Fake Porn sites are host to Fake Antivirus installs!!

This site  closeporntube.biz is what I call a fake porn site.   They try to trick you into installing Malware.   I did a Virustotal on the install_flash_player.45263.exe and it comes up with:

As you can tell this tryies to install something suspicfious but most are either think it is Fake AV Trojan.  I’ve talked about this in the past and I would hope people wouldn’t fall for this.  If you have run this type of file install_flash_player.*****.exe.   You should do a full scan with a trust Antivirus and I also suggest Malwarebytes or SuperAntiSpyware to do even more scanning on the infected PC. They will try to scare you into buying their product but it is just fraud. Remember if something tells you on the internet to update a program or file, you best bet is to go the site directly and not trust sites that you have not visited before.

Fake Scareware adviser from malware-url.com

This is an example of what you might see if you did have it!!

This site [malware-url.com] now matter how real looking is a URL Hijacker and is what we call a scareware Sponsor for Alpha Antivirus a Clone of Personal Antivirus. This is a new scareware rogue antivirus software. It claims that sites have a malware and you need to activate the security software. Doing this will not help you because this is what they call Ransomware, in which you are prompted to buy their software in order to clean your system. If you follow links from these websites you will be directed to buying the software. It has every makings of some old techniques like Yourbrowserprotection.com it is exactly the same.

These sites gets installed in unsuspecting computers by way of exploits, backdoors, Trojans, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in it but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Email Malware comes a Knocking

I was checking my email and I got a email. I thought we would talk about it some:

Subject Line: Collection on setebembro months
Anexo (fatura_setebembro.doc)179,kb
__________________________________________
Hircon Assessoria Consultoria e Cobrança LTDA
Prezado cliente,
Consta em nosso sistema uma fatura vencida referente ao mes Setembro (09/2009),
caso nao tenha efetuado o pagamento segue o extrato em anexo.
Agradece a Gêrencia.

This is what it is when you translate it:

Subject Line: Collection on setebembro months

Annex (fatura_setebembro.doc) 179 kb
__________________________________________

Hircon Advice and Collection Consulting LTDA

Dear customer

It is recorded in our system won an invoice for the month September (09/2009)

If you have not made the payment following the statement attached.

Thanks management.

File faturasetembro.exe received on 2009.10.24 09:11:49 (UTC)
Antivirus	Version	Last Update	Result
a-squared	4.5.0.41	2009.10.24	Trojan-Downloader.Win32.Banload!IK
AhnLab-V3	5.0.0.2	2009.10.23	-
AntiVir	7.9.1.44	2009.10.23	-
Antiy-AVL	2.0.3.7	2009.10.23	-
Authentium	5.1.2.4	2009.10.24	W32/Trojan-juke-based!Maximus
Avast	4.8.1351.0	2009.10.24	-
AVG	8.5.0.423	2009.10.24	-
BitDefender	7.2	2009.10.24	Gen:Trojan.Heur.je3@rPiM!8aif
CAT-QuickHeal	10.00	2009.10.24	(Suspicious) – DNAScan
ClamAV	0.94.1	2009.10.24	-

List of Fake Antivirus Sites for Sept 18, 2009

Looks like the authors of the fake sites have slowed down today but remember this won’t last long.

Personal Antivirus — Download SUPERAntiSpyware (Database Version 4047):

• antispywaretotalscan5.com
• 4malwarescan.com
• 6malwarescan.com
• 07malwarescan.com
• delete-all-virus09.com
• delete-all-virus07.com
• 01malwarescan.com
• antispywaretotalscan6.com

Rogue Antivirus scareware sites:

• antivirus-plus09.com

WindowsSecuritySuite

• fast-systemguard.net
• fastsystem-guard.com
• yzoysun.cn
• trustsystemprotection.net
• trustsystemprotect.net
• trustsystemprotect.com
• trustsystem-protection.net
• trustsystem-protection.com
• trust-systemprotection.net
• trust-systemguard.com
• trust-systemguard.net
• windows-protectionsuite.com
• trustsystem-guard.net
• trustsystemguard.net
• trustsystemguard.com
• secureandprotect.net
• trust-systemprotect.com
• trust-systemprotect.net
• trust-systemprotection.com
• trust-systemprotection.net

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

Scareware List for July 31, 2009

Looks like they went out and made a quite a few domains lately so Here they are:

