Infected with Conficker Worm.
Some or all of the following symptoms are present:
Network slowdown caused by infected machines hammering each other
Heavy traffic on ports 139 and 445
Machines trying to access many gibberish domains
Machines constantly broadcasting (pinging) other machines
Accounts constantly getting locked out as the worm tries to crack passwords, which results in failed logins
Many 529, 675, 680, 681 events in security logs on servers. (All basically pointing to audit failure failed logins)
The following services may be stopped or disabled on infected machines:
Error Reporting
Automatic Updates
Background Intelligent Transfer Service
Windows Defender (if installed and not disabled by VIPRE already)
Blocks certain DNS lookups
Exploits MS08-067 vulnerability in Server service
Does an in-memory patch of DNSAPI.DLL to block lookups of anti-malware related web sites
Disables Safe Mode
Disables AutoUpdate
Kills anti-malware
Scans for and terminates processes with names of anti-malware, patch or diagnostic utilities at one-second intervals
ENVIRONMENT
VIPRE Business
All Supported Environments
SOLUTION
The first step is to implement the steps in this Microsoft KB article. http://support.microsoft.com/kb/962007 This has to be accomplished first, or any fixes that are applied will be undone by the worm. (Please follow the article carefully. Modifying the permissions on the svchost key incorrectly can lead to total network outage resulting in having to fix every machine manually on the entire network.)
Ensure that all the Windows machines on your network are protected by VIPRE. Agents must be up to at least version 3.1.2848 to be fully protected from this threat. If there are any Agents not up to that version, or if there are any machines that do not currently have VIPRE installed, they will be the likely source of continued problems in removing Conficker.
Infected machines on the network must be located and cleaned. To do this we recommend a utility called NMAP. NMAP has built-in Conficker detection and can accurately point out infected machines by analyzing the type of network traffic that they produce. NMAP will not clean the machines identified, it simply tells you which machines need to be deep scanned and rebooted. You can download the NMAP Windows installer here: http://nmap.org/dist/nmap-5.51-setup.exe
During installation, NMAP will install WinPCap. You will need to allow this. WinPCap may already have been installed by another network sniffer. NMAP will ask to uninstall old version and install new. This is OK. You do not need the NPF service to auto-run. It will start as needed when you run NMAP. You likely will want it to add itself to system variables so Windows knows where NMAP lives no matter where the cmd prompt is running from. The machine you install this on usually requires a reboot, so it might be a good idea not to put it on servers running business-critical services that cannot be interrupted. It should not require restart unless you want NPF service to auto start which is really not needed. After the install is complete, the following procedure will direct NMAP to go hunting for any machines exhibiting Conficker like behavior.
The command to locate infected machines: (from an open cmd prompt) "nmap --script p2p-conficker,smb-os-discovery,smb-check-vulns --script-args=safe=1 -T4 -vv -p445 [target_networks] > outputfile.txt" Example: "nmap --script p2p-conficker,smb-os-discovery,smb-check-vulns --script-args=safe=1 -T4 -vv -p445 192.168.1.0-254 > c:\logs\conficker_scan1.txt" The resulting text files is a list of machines that will need a VIPRE deep scan. You may want to run NMAP scans in smaller sections of the network at a time so you do not have large log files to look through. ***Don't change the safe=1 switch or you may crash machines.***Other than the IP range and output log files, you can leave the rest of the string of commands "as is" for best results and highest safety. If you have more than one subnet -- you will need to scan each one separately.
The machines showing under the "likely infected" list are the ones you are most interested in. If VIPRE is installed on the machines, scanned & nothing is found they may just need a reboot to finish removing the worm from memory. If the machines are not rebooted they will continue to generate traffic. If rebooting does not help -- it is possible that the ms08-067 patch either is not installed or has been patched by Conficker itself so will need re-installing.
Once the identified machines have been scanned, cleaned and rebooted you will want to perform a couple more rounds of running NMAP to be certain there are no other infected machines online. Once that is done Conficker traffic should slow and then disappear as the infected machines that were causing it become clean through this process.
Once you are comfortable that everything is cleaned up and you want to lift the restrictions set earlier, you can do so now.
If you applied the GPO according to the Microsoft kb962007 article you cannot simply delete the GPO because doing that will leave the systems in a 'locked down' state.
You will need to lift the restrictions set on the svchost registry key & the windows tasks folder otherwise you may run into issues down the road installing windows updates or any other software that needs write access to those objects.
You should be able to edit the GPO & inherit the permissions from parent objects to restore the default permissions.
The MS article you used to apply the GPO has instructions for resetting the permissions. This should be left in place for a few days to ensure all the PCs on the network get the updated GPO.
You may consider leaving autorun disabled as an added layer of security against threats that use that method to spread.
VIPRE policy configuration recommendations
The policies where the general users are in I would leave the on access at half
This should not have any performance issues yet give VIPRE the chance to react faster to incoming threats before they have a chance to try to execute
If the servers run fine while at the 1/2 way setting It will not hurt to leave them at that
As long as you have the recommended exclusions in place performance shouldn't be hindered
Scanning USB devices should be left enabled across the board
Scanning rootkits should be left enabled across the board
If anything gets through ever again those settings should give you the earliest possible warning so it will be easier to contain to a much more limited number of machines if it does get on more than one.
