WORM_STRATION.FA

It is another email virus that comes as an attachment. This worm propagates by attaching copies of itself to email messages that it sends to target addresses gathered from the Windows Address Book. It is capable of sending email messages without using mailing applications, such as Microsoft Outlook. Its main payloads are dropping and downloading malicious file...

Read More

SASFIS

It arrives via a spammed message with a .RAR file attachment. Extracting the compressed file reveals what appears to be an .XLS file. This Trojan drops a file detected as BKDR_SASFIS.AC, which allows threads to be injected to the normal svchost.exe proce...

Read More

Email Spoofing

E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately. Classic examples of senders who might prefer to disguise the source of the e-mail include a sender reporting mistreatment...

Read More

W32.Sobig.F

It is a mass mailing worn that infects hosts computer with innocuously named e-mail attachments such as application.pif and thank_you.pif .When activated, this worm transmitted itself to e-mail addresses discovered on a host of local file types. The end result was massive amounts of Internet traffic. Upon execution, this worm drops a copy of itself in the Windows folder as WINPPR32.EXE. It also drops a non-malicious text file, WINSTT32.DAT, in...

Read More

Most Dangerous Threats

These are some of the most dangerous threats:  NIMDA: Shortly after the September 11 tragedy this computer virus infected hundreds of thousands of computers worldwide. Nimda was considered to be one of the most complicated viruses, having up to 5 different methods of infecting computers systems and duplicating itself. It was started in 2001. SAPPHIRE: SQL Slammer, also known as Sapphire, was launched on January 25, 2003. It was a doozy of...

Read More

Trojan Remover

Trojan or trojan horse is software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms the system. Once a Trojan horse has been installed on a target computer system, a hacker may have access to the computer remotely and perform various operations, limited by user privileges on the target computer system and the design of the Trojan horse. ...

Read More

Denial Of Service Attack

It is is an attempt to make a computer resource unavailable to its intended users by remote users. This is one of the Botnet Attacks. It generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Creators who use make or program this attack will target sites or services hosted on high-profile web servers such as banks, credit card...

Read More

Types of Botnet Attacks

Bot net is a like a robot that sends some codes to remote user as requested by him. It first scans the computer or network for different vulnerabilities and it will use different types of attack . And we have seen what Denial-of-service attacks where multiple systems autonomously access a single Internet system or service in a way that appears legitimate, but much more frequently than normal use and cause the system to become busy. Adware exists...

Read More

Botnet

A botnet is a collection of software agents, or robots, that run autonomously and automatically. It also refers to a network of computers using distributed computing software. A computer "robot" or "bot" that serves the wishes of some master spam or virus originator. The main motive behind these botnets is financial gain along with recognition. Botnets have become a significant part of the Internet, albeit increasingly hidden. Due to most conventional IRC networks taking measures and blocking access to previously-hosted botnets, controllers must now find their own servers. Sometimes a controller will hide an IRC server installation on an educational or corporate site where high-speed connections...

Read More

Famous Hacking tools

Hacking tools are designed or programmed to scan other computers, networks, IP Addresses for vulnerabilities, passwords or any other required data....

Read More

Backdoor BREPLIBOT.C

This memory-resident backdoor arrives on a system as an attachment in spammed email messages. It may also arrive as a dropped or downloaded file from a remote malicious user. Upon execution, this backdoor drops a copy of itself in the Windows system folder.This backdoor uses Digital Rights Management (DRM) Software, which is a form of rootkit technology, in an attempt to hide malware-related files, folders, and processes...

Read More

Hacking Tool

Rootkits are used to hide system information, such as running processes, files, or registry entries. This technology is used in creating a tools that helps in hacking other machines. First 4 Internet Ltd has developed a tool that is a valid Digital Rights Management Software package. As a standalone application, it is non-malicious but some of the malicious application use it to hide their infiltrated files and auto start registry entries thus...

Read More

Removal of NETSKY

This is a Email virus that comes in email attachments and just opening the email will affect the system.We have to find the malware program first. There are many automatic cleaner programs from Trend Micro, Symantec, or Kaspersky etc but preferably manual removal will give us a better cleaning of the file....