• antivirus-live-pro.org (Antivirus Pro Scareware)
• internetantivirusplus.com (Fake Antivirus)
• mybestantivirusplus.com
• securesoftwarebill.com (Rogue System Security Antivirus)
• yourantimalware.com
• totalsurfguard.com
• systemsecuritysupport.com
• stabilitysuite.com
• powersystemstability.com
• onlinecentersupport.net
• identitysecuritysuite.com
• etotalsecurity.com
• defenseinteractive.com
• defenseinteractive.com
• antispyinteractive.com
• antispyavailable.com
• protectionsystem.org(Like Antivirus Pro Scareware)
• realbestantivirusplus.com

Remember these sites are active and are scaring people into buying or installing there product, you should not go to these sites. As you can see the Scareware Writers and domains have been busy this week and have made these to use in this weekend I can bet on that.   These sites are trying to scare you into buying there product or installing there fake antivirus software.    If you are constantly inundated with pop up windows warning you have a virus or trojan and showing you a load of viruses or trojans on your screen. They will probably ask you to install software or buy the product that would be a big waste of time and could possibly install even more malware and also could loose money. You should never download any software from sites you don’t know or buy from sites that you’ve never heard from.

Some more Malware Sites July 29, 2009

I’ve done my usual looking around and found some Rogue Antivirus sites that I call scareware:

• tb2car.com
• rundaqimao.com
• shuncheng2car.com
• dakbesy.cn
• befynru.cn
• scanworldwideweb.com

All these sites are scaring users into installing software that does nothing but bothers the users into registering this software. You should not visit these sites are active right now and are spreading the malware and getting people to install malware. If you have installed this scareware software, I would recommend removing with really Antimalware software and not pay for these fake products.

Threat to System : Moderate

Rating:

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Download SUPERAntiSpyware

Download Malwarebytes

SUPERAntiSpyware now has an ONLINE Scanner that you can use to help get rid of some of the malware that keeps you from running your anti-virus. You should give it a try....

List of fake Antivirus Sites for July 27, 2009

I have found some other sites that are fake Antivirus:

• anti-malware-pro.com (Rouge AntiMalware Software)
• allowsecurityshield.com (Scareware site)
• securedvirusproscanner.com (Personal Antivirus)
• antivirus-best-scannerv2.com (Personal Antivirus)

Most of these sites try to scare you into either installing software or buying their fake software.   Some of these sites have used exploits to install a Trojan or two to have your browser redirect to these sites.   This means that there might be more than one virus or Trojan on your system

Threat to System : Moderate

Rating:

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Download SUPERAntiSpyware

Download Malwarebytes

SUPERAntiSpyware now has an ONLINE Scanner that you can use to help get rid of some of the malware that keeps you from running your anti-virus. You should give it a try....

If your current Anti Spyware software let an infection through, you may want to consider buying SuperAntiSpyware Pro for $29.95 or Buying Malwarebytes for $24.95 are two of the best anti-virus software in my opinion which features highly advanced Real-Time Protection to ensure protection from installation or re-installation of potential threats as you surf the Internet.

(Both Malwarebytes and SuperAntiSpyware are trusted Vendors by CCSS Forums).

Fake Security Adviser from explorersecurityhelper.com

I saw this come in my way and I thought I would share it:

Here is a site that is another scareware attempt from the makers of Personal Antivirus.   They do this to get money from unsuspecting users who think this will protect there system but the truth of the matter, they are either trying to get you to install even more Malware or buy a program that doesn’t do what it claims.   You should never buy from a site you do not know anything about and you should never install software from a site you have no knowledge of

Threat to System : Critical

Rating:

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware. This has altered your browser and can be monitoring your system and should be taken off your system. You should consider your system compromised until you clean your system.

I recommend :

Download SUPERAntiSpyware

Download Malwarebytes

SUPERAntiSpyware now has an ONLINE Scanner that you can use to help get rid of some of the malware that keeps you from running your anti virus. You should give it a try....

List of Malware sites for July 25, 2009

All Of these sites listed below are active and should not be visited:

• folder-antivirus-scanv1.com
• systemsecuritycenter.com
• sheltercloud.cn (Now Redirecting to Adult Friend Finder)
• searchav.net (Now Redirecting to Adult Friend Finder)
• strelyk.info
• gagtemple.info

These sites listed try to get you to download a program sometimes called install.exe, Setup.exe, and are most likely just a way to get you even more infected with malware.  Other sites want to you upgrade which means you probably have some kinda of malware on your system to begin with.   These sites are what I call scareware and will always try to scare you into either buying or installing software.   These sites don’t do anything else but try to make money or get your system infected for them to use.  A couple of these sites require you to quit out of your browser by going to your Taskmanager.   These fake antivirus softwares don’t really protect your system at all but only to annoy the end user into giving these guys a free ride. Two of the sites are now redirecting to Adult Friend Finder, but still should be avoided because of the possibility of an exploit code trying to take over you computer.

