Expert Virus Removal Services and Technical advice.

We are Providing Computer users with Expert Virus Removal Services and Technical Advice.

Threats and their Removal.

Do you need a quick solution to a technical problem? With our live remote-assistance tool, a member of our support team can view your desktop and share control of your mouse and keyboard to get you on your way to a solution.

Spywares and their Removal.

Are you worried that your computer might be nfected with Spywares? Then this is were you can find Support.

Advices for Protecting the Computer.

Expert Advices for Protecting your computer from attacks from all threats

Different Anti Virus Software and Tools.

Familiarizing different Anti Virus Software and removal Tools.

January 12, 2011

Trojan on mobile

If you are a game enthusiast please be careful in downloading action games. There is a game where you end up downloading a trojan horse called Trojan.Terred. The threat is bundled within a .cab installation file that contains a legitimate game called “3D Anti-terrorist action” and a malicious dialer that we call Trojan.Terred on your Windows Mobile phone.

Virus Terms

There are some general terms that relates to a virus or whenever you look for virus help. There will be postings and information when you read online help. They will have some terms associated with them. They come in handy if you know some terms when you visit anti-virus websites that give information:

Botnet named Chuck Norris

There is another botnet that has attacked the web with the name of Chuck Norris-famous karate fighter. WORM_IRCBOT.ABJ may be downloaded from remote site(s) by other malware or by an unknowing user when visiting a malicious Web site. It takes advantage of the MS03-039 Buffer Overrun vulnerability. In RPC(Remote Procedure Call)SS Service vulnerability to propagate copies of itself across networks. This vulnerability systems users running Microsoft Windows NT, 2000, XP and Server 2003 platform. It tries to access a vulnerable network share by guessing usernames and passwords of password-protected systems via brute force attack.

RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly access services on another computer which itself has come from an open software foundation RPC protocol with microsoft added extensions.

 There are three newly identified vulnerabilities in the part of RPCSS Service that deals with RPC messages for Distributed Component Object Model (DCOM) activation.
It could result in denial of Primary service and  automatic random code execution on user's PC which are a result of incorrect handling of malformed messages. These particular vulnerabilities affect the Distributed Component Object Model (DCOM) interface within the RPCSS Service which handles DCOM object activation requests that are sent from one machine to another.

An attacker who successfully exploited these vulnerabilities could be able to run code with Local System privileges on an affected system, or could cause the RPCSS Service to fail. The attacker could then be able to take any action on the system, including installing programs, viewing, changing or deleting data, or creating new accounts with full privileges.

It drops copies of itself to vulnerable network shares.
It connects to IRC server to take commands from a remote user.
Steals Online Banking Information of the users and Activation keys of popular Game applications.

Commwarrior Virus


Follow these steps to remove Commwarrior manually.

     1.A file manager program must be installed on your phone (usally you will find it at your menu under the 
        Tools > Filemanager).

2. You have to enable the option that alows you to view the files in the system directory.

3. Use your file manager to delete files described here.

Go to the directory c:system\apps\commwarrior 
and delete these files there:
  • commwarrior.exe
  • commrec.mdl

Then go to the directory c:\system\updates
and delete these files there:
  • commrec.mdl
  • commw.sis
  • commwarrior.exe
Then go to the directory c:\system\recogs
and delete this file there:
c:\system\recogs\commrec.mdl

We hope that your cell phone is OK now. To avoid infection in the future read our precaution tips.

The following precautions should be taken to prevent infection of your cell phone:
1. Accustom yourself to disable bluetooth if you don't use it.
2. IF is your bluetooth on and you are receiving file be REALLY careful!
3.Never download cell phone applications from file sharing networks
4. NEVER install any UNEXPECTED application received by MMS message from ANY senders (including your friends!)
Install an anti-virus software for cell phones to get protection in future.

Anti-Virus Scanning Engine Methods

An anti-virus works with an engine that scans all the files on the computer. They are Definition Based and Heuristic Based. Anti-viruses are chosen on four main aspects out of which Scanning Engine is one of them.

The Scanning Engine works in following ways:

1) Definition Based Scanning:
                                   This is one of the methods that the manufacturer will provide with their products, this is one of the best ways that engine updates itself with definitions. This has to be done on a daily basis. Else it will not work. These definitions can also be infected some times, if the update engine goes to a re-directed website for updating the definitions. Definitions are to be updated, if there is any error in it, or in downloading those definitions, it will not get the latest definitions and it will not secure our computer using any browser.


2) Heuristic based Scanning: 

Here the product has some set rules defined while manufacturing and it will work with those set of rules. Say for example it has found a file that will download pop-ups, it will detect it, if a definition is not built for that particular infectious file, it will apply the Heuristic Technology  where it will quarantine the file after the user's confirmation and will monitor it for some period of time. If it finds that file is downloading some infecting files it will then add it to the definitions, based on its extension and will ask remove it or quarantine it.

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More