Showing posts with label Malware. Show all posts
Showing posts with label Malware. Show all posts

Fake Flash Player Update pop up When try to access Google or Gmail

Posted by Muhammed Posted on Monday, May 26, 2014
Today some of my clients had problem with accessing Google and Gmail, they were getting a message says like “WARNING! Your flash Player may be out of date. Please update to continue".

WARNING! Your flash Player may be out of date. Please update to continue

If they tried to close or OK to the pop up message it redirect them a webpage looks like adobe and prompt to download different products.

Fake Flash Player Update


During my research I found, it is a DNS hijack. In my previous post I have explained whatis DNS hijacking and how does it work

To fix this problem, you need to check your DNS server configuration on your computer and router. For this follow the below steps

1. Open Command prompt (Start->Run->Type ‘cmd’)
2. In command prompt, type the command ipconfig /all and press enter
3. Then check the DNS server entry and if it is 23.253.94.129, no doubt that is the culprit

Hijacked DNS


Now you need to remove this entry from your computer or router

Open the Control panel, then Network and Sharing Center and access the active network card properties and change DNS server address. If it is not there, you have to check router and reset the settings.  Depends on the router model, these settings may be vary. If you know your router IP, User name and password, just login and check for DNS configuration settings. 

It is highly recommend to run a deep scan with updated Antivirus program to find out the dropper files if any. All the best !!!

Share your comments about this new threat if you are aware of it. 

How to remove Voga 360 pop up ad from desktop?

Posted by Muhammed Posted on Thursday, March 27, 2014
Vogo Popup

Recently I start to get an email asking about the removal instruction of Voga 360 pop up ad from the desktop.  When I talk to these clients, I understand that they are using an app called Mobogenie, which is the most trending free app from Voga 360 making this problem. Even they removed this app, they are getting same pop up message which is annoying and will not let you close that pop up window.

When I search in Internet, I understood that Voga 360 is an app store from where you can download Hot Apps, Popular Games, Cool Ringtones, and Beautiful Wallpapers for your Android Mobile Phone for Free. But   I am not sure why it shows this kind of bad behavior may be because of improper installation/Un installation of the apps which download it from their website.

I suggested my clients to follow the below steps to remove this ad from the desktop which resolved the issue.

1. Open Add/rem programs and uninstall Mobogenie

Add/Rem programs

2. Open Task Manager and find the process DaemonProcess.exe and right click and End Process

Taskmanager

3. Navigate to C:\Program files and rename the folder Mobogenie to DELETE and restart the computer

4. After restart go to C:\Program files delete the renamed Mobogenie folder

From there you will not get the Voga 360 pop up any more. I personally using Mobogenie on my computer for a quiet long time and I did not face any problem with it. Those who know more about this app, you can share it with us on comments.

What Harmful Things PC Malware Can Do to You

Posted by Muhammed Posted on Monday, March 18, 2013

With so much information swarming the internet, and with so much data broadcasted between PC’s, it’s inevitable that at some point you will contract a virus, whether it’s evil or just a prank. Since evil comes in many forms, PC malware may sometimes sneak undetected onto your system to spy and collect everything you hold dear, or simply lock your date up with ransomware and hold it hostage for a quick buck.

Either way, the typical malware aims to covertly infiltrate and then enable an attacker to do as he pleases with your hardware and data. While some malware is easier to remove than others, it all wants to stay undetected and give an attacker full remote control.

Performance Clogging


If your PC starts chewing on more RAM or CPU power than usual, although nothing has changed in terms of running programs, it might be a sign that something fishy is going on and someone or something might secretly be doing something.  This is usually one of the first signs that something might be going on with your PC and it’s highly recommended you do a full system scan using a security suite.

Your internet connection might also be affected, as data could be mined covertly, clogging your connection in detriment of other apps that might need internet access to perform their regular activities.

Storage drives may also become unresponsive or constantly seem like they’re working harder, meaning that files are either written or copied from your hard disk drives. If you can’t pin down the source of the activity, question marks should follow.

Data Theft


The old axiom that “information is power” has never been more accurate, as every byte of data you send online or have stored on your computer can be used against you. Everything from passwords to bank account numbers or compromising pictures and classified company files can be sold to the highest bidder as long as they have some value to someone.

Virulent adware can sometimes be just as intrusive as malware because it can sometimes require access to more data than users suspect. The more adware frameworks bundled with an app, the more likely the collected data will be broadcasted to more than one third-party.

Strange messages


Some malware may cause strange messages to be displayed when certain files are accessed or when certain applications are used. This could be a result of data corruption - malware is the prime suspect.

If files fluctuate in size without you accessing them, it could be a sign that malware or some remote individual might be accessing and editing them without your knowledge. Access permission errors are usually a sign that either some other application is currently using a file or that some malware wants to keep away prying eyes.

Since error messages are easy to spot, it’s also a good idea to investigate the cause to figure out if the reason behind the “complaint” is really legit.

Antivirus protection disabled


One of the nastiest things malware can do to your PC is to disable your antivirus protection, provided you have one. If your PC is caught with its guard down, all types of malware that lurk on the internet might find their way to you.

