Worm Win32 Netsky Removal Guide
Worm.Win32.Netsky is a worm that spreads itself via the Internet as an attachment to messages. It sends itself to email addresses that is gathered from the infected machine.
Worm.Win32.Netsky is activated when the user clicks on the attachment, launching and then installing and propagating itself. Worm.Win32.Netsky displays exaggerated pop-ups, fake infection warning messages, hijacks, and often slows system performance.
The spyware alerts allegedly reporting Worm.Win32.NetSky are being triggered by the dangerous rogue anti-spyware tool called Internet Security 2010 which has been in rotation for around 6 months now. When Internet Security 2010 secretly finds itself inside your computer, it tends to display fake spyware interception alerts like the one whose snapshot we’ve provided below. Please abstain from clicking any buttons on such fake warning messages or else you will unknowingly trigger an almost irrevocable procedure of scareware invasion of your machine.Internet Security 2010 is a nasty PC bug hungry for your money which it wants in exchange for some services that don’t exist. Worm.Win32.NetSky is just bait yet quite an annoying one. Please get rid of the actual virus that has been messing with your computer. Below is a guide that should help you.
Variances of Win32 Netsky: I-Worm.NetSky.x (Kaspersky Lab), W32/Netsky.w.eml!exe (McAfee), Win32.HLLM.Netsky.based (Doctor Web), Win32/Netsky.W@mm (RAV), Worm/Netsky.W.1 (H+BEDV), W32/Netsky.W@mm (FRISK), Win32.Netsky.W@mm (SOFTWIN), W32/Netsky.W.worm (Panda)
How to remove Worm.Win32.NetSky manually:
To perform manual removal of Worm.Win32.NetSky, you should do the following:
Delete Worm.Win32.NetSky corrupt files:
* %Program Files%\InternetSecurity2010
* %Program Files%\InternetSecurity2010\IS2010.exe
* %Documents and Settings%\[USER]\Cookies\user@buy[1].txt
* %Documents and Settings%\[USER]\Desktop\Internet Security 2010.lnk
* %Documents and Settings%\[USER]\Desktop\SetupIS2010.exe
* %Documents and Settings%\[USER]\Start Menu\Internet Security 2010.lnk
* %Documents and Settings%\[USER]\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk
Remove Worm.Win32.NetSky associated registry entries:
* HKEY_CURRENT_USER\Software\Internet Security 2010
* HKEY_LOCAL_MACHINE\SOFTWARE\Internet Security 2010
* HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “IS2010.exe”
Please, note that manual removal of Worm.Win32.NetSky is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage.
Free Antispyware Downloads, Spyware Articles, Sypware / Malware Removal Toolstagged spyware removal by admin
Top 10 Most Dangerous Celebrity Search Term 2010
If you are one of the fans of Cameron Diaz and fond of searching your idol on the Internet then there is a ten percent chance that you have landed in a website that is positively tested for online threats such as spyware, adware, spam, phishing, viruses and other malware. Mcafee has recently released the most dangerous celebrities (search term) that is being used by cyber criminals to lure searchers to malicious sites.
Search terms such as “Cameron Diaz” or “Cameron Diaz and downloads,” “Cameron Diaz and screen savers,” “Cameron Diaz and wallpaper,” “Cameron Diaz and photos” and “Cameron Diaz and videos” are at risk of running into online threats designed to steal personal information. Clicking on these high-risk internet site* and downloading files like photos, videos or screensavers exposes surfers or consumers to the risk of downloading the viruses and malware.
“This year, the search results for celebrities are safer than they’ve been in previous years, but there are still dangers when searching online,” said Dave Marcus, security researcher for McAfee Labs. “Through consumer education and tools, such as McAfee® SiteAdvisor® site ratings, consumers are getting smarter about searching online, yet cybercriminals are getting sneakier in their techniques. Now they’re hiding malicious content in ‘tiny’ places like shortened URLs that can spread virally in social networking sites and Twitter, instead of on websites and downloads.”
