Pages

Thursday, September 16, 2010

'Here you have' e-mail virus threatens the computer world

Recently a massive virus hit e-mail accounts across the world, including the major corporation gaints like Google, Coca-cola, NASA. The trojan virus spread through e-mails with subject lines that read 'Here You Have,' while other versions of worm are hidden under the subject lines like 'This is The Free Download Sex Movies, you can find it here,' and 'Just For You.' Each e-mail contained a link that, if clicked, would download malware into a recepient's computer, and send a wave of similar e-mails to his or her contacts. Although the exact number of victims are not known, the virus attack has forced several employees to abandon their e-mail accounts altogather.
McAfee published a report on its blog, saying that the risk of infection on both home and work e-mail accounts is "low," while acknowledging that it may take time to root out all of the virus's multiple variants. The security firm also identified the virus as a trojan horse, but had not yet determined its origins. Symantec, meanwhile, told ABC that the worm, which it has called 'W32.Imsolk.A@mm,' is similar to the 'Anna Kournikova' worm that hit computers in 2001, and also spread under the 'Here You Have' subject. If you receive e-mails with suspicious subject lines, delete them instantly.


       Add to Technorati Favorites       Bookmark and Share

Wednesday, September 15, 2010

Adobe sounds alarm about the attacks on Flash

Adobe has warned the users of its pdf reader about the bugs in the reader and hackers were exploiting these bugs. But now it has come up with the shocking news of the bugs in the one of the most popular software- Adobe Flash. It is a matter of worry since almost all the computer users view video in their browsers with the help of Flash software. However the company told that it would patch Flash in two weeks and Reader in three weeks.In a new security advisory on Monday, Adobe said that the current version of Flash contains a critical flaw already being used in the wild by criminals to attack Windows PCs. According to the advisory,  "This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system".
Unfortunately, the flaw is present in all the Flash including the editions for Mac, Linux, Android.. But Adobe described the attacks as "targeted" and limited". The attacks were targeted against the windows users. The same bug is also present in Adobe Reader and Acrobat, the company's free PDF viewer, and its commercial PDF creation tool. This is quite natural since both Reader and Acrobat include code to run Flash content embedded in PDF documents, making a bug in Adobe's media player typically require a patch for the PDF programs.
Adobe said it would update Flash to fix that program's flaw in two weeks, sometime during the week of Sept. 27. The two bugs in Reader and Acrobat -- the one disclosed last week and Monday's -- will be patched in the week of Oct. 4 with an emergency, or out-of-band security update.


                Add to Technorati Favorites          Bookmark and Share

Tuesday, September 14, 2010

How to remove IronDefender

I have written articles about several malwares that disguises themselves as the malware removal tool. Here is one more malware that disguises itself as the useful malware removal tool. It's function is almost same as that of the other disguised malwares. It does not scan your computer or find any virus or malware. When IronDefender is installed in a computer it will start along with windows on the next booting. It will perform a fake scan and informs the user that a harmful malware is present in his computer and it has to be removed. It asks the user to register IronDefender by paying a price for registration. Actually the message is a lie to make the poor victim to pay for the malware.
IronDefender will display options that other genuine antivirus as- "Full Scan", "System Scan", "Scan Basic Locations", "Scan Removable Media", "Scan Folder", "Realtime protection" and "Tools". All of the features do not really protect the computer but just show the fake functions only.
If you are a victim of the IronDefender, ir has to be removed immediately !....

Removal:

Kill the process

F0E84.exe
vur4.exe
[random].exe
 
Delete the registry
 
HKEY_CURRENT_USER\Software\IronDefender
HKEY_LOCAL_MACHINE\SOFTWARE\IronDefender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IronDefender
HKEY_CURRENT_USER\Software "Install_Dir" = "C:\Program Files\FDFCA"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "vur4.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "F0E84.exe"     

Delete the files and folders

%ALLUSERSPROFILE%\Start Menu\Programs\IronDefender.lnk
%ProgramFiles%\FDFCA\
%ProgramFiles%\FDFCA\F0E84.exe
%ProgramFiles%\FDFCA\Uninstall.exe
%SystemRoot%\[random].exe
%SystemRoot%\[random].bin
%SystemRoot%\[random].dll
%SystemRoot%\[random].cpl
%SystemRoot%\system32\[random].exe
%SystemRoot%\system32\[random].bin
%SystemRoot%\system32\[random].dll
%SystemRoot%\system32\[random].cpl
%UserProfile%\Desktop\hash
%UserProfile%\Desktop\IronDefender.lnk
%UserProfile%\Local Settings\Temp\[random].exe


        Add to Technorati Favorites      Bookmark and Share