Shrunk Expand

  • Tag Archives trojan
  • New Spam Campaign Distributes Locky Ransomware and Kovter Trojan Combined

    Criminals have taken a liking to the idea of combining multiple types of malware into one distribution campaign. Malware Protection Center researchers discovered a string of email messages using malicious attachments to spread both Locky ransomware and the Kovter Trojan. It is not the first time these two types of malware are distributed in the same campaign, as dual-pronged spam campaigns have become more common as of late.

    This morning we noticed the start of a campaign using  New notice to Appear in Court as the email subject. The attachments are identical to the Typical .JS, .WSF, .lnk file inside a double zip. All the sites seen so far today are the same sites used in the USPS, FedEx, UPS current campaigns.  I am sure that both campaigns will continue side by side. It is very likely that different “affiliates” are using the same distribution network, but each one prefers a different email lure to gain victims.

    The attachments all start with a zip named along the lines of Notice_00790613.zip which contain another zip Notice_00790613.doc.zip which in turn contains Notice_00790613.doc.js

    Criminals Step Up Malware Distribution

    It is rather disconcerting to learn opening a malicious email attachment can introduce two different types of malware at the same time. As if the Locky ransomware is not annoying to deal with on its own, computer users will also be affected by the Kovter Trojan. This latter piece of malware specialized in click fraud, generating a lot of illegal advertisement revenue for criminals.

    Through a malicious email attachment, criminals execute a script that contains links to multiple domains where the malware types are downloaded from. By making the attachment a .Ink file, the recipient may click it and have the payload download executed in the background. PowerShell scripts have become a fan favorite among criminals targeting Windows users these days, that much is certain.

    Researchers discovered a total of five hardcoded domains in the script from where the malware can be downloaded. Both the Locky ransomware and Kovter Trojan payloads are hosted on these platforms, and it is expected more of these domains will continue to pop up over time. Although law enforcement agencies can take down these domains rather easily, criminals will not hesitate to create additional hosting solutions over time.

    As one would expect from these spam email campaigns, the message in question is a fake receipt for a spoofed USPS delivery email. In the attached zip file, there is the malicious .Ink file , which initiates the PowerShell script once opened. One interesting aspect about this script is how it checks if the file is downloaded successfully and if is at least 10KB in size. Once that has been verified, it will stop the process automatically.

    Microsoft researchers feel the use of multiple domain names to download the payload from is a powerful obfuscation technique. Blacklisting one specific URL is a lot easier than dealing with a handful of different domains. Moreover, this method seems to hint at how criminals can easily add more servers to download the malicious payloads from if they want to. A very troublesome development, to say the least.

    Perhaps the most worrisome aspect of this new malware distribution campaign is how criminals continue to update the payloads themselves. Both Kovter and Locky receive regular updates, which means the development of ransomware and click-fraud Trojans is still going on behind the scenes. Moreover, it goes to show criminals will continue to rely on multi-pronged distribution campaigns for malware and ransomware moving forward.


  • New KillDisk wiper varient threatens industrial control networks with Ransomware Trojan

    The TeleBots gang, which recently attacked Ukrainian banks with KillDisk malware that used Mr. Robot imagery (pictured), may now be targeting industrial control systems with a ransomware variant.

    The TeleBots gang, which recently attacked Ukrainian banks with KillDisk malware that used Mr. Robot imagery (pictured), may now be targeting industrial control systems with a ransomware variant.

    The KillDisk disk-wiper program that was used in conjunction with BlackEnergy malware to attack Ukrainian energy utilities has evolved into ransomware that may be targeting industrial-control networks.

    According to researchers at CyberX, the new variant was developed by the TeleBots cybergang, which recently emerged from the Sandworm threat group that is believed to have disrupted the Ukrainian power grid offline in December 2015 and January 2016, and allegedly compromised U.S. industrial-control systems and SCADA systems in 2014. Earlier this year, ESET researchers reported that TeleBots was a using different version of KillDisk to conduct cybersabotage attacks against the Ukrainian financial sector.

