Archive for the ‘Security’ Category

« Older Entries

“Koobface” Virus Attacks Facebook

Monday, December 8th, 2008

A virus identified as “Koobface” is using Facebook and its messaging system to infect users’ PCs and obtain their credit card information. “Koobface” main target are the 120 million users of this social networking site. This is by the far the most recent attack of hackers online. They are generally keeping an eye on users of social networking sites.

Barry Schnitt, Facebook spokesperson had already responded regarding the issue. He said that there had been a lot of viruses that attempted to use Facebook to disseminate themselves. However he made it a point that only a very small portion of the whole Facebook population had been directly affected.

Furthermore, Craig Schmugar, McAffe’s researcher added that the virus is still actively infecting PCs together with email threats.

How does “Koobface” work? If your PC has been infected with the virus, it sends notes to your friends and families who also have a Facebook account. The message is headed with an inviting title: “You look just awesome in this new movie.” Of course your friend or family would be tempted to open the message. They will then be redirected to a website which features a free system update download of Adobe’s Flash Player. (more...)

Tags: email threats, facebook, Koobface, mcaffe, social networking sites, viruses
Posted in Internet, Security | No Comments »

Unable to connect to any antivirus site

Wednesday, August 27th, 2008

Just yesterday my computer got infected by nasty virus/spyware, the virus hijack my browser when going to any AV site or known support forum. The virus is preventing me to access those site and instead it redirected me to my localhost/127.0.0.1 . I am using windows XP Pro and was using AVG Free.

I tried to scan using AVG but it does not find anything either. I noticed that the virus definition was not updated, and keep failing to update. The virus is preventing me to access the updates, so what I did is used web proxy to visit the AVG site and luckily I got in and download the updates manually. I scan again and still no virus was found.

So then I went and tried all other free antivirus softwares out there: BitDefender, Avira Antivir, Spybot, and still no luck to find any virus/spyware.

I also tried to checked my HOSTS file and it looked normal. I keep on looking/searching on the net until I found the solution on a cnet forum.
(more...)

Tags: anti malware, antivirus, Bitdefender, free antivirus, hosts file, localhost, mbam, nasty virus, spybot, Spyware, virus definition, viruses, web proxy
Posted in Security, Software | 4 Comments »

Remove Win32/Glenwiry.P virus

Wednesday, June 18th, 2008

Win32/glenwiry.p is a new virus which affects computer especially from USA. Win32/glenwiry.p is a dangerous virus that spreads through security holes and infects network computers. After Win32/glenwiry.p will infect your computer it may download additional malware (trojan horses, spyware, adware, hijackers and keyloggers). Moreover, Win32/glenwiry.p can change system settings and slow your PC.

From Yahoo Answers

CA a/v reported wextract.exe infected with WIn32/Glenwiry.P in 3 locations (all \windows folders, from \system32 through \servicepack1 and \servicepackfiles\i386). First 2 quarantined and the 3rd just listed as infected. XPSP2 popped up a hard request (no redirect to a folder name) for the SP2 disk, which I don't have either, being updated/upgraded via MS Update all along.

I searched the CA support and av center site and got ZERO results on either the filename or the glenwiry name, really surprising! Did a quick update check and my CA AV is fully up to date.

I'm not doing anything until I find out some more information. Going to check the MS site and run another full scan...

Update from CA Antivirus....

This from CA:
Thank you for using CA Security Advisor.

This is to notify you of the results of your submission, issue number 1386780. Please keep this issue number for future reference.

With regards to the file "wextract.exe" submitted by you on 13 Jun
16:58:23 (Australian Eastern Standard Time), we have updated our signature files to resolve the false positive problem.

The Windows PE (I386,EXE) file "wextract.exe" has been determined to be clean. Our researchers have analyzed the file and found nothing suspicious.

So if you are using CA anti-virus and detected the wextract.exe as Win32/Glenwiry.P virus you should update you signature files to resolved the false positive problem.

If you have been infected Win32/Glenwiry.P, here is a software that may help you remove it from your computer. Download NOD32 trial Anti virus form this website: http://www.softpedia.com/get/Antivirus/NOD.shtml .

Make sure to update the virus definition before using it :D

Tags: antivirus, keylogger, new virus, NOD32, security holes, Spyware, Win32/glenwiry.p, yahoo answers
Posted in Security | 2 Comments »

« Older Entries