Malware

BetaNews.com: Android handsets infected with malware are getting a cleaning job from Google. On March 2nd, Google removed 21 apps from the Android Marketplace that contained malicious code (the number of infected apps is now 58). Now Google is “remotely removing the malicious applications from affected devices” and “pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,” according to a blog post by Rich Cannings, Android security lead. ...

Over the past few decades, computer security has become an important concern among users. Security vendors have faced tremendous challenges dealing with complex security threats with IT experts placing more effort on educating people. Nevertheless, there are many computer security myths that exist today and surprisingly, many people still believe them. In this blog post, we’ll reveal a few of the most common malware myths and the misconceptions that can put you at risk. ...

To help secure your computer against malware: If your computer is already infected or you are in doubt, first look at the Malware Removal Guide. Build up your malware defenses Install antivirus and antispyware programs from a trusted source Never download anything in response to a warning from a program you didn’t install or don’t recognize that claims to protect your PC or offers to remove viruses. It is highly likely to do the opposite. Get reputable anti-malware programs from a vendor you trust. I recommend Avira. It’s highly recommended that you create another layer of protection beyond Avira. This second layer could be composed with Malwarebytes’ Anti-Malware, Hitman Pro or any other on-demand antimalware software. Use a safe browser with good extensions I recommend Google Chrome and Here is my suggested list of extensions for a safe navigation. Update software regularly Cybercriminals are endlessly inventive in their efforts to exploit vulnerabilities in software, and many software companies work tirelessly to combat these threats. That is why you should: ...

If after following this guide you failed disinfecting your computer, or you cannot follow this guide yourself, I will be available to help you. The most important thing in fighting malwares is: Do NOT Panic. Do NOT Hurry. Do NOT ignore any step in removal guide unless I tell you. This manual for removing malwares can be used for either minor or major malware infection. Download and Burn Avira Rescue CD to a blank Disc, Boot your computer using that and let it scan and remove malwares detected (How to use Avira Rescue CD?). Restart your computer into safe-mode with networking. (How to use Safe Mode?) Clean temporary files using TFC. [Let it reboot your computer, come back to Safe Mode With Networking] Download HitmanPro to your desktop, run it in force breach mode (Click here to learn how) and click next to scan your computer, let it remove the malwares it find, if it ask you for license active the 30 Days trial version. after removal, restart your computer. [Try it in Safe Mode With Networking] Download, install and update Malwarebytes Antimalware, let it scan your computer and remove everything it find [Try in Safe Mode With Networking]. Download and run avast! Browser Cleanup to cleanup and reset your browsers. Download and install HostsMan. after install run it, click on “update Hosts”, choose “MVPS Hosts” (and you may choose “Peter Lowe’s AdServers List” for blocking Ads) and in below options choose “Overwrite Current” hosts. this step would immunize your Hosts File and would prevent any internet traffic to malware sites/domains and also would fix Windows Hosts File if it has been HiJacked by malwares. Disable System Restore and then re-enable it again. Learn more how and why? If you have windows installation disc, insert it into drive, open Run command from start menu (In windows vista/7, open start menu and type ‘Run’ and then press enter) and type ‘sfc /scannow’. this will check windows for mission or corrupted files and will restore them from disc. sometimes during getting infection or malware removal some files might get corrupted or being deleted which this action will solve it. Make sure your windows and all installed programs are fully updated and there are no insecure program: Check for Update. also you may do some additional scans too, here is some of them: ...

Symantec Connect: WikiLeaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect users’ computers. Symantec is observing a wave of spam spoofing WikiLeaks to lure users into becoming infected with a new threat. The spam email has subject line “IRAN Nuclear BOMB!” and spoofed headers. The “From” header purports to originate from WikiLeaks.org, although this is not in fact the case, and the message body contains a URL. This URL downloads and runs WikiLeaks.jar which has a downloader ‘WikiLeaks.class’ file. The downloader pulls the threat from http://ugo.file[removed].com/226.exe. Symantec detects this threat as W32.Spyrat. ...

Sunbelt Blog: Above, you can see a vaguely optimistic VirusTotal user summary in relation to a file that’s been doing the rounds for about a month or two. Here is the file in question: A “receipt generator”, I hear you ask – what do people want with one of those? The answer, of course, is rather straightforward: This is a particularly interesting scam, as it doesn’t target regular PC users – it targets the people who sell you things, such as the merchants on the Amazon marketplace. This is what the would-be social engineer sees when they fire up the program: ...

It’s a normal day to us. We receive a new Bamital virus sample report from a customer, and we provide an analysis. Suddenly, something interesting bursts into my eyes: What’s your thought on this code fragment? At the first glance, this piece of code looks like a non-malicious call to manipulate the Windows Printer SubSystem. But if you’ve analyzed Alureon before, it may look familiar to you. Yes, Alureon also takes advantage of the Windows Print Subsystem to install its payload. ...

Mashable: A large number of messages containing only the link “goo.gl/R7f68” has appeared on Twitter today, redirecting the users to various malware-laden sites. The messages are mostly coming from disposable accounts, but they also appear on some accounts that appear to be genuine, which indicates that there’s a worm spreading and sending the messages from infected accounts. Furthermore, all of the messages containing the link are sent from the mobile version of Twitter. ...

The latest W32.Yimfoca.B variants can target malicious links in no fewer than 44 countries and nearly 20 different languages. It has also increased the number of instant messaging applications (previously Yahoo! Messenger) to include the following popular IM clients: Msn Messenger Google Talk ICQ Paltalk Skype XFire Here is a code snippet from W32.Yimfoca.B: This picks the desired messages based on a comparison with the full list of countries listed below: ...

Here’s the latest twist in the “membership” site scam: spam emails that tell potential victims to update their Adobe Reader include links to a web site intended to look like something related to Adobe products, but is selling “memberships.” The REAL way to update your Adobe software is on the help menu: help | check for updates (see the end of this blog piece for details). The spam email: ...