*https://support.threattracksecurity.com/support/solutions/articles/1000071176-threat-worm-conficker-removal-instructions
============================================================
W32.Downadup, also known as Conficker by some news agencies and
antivirus vendors, is an extremely interesting piece of malicious code
and one of the most prolific worms in recent years. It has an extremely
large infection base – estimated to be upwards of 3 million computers -
that have the potential to do a lot of damage. This is largely
attributed to the fact that it is capable of exploiting computers that
are running unpatched Windows XP SP2 and Windows 2003 SP1 systems. Other
worms released over the past few years have largely targeted older
system versions, which have an ever decreasing distribution.
Infection
W32.Downadup spreads primarily by exploiting the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability
(BID 31874), which was first discovered in late-October of 2008. It
scans the network for vulnerable hosts, but instead of flooding it
with traffic, it selectively queries various computers in an attempt to
mask its traffic instead. It also takes advantage of Universal Plug
and Play to pass through routers and gateways.
It also attempts to spread to network shares by brute-forcing
commonly used network passwords and by copying itself to removable
drives.
Functionality
It has the ability to update itself or receive additional files for
execution. It does this by generating a large number of new domains to
connect to every day. The worm may also receive and execute files
through a peer-to-peer mechanism by communicating with other
compromised computers, which are seeded into the botnet by the malware
author.
The worm blocks access to predetermined security-related websites
so that it appears that the network request timed out. Furthermore, it
deletes registry entries to disable certain security-related software,
prevent access to Safe Mode, and to disable Windows Security Alert
notifications.
Download Removal tool : https://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99
*https://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99
Showing posts with label virus. Show all posts
Showing posts with label virus. Show all posts
Sunday, April 10, 2016
Monday, March 21, 2016
Anti-Viral Foods and Herbs
A virus is an infection that cannot be cured with antibiotics. Examples of viral infections include the common cold and flu. Many foods and herbs are known for their antiviral properties, which means that they prevent or kill viruses. Some foods and herbs also have the ability to boost the immune system.
GARLIC
Garlic's antiviral properties can be attributed to a substance called allicin, which is activated when garlic is crushed, according to Fitness Arts. Garlic can be consumed in a variety of ways--it can be eaten raw or cooked, or taken in a capsule or extract. According to the University of Maryland Medical Center, studies show that people taking garlic supplements are less likely to be infected with the common cold. Also, garlic was shown to speed recovery time once infected.
ST. JOHN'S WORT
The most common use for St. John's Wort is alleviating minor depression, although it has antibacterial and antiviral properties as well. The University of Maryland Medical Center states that laboratory research shows that St. John's Wort may kill or slow the growth of human immunodeficiency virus, or HIV; however, it interferes with medications used to treat people with the virus, so HIV patients should not take the herb, and it should be used with caution in healthy adults who want to use it for its antiviral properties. The herb is contraindicated with several common medications such as antidepressants and anticoagulants. St. John's Wort can be dried and consumed, or can be ingested as a tea. Capsules and extracts are also available.
ECHINACEA
Echinacea is a powerful immune-boosting herb. According to the University of Maryland Medical Center, echinacea can shorten the duration of the common cold and flu, and reduce symptoms such as sore throat, cough and fever. To be effective, it should be taken at the first sign of infection, such as a runny nose, sore throat or fatigue.
ASTRAGALUS
Astragalus is primarily used for its immune-boosting properties. The University of Maryland Medical Center states that studies have shown that astragalus has antiviral properties and stimulates the immune system. Researchers have investigated astragalus as a possible treatment for people whose immune systems have been compromised by chemotherapy or radiation.
VITAMINS
Vitamins A, C, and E are all antioxidants vital to protecting the body against infection. Foods high in vitamin A include carrots and sweet potatoes. Red peppers are surprisingly high in vitamin C, along with the obvious fruits like oranges and grapefruit. Vitamin E can be found in sunflower seeds, almonds and some fish.
http://www.worldwideinfoforum.com/health/the-best-antiviral-foods.html
There are some seriously hardcore herbs out there at your disposal.
1. Prickly ash bark.
This is one mother of an antiviral, good also for chronic infections, depression, and digestive complaints (all which seem to tag along with long-term viruses). Go for the tincture and disregard the package directions. According to the ever-illuminating herbalist Matthew Wood, an effective and therapeutic dose is 1-3 drops of tincture three times a day, no matter your age, weight, or size. Note: prickly ash bark can affect lactation, so use cautiously if you're breastfeeding.
2. Apple cider vinegar.
Mix two tablespoons of raw apple cider vinegar with eight ounces of water and a splash of lemon juice (sweeten with stevia if you like) and drink on an empty stomach three times a day. You can also apply vinegar to any affected areas of the skin, covering the area with a soft bandage (this is more easily done before going to sleep).
3. Oil of oregano.
Another serious antiviral and antioxidant, you can take oil oregano internally (1-4 drops in water twice a day), or externally on affected skin. Use cautiously if pregnant.
4. Garlic.
Eat as much garlic as you can stand. Seriously. A lot. And then eat more. If you can’t stand to eat it, get the capsules (you can find odorless ones) and take lots. Lots and lots and lots. For viral infections on the skin, you can pulp raw garlic and wrap it in gauze. Apply the poultice to the affected area (but don’t use for longer than two weeks). If you have a serious condition such as AIDS or cancer, avoid garlic if there's also a fever present.
5. Goldenseal or Oregon grape.
Goldenseal is a fantastic antiviral, but can be expensive as well as endangered and over harvested. If you can find it, take Oregon grape, the much less expensive, much more abundant cousin to goldenseal. Since both of these herbs contain berberine (which can kill off too much of your natural intestinal flora), take this for one week, then take a week off before resuming. Avoid it if you're pregnant.
