Wednesday, January 31, 2007
The Shield Antivirus 2007 - 30 Day free Trial
The Shield Antivirus 2007™ provides essential virus protection from viruses and privacy threats. Powerful yet easy to use, protect yourself, your family, and your PC online with The Shield Antivirus 2007™. The Shield Antivirus 2007™ gives you 1 year of protection and PCSecurityShield gives you all the free technical support you need to successfully protect yourself. The Shield Pro now comes with Easy Installer, to make download and installation simpler than ever before.
Now try a 30 Day Free Trial. ¶ 10:55 AM 0 Comments
Now try a 30 Day Free Trial. ¶ 10:55 AM 0 Comments
Tuesday, January 30, 2007
Yugster to Give Away $100,000 to Yugsters!
Yugster to Give Away $100,000 to Yugsters!
Popular "Deal of the Day" Site Gives $10 Gift to Each of Over 10,000 Yugster Members.
BOCA RATON, FL (PRWEB) January 29, 2007 -- Yugster (http://www.Yugster.com) announces that it has placed $10 in each of over 10,000 Yugster member accounts -- over $100,000 in total given to current Yugster members, equaling over $100,000 in savings. Discerning shoppers already recognize Yugster.com and its "Daily Deals" as a must when seeking the best deals on the web, but now its latest savings announcements mean the best deals yet! The Yugster $10 Gift will be available for current Yugster members to use when they shop and save at Yugster, and will also be available for a limited time (through February 2, 2007) for new members who sign up with Yugster.
For more information ...
Friday, January 19, 2007
"230 dead as storm batters Europe"
New trojan has been spammed widely, using a real storm in Europe as a decoy message. The emails have a variable subject, including "230 dead as storm batters Europe". Attachment names include "Full Story.exe" or "Video.exe".
¶ 10:04 AM 0 Comments
Tuesday, January 16, 2007
Thursday, January 11, 2007
Malicious New Year greeting Cards
A malware known as Tibs.jy or Luder.A is spamming out massive amounts of malicious New Year greetings cards. They come with variable texts and attachment names, but are always themed around New Year.
Labels: Virus Protection
¶ 8:09 AM 0 Comments
Tuesday, January 9, 2007
Banload.BSX - more Saddam
Reports indicate that Banload.BSX, a trojan, was spammed in e-mails to an unknown number of people. The trojan's attachment is named 'saddam.morto.scr'. This file is a trojan downloader that downloads 3 different variants of the Banker spying trojan. It also directs the system's web browser to the "lasgo.be" website that plays an MP3 file.
¶ 3:57 PM 0 Comments
No Go On The Saddam Videos
So far we've seen three different examples of malware using Saddam-related themes.
These are now detected as W32/Banload.BSW, W32/Banload.BSX and Trojan-Downloader.Win32.Delf.acc.
Source: F-Secure
Labels: Adware/Spyware
¶ 1:01 PM 0 Comments
Saturday, January 6, 2007
What is Active X?
A Web technology developed by Microsoft that enables portable, reusable software components -COM (Component Object Model) objects called ActiveX controls make it possible for a browser to interact with desktop applications, typically to provide additional user interface functions. ActiveX is commonly used by Web designers to embed multimedia files in Web pages. Spyware is frequently downloaded through an ActiveX control.
While ActiveX is primarily used on the Web, it can also be used with desktop applications and other programs. ActiveX is bundled within Microsoft's Internet Explorer Browser.
from Stopzilla
While ActiveX is primarily used on the Web, it can also be used with desktop applications and other programs. ActiveX is bundled within Microsoft's Internet Explorer Browser.
from Stopzilla
Labels: Computer Stuff
¶ 11:30 AM 0 Comments
Win32.Whboy.C
[How to repair]
1. If you are WinXP/ME users, please be inactivate System Recovery Function.
The reason why being inactivate of the system recovery is to clean the virus completely.
You can refer to MS technical documents(Q263455) for more details.
2. Update the engine module for the latest one.
To repair this virus, you need to update the engine for the latest one.
a. ViRobot products users
-Download the latest engine files via our website (www.hauri.net)
b. Non-ViRobot products users
- Use the LiveCall (Free Scan) via the website (http://www.livecall.co.kr)
- Use the trial version of ViRobot products (30days only)
3. How to scan the virus.
a. Run your ViRobot, and choose "all files" in scan option.
- ViRobot Expert 4.0 : [Edit] -> [Configuration] -> [Scan] : Check all files
- ViRobot Desktop 5.0 : [Tools] -> [Configuration] -> [Virus Scan] : Check all files
- LiveCall (Free Scan) : [Advanced Scan] : Check
b. Repair all viruses detected.
c. If [Auto-repair after rebooting] message shows up, please try to re-scan after rebooting the PC.
