Archive for the ‘trojan’ Category

How to remove Safety Center Trojan

October 26th, 2009 | Author: admin

Source of infection: By opening of email from a friend’s compromised computer.

Trend Micro detected as troj_fraudpac.lk and bat_koobface.a

Solutions:-

I am referring to Bleeping Computer for a solution. Thanks for the solution.

What this programs does:

Safety Center is a rogue security suite from the same family as Privacy Center . Safety Center is a program that pretends to be a security suite consisting of a spyware scanner, a firewall, a registry scanner, and privacy protection. In reality, this program has only one goal and that is to take your money without providing anything in return. When installed, Safety Center will be configured to start automatically. Once started you will be shown a screen that shows a variety of tools that you can use to protect and optimize your computer. In reality, though, all of these tools deliberately display false scan results and information to make it seem like you have a problem. It then tries to have you purchase the program so that you can supposedly fix these problems.

Safety Center screen shot
Safety Center screen shot
For more screen shots of this infection click on the image above.
There are a total of 8 images you can view.

Read the rest of this entry »

Posted in malware, trojan, virus | Tags: , | No Comments »

cutwail spambot

October 5th, 2009 | Author: author

One of my company computers has been infected with this trojan. This is very troublesome indeed.

Symptoms:-

Your email did not go through and it has been rejected by your customers with spam filters.
From firewall logs, there are many outbound connection using SMTP port 25.

Win32/Cutwail.B [Computer Associates], Win32/Cutwail.C [Computer Associates], Win32/Cutwail.M [Computer Associates], W32/Agent.BOY [F-Secure], Troj/Pushdo-B [Sophos]

Source: Symantec

I did check with cbl.abuseat.org and saw my IP address has been detected with cutwail spambot. From the cbl.abuseat.org detail explaination, I have to clean my network before requesting for de-listing to prevent from re-appearing on the list. Too many request for de-listing will get be being blocked from requesting again in future.

Solutions:
I have not found any symptoms from the firewall logs. The computer probably is turned off.

I will continue monitoring for a few days.

Two days later, I found out that one computer is sending a lot of email. From the log, I think there is a least 10 emails per second. I blocked the SMTP outbound port 25 right away while asking the local IT support to fix the computer.

Appreciate if you have other solutions to this problem.

Posted in trojan | Tags: | No Comments »

Rule No. 4 – Plug Out Your Network Cable

June 24th, 2009 | Author: author

This is very important if you are hit by network virus. You have to stop it from spreading to other computers by unplugging your network cable and disable the WIFI.

The last popular example is the conficker worm that infected millions of computers worldwide.

Posted in antivirus, malware, trojan, virus | No Comments »
Categories
Sponsor Links
Live Traffic

Computer

Check Page Rank of any web site pages instantly:
This free page rank checking tool is powered by Page Rank Checker service
Locations of visitors to this page

BlogMalaysia.com

Free Traffic at iWEBTOOL.com

Contact Us | Terms of Use | Trademarks | Privacy Statement
Copyright © 2009 Blog @ E-knows.net. All Rights Reserved.