Read More

Net Sky Worm

This NETSKY variant spreads via email as a .PIF attachment and gathers email addresses from the files with Different extensions on all the drives.The email message it sends out has varying subjects, message bodies and attachment file names. This worm also deletes several autorun registry entries associated with the following malware in an attempt to prevent their automatic executi...

Read More

TSPY_ARDAMAX.HR

This is the additional infection that infects as a result of exploit HTML_SHELLCOD.SM which will be as a result of IE vulnerability. It steals information and sends it to FTP servers from where some malicious codes that run multiple routines on the infected systems. It logs keystrokes and accesses certain sites and chat logs, which further compromises a user’s privacy....

Read More

Virus that infects Executable Files

This is a virus that will spread  through computers. This file infector may be downloaded by other malware/grayware/spyware from remote sites. This comes with HTML_SHELLCOD.SM exploit that will allow 6more infections along with this. It drops a file that contains the main malicious code and is detected as PE_PARITE.A...

Read More

TROJ_GAMETHI.FMS

This is a Trojan Horse that will come in disguise of the users. Trojans are usually downloaded from the Internet and installed by unsuspecting users with or without their consent.Trojans typically carry payloads or other malicious actions that can range from the mildly annoying to the irreparably destructive. They may also modify system settings to automatically start. Restoring affected systems may require procedures other than scanning with an anti-virus program. This comes in a combination of malware when there is an exploit HTML_SHELLCOD.SM. It brings 8 infections out of which Troj_GAMETHI.FMS is one of them.  Effects: This trojan drops copies of itself in system32 folder with...

Read More

Multiple Malware

There are instances where more than one malware infecting at a same time because of many vulnerabilities and many ways that different malware can attack on a PC. It leads to severe situations and that will crash the PC entirely. There is one particular exploit that brings all the malware and trojans at a time HTML_SHELLCOD.SM that exploits CVE- 2010 3962 and because of which following trojans and malware attack the PC: TROJ_LAMECHI.D, JS_EXPLOIT.ADA, ...

Read More

DIAL THREAT

Dialers dial to predefined numbers to connect to certain sites. Many users run dialers without knowing that some of these programs actually dial long distance numbers or connect to pay-per-call sites in any browser; and that they are being charged for the calls. Dialers are often offered as programs for accessing adult sites...

Read More

Symptoms Of Malware

Malware is the short form of malicious software, is a software designed to secretly access a computer system without the owner's consent or knowledge. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program that will...

Read More

RootkitRevealer

RootkitRevealer RootkitRevealer is an advanced rootkit detection utility. RootkitRevealer successfully detects many persistent rootkits including AFX, Vanquish and HackerDefender....

Read More

True Myths About Computer Viruses

One of the main reasons viruses have become such a threat to today's computer systems is the fact that modern viruses are different in almost every way from what they were in the past. But most computer users are aware of these changes and their idea of enough protection against viruses, worms, and Trojan horses it is still less than what is necessary. Some myths have turned into real situations as time passed by....

Read More

Symptoms of a Rootkit

Rootkit A Rootkit may be composed of one program or a combination of malicious programs that are designed to take control of your computer. Basically, a rootkit will allow hackers or outside attackers have root access to an infected computer. They can virtually act as an administrator and have access to your system without your permission. Rootkits were originally legitimate programs that gave a user or administrator control to fix issues on an...

Read More

20th Century's Most Dangerous Infections

Viruses saw light and managed to cause serious damages to unprepared users and their machines. Millions of users downloaded computer viruses without even knowing about it. Hackers used various ways of penetrating the systems of universities from around the world, even NASA, armed Forces and Government Sites.It shows the increased level of mastery in writing virus programs, malware or hacking methods. Jerusalem The virus was named Jerusalem...

Read More

Dangerous Things On Web

There are list of topics that will download viruses without our knowledge.There are list of threats or dangerous places by going where you may download unwanted infections...

Read More

Identifying Virus, Worm and Trojan -Symptoms

A Computer Virus can attack a PC in many number of ways; email attachments, clicking on links, pen drives, from network computers. Symptoms or identifying a virus infection will be based on many things and the main identifiers are listed below: The computer crashes, and then it restarts every few minutes in the middle of something. The computer restarts on its own. Applications on the computer do not work correctly. Disks or disk drives are inaccessible. You cannot print items correctly. You see distorted menus and dialog boxes. There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension. An antivirus program is disabled for no reason...