    In a blog post on Tuesday, CyberX reported that the ransomware variant is distributed via malicious Office attachments and displays a pop-up message demanding 222 Bitcoins, which is currently the equivalent of approximately $206,000. The variant’s exorbitant ransom and its link to Sandworm suggests that the group could be actively launching ransomware attacks against industrial-control networks.

    KillDisk uses a mix of RSA 1028 public key and AES shared key algorithms to encrypt local hard-drives and network-mapped folders that are shared across organizations, CyberX further reported.


  • Zeus Trojan (or Zbot Trojan) steals confidential information from the infected computer.

    Pandemiya hacking trojan

    A new and relatively rare Zeus Trojan program was found which is totally different from other banking Trojans and has capability to secretly steal data from forms, login credentials and files from the victim as well as can create fake web pages and take screenshots of victim’s computer.

    Researchers at RSA Security’s FraudAction team have discovered this new and critical threat, dubbed as ‘Pandemiya’, which is being offered to the cyber criminals in underground forums as an alternative to the infamous Zeus Trojan and its many variants, that is widely used by most of the cyber-criminals for years to steal banking information from consumers and companies.

     

    The source code of the Zeus banking Trojan is available on the underground forums from past few years, which lead malware developers to design more sophisticated variants of Zeus Trojan such as Citadel, Ice IX and Gameover Zeus.

     

    But, Pandemiya is something by far the most isolated and dangerous piece of malware as the author spent a year in writing the code for Pandemiya, which includes 25,000 lines of original code written in C.
    Like other commercial Trojan, Pandemiya infect the machines through exploit kits and via drive-by download attacks to boost infection rate that exploit flaws in the vulnerable software such as Java, Silverlight and Flash within few seconds victim lands on the web page.

    Pandemiya’s coding quality is quite interesting, and contrary to recent trends in malware development, it is not based on Zeus source code at all, unlike Citadel/Ice IX, etc.,” researchers from RSA, the security division of EMC, said Tuesday in a blog post. “Through our research, we found out that the author of Pandemiya spent close to a year of coding the application, and that it consists of more than 25,000 lines of original code in C.

    Pandemiya Trojan using Windows CreateProcess API to inject itself into every new process that is initiated, including Explorer.exe and re-injects itself when needed. Pandemiya is being sold for as much as $2,000 USD and provides all the nasty features including encrypted communication with command and control servers in an effort to evade detection.The Trojan has been designed with modular architecture to load more external plug-ins, which allows hackers to add extra features simply by writing new DLL (dynamic link library). The extra plug-ins easily add capabilities to the Trojan’s core functionality, that’s why the developer charge an extra of $500 USD to get the core application as well as its plugins, which allows cybercriminals to open reverse proxies on infected computers, to steal FTP credentials and to infect executable files in order to inject the malware at start up.

     

    The advent of a freshly coded new trojan malware application is not too common in the underground,” Marcus writes, adding that the modular approach in Pandemiya could make it “more pervasive in the near future.

    The malware developers are also working on other new features to add reverse Remote Desktop Protocol connections and a Facebook attack module in order to spread the Trojan through hijacked Facebook accounts.

    HOW TO REMOVE PANDEMIYA TROJAN

    The Trojan can be easily removed with a little modification in the registry and command line action, as explained below:

      1. Locate the registry key HKEY_LOCAL_USER\Software\Microsoft\Windows\CurrentVersion\Run and identify the *.EXE filename in your user’s ‘Application Data’ folder. Note the name, and delete the registry value.
      2. Locate the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls. Find the value with the same name as the *.EXE file in the previous step. Note the file name, and remove the value from the registry.
      3. Reboot the system. At this stage Pandemiya is installed but no longer running. Delete both files noted earlier. This will remove the last traces of the Trojan. Your system is now clean.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Complete List of Viruses up to date