By disabling your antivirus and firewall protection, anyone with a little hacking knowledge can remotely seize control of your workstation and start nosing around for sensitive data to use either against you or the company you work for.

An up-to-date antivirus solution should easily disable by your run-of-the-mill malware, but malware won’t stop at infiltrating your computer. The usual behavior is to infiltrate all other computers tiedin to your network so it can silently control them.

Conclusion


While malware can do plenty of nasty things to you, reality dictates that, in some cases, it could be a lot worse or a lot better. User awareness and readiness for dealing with malware and preventing malware infestations is still lagging.

The best way to stay safe is to install a leading security solution and be mindful of what files you download and what websites you visit. Keeping all installed software up to date is not only wise but mandatory, as most systems can be compromised via unpatched vulnerabilities in commonly used software, such as Adobe Flash or Reader.

Article provided by BitdefenderAntivirus, creator of multi-awarded security suite Bitdefender Internet Security 2013

Malware and Security Awareness [Infographic]

Posted by Muhammed Posted on Saturday, March 16, 2013

Here is an interesting infographic which explore the scope of the malware problem and some practical ways to avoid it.


Infographic authored by Inspired eLearning, your source for security  awareness training materials. To view the original post, click here.


How do you get infected with Spyware and other malicious program?

Posted by Muhammed Posted on Wednesday, October 17, 2012
Here I would like to share an interesting video which describes how a normal user gets infected with spyware and other malicious program. This video also tells about how spammers tricks you to believe that the system is infected and the way it steals the personal information of users.



The best protection against these kinds of redirects is an up to date security product that blocks known malicious sites automatically and can detect unknown malicious sites through heuristics as well.

Share your thoughts for better protection. 

How to disable Autorun?

Posted by Muhammed Posted on Sunday, September 30, 2012
An autorun.inf file is a text file that can be used by the AutoRun and AutoPlay components of Microsoft Windows Operating systems. This file is located in the root directory of a volume and the settings inside the autorun.inf could decide what actions should take when the drive is connected or opened. The simplest autorun.inf files have two settings: one specifying an icon and one specify which application to run.

Some types of malwares are using this feature to spread infection through CD-ROM or other removable drives.  Autorun.inf virus typically spreads via removable devices and it runs as soon as a device is plugged to a computer. The safest way to avoid this malware infection is to always scan all devices connected to the computer before it opens.

To avoid this infection get in your computer, you can simply disable the auto play feature using a free utility called Disable Autorun/Autoplay. This program can work with Windows XP/Vista/2003/2008 and Windows 7 (both x86 and x64 systems).

Here's what this program can do for you:

  • Disables AutoRun on drives of unknown type
  • Disables AutoRun on removable drives
  • Disables AutoRun on fixed drives
  • Disables AutoRun on network drives
  • Disables AutoRun on CD-ROM drives
  • Disables AutoRun on RAM disks
  • Disables AutoRun on all kinds of drives


Download Disable Autorun from http://www.disableautorun.com/

Remove funmoods – Uninstall Guide

Posted by Muhammed Posted on Thursday, September 06, 2012
Funmoods is a free add-on for social networks Chat that gives you a huge collection of smileys. Like the default smileys for any social network, funmoods emoticons represent human emotions, facial gestures, tone of voice, and body language. But in addition to smileys for the social network, funmoods includes funny winks, glitter texts, animations, and much more.
However, everyone is not happy with this toolbar because of its browser hijacking behavior. Once it gets installed on the computer, it replaces the default home page and search page with its own and also degrade the browser stability and performance.

Funmood Home Page

How to get rid of funmoods?

To remove funmoods from your computer, go to the Control Panel in your Start menu, then click on Uninstall/Remove Programs, find funmoods Toolbar and click Remove. To complete the removal process, you need to reset the home page and default search engine.

How to remove funmoods from IE:

Go to Tools and then click Internet Options. On General tab, click Use Default.
Go to Tools and select Internet Options. In the first tab labeled General, Under Search click Settings then select your preferred search provider and click set as Default.

How to remove funmoods from FireFox:

Go to Tools, click Options. On General tab, click to select your default homepage setting
Open Firefox and click the downward arrow button next to the search box. Then select Manage Search Engines. Select funmoods Search and click Remove.

How to remove funmoods from Chrome:

1. Click on the icon ‘Customize and control Google Chrome’, select ‘settings.
2. Click the ‘Manage search engine’ button and choose ‘Google’ and make it your default search engine. Remove funmoods Search
 3. To set a home page, click the wrench icon on the browser toolbar and Select Settings. Under Appearance, put a tick mark on Show Home button and change the home page. Also set Open specific pages when you open Chrome. Go to the "On startup" section and click "Set pages" to enter the web addresses.  

How do I remove funmoods from newly opened tabs on my browser?

In Internet Explorer - to remove funmoods search from new tabs, go to Tools -> Internet options -> general -> tabs settings, and set the "when a new tab is opened, open" drop down, and choose "The new tab page".
In Firefox- Go to Tools and then add-ons, click Options, then select Advanced and uncheck the first option "Use funmoods as enhanced search for new tab".