Top Ten Dangerous Celebrity
1. Cameron Diaz – Searching for Diaz results in a one in ten chance of landing on a risky site. She has most recently been in the spotlight with blockbuster movies, “Knight and Day” and “Shrek Forever After.” When “Cameron Diaz and screensavers” was searched, 19 percent of the sites were identified as containing malicious downloads.
2. Julia Roberts – Academy Award-winning actress Julia Roberts is one of America’s sweethearts, and will soon be in the spotlight with her upcoming release of “Eat, Pray, Love.” The overall risk of searching for Roberts is nine percent, yet searching for “Julia Roberts and downloads” results in a 20 percent chance of downloading a photo, wallpaper or other file laden with malware.
3. Jessica Biel – Last year’s Most Dangerous Celebrity fell two spots with searches resulting in fewer risky sites this year. Biel continues to be in the spotlight with her on-again, off-again relationship with Justin Timberlake, and appeared in “The A-Team” in June 2010. While her overall search risk is nine percent, searching for “Jessica Biel and screensavers” results in a 17 percent chance of landing on a risky site.
4. Gisele Bündchen – The world’s highest-paid supermodel moved up two spots since last year. Searching for “Gisele Bündchen and screensavers” can prove risky, 15 percent of the search results for this beauty can put spyware, malware or viruses on your computer.
5. Brad Pitt – Pitt is often in the spotlight with news of his movies and his personal life. It’s no wonder why this leading man has been in the top ten for the past three years. He moved up in rank five spots this year. Downloading photos, screensavers, or other files of Brad can potentially put adware or spyware in your computer.
6. Adriana Lima – Searching for downloads of this Brazilian beauty can direct users to red-ranked sites. Lima is best known for being a Victoria’s Secret Angel since 2000.
7. Jennifer Love Hewitt, Nicole Kidman – Searching for these Hollywood starlets resulted in an equal number of risky download websites.
8. Tom Cruise – With recent buzz around his MTV Awards performance as well as his movie, “Knight and Day,” Cruise rises to the top ten.
9. Heidi Klum, Penelope Cruz – Both of these ladies are consistently in the spotlight, and share the #9 spot. Cybercriminals use their names to lure people to risky sites. Klum hosts “Project Runway” and Cruz has been in the spotlight recently for her role in the “Sex and the City 2” movie and is expected to be in the fourth film of the “Pirates of the Caribbean” series.
10. Anna Paquin – This “True Blood” star is as dangerous on the Web as she is on the screen. Searching for screensavers of Paquin can lead you to downloads filled with malware.
source: Mcafee
Security Newstagged Security News by admin
Intels Acquires Mcafee
Intel, one of the leading giants in the computer world, has announced that the company will be acquiring security firm McAfee for about $7.68 billion, making the price on the company’s common stock of about $48 per share. The acquisition marks the biggest deal of Intel in its 42 year history.
Santa Clara, California based McAfee will become a fully-owned subsidiary of Intel, and become a part of Intel’s Software and Services Group. The deal will close pending McAfee shareholder approval and regulatory clearance.
The acquisition underlines Intel’s bet on “hardware-enhanced security” and demonstrates that that security is a necessary component as the tech company’s reach expands to handle billions of new Internet-ready devices, such as mobile phones and computers, TVs, cars, medical devices and ATM machines.
Intel states it has raised the priority of security to the same level as energy-efficiency and Internet connectivity.
“With the rapid expansion of growth across a vast array of Internet-connected devices, more and more of the elements of our lives have moved online,” Intel CEO Paul Otellini said in a statement. “In the past, energy-efficient performance and connectivity have defined computing requirements. Looking forward, security will join those as a third pillar of what people demand from all computing experiences.”
In the past year McAfee has enjoyed double-digit growth, as well as large margins, to the tune of almost 80 percent gross. It counts about 6,100 employees in its ranks and managed to rake in $2 billion in revenue in 2009.
Intel’s Senior Vice President Renée James said in a statement:
“Hardware-enhanced security will lead to breakthroughs in effectively countering the increasingly sophisticated threats of today and tomorrow. This acquisition is consistent with our software and services strategy to deliver an outstanding computing experience in fast-growing business areas, especially around the move to wireless mobility.