from Hauri
| Aliases | Virus.Win32.Delf.ap(Kaspersky) | ||
| Type | Virus | Platform | Win32 |
| Damage/Distribution |   | Specific date in active | None |
| Route of infection | Security vulnerabilities | ||
| Typical symptoms | Changes registry, File infection, Creates file , Installing Trojan Horse | ||
| Origin | others | Encryption | No |
| Target of infection | File | Memory residence | No |
| Discovered | [Korea] 12/22/2006 [Foreign] not report | Scan engine needed | 12/22/2006 [Able to detect/repair] |
| Description |
| [How it spread] Spread by Network share which is used password vulnerability. [Infection Symptom] 1. It copies itself as below name in drive folder of the infected system. - (Windows System Folder)(drivers)spoclsv.exe 2. Because it is registered in Registry, after rebooting, it is executed automatically. HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun - Name : svcshare - Data : (Windows System folder)(drivers)spoclsv.exe 3. Modify Registry value as like below. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL - Name : CheckedValue - Data : 0 4. End the process which is included as below string. IceSword pjf(ustc) VirusScan NOD32 Duba Symantec AntiVirus System Safety Monitor System Repair Engineer Wrapped gift Killer Winsock Expert 5. End below processes Mcshield.exe VsTskMgr.exe naPrdMgr.exe UpdaterUI.exe TBMon.exe scan32.exe Ravmond.exe CCenter.exe RavTask.exe Rav.exe Ravmon.exe RavmonD.exe RavStub.exe KVXP.kxp KvMonXP.kxp KVCenter.kxp KVSrvXP.exe KRegEx.exe UIHost.exe TrojDie.kxp FrogAgent.exe Logo1_.exe Logo_1.exe 6. End the service which is related with below security. sharedaccess RsCCenter RsRavMon RsCCenter RsRavMon KVWSC KVSrvXP KVWSC KVSrvXP 7. Delete below Registry Key value. SOFTWAREMicrosoftWindowsCurrentVersionRunRavTask SOFTWAREMicrosoftWindowsCurrentVersionRunkav SOFTWAREMicrosoftWindowsCurrentVersionRunKAVPersonsal50 SOFTWAREMicrosoftWindowsCurrentVersionRunKvMonXP HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunMcAfeeUpdaterUI HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunNetwork Associates Error Reporting Service HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunShStatEXE HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunYLive.exe HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunyassistse 8. Access as below site and download malicious code. - www. 9. Scan the vulnerability by TCP 139 and 445 Port. |
| Removal instructions |
1. If you are WinXP/ME users, please be inactivate System Recovery Function.
The reason why being inactivate of the system recovery is to clean the virus completely.
You can refer to MS technical documents(Q263455) for more details.
2. Update the engine module for the latest one.
To repair this virus, you need to update the engine for the latest one.
a. ViRobot products users
-Download the latest engine files via our website (www.hauri.net)
b. Non-ViRobot products users
- Use the LiveCall (Free Scan) via the website (http://www.livecall.co.kr)
- Use the trial version of ViRobot products (30days only)
3. How to scan the virus.
a. Run your ViRobot, and choose "all files" in scan option.
- ViRobot Expert 4.0 : [Edit] -> [Configuration] -> [Scan] : Check all files
- ViRobot Desktop 5.0 : [Tools] -> [Configuration] -> [Virus Scan] : Check all files
- LiveCall (Free Scan) : [Advanced Scan] : Check
b. Repair all viruses detected.
c. If [Auto-repair after rebooting] message shows up, please try to re-scan after rebooting the PC.
from Hauri
Labels: Virus Protection
¶ 11:28 AM 0 Comments
Thursday, January 4, 2007
What is AdultLinks?
AdultLinks is a malicious executable program that is usually installed without user consent or knowledge. AdultLinks may have the ability to secretly monitor, record, and transmit computer activity. Possible symptoms of AdultLinks include, but are not limited to, sluggish system performance, frequent system crashes, advertisements (Pop-up Ads) and/or high CPU usage among other characteristics. AdultLinks may cause a slow internet connection as well due to the increased usage of bandwidth. Replication is not common with AdultLinks. It is however highly recommended that you remove AdultLinks.
How did I get AdultLinks?
Methods of infection vary for AdultLinks. Most likely, AdultLinks was bundled with another application that was downloaded intentionally. Peer-to-peer programs could also be the source of the infection. Other distribution tactics of AdultLinks include browser vulnerabilities, deceptive Pop-up boxes designed to appear as legitimate Windows dialog boxes, and/or drive-by downloads.
How do I remove AdultLinks?
More than likely, AdultLinks has thoroughly embedded itself in your system making it very difficult to remove manually. In order to ensure the stability of your PC, it is highly recommended that you remove AdultLinks using an Anti-Spyware utility program such as STOPzilla Anti-Spyware. Click here to download STOPzilla and remove AdultLinks now. ¶ 6:07 PM 0 Comments
How did I get AdultLinks?
Methods of infection vary for AdultLinks. Most likely, AdultLinks was bundled with another application that was downloaded intentionally. Peer-to-peer programs could also be the source of the infection. Other distribution tactics of AdultLinks include browser vulnerabilities, deceptive Pop-up boxes designed to appear as legitimate Windows dialog boxes, and/or drive-by downloads.
How do I remove AdultLinks?
More than likely, AdultLinks has thoroughly embedded itself in your system making it very difficult to remove manually. In order to ensure the stability of your PC, it is highly recommended that you remove AdultLinks using an Anti-Spyware utility program such as STOPzilla Anti-Spyware. Click here to download STOPzilla and remove AdultLinks now. ¶ 6:07 PM 0 Comments
Security Center Protection Chart
Our Products | | |||||
| What are Viruses? |  | | | | ||
| What is Adware? | | | | |||
| What Is Spyware? | | |||||
| What are Hackers? | | | ||||
| What is Identity Theft? | | | | |||
| What is Spam? | | | ||||
| What are PopUps? | | |
Labels: PCSecurityShield
¶ 6:03 PM 0 Comments
New Phishing
We've now seen several phishing web sites that are using flash-based content instead of normal HTML. Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content.
Two recent examples, both targeting PayPal: www.ppal-form-ssl.com and www.welcome-ppl.com.
These sites look like the real PayPal front page, but they are actually Flash recreations.
When you type in login information, the SWF file displays a new page, asking for your credit card information.
Labels: Phishing
¶ 3:01 PM 0 Comments
Wednesday, January 3, 2007
Spam Shield Free Trial
Finally the release of Spam Shield 4.0 Free Trial. We got a little wrapped up with the holidays and moving offices but here it is. Try it.
Labels: Spam Protection
¶ 8:55 AM 0 Comments