    LIST OF COMPUTER VIRUSES IN CIRCULATION FROM OLDEST TO NEWEST

    Advanced Cleaner AV Protection 2011 AV Security 2012 AKM Antivirus 2010 Pro AlfaCleaner Alpha AntiVirus
    ANG Antivirus Antimalware Doctor AntiMalware  Go AntiSpyCheck 2.1 AntiSpyStorm AntiSpyware 2008
    AntiSpyware 2009 Antispyware 2010 AntiSpyware 2011 AntiSpyware Bot from 2Squared Software AntiSpywareExpert AntiSpywareMaster AntiSpyware Shield AntiSpyware Soft AntiSpywareSuite Antivermins Antivir Solution pro Antivira AV Antivirus Action Antivirus Monitor Antivirus 7 Antivirus 8 Antivirus 2008 Antivirus 2009 Antivirus 2010 Anti-virus-1 AntiVirus Gold or AntivirusGT Antivirus IS Antivirus Live Antivirus Master Antivirus .NET Antivirus Pro 2009 Antivirus Pro 2010 Antivirus Scan Antivirus Soft Antivirus Studio 2010 Antivirus Suite Antivirus System PRO Antivirus XP 2008 Antivirus XP 2010 AV Antivirus Suite Avatod Antispyware 8.0 AVG Antivirus 2011 AV Security Suite Awola Best Malware Protection BestsellerAntivirus, Browser Defender ByteDefender also known as ByteDefender Security 2010 CleanThis Cloud Protection ContraVirus Control Center Cyber Security Core Security Data Protection Defense Center Desktop Security 2010 Digital Security Disk Defrag Disk Doctor Doctor Antivirus Doctor Antivirus 2008 Dr Guard DriveCleaner EasySpywareCleaner EasyFix Tools eco AntiVirus Errorsafe, Error Expert ErrorSmart, ErrorFix Essential Cleaner Fast Windows Antivirus 2011 Flu Shot 4 Green Antivirus 2009 HDD Fix HDD Plus HDD Rescue HDD Scan IE Antivirus IE Antivirus 3.2 IEDefender InfeSto Internet Antivirus InstallShield Internet Antivirus Pro Internet Antivirus 2011 Internet Defender 2011 Internet Security 2010 Internet Security Essentials KVMSecure Live PC Care Live Security Suite Mac Defender Mac Protector MacSweeper MalwareAlarm Malware Bell 3.2 MalwareCrus Malware Defender Malware Defense MaxAntiSpy Memory Fixer MS AntiSpyware 2009 MS Antivirus Microsoft Anti Malware MS Removal Tool MS Removal Tool My Security Engine My Security Shield My Security Wall MxOne Antivirus Navashield Netcom3 Cleaner Paladin Antivirus Palladium Pro PAL Spyware Remover PC Antispy PC AntiSpyWare 2010 PC Clean Pro PC-Doctor PC Scan and Sweep PC Privacy Cleaner PCPrivacy Tools PCSecureSystem PerfectCleaner Perfect Defender 2009 Perfect Optimizer PersonalAntiSpy Free Personal Antivirus Personal Internet Security 2011 Personal Security Personal Shield Pro PC Antispyware PC Defender Antivirus Privacy Center Privacy Protection Protection Center PSGuard Quick Defragmenter Rapid AntiVirus Real AntiVirus, RegAlilve Reggenie Antivirus Registry Great Registry Patrol Registry Defender Registry Winner Reg tool also Regclean RegWork Safety Alerter 2006 Safety Center or Security Center SafetyKeeper SaliarAR ScanAngryAgainAntivirus SecureFighter SecurePCCleaner SecureVeteran Security Defender Security Master AV Security Protection Security Scan 2009 Security Shield Security Solution 2011 Security Suite Platinum Security Tool Security Toolbar 7.1 Security Essentials 2010 SiteAdware Smart Antivirus 2009 Smart Engine Smart HDD Smart security Soft Soldier Spy Away SpyAxe SpyCrush Spydawn SpyErase SpyGuarder SpyHeal SpyHeals VirusHeal Spylocked SpyMarshal SpyRid SpySheriff PestTrap BraveSentry SpyTrooper SpySpotter Spy Tool SpywareBot SpywareSTOP Spyware Cleaner or Spyware BlasterSpywareGuard 2008 Spyware Protect 2009 Spyware Protect 2009 SpywareQuake SpywareSheriff Spyware Stormer Spyware X-terminator SpywareStrike Spyware Striker Pro SpyWiper SysGuard spyware NO Sysinternals Antivirus System Antivirus 2008 SystemArmor System Defender System Defragmenter System fix SystemDoctor or Spyware Doctor System Live Protect System Security Rogue Antivirus System Tool 2011 System Tools System Restore TheSpyBot

