Archive for: virus

New “UNLOCK NOW FREE” iOS Virus Deleting Phone/SIM Content.

Earlier today and into the evening hours, news has begun circulating telling tales of a new iOS virus building momentum as unsuspecting jailbreak/unlock seekers click tainted links via their iPHone. Said links looks something like “UNLOCK NOW FREE”. But instead of unlocking your iPhone when clicking on the accompanying link, the user is presented with a 10-15 second animation, after which, text is displayed on screen saying: “DOWNLOAD UNLOCK 2 NOW FREE”. Finally, the anti-climactic climax involves all of your data being deleted from your iPhone and SIM card.

We’d like to take a moment to reiterate adopting a standard practice of only clicking on links you’re 100% certain are real and to never (repeat: never) click on links within emails, texts, IMs, etc.

If you’ve got a friend or two who also happen to own an iPhone, you may want to share this little tidbit of information. That’s what friends are for, right?

+Continue Reading

Android App/Trojan Outs You As A Cheap, Pirating Fool.

If you’re a fan of less than legal means of obtaining music, videos, and/or apps, avoid downloading the free “Walk and Text” app from the Android market. While it may seem like a deal considering the real Walk and Text seels for $1, it’s actually far from it — it’s a trojan. It isn’t the most nefarious of trojans, though it’s damaging nonetheless.

Once downloaded, this fake Walk and Text app grabs such information as your phones IMEI number, contact list, and other private data which is then sent back to a remote server. From there, every single contact in your contact list with a phone number is a text message saying:

“Hey, just downloaded a pirated App of the Internet, Walk and Text for Android. I’m stupid and cheap, it costed only 1 buck. Don’t steal like I did!”

Yeah, pretty embarrassing not only because it makes you look like a thieving idiot, but also a thieving idiot who doesn’t have a good grasp on basic English grammar. Of course, if you don’t have a texting plan, paying for several hundred text messages at ~$0.20 a pop won’t be all that entertaining either. You’ve been warned…

+Continue Reading

[Update] Buyer Beware: Samsung Shipping New Laptops Equipped With Keyloggers.

If you thought no one could possibly be as stupid as Sony was several years back when it was found that they purposely distributed CDs that would install rootkits on customers’ computers, think again. Samsung is in the house with a new, even further reaching action — pre-installing keylogging software on new computers.

An article by Eset highlights a 2 - part story which involves a Norwich University graduate, Mohamed Hassan, who discovered a key logger on two brand new Samsung laptops. What’s startling is that the keylogger in question (dubbed “StarLogger”) records text and takes screenshots of the screen, making it even harmful than Sony’s rootkit of the early 2000′s.

Hassan reports that he found StarLogger first on a Samsung R525, and at a later date an R540 from a completely different store. When Mr. Hassan contacted Samsung, he was at first met with several denials and shrugging shoulders. But with a little persistance, Samsung CS finally broke down; they installed the keyloggers to gain customer usage information. Concerned consumers can easily and quickly determine if their computer is infected by checking the C drive for a folder called “SL”, specifically “c:\windows\SL”.

Under no circumstances is a keylogger pre-installed by the manufacturer (or anyone for that matter) ok or necessary. Back in ’04, Sony ended up paying almost $600 million out in fines and compensation. With technology becoming even more important in an increasing number of peoples’ lives and Samsung’s own digital infection potentially more harmful to customers, we could easily see Samsung break Sony’s record. Of course that is assuming a class action lawsuit is filed against Samsung. For the safety of technology users around the world, we certainly hope such a thing happens.

The other much less disastrous scenario (for Samsung, anyway) is if this keylogger is being installed by some disgruntled employee that is directly/indirectly involved in the manufacturer and shipping of Samsung’s laptops. Either way, expect to hear more about this in the coming hours and days.


Congrats to Samsung for not doing a Sony (and ignoring this for days to weeks) and tackling this claim from the get go. After a thorough and very quick investigation, Samsung has responded on their official Korean blog:

The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.

Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.

The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL” folder, as StarLogger.

(Depending on the language, under C:\windows folders “SL” for Slovene, “KO” for Korean, “EN” for English are created.)

Samsung will continue to respect customer needs by providing the highest quality products and services.