6. St. John’s Wort
St. John’s Wort not only offers relief from depression, but it also helps fight viruses and boosts the immune system. Take the recommended dose, following bottle directions. Avoid if you’re currently taking an MAO or protease inhibitor.
Otherwise, all the usual general health stuff applies — fresh fruit and vegetables, exercise, fresh air (especially fresh air). But listen to your body. Viruses can sap our energy and if we exhaust ourselves, then it’s just an invitation for them to hang out longer.
http://www.mindbodygreen.com/0-8990/6-all-natural-antivirals-to-kick-illness-to-the-curb.html
GARLIC
Garlic's antiviral properties can be attributed to a substance called allicin, which is activated when garlic is crushed, according to Fitness Arts. Garlic can be consumed in a variety of ways--it can be eaten raw or cooked, or taken in a capsule or extract. According to the University of Maryland Medical Center, studies show that people taking garlic supplements are less likely to be infected with the common cold. Also, garlic was shown to speed recovery time once infected.
ST. JOHN'S WORT
The most common use for St. John's Wort is alleviating minor depression, although it has antibacterial and antiviral properties as well. The University of Maryland Medical Center states that laboratory research shows that St. John's Wort may kill or slow the growth of human immunodeficiency virus, or HIV; however, it interferes with medications used to treat people with the virus, so HIV patients should not take the herb, and it should be used with caution in healthy adults who want to use it for its antiviral properties. The herb is contraindicated with several common medications such as antidepressants and anticoagulants. St. John's Wort can be dried and consumed, or can be ingested as a tea. Capsules and extracts are also available.
ECHINACEA
Echinacea is a powerful immune-boosting herb. According to the University of Maryland Medical Center, echinacea can shorten the duration of the common cold and flu, and reduce symptoms such as sore throat, cough and fever. To be effective, it should be taken at the first sign of infection, such as a runny nose, sore throat or fatigue.
ASTRAGALUS
Astragalus is primarily used for its immune-boosting properties. The University of Maryland Medical Center states that studies have shown that astragalus has antiviral properties and stimulates the immune system. Researchers have investigated astragalus as a possible treatment for people whose immune systems have been compromised by chemotherapy or radiation.
VITAMINS
Vitamins A, C, and E are all antioxidants vital to protecting the body against infection. Foods high in vitamin A include carrots and sweet potatoes. Red peppers are surprisingly high in vitamin C, along with the obvious fruits like oranges and grapefruit. Vitamin E can be found in sunflower seeds, almonds and some fish.
http://www.worldwideinfoforum.com/health/the-best-antiviral-foods.html
There are some seriously hardcore herbs out there at your disposal.
1. Prickly ash bark.
This is one mother of an antiviral, good also for chronic infections, depression, and digestive complaints (all which seem to tag along with long-term viruses). Go for the tincture and disregard the package directions. According to the ever-illuminating herbalist Matthew Wood, an effective and therapeutic dose is 1-3 drops of tincture three times a day, no matter your age, weight, or size. Note: prickly ash bark can affect lactation, so use cautiously if you're breastfeeding.
2. Apple cider vinegar.
Mix two tablespoons of raw apple cider vinegar with eight ounces of water and a splash of lemon juice (sweeten with stevia if you like) and drink on an empty stomach three times a day. You can also apply vinegar to any affected areas of the skin, covering the area with a soft bandage (this is more easily done before going to sleep).
3. Oil of oregano.
Another serious antiviral and antioxidant, you can take oil oregano internally (1-4 drops in water twice a day), or externally on affected skin. Use cautiously if pregnant.
4. Garlic.
Eat as much garlic as you can stand. Seriously. A lot. And then eat more. If you can’t stand to eat it, get the capsules (you can find odorless ones) and take lots. Lots and lots and lots. For viral infections on the skin, you can pulp raw garlic and wrap it in gauze. Apply the poultice to the affected area (but don’t use for longer than two weeks). If you have a serious condition such as AIDS or cancer, avoid garlic if there's also a fever present.
5. Goldenseal or Oregon grape.
Goldenseal is a fantastic antiviral, but can be expensive as well as endangered and over harvested. If you can find it, take Oregon grape, the much less expensive, much more abundant cousin to goldenseal. Since both of these herbs contain berberine (which can kill off too much of your natural intestinal flora), take this for one week, then take a week off before resuming. Avoid it if you're pregnant.
6. St. John’s Wort
St. John’s Wort not only offers relief from depression, but it also helps fight viruses and boosts the immune system. Take the recommended dose, following bottle directions. Avoid if you’re currently taking an MAO or protease inhibitor.
Otherwise, all the usual general health stuff applies — fresh fruit and vegetables, exercise, fresh air (especially fresh air). But listen to your body. Viruses can sap our energy and if we exhaust ourselves, then it’s just an invitation for them to hang out longer.
http://www.mindbodygreen.com/0-8990/6-all-natural-antivirals-to-kick-illness-to-the-curb.html
Saturday, March 5, 2016
How to remove Android virus
How to remove a virus from Android
Step 1. Put your phone or tablet into Safe mode. This prevents any third-party apps running, including any malware. On many devices you can press the power button to access the power off options, then press and hold Power off to bring up an option to restart in Safe mode. If this doesn't work for your device then you should Google 'How to put [your model name] into Safe mode' and follow the instructions. When in Safe mode you'll see 'Safe mode' at the bottom left of the screen.
Step 2. Open your Settings menu and choose Apps, then make sure you're viewing the Downloaded tab. If you don't know the name of the virus you think has infected your Android phone or tablet, go through the list and look for anything dodgy-looking or that you know you haven't installed or shouldn't be running on your device.