    SVCHOST.exe Virus ThinkPoint Total Secure 2009 Total Win 7 Security Total Win Vista Security Total Win XP Security TrustedAntivirus UltimateCleaner Ultra Defragger VirusHeat Virus Locker VirusProtectPro AntiVirGear VirusRanger VirusRemover2008 VirusRemover2009 Virus Response Lab 2009 VirusTrigger Vista Antimalware 2011 Vista Antispyware 2010 Vista Antispyware 2011 Vista Antivirus 2008 Vista Home Security 2011 Vista Internet Security 2010 Vista Security 2011 Vista Security 2012 Vista Smart Security 2010 Volcano Security Suite W32.Blaster.Worm Win7 Antispyware 2011 Win 7 Antivirus 2010 Win Antispyware Center Win 7 Home Security 2011 WinAntiVirus Pro 2006 WinDefender Win Defrag Windows 7 Recovery Windows Anticrashes Utility Windows Antidanger Center Windows Attention Utility Windows Cleaning Tool Windows Efficiency Magnifier Windows Emergency System Windows Passport Utility Windows Police Pro Windows Power Expansion Windows Privacy Agent Windows Processes Organizer Windows Protection Suite Windows Recovery Windows Remedy Windows Repair Windows Restore Windows Scan Windows Shield Center Windows Secure Web Patch Windows Steady Work Windows Support System Windows Tasks Optimizer Windows Threats Removing Windows Tool Windows Tweaking Utility Windows Utility Tool Windows Vista Recovery Windows Wise Protection Windows XP Recovery
    WinFixer Win HDD WinHound Winpc Antivirus Winpc Defender WinSpywareProtect WinWeb Security 2008 Wireshark Antivirus WorldAntiSpy XP AntiMalware XP AntiSpyware 2009 XP AntiSpyware 2010 XP AntiSpyware 2012 XP Antivirus 2010 XP Antivirus 2012 XP Antivirus Pro 2010 XP Defender Pro XP Guardian XP Home Security 2011 XP Internet Security 2010 XP Security 2012 XP Security Tool XP-Shield XJR Antivirus Your Protection Your PC Protector Zinaps AntiSpyware 2008 Security solution 2011 Advanced Antivirus Advanced Antivirus 2008 Advanced XP Defender Advanced XP Fixer AdvancedAntivirus AdvancedAntivirus 2008 AdvancedXPDefender AdvancedXPFixer Adware Delete 2.0 Adware Deluxe AlertSpy Anti –pro-scan Anti Spy Check Anti virus 360
    AntiMalware Guard AntiMalwareGuard antimalware-pro-scan AntiMalwareShield AntiSpy Check AntiSpyBoss AntiSpyControl AntiSpyGolden AntiSpyKit AntiSpyMaster AntispySpider AntiSpyStorm AntiSpyStorm2008 Antispyware 2008 Antispyware 2008 XP Antispyware PRO XP Antispyware Suite Antispyware2008 Antispyware2008XP Anti-spyware-2009 AntiSpywareApp AntiSpywareBot AntiSpywareControl AntiSpywareDeluxe Antispywareexpert Antispyware-free-scanner AntiSpywareMaster AntispywareProXP AntiSpywareShield AntiSpywareUpdates ProtejaseuDrive Prt3ctionactiv3scan Prtectionactivescan PSGuard PureSafetyHere.com PyroAntiSpy RaptorDefence Razespyware-RAZESPYWARE.NET Real AntiSpyware Real Antivirus RealAV RealAV RegClean 2008 Registry Doctor Registry Doctor 2008 Registry Great RegistryCare RegistryCleanerXP SegistryCleanFixer