Posts Tagged ‘Virus’

Kido – dangerous malware / virus software

Monday, June 22nd, 2009

What is Kido?

Kido is a serious threat to the entire Internet community. This malware was first detected in November 2008. It is estimated that with Kido currently infected with at least 5 million computers. The network of infected machines could potentially become the most powerful resource of cybercrimes.

Where is the danger of Kido?

Developed bu it’s authors a giant Kido zombie network (botnet) can potentially provide an opportunity to make machine is powerful DDoS-attacks to any Internet resources, steal confidential data from infected computers and distribute objectionable content (in particular, to conduct large-scale spam list).

How to avoid getting malware Kido?

Good antivirus software successfully blocked the entry of all versions Kido on your computer. Verify that Automatic Updates of your antivirus software is not disabled and, if you have a suspicion that Kido is already able to get on the computer to scan the entire computer using your Anti-Virus. Installation of patches for the MS08-067 vulnerability, of course, is mandatory to prevent infection.

How to understand what happened infecting your computer or network?

In the presence of infected computers on the network increases the volume of network traffic, since these computers from network attacks. Anti-virus applications to an active network screen reported attack Intrusion.Win.NETAPI.buffer-overflow.exploit.

Popularity: 2% [?]

Tags: ,
Posted in News | No Comments »

How to detect / remove W32/conficker/downup/downadup virus

Wednesday, April 8th, 2009

Conficker, also known as Downup or Downadup, is a new, incredibly sophisticated worm that came into existence on around October 2008, which has already infected millions of PCs around the world till this date.Conficker (aka Downadup, Kido) is known to block access to over 100 anti-virus and security websites.

What is Conficker / Downup / Downadup ?

Conficker, also known as Downup or Downadup, is a new, incredibly sophisticated worm that came into existence on around October 2008, which has already infected millions of PCs around the world till this date. W32/Conficker is something you must be very alarmed about because this worm is a resilient virus with built-in p2p and digital code-signing technology capable of completely killing your Windows Security System. The programmer of this virus has repeatedly been updating its software and computer experts don’t have a single clue what the creator is going to do. With an innovative built-in p2p capabilities, this worm can force its way to shared folders, printers, office network, USB flash, and hard drives pretty quickly, and can completely destroy your security software, disable windows update, Windows Defender, Windows Error Reporting tool, etc., leaving your computer open to any attacks. Plus this worm uses a sophesticated RPC request and can execute codes on the targeted computer.

How to Detect / remove Conficker / Downup / Downadup ?

We have our very own easy eye test to detect W32/Conficker virus.

Click here to visit the test page. Get the results for  the page. If your are infected with the virus, download the removal tools mentioned below.

List of Tools :

1) Steps of Removing W32/Conficker using Windows Malicious Software Removal Tool:

  • Disconnect from the Internet
  • Run the program to try and remove the Conficker worm

2) Steps of Removing W32/Conficker using Symantec Virus Removal Tool:

Conficker removal tool

  • Disable System Restore and disconnect from the internet
  • Run the tool to scan for Conficker worm
  • Restart your computer and re-scan again to confirm there is no worm

I am not sure that these security tools can completely remove W32.Conficker from an infected system, but it surely is worth a try, so go for it.

3) Here is another W32.Conficker removal tool released just recently by McAfee, named as Stinger, which can remove 11 trojans including Conficker safely. Download McAfee’s Conficker Removal Tool.

Popularity: 25% [?]

Tags: ,
Posted in Articles, Headline | 2 Comments »

How to Remove Koobface / Facebook Virus

Sunday, April 5th, 2009

What is Koobface?

Koobface is a malicious executable program that is commonly installed without user consent or knowledge. Koobface can be installed by itself or bundled with other infections. Koobface will often display frequent advertisements for bogus products or programs. The presence of Koobface can cause sluggish system performance, system freezes and/or crashes. Eventual system failure and blue screen could also be caused by Koobface. Koobface is not known to replicate itself at the time of this publication.How do I remove Koobface?

This Koobface Removal guide provides two Koobface removal options, automatic Koobface scanner and manual removal. Please see our Koobface manual removal warning before proceeding with manual removal.
Automatic Koobface scanner download

Click here to download Automatic Remover

Manual Koobface removal directions

Warning! Manual Removal of Koobface is intended to be used by advanced users only.

Follow directions below for Koobface removal manually:
Find and Stop Koobface Virus Processes: ctrl+alt+del -> Processes

* fbtre6.exe
mstre6.exe

Find and Remove Koobface Virus registry values:

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “c:\windows\mstre6.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating

Find and Delete Koobface Virus Files:

* C:\\Windows\\fbtre6.exe
C:\\Windows\\fmark2.dat

How did I get Koobface?

Unfortunately it is very difficult to pinpoint the exact distribution point of Koobface. However, common delivery tactics of Koobface could be, but not limited to: trojans, browser exploits, pc ports or other vulnerable access points. We have seen reports of Koobface being distributed through fake media codec downloads as well.
Common symptoms of Koobface?

Possible attributes and symptoms of Koobface are listed below.

* Koobface may push advertisements for rogue security applications
* Koobface may cause frequent popup advertisements
* Koobface may cause sluggish system performance
* Koobface may cause slow PC processing
* Koobface may cause Blue Screen
* Koobface may cause high CPU usage

How do I prevent Koobface?

Once you have cleaned up Koobface, the main tip in order to prevent Koobface and future malicious programs from returning is to stay suspicious of new websites you have never visited. Chances are you were tricked into downloading Koobface when you thought it was something else.

More tips to prevent Koobface from returning:

* Update Windows often
* Update Windows Security Settings
* Turn on Firewall Protection
* Update Anti-Spyware Software Frequently

What is the purpose of Koobface?

The creators or authors of Koobface have one sole objective in mind, money. Almost all forms of malicious code nowadays, with Koobface being no exception, are created to make a buck. The creators or authors of Koobface know that if then can distribute “x” amount of downloads of Koobface then Koobface will generate “y” amount of revenue. In addition, many of these Malware authors have been doing this awhile so they have perfected their conversion rates and will continue to do so.

Who is behind Koobface?

It is difficult to say exactly who is behind Koobface. Certain hypothesis can be created for Koobface though. Chances are the creators or authors of Koobface are located (or at least their servers are) somewhere in either Eastern Europe or China. However, Malware has been retraced back to almost every country in the world so it really difficult to gauge this with any type of accuracy.

Popularity: 87% [?]

Tags: , ,
Posted in Headline | 2 Comments »