Malware
Archived Posts from this Category
32.exe Worm
Posted by admin on 25 Oct 2007 | Tagged as: Internet Explorer, Malware, Registry, Registry Cleaner, Trojan, Windows
Not to be mistaken for a critical System 32 file, the 32.exe file is actually a worm which has become notorious for its widespread infection via email. The file preys on our instinct not to touch important looking files, and it also comes with a generator function that will place a random set of characters before the 32.exe. This is to dissuade people from searching the file by name and finding a fix for the problem.
It is deemed low risk and it doesn’t severely compromise the integrity of a system, but it has the capacity to spread rapidly due to its email formula.
It’s worth noting that the actual virus doesn’t come from an email attachment. It is spread by forcing people to click on innocuous looking links in email bodies. The virus then downloads on to the computer directly.
It becomes ingrained in the Windows Registry and this enables the worm to ensure that it is run every time the user restarts Windows. For that reason alone, it can be very difficult to delete without prior knowledge of what you’re looking for.
The 32.exe virus is officially referred to as a Win32.Bofra.E. It copies itself to the System directory but you will need to look closely to find it as there’s no easy way of telling what the prefix to the file will be.
The best way to avoid a 32.exe infection is to ensure that you have a sufficient anti-Virus protection suite in place. The idea of the virus is that while some protection apps may scan attachments for corrupt files, very few of them are capable of checking links in the email itself, until they’ve been clicked, of course. And at that time, it’s too late for many.
You should ensure that you have protection against phishing, which is known to have been contrived through the use of certain32.exe files. It’s also important to block out spyware and malware since these are both damaging not just in the sense that they clog your system, but they open the door for more harmful viruses too.
You will need to run a comprehensive scan of your hard drive to search out the 32.exe virus. It can be located quicker by simply scanning the System directory. But it’s a good habit to use scanning software on the entire hard drive. Pair this with a registry cleaner and you’ll be able to weed out the corrupted files.
Please note that it is necessary to use a registry cleaner, even if the disk-cleanup seems to do the trick at first.
The nature of the Win32.Bofra.E is that it is designed to re-spawn when you boot from scratch. If you don’t remove the registry entries that trigger the virus in to life, you will be simply removing it temporarily until the next start up.
You will only contract the virus if you are using Microsoft Internet Explorer when you open the email link. This is because the worm capitalizes on a security loophole whereby it’s possible to plant malicious content in an IFrame. The same technique isn’t such an issue if you’re using Mozilla Firefox or one of many independent browsers.
Get a Free Online Diagnostic Scan with RegCure PC Optimizer (Download 2 Mins)
What is www.regfixit.com ?
Posted by pcfix on 26 Aug 2007 | Tagged as: Malware, Pop Ups, Regfixit, Software
You may have had a window appear on your computer screen while browsing the internet that states you need to download and run Registry Update from www.regfixit.com to fix the 55 critical system errors that Windows has found on your computer. This program will cost you about $40. www regfixit com is a website and software that sends out pop-up ads to internet users pretending to be a registry cleaner that can fix all of your problems whether they actually exist or not.The truth is that this is a scam. The software that they are trying to sell you only provides patches that Microsoft provides to users for free. However, these pop-up ads do have a positive side to them. They show that your computer is very insecure and you need to take action to correct this.This type of spam has become very common but comes as a useful warning to internet users. It shows that a computer is not taking proper security measures when communicating with the internet and is open to attacks from threats including the Blaster Worm and others. In order to properly protect your computer from these threats, you will need to install a decent firewall. Some people will recommend that you just disable the Messenger service in your Windows operating system. This will prevent the message from showing up on your screen, but this is just a way of ignoring the problem and does not protect you from future threats.For other regular internet pop-up ads you may want to try a program such as 12Ghosts Popup-killer, Pop-up Stopper or the Google Toolbar, all of which can be downloaded for free. You could also switch to a different internet browser that has the ability to block pop-ups. If you are getting pop-up messages even though you have installed a pop-up blocker, you will need to remove adware or spyware that has already been installed on your computer. To do this you can try using Ad-Aware or SpyBot, both of which are very good at locating and removing these problems.You are also going to want to make sure that you are running a good anti-virus program. Some are available for free to home users and can be found online with a quick search on Google. Just remember, this is not the only thing needed to stay safe online. Use common sense and read through a EULA before agreeing to it. Most of the time, you have agreed to let companies install adware and spyware without knowing it.