RegistryDefender RegistryDoctor 2008 Repair Registry Pro RepairRegistry2008 SafeBrowseNow.com SafePcTool SaferScan ScanSpywarev3.8 SchijfBewaker SearchAndDestroy SecureExpertCleaner SecurePCCleaner SecurityMaster AV Securityscannersite SemErros SlimShield tied with Winhound Spyware Remover Smartantivirus2009v2 Smart-antivirus2009v2 buy Smartantivirus-2009v2buy Smartantivirus2009v2-buy Smartantivirusv2 Smart Fortress 2012 AntispywareXp2009 AntiSpyZone Antivermins Antivir gear Antivir 2008Win Antivir64 AntiVirGear AntiVirProtect AntiVirus.net Antivirus 2008 Antivirus 2008 XP Antivirus 2009 Antivirus 2010 Antivirus Gold AntiVirus Lab 2009 Antivirus Master Antivirus Pro 2009 Antivirus Security Antivirus XP 2008 AntiVirus2008 Antivirus2008Pro Antivirus 2008XP Antivirus2009 AntivirusDoc AntivirusForAll Antivirusfulldefence AntivirusGold AntivirusGT AntivirusMaster AntivirusPro 2009 Antivirussecurity-solution AntivirusXP2008 AntiVirXP08 ANTIWORM 2008 Aprotectionhelp AS-pro-xp-download AVDefender 2011 AV Master AVproscan Avproscan AVsecurity suite AVSystemCare Awola BestsellerAntivirus BraveSentry BugDokter BugsDestroyer Centod SpyAway SpyAxe SpyBurner SpyCrush SpyGuard SpyGuarder SpyHeal SpyKillerPro SpyLocked SpyMaxx SpyOnThis Spy-Rid SpySheriff SpySheriff SpyShield SpySnipe Spyware Annihilator Pro SpyWare Bomber Spyware Destructor Spyware Remover Spyware Scanner 2008
    Spyware Scrapper SpywareBomb SpywareDestructor Spywarefighter SpywareIsolator SpywareNo SpywarePro SpywareQuake SpywareQuake 2.4 Spyware-quickscan-2008 SPYwareRemover SpywareScanner2008
    SpywareSecure SpywareStop SpywareSweeperPro SpyWatchE StopingSpy SuperSpywareKiller SwiftCleaner SysKontroller System Antivirus System Antivirus 2008 System doctor System Integrity Scan Wizard System Live Protect SystemAntivirus 2008 Windows Antivirus Rampart  Windows Private Shield  Windows Pro Safety Windows Internet Booster  SystemAntivirus2008 CleanerMaster Windows Pro Scanner Homeland Security Clerk of Cours 17th Judicial Branch Police FBI Federal Government local judicial crime CrisystecSentry Win 8 Security System Windows Safety Series Windows Secure Workstation Windows Anti-Malware Patch Windows Virtual Security  Windows Antivirus Release CryptDrive 22Find.com FBI Cybercrime Division AVASoft Professional Antivirus Urausy FBI Disk Antivirus Professional Vista Internet Security 2013 Windows Web Commander DangerousVirus Search.certified-toolbar.com Smart Security Security Defender Vista Anti-Virus 2013 Vista Anti-Spyware 2013 Vista Total Security 2013 Windows Interactive Security DataHealer Win 7 Defender 2013 System Progressive Protection Windows Virtual Firewall  File Recovery  Windows Premium Defender  Windows Web Combat ACCDFISA Protection Program DioCleaner DisableSpyware Windows Profound Security  Windows Expert Series Windows Virtual Angel  Windows