SecurityDaze

Monday, July 16, 2012

MONDAY'S NEVER SEEM TO BE FUN FOR ANYONE

[Viruses make it worse]

I'll touch on a couple of topics, one of my favorites [ed. - as my fervent readers know] is the increase in Malware on Android devices [i.e. - Android phones, Tablets, etc.] Today all my calls were virus/trojan related, but in the windows environment, however after reading some facts off of Trendmicro's blog I can't help but pass on a few tidbits for you.

The researchers at Trendmicro have discovered that in just ONE months time (30days), Android Malware has doubled from 10,000 to 20,000 viruses. More than 1 seems bad enough to me. I'll beat the bushes with a stick again and remind you to get some protection installed on your Android device.

Just before that post was another Android related post about a security hole found in the Yahoo ! APP for androids, that goes into your contacts and starts spamming. If interested, read all about it HERE!.

I did have a fairly interesting Virus call this morning. While the computer is "ON", out from the speakers come a variety of spliced together sounds. This morning, while trying to kill the little bugger, I heard several commercials, part of a audio teaching lecture, some music off a radio station, an interview with someone starring in some movie, and much-much more. Yeah, I could have just unhooked the PC and dropped it off at the shop on the way to my next call, but there's no fun in that - I want to eradicate 'em.

I'm still looking at the ticket and I had to use almost the complete arsenal:

Malwarebytes didn't find anything wrong
Symantec's Endpoint was not disabled (figured that one out when it deleted some of my utilities off of my USB stick.
It couldn't find MSconfig
Combofix wouldn't run
Autorun's worked briefly, enough to uncheck one suspected item, then shutdown
But it was enough for MSconfig to work, allowing the unchecking of two more items.
Cleantemps now worked, and got rid of over 16,000 temp files
And now Hitman could work, found 6 infections but the viruses had cut out the "Activate Free License" part. I was able to manually navigate to one file and delete it.
The MBR (Master Boot Record) was infected/corrupted. Fortunately I had a Windows XP SP3 disk handy and booted to it, and picked repair mode. Once on C:\ I could fix the mbr from the CD I booted to.
Kaspersky TDSS Killer snagged one rootkit and zapped it with a reboot.
Combofix finally ran and found a ton of stuff to delete.

The result: No more pop-ups, a faster PC, and no strange noises from the PC speakers. Needless to say, this took hours of time and thinking because not ever infection is cleaned the same way. How it got infected? Who knows? and if they do, they won't tell you. Surf safe, Surf securely -

'Nuff Said

Brian

No comments:

Post a Comment

TOP TEN SECURITY TIPS

1. Verify that your wireless router is secured, has a name that does not indicate either your name or the router manufacturer, has WPS disabled, and the admin password is not the default password.

2. Keep your Anti-Virus up-2-date. If you have Symantec Anti-Virus 2011, purchase 2012, and when 2013 comes out, upgrade to it.

3. Quick scan your PC twice a month with Malwarebytes.

4. Update your Adobe Reader/Flash, and Java, directly from their websites. Do not trust the pop-up that says you have updates to install.

5. When a pop-up jumps onto your screen, if you don't know what it is, close it.

6. Outlook users (not Outlook Express), keep your "Viewing Pane" closed.

7. If your PC becomes infected, turn it off until a tech arrives.

8. Keep your data backed up, either via external USB drives, or an online service like Carbonite.

9. Don't be cheap. Free anti-virus software only protects you to a certain point. Symantec Internet 2012 will let you know if a link is good or bad when doing a search. If you consider the cost of the software vs. expensive and time consuming virus/trojan removal, it's a small price to pay.

10. Don't trust your email - too many emails which appear to be legit, are not.