**See image below: Vipre (premium) run after creating an empty “SL” folder in the C:\ folder.

McAfee: “Android, Foursquare, iOS, and OS X Big Security Targets for 2011″. #mcafee

If you’ve made a new home with one of the popular services and products including but not limited to iOS devices, OS X-powered computers, and location-based services such as Foursquare, the world is going to end in 2011. McAfee (recently acquired by Intel) released a forecast today naming various popular services and products that while currently low on the threat list, will grow increasingly murky as 2011 trudges on. Of course, coming from an arguably struggling virus software developer, such news of “impending attack” on numerous exploding platforms isn’t exactly all that surprising. In fact, it’s almost a cheap attempt to drum up fear and publicity in hopes of wooing a few new customers.

At this point, it shouldn’t be too hard to figure out that when tech products and services become popular and therefore increase in user base and potential cash flow, so do attempts to crack/hack them.

Should you be careful with your shiny new iPad while you update Foursquare? Of course. But don’t resort to fear mongering and paranoia. Security will become a growing issue with popular consumer electronics and services, though nowhere as much as McAfee is hyping. Be at ease.
+Continue Reading

Limewire Abandoning Legal Music Download Service? #limewire

In my younger years, Limewire was “the next Napster”. It was easily one of the top P2P file-sharing services next to the likes of Morpheus and ShareBear to name a few (ah, the memories). But this past October, those childhood memories came to an end when major music labels finally brought down Limewire’s p2p business. Though in all honestly, over the last half a decade, Limewire had become less of a serious place to find music and more of a one-stop virus shop. Nevertheless, what’s done is done.

But even after the grim outlook that was portrayed after the October closing, Limewire said that there were better times ahead as they had secretly been working on a big *legal* music store front to go head to head with numerous other such store fronts similar to Apple’s iTunes, Amazon, and Walmart digital music stores. But even that appears to be a lost cause, with a new note on the company’s website proclaiming the end is near…
+Continue Reading

[Update 2] Latest AVG Update Breaking Some 64-bit Windows 7 Computers. #avg #windows

In our daily travels through the interwebbs, our computers are silently attacked by faceless villains across the world. Helping us make the journey safely are a bevy of anti-virus, anti-spyware, and anti-malware programs. But every once in a while, a computer becomes unusable not because of the latest and greatest virus, but because of the very software that is supposed to protect us. With that said, users of popular anti-virus software, AVG, will be waking up to a potentially nasty surprise — an un-bootable computer.

The culprit is the latest virus database update, version 271.1.1/3292 (432/3292), which was released at 12.53am CET. The error message being seen:

STOP: c0000135 The program can’t start because %hs is missing from your computer. Try reinstalling the program to fix this problem.

According to AVG, it’s not as bad as it seems. The fix as it stands now comes in a few flavors. Perhaps the quickest and least involved option is to boot into safe mode and do a system restore to a restore point that was made before the latest AVG update. If you are unable to boot into safe mode, proceed to option two which AVG highlights in detail here. Basically, it involves using an AVG Resource CD and renaming a buried system file. A third option involves using Windows 7 Startup Repair. Lastly, a fourth and final fix requires that you read this article before you restart following the update. If you do, find the “. preparations” folder located at C:\Program files (x86)\AVG\AVG10 (64-bit systems) and delete it. Then, continue on with the reboot as normal. You can also use the AVG program itself to delete all of the temporary update files as well.

As of writing, AVG has announced that they’ve removed the update from their servers, and that it is ok to go ahead and update your AVG software once again. Furthermore, AVG will be releasing a tool to help affected users within the next couple of days. Though if that’s not good enough and/or the above methods aren’t working, try taking a look at this thread in AVG’s forums which has several more detailed options to bring your computer back to life.

Anyone’s PC go down because of the update?


Commenter “ako” below found another method to try and fix the AVG problem

This helps me:

Navigate to:
Program FilesAVGAVG10 (32bit operating system)
Program Files (x86)AVGAVG10 (64bit operating system)

Find the following files:
avgrsx.exe or avgrsa.exe
avgchsvx.exe or avgchsva.exe

Delete the Files and reboot

Update 2

Could it be internal sabotage by a disgruntled employee? Apparently AVG just went through some “internal restructuring” the day before yesterday. On that note, when “sabotage by former employee” is mentioned, I always become skeptical myself. Far too often such a claim is made that in the end turns out to be completely false. Although, going by the tipster’s account of the two botched updates occurring in the same day (and a mere day and a half after massive layoffs no less) is certainly eye raising in and of itself.