Using Malwarebytes to get Rid of Malware

I have been using Malwarebytes for quite some time.  I have the Installer for Malwarebytes in place on a  USB drive so i can use anywhere I go. I have seen several computers with very old Viruses and this actually detected them.

How Malwarebytes useful

• Malwarebytes has a really good protection module to help prevent infections in the first place, but that requires you to buy it.  It should never be used without at least a firewall installed but it is a good defense against what I like to call a Drive by install.
• Automatically create logs of Malware that is found — This is good to for people who want to be able to check out what might be infected.   Also good to help identify the virus or Trojan, and find out how to uninfected it.
• Cheaper than buying AVG — Cost $24.95 which is half of the cost of buying AVG.

Mac Malware on the Rise drive by Downloads

More and more there seems to be a building trend with Malware writers are developing ways to find both Mac systems and PC Systems. In a diary talking about that one mans journey leads to a site that can detect which system you are on and offer up Malware for that system. He also has some other examples of this on a Mac Trojan in the wild.

Now more and more Apple users think they are not vulnerable to the types of antics that the PC users have to deal with day by day.  This however proves they are “WRONG”.   I will keep telling people whether PC or Mac that you need to have Anti-virus and Firewalls installed to help protect yourself from be victim to this type of stuff.  Just a last week Sopho’s issued the OSX/Tored-Fam worm to their databases.   Sopho’s even talks about this in detail on their blog.

Harry Potter and the Half Blood Prince Movie Spreads Malware

It seems in anticipation of the release of Half Blood Prince the Malware authors are starting to send for the movie. For example:

As you can see they really try to fool you into think your are going to be able to watch it for free.    They even put it the movie poster to try to get you to click that link. It is on a blogspot page and has a few Google followers, which I am amazed at because what I have found it.   If you were to click that play link (usa-top-news.info) it will redirect your to (world-news-scandals.com) and then to the final destination (tubes-portal.com). Each site is surprisingly in the US and tries to look like it is a real site. It sends you a file called streamviewer.40018.exe, which I am surprised AVG hasn’t picked this up so I went to see if this was a virus and Virustotal showed me this:

Nikki Catsouras being used to spread Malware

I was doing my usual perusing the internet and I came accross this site about Nikki Catsouras Accident Photos, I won’t go into gruesome details but looks like the Malware Authors are at it again with trying to have you install Fake codecs into your system.

These are some of the nicer picturs on the site

I must warn you if you go to the site there are some very gruesome and disturbing pictures of the accident, but that not what is computer related.  On the site they also have a Video that isn’t really a Video.  Clicking that video link pops up this in my AVG warning window:

This is the Free Version of AVG

As you can see, the Malware authors are using the accident video to get people to install the Fake Codec to install some Trojan, worm, or even a Virus onto your system.  I’ve talked about this from time to time but if  you need to install a codec from a site you don’t trust.  I don’t recommend this to anyone.   I would keep with the known Codecs and keep away from any site that says you will need to install a codec or tries to install a codec.   I also recommend some Free Anti-virus and Free Firewall software to better protect you.  As you can see the free AVG software that I was using did detect this and prevented me from going any further.  So the Free software Anti-virus providers are keeping even the most common users safe.

Fake Emails about Windows Support spam!

According to Trend Micro, Some malicious software is being sent to unsuspecting users about Windows SP1 andSP2 having a error that could damage software or even hardware.  See Trends blog with the photos of the fake spam.

Although from time to time Microsoft does send out security information to Technet subscribers people have also used this in the past to get people to install Viruses and Malware, like this one that installs TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information

Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.

[Via Microsoft]

So if you get an email from Microsoft you’ll probably want to delete it.  Any Microsoft communications will be sent from the Update center.  You should never install software that is from an untrusted website.    If you are concerned you should check the web and find out what people are saying about the situation and see if it is a scam or true!!  Remember only you can prevent a virus or Malware!