Step 3. Tap on the malicious app (clearly it won't be called 'Dodgy Android virus', this is just an illustration) to open the App info page, then click Uninstall. In most cases, this is all you need to do to remove the virus, but occasionally you might find the Uninstall button is greyed out. This is because the virus has given itself Device administrator status.
Step 4. Exit the Apps menu and tap on Settings, Security, Device Administrators. Here you'll find a list of any apps on your phone or tablet with administrator status. Simply untick the box for the app you want to remove, then tap Deactivate on the next screen. You should now be able to return to the apps menu and remove that app.
Step 5. With the virus now off your Android phone or tablet, all you need to is restart the device to take it out of Safe mode. Now that it's working correctly it's a good time to back up whatever important data you have stored on the device, and install an Android antivirus app to protect you from any future viruses that come your way.
Step 1. Put your phone or tablet into Safe mode. This prevents any third-party apps running, including any malware. On many devices you can press the power button to access the power off options, then press and hold Power off to bring up an option to restart in Safe mode. If this doesn't work for your device then you should Google 'How to put [your model name] into Safe mode' and follow the instructions. When in Safe mode you'll see 'Safe mode' at the bottom left of the screen.
Step 2. Open your Settings menu and choose Apps, then make sure you're viewing the Downloaded tab. If you don't know the name of the virus you think has infected your Android phone or tablet, go through the list and look for anything dodgy-looking or that you know you haven't installed or shouldn't be running on your device.
Step 3. Tap on the malicious app (clearly it won't be called 'Dodgy Android virus', this is just an illustration) to open the App info page, then click Uninstall. In most cases, this is all you need to do to remove the virus, but occasionally you might find the Uninstall button is greyed out. This is because the virus has given itself Device administrator status.
Step 4. Exit the Apps menu and tap on Settings, Security, Device Administrators. Here you'll find a list of any apps on your phone or tablet with administrator status. Simply untick the box for the app you want to remove, then tap Deactivate on the next screen. You should now be able to return to the apps menu and remove that app.
Step 5. With the virus now off your Android phone or tablet, all you need to is restart the device to take it out of Safe mode. Now that it's working correctly it's a good time to back up whatever important data you have stored on the device, and install an Android antivirus app to protect you from any future viruses that come your way.
*https://www.linkedin.com/pulse/how-remove-virus-from-android-delete-your-phone-tablet-mike-rogan
Wednesday, March 2, 2016
AVG AntiVirus for Android
AVG AntiVirus for Android
Why do I need AntiVirus software?
Today, smartphones and tablets are essentially personal computers on the go; and just like personal computers, they are also prone to viruses and malware. With millions of people storing sensitive information on mobile devices and using them to surf the web, read emails and carry out financial transactions, it is not surprising that cyber criminals are targeting these devices.
Malware finds its way onto mobile devices through the same attack vectors by which it infiltrates computers: opening an email attachment, clicking on a web link, or downloading a file or an app. Mobile devices can also be maliciously used by cyber criminals to launch a DDoS (distributed denial of service) attack on cellular networks, just like personal computers are used to “crash” a targeted website by overloading it with illegitimate traffic.
To protect your device against these increasing threats, it is highly recommended to use antivirus software.
What is AVG AntiVirus for Android™?
AVG AntiVirus for Android is a security app for mobile devices like smartphones and tablets. The app's core purpose is to protect your mobile device from security threats and malware which are becoming more and more popular in the mobile domain.
AVG AntiVirus for Android goes beyond protecting your device. With features such as App Lock, Task Killer, Tuneup and its Anti-Theft service, AVG AntiVirus for Android also helps you maintain your privacy, monitor performance, and remotely lock, locate, and wipe your device if it is ever lost or stolen.
What are the differences between the AVG AntiVirus FREE and PRO versions?
AVG offers two versions of AVG AntiVirus for Android: FREE and PRO. The FREE version offers our malware protection as well as several value-added tools. The PRO version is a full version that includes all the app’s advanced features.
*http://www.avgmobilation.com/support/frequently-asked-questions/android/#faq144
Why do I need AntiVirus software?
Today, smartphones and tablets are essentially personal computers on the go; and just like personal computers, they are also prone to viruses and malware. With millions of people storing sensitive information on mobile devices and using them to surf the web, read emails and carry out financial transactions, it is not surprising that cyber criminals are targeting these devices.
Malware finds its way onto mobile devices through the same attack vectors by which it infiltrates computers: opening an email attachment, clicking on a web link, or downloading a file or an app. Mobile devices can also be maliciously used by cyber criminals to launch a DDoS (distributed denial of service) attack on cellular networks, just like personal computers are used to “crash” a targeted website by overloading it with illegitimate traffic.
To protect your device against these increasing threats, it is highly recommended to use antivirus software.
What is AVG AntiVirus for Android™?
AVG AntiVirus for Android is a security app for mobile devices like smartphones and tablets. The app's core purpose is to protect your mobile device from security threats and malware which are becoming more and more popular in the mobile domain.
AVG AntiVirus for Android goes beyond protecting your device. With features such as App Lock, Task Killer, Tuneup and its Anti-Theft service, AVG AntiVirus for Android also helps you maintain your privacy, monitor performance, and remotely lock, locate, and wipe your device if it is ever lost or stolen.
What are the differences between the AVG AntiVirus FREE and PRO versions?