With that said, the actual internal email sent out to AVG employees the morning of the layoffs is interesting nonetheless. The dots can certainly be connected in such a way to suggest some illicit dealings, though I’ll leave the final decision to each of you. Email after the jump…
+Continue Reading

This is how you say “sorry”: McAfee reimbursing victims or recent svchost.exe snafu, extending services additional two years.

For all of the bitching that people partake of concerning various flips and flops in the tech world, we rarely hear of a follow-up as to what the company in question is doing to things right. Last week, McAfee had a bad week. An update was somehow cleared for public consumption packing a nasty bug — it incorrectly identified svchost.exe (a critical windows process) as a virus, thus deleting it and causing a repeating boot loop. Uh-oh…
+Continue Reading

Virus protection moves to the cloud with Immunet.

While I may run a Mac as my primary computer, I still deal with Windows machines on a daily basis. Because of that, I can never become complacent or comfortable with simply not caring about viruses. Doing so and still spending a considerable amount of time inside of the Windows environment can only end badly for not only me, but those who communicate with me as well. As we all know, much like human viruses, computer viruses can spread just as well, often taking out countless more users in the process. Taking care of these digital diseases over the years has been mainly done with desktop software. The several years however, the digital landscape has changed considerably, with many services that were once considered “desktop only” now moving to the cloud. Highlighting what I said above, how has virus protection done in the migration from local hard disk to blazing fast SSD in a server farm far far away?

Immunet is one such cloud-based virus protection “program” that is a godsend to those with little local space for large programs, don’t want the resource murdering traits of a full blown virus solution, or simply want to try something new. To start, Immunet is 100% free. That right there usually perks up a few ears. But soon thereafter, many quickly lose interest as many desktop virus programs that happen to be free never quite live up to their more expensive brethren. After using Immunet for several weeks, I can honestly say that it is better than the “free” bullet point would lead to. So how exactly did Immunet get started?

The first feature — the cloud — isn’t really new anymore. All it refers to is that something resides on a server, somewhere, far away from your computer. The second “crowd sourcing” feature is actually worth more attention as it is a really cool feature to brag about. The implementation is pretty easy to grasp — whenever an Immunet user encounters a virus, their machine sends the info and scan logs to the Immunet central servers where it is then cataloged and instantly passed on to all other users, giving them protection against that very same virus.

The benefits can quickly be seen. Now instead of having a virus start in a few select areas and spread across unprotected areas because “normal” virus software can only be updated so much, Immunet with it’s cloud based and effectively real-time crowd sourced database means you’ll never be “behind the curve”. If you want a simple image to go by, think of this: Immunet’s business model is effectively an upside down pyramid. Normal virus software downloads MB’s upon MB’s of data to your computer in the form of virus definitions. Immunet on the other hand stores everything on the server and then compares your machine against their virus database and viola!

Overall, using the service is fast and easy. It may not have the numerous windows, panes, tabs, and deep options of some of the more expensive desktop virus software, but for a simple solution (what more do you really need than to scan for viruses?), Immunet is one worth taking a hard look.

Because it’s an extremely light install ~4MB, lightening quick, and barely dips into your local machine’s resources, I have no choice but to recommend Immunet to the millions of net connected computer users out there. It is one tool that your computer shouldn’t be without. Coupled with a desktop virus software package, Immunet’s abilities and usefulness are only magnified. Hey, you can’t ever be too safe, can you?


Energizer USB Duo charger refills batteries with juice, PC’s with Trojans.

Somehow I don’t think this is exactly what Energizer had in mind…

Users of Energizer’s USB DUO Battery Charger are going to want to sever all connections to their computers ASAP. According to the US-CERT (United States Computer Emergency Readiness Team), USB DUO installs a silent yet rather nasty trojan virus that effectively turns your PC into a bot, allowing outsiders access to your PC and digital belongings, and ultimately, gives them total control.

Woried users should pay close attention to a file named “Arucer.dll” using port 7777 as that is the main culprit. The first step is to completely remove the Energizer program, which will effectively cut off the automatically updating trojan. But if I were you, I’d go the extra mile and toss the “Acrucer.dll” out the window too. You can find it in the windows32 folder. You can’t ever be too careful.

Let’s hope next time Energizer is a bit more meticulate in coding and releasing software that is free from viruses, eh?

Slashdot > Computer World