5 Steps in Finding the right Affiliates!

So you want to make Money with your blog but don’t know how? I thought I would share with you what I’ve learned in the past few months to earn enough money to pay for the space and web address. I’ll go through each step talking about steps:

First you will need to explore all the great Affiliate programs like OpenX, TMIWireless, Adsense,  Converseon, and Commision Junction.   There is of course even more out on the Internet, but these are ones that I like and have given me some insight as to Commission and Affiliate marketing.  I have been using TMIWIRELESS and Converseon more and more.  I still have Adsense but you have to get a balance on Advertising and what people are wanting.

Find the right fit for you blog and talk about the products you like the most.  I like TmiWireless because you give out free phones and still get money in return and Converseon for recommending Cell Phones. You should figure out what does better, and always keep looking. There are more than a few out that will work for you better. If you know one that I should look into let me know.

And the Oscar goes to . . . Not these guys!

Sans Internet Storm is reporting on Anti-virus Scareware tactic. I’ll quote from them:

ISC reader Gary wrote in to let us know that searching for “oscar presenters” and “oscar winners” with Google brings up a prominently ranked result on a web server in Poland, on a subdomain of “beepl”, which – surprise, surprise – includes a malicious JavaScript. The end result currently seems to reside on stabilitytracewebcom, and is yet another incarnation of the “Fake Anti-Virus Program” malware that we have covered repeatedly. Watch out, the EXE has a meager 6/39 on Virustotal.
[Via Sans]

I did my own research and it is true they are at least 3 sites with the .pl Domain that are used to send you to these fake sites. You should consider checking your system for possible viruses if you been to these sites and are worried. You should also report any site like this to Phishtank to fight this type of scare tactics. Please remember if you are worried about your system this is the best time to install software to prevent these types of scare tactics. Remember you don’t always have to buy software to be safe. There are free anti-virus and Firewall solutions at your fingertips, use them well. It is also a good idea to make sure you have the latest updates from Microsoft while your at it.

Not safe to download a worm : Project Snowblind

It looks like I missed this one yesterday. There seems to be a rogue and probably somewhat of a warez version of the game Project Snowblind.

ccording to Sophos:

Project: Snowblind is a multi-player first-person shooter (in the same genre as Doom) released by Eidos Interactive a few years ago.

A closer examination reveals that the installation program comes with a little nefarious piece of malware (detected by Sophos as W32/Rbot-GXL) that will drop a file called vghhost.exe. This file is actually a network worm as well as an IRC backdoor Trojan.

I must also tell people that if you want to download the demo, you can download it from the EIDO website and Download.com website. I will say I didn’t know about this one until Technibble, published something about this.  Some of the things he publishes are great for the IT Professionals who want to start their own businesses.

I also suggest the Computer Repair Utility Kit, It can be used on a USB and has some good programs that you can use in Computer repair.

Internet Security Companies Warn about Patch Tuesday and Valentines Day.

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

Offline Update 5.0, Clone of Autopatcher to Some!!

Offline updater 5.0 has been released a couple months ago and I just realized it now.  This is an excellent tool for IT professionals who want to keep all your Systems up-to-date with the last patches from Microsoft.  The systems it supports are Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 x64, And Windows Vista / Server 2008.(32 bit and 64 Bit updates).

I find this a very useful program for people who have a multitude of problems, from not being able to get on the net to computer virus infections.  This is really good for big businesses that want to update a lot of systems in easy way without having to wait for downloads of updates to install.   You can take a DVD and update on the fly within Mins.   DVD being Cheap or buying them in bulk helps saves time and money for the company.   Less time spent downloading the updates and more time actually getting work done.  As with the Conflicker, Downadup, and to some the Conflickr Trojan, if you got infected with that little worm.  This would help install the updates that it prevented you from doing in the first place.  I also found that once you download do the update the files are kept on the hard drive so you no longer have to redownload them again.  You just update the updates every second Tuesday of the month and it downloads the newest patches and creates a whole new ISO for you to burn.

Windows 7 UAC a Security Risk?

I just got done reading a blog post about how you could with an easy to make script disable UAC all together. According to Long Zheng, he states that how a malicious software could circumvent the UAC by turning it off.   I simply love the new look and feel of the UAC and hope they can come up with a way to fix the problem.