AVG offers two versions of AVG AntiVirus for Android: FREE and PRO. The FREE version offers our malware protection as well as several value-added tools. The PRO version is a full version that includes all the app’s advanced features.
*http://www.avgmobilation.com/support/frequently-asked-questions/android/#faq144
Tuesday, March 1, 2016
How to fix Monkey Test and Time service Ghost push viruses android
Ghost push trojan malware is the origin of monkey test android virus & Time service virus. Ghost push injects malicious code into fake apps with the famous app name such as Talking Tom 3, Privacy Locker or smart locker.
This Trojan malware gets installed on your smartphone, once you download and install the infected apps from outside of Google Play.
The most common Ghost Push viruses that are currently infecting the Android smartphones are monkey Test, Time service, cameraupdate.apk, providerdown.apk, thememanager.apk, providercertificate.apk.
Cheetah Mobile is the developer of popular apps such as Clean Master and CM Security Antivirus, who investigates more about Ghost push right from the beginning. Now, they came up with the new security tool called Ghost Push Trojan Killer App to remove those Trojans. Follow the below steps to remove those virus/malware from your device.
Download and install the Ghost Push Trojan Killer App
Freezing is the alternative way to stop an app from background running and auto start. There are several apps available on Google Play store to freeze any app. Link2SD and device control are the excellent tool in this category.
Install either Link2SD or Device control app.
Once installed, open either Link2SD or Device control on your smartphone and tap on Monkey test app.
3. After the virus app getting frozen, try to uninstall Monkey Test & Time service app by using Link2SD or Device Control
4. Immediately, you will get a list of option to control the app, select Uninstall from there. If the application failed to uninstall, just try to utilize the Freeze mode.
solution-to-remove-Monkey-Test-and-Time-service-virus-from-Android-device-control
Repeat the step 2 & 4 to stop Time service virus from background running.
Manually deleting Ghost Push viruses:
Depending on your Android version, go to the below location which, is available on your device. Find the Ghost Push virus such as Monkey Test, Time service, cameraupdate.apk, providerdown.apk,thememanager.apk, providercertificate.apk and delete it.
Phone memory/data/app.
Phone memory/vendor/operator/app.
Phone memory/system/priv-app.
Phone memory/system/apps.
Phone memory/system/preloadapp.
Alert: You should have root access to navigate to this location. Otherwise, this trick also will not work.
This Trojan malware gets installed on your smartphone, once you download and install the infected apps from outside of Google Play.
The most common Ghost Push viruses that are currently infecting the Android smartphones are monkey Test, Time service, cameraupdate.apk, providerdown.apk, thememanager.apk, providercertificate.apk.
Cheetah Mobile is the developer of popular apps such as Clean Master and CM Security Antivirus, who investigates more about Ghost push right from the beginning. Now, they came up with the new security tool called Ghost Push Trojan Killer App to remove those Trojans. Follow the below steps to remove those virus/malware from your device.
Download and install the Ghost Push Trojan Killer App
Freezing is the alternative way to stop an app from background running and auto start. There are several apps available on Google Play store to freeze any app. Link2SD and device control are the excellent tool in this category.
Install either Link2SD or Device control app.
Once installed, open either Link2SD or Device control on your smartphone and tap on Monkey test app.
3. After the virus app getting frozen, try to uninstall Monkey Test & Time service app by using Link2SD or Device Control
4. Immediately, you will get a list of option to control the app, select Uninstall from there. If the application failed to uninstall, just try to utilize the Freeze mode.
solution-to-remove-Monkey-Test-and-Time-service-virus-from-Android-device-control
Repeat the step 2 & 4 to stop Time service virus from background running.
Manually deleting Ghost Push viruses:
Depending on your Android version, go to the below location which, is available on your device. Find the Ghost Push virus such as Monkey Test, Time service, cameraupdate.apk, providerdown.apk,thememanager.apk, providercertificate.apk and delete it.
Phone memory/data/app.
Phone memory/vendor/operator/app.
Phone memory/system/priv-app.
Phone memory/system/apps.
Phone memory/system/preloadapp.
Alert: You should have root access to navigate to this location. Otherwise, this trick also will not work.
*http://www.techracket.com/guide-to-remove-monkey-test-android-virus-time-service-ghost-push-viruses/
Saturday, February 27, 2016
How to remove Android virus Mazar BOT
How to remove Android virus Mazar BOT
There are a few things you can do to keep your phone safe from Mazar BOT, and we recommend you take a moment now to verify and adjust these settings.
1. First of all, NEVER click on links in SMS or MMS messages on your phone. Android phones are notoriously vulnerable and current security product dedicated to this OS are not nearly as effective as they are on computers.
2. Go to Settings > Security and make sure this option is turned OFF: „Unknown Sources – Allow installation of apps from sources other than the playstore.”
3. Install a top antivirus for Android. It may not be enough to protect your phone, but it’s certainly good to have. You can find top-rated options in this article.
4. Do not connect to unknown and unsecured Wi-Fi hotspots. There are plenty of dangers lurking out there, and following some common-sense steps to keep yourself safe from them is the best thing to do. Also, keep your Wi-Fi turned OFF when you don’t use it.
5. Install a VPN on your smartphone and use constantly. It’s good for both your privacy and your security.
6. Maintain a cautious attitude at all times. Android security has not kept up with the high adoption rate of smartphones running the OS, and users may have to wait a long time until better security solutions appear. Until then, a careful evaluation of what happens on your phone is a very good safeguard.
https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/
HOW TO PROTECT YOUR PHONE FROM THE MAZAR MALWARE
Online security experts Heimdal recommend taking a number of steps to protect against infection by the Mazar malware.