Read More

Virus and Its Properties

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation.Viruses can spread from one system to another system on a network. Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail...

Read More

WORM_DOWNAD.KK

This is the latest variant of Worm_Downad.It exploits software vulnerabilities to propagate to other computers across a network. This Worm may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites....

Read More

WORM_DOWNAD.A

This is the primary variant of the family Conflicker/Downad. This .DLL worm may be downloaded from remote sites by other malware. It may be dropped by other malware. It may also arrive bundled with free software packages as a malware component...

Read More

Virus That Damages Hardware

Virus is elaborated as Vital Information Resource Under Seige. A virus is capable of damaging hardware like hard drive, DVD drive, processor, motherboard, etc. There has been much debate on this topic whether it will infect the Hardware on the PC or is it just limited to Software....

Read More

Conflicker/Downad Prevention

The Conficker/DOWNAD worm makes use of a domain generation algorithm (DGA) to download other malware onto infected systems. It prevents user access to antivirus-related sites and propagates via removable drives, network shares, and peer-to-peer (P2P) networks.It drops Autorun.inf in the available hard drives....

Read More

Conflicker/Downad became Intense

This worm comes in four ways and attacks in four different ways. Its variants are Worm_Downad.A, Downad.Ad, Downad.KK, Downad.E. This is a worm that will infect through pendrives, as a bundled package with some malicious software. This gave the worm the reputation of being one of the most notorious malware to ever set foot in the threat landscape. In fact, more than two years after its rise to infamy, its variants continue to infect thousands of unpatched systems worldwide...

Read More

Removal of New Folder Virus

New Folder is a file replicator that drops itself in each and every folder that is there on the hard disk. It will have a characteristics in such a way that it will be skipped from anti-viruses. It eats up the disk space and will make the hard drive crash and will destroy the complete hard drive completely. It mainly propagates using a USB drive or thumb drive or a pen drive...

Read More

WORM_SOHANAD.MY

This is a worm that spreads Propagates via network shares, instant messaging applications,  via removable drives and copies itself in all available physical drives. This worm may be downloaded from remote sites by other malware and It drops copies of itself and sets the attributes of its dropped files to hidden and read-only.  It may be downloaded unknowingly by a user when visiting malicious Websites and that also spreads via removable drives....

Read More

TOP 5 VIRUS INFECTIONS OF ALL TIME

VIRUS is an acronym which stands for Vital Information Resources Under Siege. Computer Virus creates lots of problem in an organization which would result in millions, even billions of dollars in damages and losse...

Read More

Removal of WORM_SOHAND.MY

As this is the worm that auto-executes and comes from different means we may need to be cautious while clicking on any link on the internet and in instant messaging. Removal Steps:  Disable System Restore Use process explorer to find the files loaded by WORM_SOHAND.MY that are running as processes kill their processes. Enable registry Editor, Task Manager, and Folder options  Delete the registry value HKEY_CURRENT_USER>Software>Microsoft>Windows>CurrentVersion>Run   ...

Read More

Facebook Threat Feasibility

Facebook's advanced search feature has brought some of the vulnerabilities in it to the lime light. If some one sets up a habit as smoking and chooses the option only friends should see it, that profile is being displayed when it is searched by advanced search. It is not blocking unless their profile is being excluded from searches...

Read More

Facebook Threats

Facebook is the most used social networking website now a days which has attracted the hackers and attackers to pay interest on this most famous site. They have attacked in different ways...

Read More

Removal of Worm.TDSS.TX

The Trojan has Drops files, Lowers Internet Explorer(IE) security settings, Modifies the Internet Explorer Zone Settings as the payload. It might have occurred by user visiting a malicious website.  The removal of it will have the following steps : Disable System Restore Deletes the files dropped by the worm that is EXPL_CPLNK.SMA. Restart the computer in Safe mode Check mark Search Hidden Files and Folders checkbox in the More advanced options option to include all hidden files in the search result\ Delete the registry values In HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\international acceptlanguage=en-us In HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\featurecontrol\FEATURE_BROWSER_EMULATION...