According to him there is a way to fix this and keep all the new features set.  He has provided the proof of concept for turning of UAC without having it ask. You can download it yourself and try it out, but be careful it will disable UAC.
I hope Microsoft fixes this little flaw and makes it more secure than Vista.  According to Microsoft though, they claim UAC functionality is “by Design“.  I don’t know if it is or isn’t but I do know that it could easily let more Malware into Windows 7 before it got enough people on board.  That is one of the reasons I don’t want Windows 7 Released now.  I don’t want this to become a failure in the minds of people.  I want to look back and see this being successful. Hopefully Microsoft fixes this and makes it even more secure in the future.

People coming from Sites that don’t exist

So I woke up today checking out my sites, and looking outside.   So As I was checking my Stats for my blog.  I cam across a referring site that brought Supposedly Two people to my site.  I looked at the URL for the site:

• http://trojan.fiftystatesclassifiedads.com/index.php

So after seeing the “trojan” Prefix and I am wondering if this was an attempt by Malware to infect my domain.   So I go check this domain out.   I got to it and I get a 404.  I then do a Cache Check with OPENDNS.  I also Then decided to see if it was even Registered domain by the doing a Whois.  So I am opening this up to people who might know.   I did do some research and here’s wha I’ve found out so far.

According to How2hack, they talk about how people want privacy and that it might be someone who does not want to be found.  I tend to agree with them, Privacy for Privacy sake is good but if you want to be private you would you even be checking out websites knowing people will want to find out who really is coming to your site.  The How2Hack site also talks about how this might happen and I see where they are coming from.

Brace for Impact, Brace for Botnet! (Conflicker Worm)

The Worm that has infected 6% of Personal Computers is starting to build into something totally different.  According to some Researchers, they are saying this has to happen soon. And I’ll quote:

In any case, today seems better than the day before and we think that growth of Downadup has been curbed. Disinfection of the worm remains a challenge.

[Via F-secure]

Although this sounds like it has stopped, I don’t think so I am sure the worm will get even bigger.   I don’t think it has been curbed we might have a rest period before the Worms tries again.

“Why is it taking so long?” asked Huger. “That’s what we’re all asking.” He couldn’t recall an attack of this size with such a long lag time between the initial attacks and follow-on downloads of more malware to the hijacked systems.

[Via PcWorld]

Now We know this exploit is being patched as quickly as possible in some areas of the industry but that leaves the question?  What isn’t being patched, I am guess the next stage of this worm is mutant into a new worm much like the way it tries to communicate to download new software or instruction.   I believe it will be using a newer exploit so that it can infect even more computers.   I also think it will be a botnet and so does others.

IE vulnerability in the Wild

Well this was bound to happen, hackers found this vulnerability and is using it for their own purposes. 

It seems they put a virus on your system.  Microsoft has issued an Recommendation and to check out Microsoft Security Bulletin MS06-055.

“What we’ve seen from the exploit so far is it stealing game passwords, but it’s inevitable that it will be adapted by criminals,” he said. “It’s just a question of modifying the payload the trojan installs.”

Said Mr Ferguson: “If users can find an alternative browser, then that’s good mitigation against the threat.”

[Via BBC News]

I personally like to recommend a program that will do a better job at security and that is Firefox,  I also suggest people use the Thunderbird and not Microsoft mail program.  This will greatly reduce your likely hood of getting a virus or Trojan.   Most of the time hackers like to find new ways to infection to get into your system.  If you want to preven having a virus in the future, I’d recommend going to my Malware Resource and check out a good firewall and anti-virus.   This will prevent you from getting some of the viruses and other types of malware.

Crafty little Trojan:W32/DNSChanger.ARNF

Saw this post and couldn’t resist talking about it.   This was talked about on F-secure.    It looks like they use a program call “Homeview Installer” and after you install it you get the Trojan:W32/DNSChanger.ARNF.   So how do you get that off your system?  Before we talk about that, let’s talk about what it does.  According to F-secure:

This malware is dropped onto the system by Trojan-Dropper:W32/Agent.FLN. It is used to change the DNS settings on a system so that information such as passwords and credit card details can be retrieved.

[Via F-secure]

What you need to do to get rid of this of this Trojan is to scan your system.   You will also need to understand that this is a really good Trojan, it sees to modify your DNS and also your Registry.   Once you located and destroyed it you will then want to remove all your restore points.  After that you will want to check my other resources to better protect yourself.   You are the only one to prevent a virus from getting on your system.   If you like this one check out my other post as well.

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

So having seen this I thought I’d come up with ways around this to better protect yourself.  One way to prevent this from getting your sensitive data is to get a program like Sandboxie.   You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer.   I’d also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening.  It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free  to download and try.  It will encrypt your passwords so if they don’t know the master password then they are out of luck.  Roboform is also good for coming up with some strong passwords.  Just some suggestions to prevent from people seeing your sensitive data, you don’t want anyone to get that data.