1. Never click on links in SMS or MMS messages on your phone
2. Go to Settings > Security and turn off the option that allows installation of apps from unknown sources
3. Install antivirus software for Android
4. Do not connect to unknown or unsecured WiFi hotspots
5. Install a VPN on your smartphone
Read more: http://www.dailymail.co.uk/sciencetech/article-3450938/Beware-Android-virus-WIPE-phone-Experts-warn-users-Mazar-malware-spread-text-message.html#ixzz41HkWURMW
There are a few things you can do to keep your phone safe from Mazar BOT, and we recommend you take a moment now to verify and adjust these settings.
1. First of all, NEVER click on links in SMS or MMS messages on your phone. Android phones are notoriously vulnerable and current security product dedicated to this OS are not nearly as effective as they are on computers.
2. Go to Settings > Security and make sure this option is turned OFF: „Unknown Sources – Allow installation of apps from sources other than the playstore.”
3. Install a top antivirus for Android. It may not be enough to protect your phone, but it’s certainly good to have. You can find top-rated options in this article.
4. Do not connect to unknown and unsecured Wi-Fi hotspots. There are plenty of dangers lurking out there, and following some common-sense steps to keep yourself safe from them is the best thing to do. Also, keep your Wi-Fi turned OFF when you don’t use it.
5. Install a VPN on your smartphone and use constantly. It’s good for both your privacy and your security.
6. Maintain a cautious attitude at all times. Android security has not kept up with the high adoption rate of smartphones running the OS, and users may have to wait a long time until better security solutions appear. Until then, a careful evaluation of what happens on your phone is a very good safeguard.
https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/
HOW TO PROTECT YOUR PHONE FROM THE MAZAR MALWARE
Online security experts Heimdal recommend taking a number of steps to protect against infection by the Mazar malware.
1. Never click on links in SMS or MMS messages on your phone
2. Go to Settings > Security and turn off the option that allows installation of apps from unknown sources
3. Install antivirus software for Android
4. Do not connect to unknown or unsecured WiFi hotspots
5. Install a VPN on your smartphone
Read more: http://www.dailymail.co.uk/sciencetech/article-3450938/Beware-Android-virus-WIPE-phone-Experts-warn-users-Mazar-malware-spread-text-message.html#ixzz41HkWURMW
Friday, February 26, 2016
How to clean android malware
How to clean android malware from your smartphone
The world’s most popular anti-malware technology has now gone mobile! Malwarebytes Anti-Malware Mobile protects your phone or tablet from malware, infected apps, and unauthorized surveillance.
BETA FORUM > Malwarebytes Anti Malware Mobile
to download the latest beta version, giving feedback and suggestions, please visit the beta forum: https://plus.google.com/communities/102401317912771252555
SUPPORT FORUM > Malwarebytes Anti Malware Mobile
•For question, feedback and suggestions, please visit the support forum: http://www.malwarebytes.org/contact_consumer
Malwarebytes Anti-Malware Mobile
• Detects and eliminates malware, including spyware and Trojans
• Scans your apps for malicious code or Potentially Unwanted Programs (PUPs)
• Alerts you if a link to a malicious website is detected in an incoming text message (SMS).
• Stops unauthorized access to your personal data
• Scans your Android device for security vulnerabilities
• Identifies applications that are tracking your location
Take your anti-malware protection to go
Malwarebytes Anti-Malware Mobile guards your identity and personal data on-the-go. So you and your Android smartphone or tablet are safe from malware and unauthorized surveillance. Wherever you are. Whenever you go.
Make your smartphone smarter
Is that app or downloaded photo safe? With Malwarebytes Anti-Malware Mobile, you never have to worry again. Powerful anti-malware and anti-spyware technology protects your Android device. Detecting Trojans, spyware, and other Potentially Unwanted Programs (PUPs) before they can steal your identity, eavesdrop, or degrade your mobile experience.
Choose what you keep private
Cybercriminals, and even legitimate companies, can collect private information from your Android device. Where you go. Who your contacts are. Malwarebytes Anti-Malware Mobile identifies what your applications are doing, and which private information is being accessed. So you can control who knows, and what they know.
Close the security holes
Malwarebytes Anti-Malware Mobile automatically recognizes security vulnerabilities in your Android device’s settings. Then it makes recommendations on how to close those holes.
Make your smartphone lighter
Mobile security software is typically bloated with location features (Remote Lock, Locate on a Map, etc.). These features can already be found in your Android Device Manager—why duplicate them? Malwarebytes Anti-Malware Mobile preserves your device’s performance by adding only the necessary security features. And you can update its database over a WiFi network to reduce your data usage.
Anti-Malware/Anti-Spyware
• Scans applications and files for malware and spyware
• Scans automatically when files or apps are accessed (real-time) or only when activated manually (on-demand)
• Scans native memory and SD card
• Schedules automatic scans
• Detects Potentially Unwanted Programs (PUPs)
• Updates the protection database automatically
• Updates over a WiFi network if preferable
Privacy Manager
• Identifies every application’s access privileges in detail
• Breaks down access privileges by category: Contacts, Identity Information, Simple Message Service (SMS), and Security Settings
Security Audit
• Identifies security vulnerabilities on your device, suggests remediation
• Links seamlessly to Android Device Manager’s device location features so the device can be located, locked, or reset if it is lost or stolen
Application Manager
• Identifies which applications are currently running
• Identifies installed applications
• Enables custom whitelisting of approved apps
Malwarebytes on Twitter: https://twitter.com/Malwarebytes
Malwarebytes on Facebook: https://www.facebook.com/Malwarebytes
Version 2.00.3
Updated on Nov 18, 2015
Content rating: Everyone
*https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware&hl=en
The world’s most popular anti-malware technology has now gone mobile! Malwarebytes Anti-Malware Mobile protects your phone or tablet from malware, infected apps, and unauthorized surveillance.