McAfee is the next step in this strategy, and the right security partner for us. Our current work together has impressive prospects, and we look forward to introducing a product from our strategic partnership next year.”
Analysts questioned the soundness of purchasing McAfee when Intel could have gotten many of the same technical gains by continuing the two companies’ partnership. Intel said it has been working closely with McAfee for the last year and a half to improve the security of both companies’ products.
McAfee has about 6,100 employees and $1.93 billion in revenue last year. Intel had 79,800 employees and $35.13 billion in revenue.
Security Newstagged Security News by admin
Disney, Playlist.com Allegedly Spying With Flash Cookies
Last week, a case was filed in federal court that alleges a group of well-known Web sites, including those owned by Disney, Warner Bros. Records, and Demand Media, breached the law by secretly tracking the Web movements of their users, including kids.
Lawyers representing a group of minors and their parents filed the suit Tuesday in the U.S. District Court for the Central District of California, records show. The lawsuit alleges that Clearspring Technologies, a software company that creates widgets and also offers a way to serve ads via widgets, is at the center of the wrongdoing.
Web site operators such as Disney, Playlist.com, and SodaHead are “Clearspring Flash Cookie Affiliates,” the plaintiffs allege in their suit. Clearspring set “Flash cookies on (affiliate site) users’ computers…online tracking device(s) which would allow access to and disclosure of Internet users’ online activities.”
Clearspring is the largest online content sharing network connecting publishers, services and advertisers to audiences on the social web. Clearspring’s universal sharing platform AddThis enables leading publishers like ABC, AOL, Demand Media, MTV, MySpace, NBC to distribute and track digital content such as links, widgets, videos, and photos to social networks, bookmarking sites, blogs, and other web services.
Ranked #1 by comScore, AddThis includes 3rd party services like Facebook, MySpace, Posterous, and Orkut.
Security Newstagged online privacy by admin
Google’s Office Raided By South Korean Police
Google’s office in Korea was recently raided by the South Korean Police. Google was charged of illegally gathering of data on Internet users. Google was already charged of the same offense in the US Court.
We all know that South Korea has the fastest broadband connection, together with Japan going head to head. In an Internet culture, Online data and privacy is the most important aspect in surfing the Internet. So the fact that Google might be illegally retrieving the people’s online data is certainly not going to make Korean’s Security happy.
The Korean National Police Agency is investigating Google on suspicion of unauthorized collection and storage of data on unspecified Internet users from wifi networks. In their defense, Google has told to local television channel MBC that it was caused due to a mistake during the data collection and is not intentionally done..
“Some data was collected unintentionally while we were operating a Street View vehicle. We have discussed this matter with the government and we will closely cooperate with the investigating authorities.”
Here is the video report of the recent raid in Google’s office in Korea.
Security Newstagged google news, online privacy by admin
How To Remove a3kebook.ini / akebook.ini?
I was cleaning my computer with unnecessary files when I stumbled with these files a3kebook.ini / akebook.ini . Except for the slowdown, I am not experiencing other problem. But to make sure I searched over the Internet and found out that the file in question is a keylogger Probot. It is also associated in programs Netzip & Netscape Download Accelerator.
If your experiencing problems or when suddenly computer makes dials itself, you may want to remove it from your system. Here’s a fix from Bleeping Computer in removing the keylogger:
Go to Add\Remove Programs and search for anything that would relate to Netzip, Netscape Download Accelerator and Probot.
Remove any traces found. Make sure Windows is Showing Hidden Files.
Locate and Delete any of these found
C:\WINDOWS\adult_chat.exe<- File
C:\WINDOWS\a3kebook.ini<- File
C:\WINDOWS\akebook.ini<- File
C:\WINDOWS\SYSTEM32\vmplay.dll<- File
C:\WINDOWS\SYSTEM32\npnzdad.exe<- File
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Watch.lnk
C:\WINDOWS\twain_32\S6U12BX<- Folder
C:\program files\pinfo<- Folder
C:\program files\hbt<- Folder
C:\program files\nog<- Folder
C:\program files\nethunter group<- Folder
C:\program files\common files\netzip download demon<- FolderOpen HijackThis and put a check by these but DO NOT hit the Fix Checked button yet
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trafficswarm.com/cgi-bin/swarm....5bff8770fc4c48a
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxresearch.com/Preloader.dllNow Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked Button
Last lets get a hefty Reg Cleaner and move out all dead registry entries
RegSupreme Pro
http://majorgeeks.com/RegSupreme_Pro_d4256.html
Once downloaded and launched,Click Yes to Update the Cache-> Click “Registry Cleaner”-> Click “Aggresive” and “Start”-> Fix everything it finds-> Name the Backup it creates and Save it somewhere safe
After all this,have the PC scanned.