Profound Security  FBI MonkeyPak Ransomware Windows Virus Hunter Disk Antivirus Pro System Care Antivirus iON Internet Security Department of Justice Windows Proprietary Advisor Windows Custom Management  Windows Privacy Extension Windows Pro Defence DiscErrorFree Diskretter DisqudurProtection Doctor Adware Windows Premium Console  Windows Advanced Toolkit  Windows Proactive Safety  Windows Maintenance Guard  Doctor Antivirus 2008 XP Security 2013 FBI Anti-Piracy Warning Win Server Defender Win 7 Defender XP Defender Vista Defender FBI Online Agent Complete an Offer infection DoctorAdwarePro CouponDropDown Adware PC Defender Plus  Win 7 Antivirus Pro 2013 Micorsoft Essential Security Pro 2013 File Restore Vista Defender Xp  DefenderDoctorAntivirus2008 Windows Interactive Safety Windows Ultimate Safeguard  Windows Antivirus Machine  Windows Ultra-Antivirus  Windows Active Guard  Windows Security System DoctorVaccine Dr.AntiSpy DriveCleaner DriveCleaner 2006 eAntivirusPro EasySprinter ErrClean ErrorDigger ErrorDoctor 2008 Windows Security Renewal Windows Home Patron ErrorKiller ErrorProtector Errorsafe ErrorSmart Festplattencleaner Files Secure Windows Instant Scanner Windows PC Aid  Windows Safety Wizard  Windows TurnKey Console Files Secure 2.2 Vista Home Security 2013 Win 7 Anti-Virus 2013 Win 7 Anti-Spyware 2013 Win 7 Total Security 2013 Win 7 Internet Security 2013 Windows Malware Firewall Live Security Platinum Filterprogram Win 7 Home Security 2013 XP Anti-Virus 2013 XP Anti-Spyware 2013 XP Total Security 2013  XP Internet Security 2013  XP Home Security 2013 Freeonlinescanner9 Gktxaspm Toolbar HardDiskVakt Drivesweeper IE Antivirus IE Antivirus 3.2 IEAntiSpyware IEAntiVirus 3.2 IEAntivirus 3.3 IEAntivirus 3.4 IEDefender InfeStop InstantSafePage.com internet antivirus internet antiviruspro InternetSecurityDeluxe Internet Security 2010 SystemDefender SystemDoctor 2006 SystemErrorFixer SystemGuard SystemSecurity SystemTool TheSpyBot Total Antivirus Total Antivirus 3.11 Total Secure 2009-https://www.total- secure2009.com TotalAntivirus Trace Sweeper TrustedAntivirus TrustedProtection Ultimate Antivirus 2008 Ultimate Antivirus 2008 Ultimate Fixer 2007 UltimateAntivirus2008 UltimateCleaner UltimateCleaner 2007 Ultimatefixer2007 UltraAV Unigray VIPAntiSpyware VirusEffaceur Virusgarde VirusHeal VirusHeat 4.4 VirusIsolator Viruslabs2009 VirusLocker VirusProtect Pro VirusRanger VirusRemover2008 Virusschlacht Vista Antivirus 2008 VistaAntivirus 2008 Vista Security 2011 Vitae Antivirus Vitae Antivirus 2008 WebSpyShield Win Kvm Secure LastDefender LiveKill LongLifePC MacroAV Magicantispy Malware Bell 3.2 Malware Crush Malware Protection MalwareAlarm MalwareBell MalwareBot MalwareBurn MalwarePatrol Pro MalwarePatrolPro MalwarePro MalwareProtector 2008