Malware Removal Guide - Free Ebook

Posted by Muhammed Posted on Saturday, August 25, 2012

Table of Contents  

1.       Introduction
2.       What is Malware?
3.       How these malware getting to the computer?
4.       How do I know whether my computer is infected or not?
5.       Malware Removal Instructions
6.       After Removal of Malware
7.       Secure System Settings
8.       Conclusion

1.     Introduction

Is your system infected? Do you want to remove it yourself? This guide will help you to remove malicious software from your computer. We have compiled these instructions with the best of our knowledge and it provides step-by-step instructions on how to remove malware from Windows operating system. As you know Malware removal is a very complicated process and we cannot guarantee any results or outcome.  Before proceed with these troubleshooting steps, we highly recommend you to back up all of your personal files like pictures, documents, videos etc… to a removable media for a security reason. So you will be able to restore your data if system failure or something wrong happened during the process of malware removal.
Disclaimer: This malware removal guide is intended to be used as a self-help guide and we cannot be held responsible for any system or data damage caused by malware or by the tools used in these instructions.

2.     What is Malware?

Malicious threat or Malware is a collective term for programs created deliberately to harm computer system. Malware includes wide range of malicious programs that can be categorized as Virus, Trojan horse, Worm, Expanded Threats, Non-viral security threats.














3.     How these malware getting to the computer?

Most of the users wonder once they got infection on their computer because they don’t know how they get into the computer even if there is security program installed on the computer. The common reason for this is unsecured browsing and download in appropriate content from the Internet. Misleading applications, sometimes called rogue anti-spyware, trick consumers into believing a problem exists on their system. Consumers who trust the messages are tricked into purchasing bogus applications for resolution of the problems they have been duped into believing exist. Misleading applications scam consumers out of money, faking the existence of problems and failing to deliver the protection they promise. They also create a privacy risk as the victim must provide their credit card information to the scammers in order to register the misleading application and solve the supposed problems. The victims of misleading applications have paid for software that does not work, handed their personal information to scammers, and are left with a false sense of security that leads them to potentially greater risks from more aggressive threats.
If you are installing software from a Website, read all disclosures. Some End User License Agreements (EULAs) will inform you that the software you are about to install has secondary spyware applications, but that information may be buried in the EULA. You have to pay attention to the EULA while installing programs.

4.     How do I know whether my computer is infected ?

It is sure that most of the users should have this question. If your computer is infected you can see the symptoms like pop ups, search redirection, system slow etc…depends on the infection on your computer. For example, if your computer is infected with Spyware, you can see number of high risk messages and pop ups on your computer like the below screenshots.













The easiest and simplest way to prevent and remove these threats in the first place is scan your computer using Antivirus program with latest virus definition. If you do not have Antivirus installed on your computer, download a free Antivirus product which is available in the Internet.

5.     Malware Removal Guide

Malware removal tools will help to remove different types of malware, but unfortunately we can’t say it remove 100% of all malware. Therefore, it's important to use more than one tool to detect and remove all the malware.
This session will show you some free tools that you can use to detect and remove infection from your computer. They do an excellent job at detecting threats and completely removing them. However,  Be careful if you are not sure how to use these tools. Comment on our blog if you required more assistance on this. 
1.       Download Malware Bytes Free Edition and scan your computer.
2.       Download HitmanPro and scan your computer
3.       Download TDSSKiller  and scan your computer for Remove Root kits.
4.       If you have an issue with search redirection, you should check for DNS Changer Trojan
5.       Scan your computer using Antivirus with latest virus definition. If you do not have Antivirus installed on your computer download a free Antivirus product (Microsoft Security Essential (Recommended)) from the Internet. 
Alternatively you can use the free online scanners, if you are not able to download the above tools. I recommend Norton Security Scan or Microsoft Safety Scanner.
Important notes
1.       Make sure the virus definition is update before running the scan
2.       Do not use the computer during the scan

6. After Removal of Malware

Once you complete the removal of the malware from your computer, you need to follow the below troubleshooting steps to make sure that there is no traces of infection remains on your computer.
  1. Optimize Internet Explorer settings and delete the temporary files on your computer. I would recommend you to use Ccleaner  to optimize your computer because it is the most useful tool for cleaning your Windows PC and it makes your computer faster and more secure.
  2. Delete all the old system restore points as it may contain malware. To delete restore point refer Windows XP, Windows 7 and Vista
  3. Change all passwords which you are using online

7. Secure System Settings

There are a number of built system settings which help to protect your computer from the infection. Follow the below steps which will ensure they are configured correctly.
  1. Disable Autorun which can be used to spread infections visit http://support.microsoft.com/kb/967715
  2. For Enable Automatic Update visit http://support.microsoft.com/kb/306525
  3. Run an external port scan to make sure no ports are open. https://www.securitymetrics.com/portscan.adp  

8. Conclusion

We have compiled all these instructions with the best of our knowledge. If you required more assistance for resolve any issues with your computer, you can contact us through our blog at any anytime. We value your suggestions and comments.