Read More

WORM_TDSS.TX

This is a very dangerous threat. It attacks the known vulnerability to drop the EXPL_CPLNK.SMA which drops the routines in to the affected system. It lowers the system security and allows access to malicious sites automatically. Effects: It basically exploits the Zeroday exploit  It also lowers Internet Explorer(IE) security settings, allowing auto access to sites with malicious code to run. To propagate, it drops copies of itself into network shares, thus, making itself available to other users This worm may be unknowingly downloaded by a user while visiting malicious websites It executes then deletes itself afterward It drops an AUTORUN.INF file to automatically execute the copies...

Read More

TROJ_RANSOM.QOWA

This trojan uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it disables functionality of the compromised computer so that victims are forced to dial a premium-rate SMS number. It displays a message and prevents users accessing their desktops and applications after which users are forced to provide the required ransom by dialing the premium-rate SMS number displayed on the screen. This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It modifies registry entries to enable its automatic execution at every system startup...

Read More

HouseCall - Free Online Virus Scan

Housecall is one of the free online virus scanners that is good in finding many kinds of threats. It is highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plugins, and other malware. It is a highly rated software that gives almost all-round protection to our computer.  Features: It has a well-known and user friendly interface. It perform fast scans that target critical system areas and active malware.  Its Recent Version has advanced feature of full system scan and custom scan as well. Smart Scan technology refers to patterns in the cloud, delivering the latest protection while reducing download times. Stand-alone,...

Read More

New Tax Scams

Phishers have gotten pretty sophisticated in their ability to create convincingly authoritative-looking web sites and email communications and lookout for phony emails warning you that your tax credit, tax refund, or other tax-related treat is in dire peril unless you go to a web site and divulge all your personal information. If you're ever tempted to respond to such an email, just remember that the IRS does not send out tax-related communications by email. Here's a new phishing scam to look out for—and a good way to recognize any phishing email. A recent scam targets taxpayers who use the Electronic Federal Tax Payment System, or EFTPS, to make federal tax payments online. It follows...

Read More

Back Door

A backdoor in a compurwe system is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program or may subvert the system through a rootkit. WHAT IS BACKDOOR?A backdoor is a malicious computer program or particular means that provide the attacker with unauthorized remote access to a compromised...

Read More

AV Security Suite Removal

AV Security Suite is fake anti-spyware program which imitates a legitimate antimalware application and belongs to the notorious Antivirus Live family of rogue malware. It acts in the same manner as its predecessors, Antivirus Soft and Antispyware Soft, by trying to convince users to buy a license for the software. AV Security Suite enters a user’s computer via Trojans that arrive at the user’s system via infected PDF files. Once it has been installed on the user’s system, AV Security Suite starts performing fake system scans at regular intervals, returning results that claim that the user’s system is under serious threat. It also creates a number of harmless files that it later detects as dangerous...

Read More

WORM_CORONEX.A

This is a worm that comes as an email with an attachment with a names sars.exe, Virus.exe, Corona.exe, death.exe, CV.exe from the emails sars2@hotmail.com, corona@hotmail.com.It is a very dangerous and spreads very fast when executed and slows down the PC. Effects: It does the following things when executed: Changes the home page to http://www.who.int/csr/don/2003_04_19/en/  Drops its file CORONA.exe in windows folder  Adds itself to the registry key HKLM\Software\Microsoft\Windows\Current Version\Run "PC-Config32" = "C:\corona.exe -A"  Drops a file in C:\My Download or in the current directory where it is executed. The corrupted file is filled with useless data that occupies...

Read More

Manual Removal of Security Tool

Security tool which is a rogue anti-virus program that automatically scans the computer and will show fake security alerts, and induces users in to purchasing a fake anti-virus. It will disable all the windows legitimate programs and shows them as infected which actually are not. Removal Instructions: The first and foremost thing we need to do is go to safe mode with networking. Kill the processes that are running in the background using MS-config...

Read More

Security Tool

This is a very frustrating Fake Anti-virus program that keeps on showing you fake threats on the computer and asks to purhcase. Security tool is a rogue anti-spyware program from the same family as System Security which is promoted through the use of Trojans and web pop-up...

Read More