    MalwareProtector2008 MalwareScanner MalwareWar MalwareWiped MalWarrior MalWarrior 2008 MasterAntivirus MaxAntiSpy Menace Rescue Micro Antivirus 2009 MicroAntivirus2009 MS antispyware 2009. MS Antivirus MS Antivirus MS Antivirus 2008 msantispyware msantivirus 2009 MSAntivirus2008 MSantivirus-xp MS Removal Tool MSx Antivirus My Security Shield NadadeVirus nano antivirus Neospace Internet Security NoWayVirus NowFixPc.com Online-security-systems PC Protection Center 2008 PC-AntispyWinantispyware 2007 WinAntispyware 2008 WinAntiVir WinAntiVirus its companion WinAntiSpyware 2005 WinAntiVirus Pro WinAntiVirus Pro 2006 Winantivirus pro 2007 WinAntivirusPro 3.7 WinDefender 2008 WinDefender2008 Windefender2009 Windows Antivirus Windows Antivirus 2008 WinFixer WinFixMaster Winifixer WinPerformance WinProtector 3.8 Winprotector 3.8 winprotector 3.8 Winreanimator winsecureav WinSecureDisc WinSpyControl WinSpyKiller WinSpywareProtect WinX Security Center WinXDefender Win-xp-antivir-hqscanner Winxp-antivir-on-line-scan Winxprotector WistaAntivirus WorldAntiSpy XLG Security Center XLGuarder XP Antispyware 2009 XP Antivirus 2008 XP Internet Security XP Protector 2009 XP SecurityCenter XP Total Security 2011 XP2008-protect XPAntivirus XPAntivirus 2009 XPAntivirus2008 XPAntivirus2009 Xpburnerpro PCClean Pro PC-Cleaner PCCleaner 2008 PC-Cleaner 2008 PCCleanPro PC-cleanpro.com PCHealthKeeper PCPrivacyCleaner PCSecureSystem PCSegura PCSweeperPro PCTotalDefender PCTurboPro PcVirusLess perfect defender PersonalAntiSpy Free Pestcapture Pest-Patrol PestSweeper Power AntiVirus 2009 Power Antivirus 2009 Privacy Warrior PrivacyProtector PrivacyRedeemer PrivacyWatcher ProAntiSpy ProtectingTool Protectnotice XPCleaner Win 7 Security Cleaner Pro Spamhaus Ransomware XPCleanerPro XPert Antivirus XPert Antivirus Enterprise XP-Guard XPonlinescanner XPonlinescanner9 XPprivacypro XP-protections XPprotectionsoftware XPprotector XPrepairpro XPSecurityCenter XPshield XP-Shield XP-shield XP-vista XP-vista-download Xscanner.malwarealarm Xscanner.malwarealarms Xscanner.shredderscan Xscanner.shredder-scan Xscanner.shredder-scanner Xscanner.spyshredderscanner  Xscanner.xmalwarealarm Xscanner.xspy-shredder Xspy-shredder Xspyware Xsremover YourPrivacyGuard Zinaps Anti-Spyware FBI Moneypak Ransomware  the Everything on your computer has been fully encrypted Ransomware Antivirus System Mandiant U.S.A Cyber Security Serious Organised Crime Agency (SOCA) SweetPacks Toolbar and SweetIM Toolbar Attentive Antivirus Remove Live Security Professional Your computer has been locked Qvo6.com ICE Cyber Crime Center System Doctor 2014 United States Courts Computer Crime and Intellectual Property Section S.M.A.R.T. Repair Smitfraud SpamBlockerUtility Spy Guarder Spy Trooper Crypto Locker Windows Premium Shield Windows Prime Booster Windows Virtual Protector Windows Accelerator Pro  Smart Guard Protection Windows Activity Booster Windows Efficiency Console

