PC Tools Internet Security is offering a 1yr license key free for everyone.

pctools 300x190 Get free PC Tools Internet Security License Key

PC Tools Internet Security 2009 features are:

  • PC Tools Internet Security Suite offers powerful anti-spyware, anti-virus, firewall and spam protection in one application.
  • Detects, removes and blocks all types of spyware, adware, viruses, Trojans, worms, keyloggers and other online threats.
  • FREE friendly support for all customers.
  • Frequent updates ensure that you are always protected against the latest known threats.
  • Protection from hackers, intruders and other unauthorized software or network attacks.
  • Spam filtering for protection against unsolicited email.
  • Intelligent automatic protection makes it simple to use for novices but configurable enough for expert users.

Don’t wait anymore and get your free license before it expires,  click here to go to their promo page. I already install it and its great!

Note: After the installation is completed make sure to click on the “Register” link on the left pane, go to your email and look for the registration code PC Tool sent you copy/paste the name and reg keys and click “register” not “continue” I did that mistake and couldn’t registered the software I had to go the help section to find out why the software was not getting registered.

Via [Technically Personal]

Link to this post Read/Leave Comments [0]

Computer Virus infecting PC’s

By Joel Rivera, November 1, 2008

Virus:TrojanDownloader:ASX/Wimad.gen!A

Also Known As:

Troj/Wimad-E (Sophos)
Trojan.Wimad (Symantec)
Downloader-UA.h (McAfee)

Summary

TrojanDownloader:ASX/Wimad is a detection for malicious Windows media files that are used in order to encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a web browser.

Symptoms
There are no specific symptoms that indicate the presence of TrojanDownloader:ASX/Wimad.gen!A. In some cases, after opening an apparent media file, the user may be presented a prompt to execute files such as in this example:
mediavirus Computer Virus infecting PCs
Prevention Steps
Take the following steps to help prevent infection on your system:
  • Enable a firewall on your computer.
  • Get the latest computer updates.
  • Use up-to-date antivirus software.
  • Use caution with attachments and file transfers.

Enable a firewall on your computer

  • Use a third-party firewall product or turn on the Microsoft Windows XP Internet Connection Firewall.
  • To turn on the Internet Connection Firewall in Windows XP
  • Click Start, and click Control Panel.
  • Click Network and Internet Connections. If you do not see Network and Internet Connections, click
  • Switch to Category View.
  • Click Change Windows Firewall Settings.
  • Select On.
  • Click OK.

To turn on the Windows Firewall in Windows Vista

  • Click Start, and click Control Panel.
  • Click Security.
  • Click Turn Windows Firewall on or off.
  • Select On.
  • Click OK.

Get the latest computer updates

Updates help protect your computer from viruses, worms, and other threats as they are discovered. You can use the Automatic Updates feature in Windows XP to automatically download future Microsoft security updates while your computer is on and connected to the Internet.

To turn on Automatic Updates in Windows XP

  • Click Start, and click Control Panel.
  • Click System.
  • Click Automatic Updates.
  • Select a setting. Microsoft recommends selecting Automatic. If you do not choose Automatic, but you choose to be notified when updates are ready, a notification balloon appears when new downloads are available to install. Click the notification balloon to review and install the updates.

Use up-to-date antivirus software
Most antivirus software can detect and prevent infection by known malicious software. To help protect you from infection, you should always run antivirus software that is updated with the latest signature files. Antivirus software is available from several sources. For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.

Use caution with attachments and file transfers
Exercise caution with e-mail and attachments received from unknown sources, or received unexpectedly from known sources.  Use extreme caution when accepting file transfers from known or unknown sources.

Via [Microsoft]

Link to this post Read/Leave Comments [0]

Troubleshooting/ Boot Process Menu

By Joel Rivera, October 27, 2008

windows xp boot meny 150x150 Troubleshooting/ Boot Process Menu windowsbootscreen 150x150 Troubleshooting/ Boot Process Menu

The Windows XP boot process works the same way as the Windows NT and Windows 2000 boot process. Tools to recover Windows 2000 also work on Windows XP, in addition Windows XP has added two tools for solving problems with the boot process: System Restore and Automated System Recovery. The tools to use when troubleshooting a failed boot are listed below in the order you should use them. Each tool discussed is more drastic than the one before it, affecting more of the system, installed hardware and software, and user data.

  • Last Known Good Configuration and, in certain situations, Driver Rollback
  • Safe Mode on the Advanced Option Menu
  • System Restore
  • Windows 2000/XP Boot Disk
  • Recovery Console
  • Automated System Recovery
  • Reinstall Windows XP using Windows XP CD

For most problems the user choose the first option because is much easier to get back working Windows XP, the other options are more complicated except System Restore which works only when the Operating System is running. And in case the operating system is completely corrupt the best thing to do is reinstall Windows XP using Windows XP CD.
Read the rest of this entry »

Link to this post Read/Leave Comments [0]

Microsoft Security Bulletin – RPC Vulnerability

By Joel Rivera, October 26, 2008

Microsoft has released an advisory regarding a vulnerability found on the RPC (Remote Procedure Call) which allows easy execution of codes for any hacker. Below is an excerpt of Microsoft website.

“The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.”’

Click on the Microsoft link below to patch system.

Via [Microsoft]

Link to this post Read/Leave Comments [2]