BETA FORUM > Malwarebytes Anti Malware Mobile
to download the latest beta version, giving feedback and suggestions, please visit the beta forum: https://plus.google.com/communities/102401317912771252555
SUPPORT FORUM > Malwarebytes Anti Malware Mobile
•For question, feedback and suggestions, please visit the support forum: http://www.malwarebytes.org/contact_consumer
Malwarebytes Anti-Malware Mobile
• Detects and eliminates malware, including spyware and Trojans
• Scans your apps for malicious code or Potentially Unwanted Programs (PUPs)
• Alerts you if a link to a malicious website is detected in an incoming text message (SMS).
• Stops unauthorized access to your personal data
• Scans your Android device for security vulnerabilities
• Identifies applications that are tracking your location
Take your anti-malware protection to go
Malwarebytes Anti-Malware Mobile guards your identity and personal data on-the-go. So you and your Android smartphone or tablet are safe from malware and unauthorized surveillance. Wherever you are. Whenever you go.
Make your smartphone smarter
Is that app or downloaded photo safe? With Malwarebytes Anti-Malware Mobile, you never have to worry again. Powerful anti-malware and anti-spyware technology protects your Android device. Detecting Trojans, spyware, and other Potentially Unwanted Programs (PUPs) before they can steal your identity, eavesdrop, or degrade your mobile experience.
Choose what you keep private
Cybercriminals, and even legitimate companies, can collect private information from your Android device. Where you go. Who your contacts are. Malwarebytes Anti-Malware Mobile identifies what your applications are doing, and which private information is being accessed. So you can control who knows, and what they know.
Close the security holes
Malwarebytes Anti-Malware Mobile automatically recognizes security vulnerabilities in your Android device’s settings. Then it makes recommendations on how to close those holes.
Make your smartphone lighter
Mobile security software is typically bloated with location features (Remote Lock, Locate on a Map, etc.). These features can already be found in your Android Device Manager—why duplicate them? Malwarebytes Anti-Malware Mobile preserves your device’s performance by adding only the necessary security features. And you can update its database over a WiFi network to reduce your data usage.
Anti-Malware/Anti-Spyware
• Scans applications and files for malware and spyware
• Scans automatically when files or apps are accessed (real-time) or only when activated manually (on-demand)
• Scans native memory and SD card
• Schedules automatic scans
• Detects Potentially Unwanted Programs (PUPs)
• Updates the protection database automatically
• Updates over a WiFi network if preferable
Privacy Manager
• Identifies every application’s access privileges in detail
• Breaks down access privileges by category: Contacts, Identity Information, Simple Message Service (SMS), and Security Settings
Security Audit
• Identifies security vulnerabilities on your device, suggests remediation
• Links seamlessly to Android Device Manager’s device location features so the device can be located, locked, or reset if it is lost or stolen
Application Manager
• Identifies which applications are currently running
• Identifies installed applications
• Enables custom whitelisting of approved apps
Malwarebytes on Twitter: https://twitter.com/Malwarebytes
Malwarebytes on Facebook: https://www.facebook.com/Malwarebytes
Version 2.00.3
Updated on Nov 18, 2015
Content rating: Everyone
*https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware&hl=en
Friday, February 12, 2016
How to Remove Shortcut Virus
How to Remove Shortcut Virus
Shortcut virus usually has two types of variations. One of them is Flash drive/flash disk storage Shortcut virus and the second one is the File and Folder Shortcut virus in computer/PC.
easy method to Remove Shortcut Virus:
1.Open Command Prompt By pressing windows key + R (Start ►Run) and type cmd in pop up box and click on ok.
2. Now Go to your Pendrive location and note down its drive letter. Let my Pendrive location is G drive.
3. In command window type del *.lnk to remove all the link files in the directory.
4. After that type attrib -h -s -r /s /d g:\*.* command and press Enter
Command to remove shortcut virus is attrib -h -s -r /s /d drive_letter:\*.*
Don't forget to change drive_letter with your Pendrive location(Here E drive).
How to Remove Shortcut Virus Using the USB Virus Removal Tool:
1. Download the USB Fix Software : http://filehippo.com/download_usbfix/
2. Disable your existing Antivirus software to avoid conflicts.
3. Plug in your infected USB device to the computer
4. Run USBFix tool which you downloaded in Step 1.
5. Click on Clean. Your computer may be restarted during clean-up. Once restarted, a report will be populated in the text-format to show the results of the clean-up.
UsbFix is a free malware removal tool that helps you to detect and remove infected USB memory sticks or any other USB removable devices, such as external HDD's, smartphones, digital cameras or other peripherals that connects to your computer or laptop via the USB port.
Key Features Include:
Support offered directly from the software interface. You are able to post your issues on UsbFix's forum.
UsbFix can detect and remove infections found on your removable devices.
UsbFix repairs the damaged files to your PC, such as: registry, hidden files, task manager etc.
Back-up support: UsbFix will backup your files and folders.
Vaccination option: UsbFix prevents future infections by creating new autorun.inf files on removable drives.
The current version runs on almost all versions of Microsoft Windows such as XP, Vista, 7 and 8.