     

    CALL – COMPUTER REPAIR at 754-234-5598 if you are infected by any of these viruses.

    www.ccrepairservices.com


  • Downdapp.com Pop-up Virus

    If you are seeing pop-up ads from Downdapp.com whenever you are opening a new tab within Internet Explorer, Firefox and Google Chrome, then your computer is infected with an adware or a potentially unwanted program.
    [Image: Downdapp.com pop-up virus]

    The Downdapp.com pop-up happens regardless of the web browser or search engine, and if you are seeing a pop-up from Downdapp.com asking you to update your browser or another piece of software, then your computer may be infected with adware or a potentially unwanted program.
    This infection is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and will display advertisements and sponsored links within your web browser.
    Downdapp.com is not a malicious domain itself, however cyber criminals are using malicious products to display ads from this domain, and thus getting pay-per-click revenue.

    The Downdapp.com ads are caused by an ad-supported (users may see additional banner, search, pop-up, pop-under, interstitial and in-text link advertisements) cross web browser plugin for Internet Explorer, Firefox and Chrome, which is distributed through various monetization platforms during installation. This malicious browser extensions is typically added when you install another free software (video recording/streaming, download-managers or PDF creators) that had bundled into their installation this adware program.
    When installed this adware program will open a Downdapp.com pop-up box stating that you need to updated your flash player or install an update for another software. If you click on the “Download” or “Click to install now” button, instead of installing an update for your browser, you’ll agree to download adware and other malicious programs onto your computer. The Downdapp.com malicious programs may install on your computer: toolbars (Babylon Toolbar, Delta Toolbar), adware (Yontoo, DealPly, CouponBuddy) or other forms of malware.

    This infection will also display advertising banners on the webpages that you are visiting, and as you browse Internet, it will show coupons and other deals available on different websites.

    You should always pay attention when installing software because often, a software installer includes optional installs, such as this Downdapp.com pop-up ads. Be very careful what you agree to install.
    Always opt for the custom installation and deselect anything that is not familiar, especially optional software that you never wanted to download and install in the first place. It goes without saying that you should not install software that you don’t trust.

    www.ccrepairservices.com

    Call  Us to remove this virus infection at 754-234-5598


  • Windows Accelerator Pro Virus

    Windows Accelerator Pro is a rogue anti-spyware program from the Rogue.FakeVimes family of computer infections. This program is considered scareware because it displays false scan results, fake security warnings, and does not allow you to access your legitimate Windows applications. Windows Accelerator Pro is distributed through web sites that display a fake online virus scanner that states your computer is infected and then prompts you to download the installation file. This infection is also promoted by hacked web sites that contain exploit code that tries to install the infection on your computer without your permission or knowledge.

    Once Windows Accelerator Pro is installed it will be configured to automatically start when you login to Windows. Once started, it will pretend to scan your computer and then states that there are numerous infections present. If you attempt to remove any of these supposed infections, the program will state that you first need to purchase a license before being allowed to do so. As all of the scan results are false, please ignore any prompts to purchase the program.

    To protect itself from being removed, Windows Accelerator Pro will also block you from running any legitimate application on your computer. It does this to prevent you from running legitimate security software that may detect it as an infection and remove it. The message that you will see when you attempt to run a program is:

    Firewall has blocked a program from accessing the Internet
    C:\Program Files\Internet Explorer\iexplore.exe
    is suspected to have infected your PC.
    This type of virus intercepts entered data and transmits them
    to a remote server.

    When you see this message please ignore it as your programs are not infected and will work normally after this infection is removed.

    While Windows Accelerator Pro is running it will also display fake security alerts that are designed to make you think your computer has a severe security problem. Some of these warnings include:

    Error
    Trojan activity detected. System integrity at risk.
    Full system scan is highly recommended.

    Error
    System data security is at risk!
    To prevent potential PC errors, run a full system scan.

    Just like the scan results, these warnings are fake and can be ignored.

    Complete Computer Repair Services can effectively remove this virus from your system wihthout any loss of data. Call 754-234-5598