Are you patched, Secunia Says NO

Think you’ve got nothing to worry about, according to Secunia 98% of computers are not fully patched and are vulnerable to some kinda of attack.

So I wanted to talk about this a little and give you a few good ways to make sure you are patched.  There are several ways to get your system up to almost 100%.

Some things to do is make sure you have your Windows systems updated.  This is easy to make sure, if you have an internet connection you can just check for updates.  If you don’t know how to do it, it is quite simple, Just go here.    If you have Windows Vista all you have to do is hit Start and type in the search box “Windows Update” and hit Enter and you will be taken to the update page.

If you have a system that is off of the Net you could use the Clone of Autopatcher Program to do it for you.   You also need to update all your secondary programs such as Audacity, Open Office, and other programs that you use weekly.

Apple’s Immunity, Botnet sanctuary.

But is Apple projecting a false sense of security just to save face? Many experts repeatedly warn that all operating systems are susceptible to viruses, and as the Mac becomes more popular OS X will inevitably become a bigger target for malicious attacks.

[via Pcworld]

Having said that I feel the notion that Apple is trying to keep there reputation as a virus free system. I can only hope that they stay that way. Which as much as I know, Apple will most like start to be the main source for botnets, because of the lack of security.

According to reports on this blog, people are worried Apple stance on it being the safest and having so much immunity to viruses. Apple in the past has stated they have mislead people with there firewall. Yet Apple takes down that suggestion of having an Anti-virus(Quietly).

Everything I’ve seen suggest that virus writers and Malware writers will MOST likely start targeting the Mac OS X, they know Apple sense of security is Vulnerable to attack and they will exploit it more and more. So what does that mean for Apple, it just means that soon every hacker who has a botnet will want a piece of the Apple Pie and is right now.

Stop botnets in its tracks With a Firewall!

According to PC World and I’ll quote:

According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.

[via PC World]

Now let’s talk about this, having been seeing recent surges of people getting infected.  I’ve come to the conclusion that companies like AVG and other Anti-Virus companies are keeping up.   Now true if all you have is an Anti-virus and nothing else that greatly increases your likely hood of getting a virus.

In a recent virus storm, We have people finding my site because of a Good Firewall.   No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it.  So let’s talk about how to prevent botnet attacks.   This is relatively easy and if you follow some common rules.   You to could be less likely to be infected.  I will say this most people don’t do these common tips and they should do them.

Spying on Spyware.ISpynow!!

This is another Virus that is going around and thought I’d tell you about it:

Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]

Now this one isn’t to hard to figure out what happened.  You have to manually install it on your system to get infected.  Symantec has a great way on uninstalling this annoyance.  I also suggest checking out my other program list just in case you don’t want to buy Symantec Anti-Virus programs.  Some other things to check out is:

• Avg detected Trojan Horse Generic 12.htc? – This has a great article on how to use HiJackthis program and how to make sure you no longer have the virus.
  
• Some Important programs to prevent yourself from having viruses and Malware!! — This article gives you some other programs to use other than Symantec.   You have a wide variety of choices on Anti-virus programs and Firewall Choices.  You also have some choices on Spyware removal programs.

Microsoft kills a fake antivirus tool from 994,061 computers!

According to Arstechnica and I’ll quote:

Win32/FakeSecSen has gone by various names, including Micro Antivirus 2009, MS Antivirus, Spyware Preventer, Vista Antivirus 2008, Advanced Antivirus, System Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus, XPert Antivirus, Power Antivirus, and Ultra Antivirus 2009. Furthermore, it is skinnable, so each of these variants has a different GUI, although the basic functionality is the same: bother users with warnings of malware until they pay up.

The Microsoft Malware Protection Center recently released some data on how the removal tool performed this month: FakeSecSen was removed from 994,061 machines. That number isn’t the highest Microsoft has recorded before, and the number of removals depends on which malware Microsoft adds each month and how widespread it is.

[via Arstechnica]

This seemed to of happened this month with the usual Windows update.  If you haven’t updated your system just yet you should.   This troublesome fake virus seems to have been killed  from several systems.  This could effectively make it harder for these guys who ever designed this program to make money.  I hope microsoft does even more virus removals in next month.  If you still want to try to get rid of these viruses don’t forget to check out my tips on Virus removal.