Get a Free Online Diagnostic Scan with RegCure PC Optimizer (Download Takes 2 Mins)
Adware Problems
Posted by pcfix on 26 Aug 2007 | Tagged as: Ad Ware, Adaware, Malware, Spyware
Everyone has seen it and most of us have been annoyed by it. Adware also known as advertising supported software is simply a program or application that will disply, play or download advertisements to a internet user’s computer once it has been installed on that computer or while it is being used on that computer.
Adware is usually a software package that is included with other programs or applications. The use of adware is advantageous for the developer of a software package as the companies whose adware is being used will pay that developer for including them. For this reason, the developer of the program will often be able to provide it for free rather than charging the end user for the time that they have put into the program. The adware and income that is generated for the developer from it is also often an incentive to continue writing additional code, or upgrades for the software application. Many programs that come with adware installed will have the option for the end user to register or license their copy by paying a fee. Once this has completed, the adware portion of the program is usually turned off so that the paying users are no longer burdend by the presence of advertisements while using the program.
There are many concerns that have arised with the advent of adware. Most of these are security related. For example, many adware packages are actually a form of spyware. The reason this is a concern for the end user is because spyware will track the users activity and report it back to the adware developer who will often sell this information without the end user’s consent. Another type of adware that is often annoying is malware. This software will often interfere with the function of programs on the user’s computer by redirecting them to a web site that they did not want to visit in the first place. This can become extremely annoying for any computer user. The terms adware, spyware and malware are often confused because of their overlapping characteristics.
Spyware has become a large concern for computer security and privacy avocates because these programs will send the internet user’s browsing activity to an advertisement company who will then send targeted advertisements to that user. Kazaa is a popular program that uses this technique.
Other adware programs do not track a user’s activity in this way unless the user of the computer has approved it first. However, many developers will include this information in the Terms of Use or End Users License Agreement, so be very careful to fully read these before selecting I Agree.
There are several programs that have become available to end users to help protect from adware and spyware. Some of which are available for free. One of the most popular, with nearly one million downloads each week is Ad-Aware which is provided by Lavasoft. The personal edition for a home user is provided free of charge, but comercial versions do come with some cost associated.
Programs such as Ad-Aware are only designed to detect and remove adware and spyware programs. So be sure that you do not count on them to detect viruses and other security threats on your computer.
Ad-Aware SE Personal review
Posted by pcfix on 26 Aug 2007 | Tagged as: Ad Ware, Adaware, Anti Spyware, Antispyware, Lavasoft, Malware, Spyware
The most popular antispyware software today is distributed by Lavasoft. Ad-Aware SE Personal, their free version that is available to home users, has been downloaded nearly one million times every week. What exactly is it that makes this program so popular with internet users today?
In our every changing electronic driven culture, maintaining privacy on the internet is on the top of most people’s minds. Ad-Aware SE Personal is a free program that is designed to detect and remove spyware that has been installed on your computer. Why is it so important to have spyware removed from your system?
Spyware is a program that runs in the background. Its only purpose is to perform operations that intrude on your privacy, such as recording the websites that you visit, or even worse, the buttons that you press on your keyboard and then send that information back to the developer of the spyware program. This means that certain spyware developers could potentially have a record of personal emails, information entered into web forms and passwords that you have typed! This is not good for obvious reasons.
Spyware is often found in free downloadable programs that users install on their systems. The only reason that these programs are offered for free in the first place is because spyware developers have paid them to insert their spyware into their software. What’s even worse, is that if you were to completely read the EULAs (End User License Agreement) that come with these programs, they will often tell you that these programs are included! So be sure you never select I Agree, without actually knowing what you are agreeing to.
So now that you have been careless and have spyware programs on your computer, what can you do? Well, go to the Lavasoft website and install a copy of their Ad-Aware SE Personal. Once this has been completed, you will want to run a complete system scan on your computer so that Ad-Aware has the chance to fully check your computer for spyware programs. Once the scan is complete, you will have the opportunity to decide what you would like to do with any spyware programs that Ad-Aware has found on your system. The most concerning of these is any spyware component that is found within your computer’s registry.
Sometimes a program will not work properly once you have used the Ad aware program to remove the spyware component of it, but in this situation you have to ask yourself, do you really want to use a program that requires spyware in order to work properly? Kazaa is an example of one of these programs, so if you must have Kazaa, do not run Ad aware.
If you are a commercial user, or need a more powerful version of Ad-Aware to meet your needs, Lavasoft offers several different versions of their antispyware application. For your convenience in selecting the correct one to suit your needs, Lavasoft has included a product comparison chart that can be found on their website.
Click Here