Shortcut virus usually has two types of variations. One of them is Flash drive/flash disk storage Shortcut virus and the second one is the File and Folder Shortcut virus in computer/PC.
easy method to Remove Shortcut Virus:
1.Open Command Prompt By pressing windows key + R (Start ►Run) and type cmd in pop up box and click on ok.
2. Now Go to your Pendrive location and note down its drive letter. Let my Pendrive location is G drive.
3. In command window type del *.lnk to remove all the link files in the directory.
4. After that type attrib -h -s -r /s /d g:\*.* command and press Enter
Command to remove shortcut virus is attrib -h -s -r /s /d drive_letter:\*.*
Don't forget to change drive_letter with your Pendrive location(Here E drive).
How to Remove Shortcut Virus Using the USB Virus Removal Tool:
1. Download the USB Fix Software : http://filehippo.com/download_usbfix/
2. Disable your existing Antivirus software to avoid conflicts.
3. Plug in your infected USB device to the computer
4. Run USBFix tool which you downloaded in Step 1.
5. Click on Clean. Your computer may be restarted during clean-up. Once restarted, a report will be populated in the text-format to show the results of the clean-up.
UsbFix is a free malware removal tool that helps you to detect and remove infected USB memory sticks or any other USB removable devices, such as external HDD's, smartphones, digital cameras or other peripherals that connects to your computer or laptop via the USB port.
Key Features Include:
Support offered directly from the software interface. You are able to post your issues on UsbFix's forum.
UsbFix can detect and remove infections found on your removable devices.
UsbFix repairs the damaged files to your PC, such as: registry, hidden files, task manager etc.
Back-up support: UsbFix will backup your files and folders.
Vaccination option: UsbFix prevents future infections by creating new autorun.inf files on removable drives.
The current version runs on almost all versions of Microsoft Windows such as XP, Vista, 7 and 8.
Sunday, February 7, 2016
How to remove Sexy hot beautiful video virus, Ghost Push Trojan
How to remove Sexy hot beautiful video virus, Ghost Push Trojan
Sexy hot beautiful video virus is an android app apk that may potentially be adware or may compromise your personal information Ghost Push Trojan. These safety risks should be considered before installing an app apk detected as Sexy hot beautiful video virus.
Ghost Push Trojan Killer version 1.0.1 produced by Cheetah Mobile (AppLock & AntiVirus) . Ghost Push Trojan Killer app is Tools app for android device. This is free app for android, you can read the detail and review about app and download it.
What are stubborn trojan viruses and why are they so dangerous?
These stubborn trojans are hard to remove, and will do things like leech your mobile data, send SMS messages to premium numbers, steal your private information, or even damage your device. More seriously, they can interfere with your Android device manager without your permission, meaning you cannot uninstall or remove the virus afterwards.
How does CM Security protect you?
We just released the world's first tool for killing these types of stubborn trojans. It will help you remove these viruses from your device. Among all antivirus tools, only CM Security can guarantee you this safety.
About Stubborn Trojan Killer:
☆ Developed by CM Security, the world's most trusted Android antivirus.
☆ Scan the installed applications on your phone and detect whether your phone is affected by any stubborn trojan viruses.
Feedback email: cmsecurity@cmcm.com
About CM Security – Free Antivirus:
☆ No.1 antivirus engine: Ranked #1 by AV-TEST again!
☆ Top rated antivirus application: Highest rating (4.7) amongst all antivirus apps!
☆ Most trusted Android antivirus: Over 100,000,000 downloads!
☆ Amazing AppLock: Beautiful and safe app lock
Download Sexy hot beautiful video virus, Ghost Push Trojan : https://s3.apkdot.com/download/2015/09/com.cleanmaster.security.stubborntrjkiller-1.0.1-10010049_APKdot.com.apk
Sexy hot beautiful video virus is an android app apk that may potentially be adware or may compromise your personal information Ghost Push Trojan. These safety risks should be considered before installing an app apk detected as Sexy hot beautiful video virus.
Ghost Push Trojan Killer version 1.0.1 produced by Cheetah Mobile (AppLock & AntiVirus) . Ghost Push Trojan Killer app is Tools app for android device. This is free app for android, you can read the detail and review about app and download it.
What are stubborn trojan viruses and why are they so dangerous?
These stubborn trojans are hard to remove, and will do things like leech your mobile data, send SMS messages to premium numbers, steal your private information, or even damage your device. More seriously, they can interfere with your Android device manager without your permission, meaning you cannot uninstall or remove the virus afterwards.
How does CM Security protect you?
We just released the world's first tool for killing these types of stubborn trojans. It will help you remove these viruses from your device. Among all antivirus tools, only CM Security can guarantee you this safety.
About Stubborn Trojan Killer:
☆ Developed by CM Security, the world's most trusted Android antivirus.
☆ Scan the installed applications on your phone and detect whether your phone is affected by any stubborn trojan viruses.
Feedback email: cmsecurity@cmcm.com
About CM Security – Free Antivirus:
☆ No.1 antivirus engine: Ranked #1 by AV-TEST again!
☆ Top rated antivirus application: Highest rating (4.7) amongst all antivirus apps!
☆ Most trusted Android antivirus: Over 100,000,000 downloads!
☆ Amazing AppLock: Beautiful and safe app lock
Download Sexy hot beautiful video virus, Ghost Push Trojan : https://s3.apkdot.com/download/2015/09/com.cleanmaster.security.stubborntrjkiller-1.0.1-10010049_APKdot.com.apk
Subscribe to:
Posts (Atom)