Security Threats, Sypware / Malware Removal Tools
tagged keylogger, malware, manually remove spyware, spyware by admin
How to Know If Your Cell Phone Is Bugged.
We now lived in an age technology wherein everything is digitally made. But how do we know that our privacy is not compromised. In this video I saw on youtube some ways to know if your phone is bugged.
This short video explores ways to determine if your cell phone has been compromised to act as a bug. While it’s obviously unlikely that this would happen to most people, it was recently revealed that the FBI has used this technique, and just as illicit wiretaps are possible, illicit cell phone bugging could also occur.
This video is based on Lauren Weinstein’s December 2006 blog entry: “How To Tell If Your Cell Phone Is Bugged”
Some Comments from YT:
#usarocks911
I live in Britain and am on Three Mobile. I can’t imagine anything like this happening here. The government monitors people like crazy in the USA. Here they couldn’t care less, they are too wrapped up stealing tax payers money to buy new ponds and houses to care about whether there is a terrorist in London.#Spitwad666
hmmm, according to the battery part, all iPhones are tapped….#The2Wiredproductions
@snoshwillkillyou This is not a video on how to stop prank calls, this video is about Big Brother(Government) shuving his nose into your business!!Have you experienced being bugged? Post your comments.
Security Threats
tagged bugging cellphone. wired phone, Security Threats by admin
DELL Ships Motherboard with Malicious Code
Dell Computer Company verifies that a few of the server motherboards (PowerEdge) were shipped to customers with malware code on the embedded server management firmware.
The infected motherboard was found on replacement Dell PowerEdge R410 rack servers, as posted on Dell support forum.
A representative from Dell confirms the issue after a customer obtained a call warning about the infected motherboard.
As part of Dell’s quality process, we have identified a potential issue with our service mother board stock, like the one you received for your PowerEdge R410, and are taking preventative action with our customers accordingly. The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware. This malware code has been detected on the embedded server management firmware as you indicated.We take matters of information security very seriously and believe that any impact to a customer’s information security is unlikely. To date we have received no customer reports related to data security. Systems running non-Windows operating systems are not vulnerable to this malware and this issue is not present on motherboards shipped new with PowerEdge systems.
For more information visit DELL’s Community Forum
Security Threats, Spyware News
tagged dell malware, DELL Poweredge, malware by admin
New Adobe’s Critical Patch For PDF Reader
Adobe shipped a critical Reader/Acrobat patch to address a total of 17 documented vulnerabilities that expose Windows, Mac and UNIX computer users to malicious hacker attacks.
The update, which affects Adobe Reader/Acrobat 9.3.2 (and earlier versions), includes a fix for the outstanding PDF “/Launch” functionality social engineering attack vector that was disclosed by researcher Didier Stevens.
As previously reported, Didier created a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities.
Adobe said in a statement that the newest version prevents from misusing the command.
We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.
For more information on Adobe’s Security Advisories click here.
Security Threats, Spyware News
tagged patch adobe reader, pdf critical vulnerabilities by admin
Warning: Worm Spreading in YM and Skype
A security researcher has reported in his blog, Bkis Blog, that a new worm is spreading in Yahoo Messenger and Skype.
The malware, which Bkis has detected as “W32.Skyhoo.Worm,” disappears if the computer does not have Skype or Yahoo Messenger installed. It automatically sends messages with varying content and malicious links to contacts in the victim’s IM list and automatically injects a malicious link in e-mail messages and Word or Excel files that the user is composing, Bkis said.
YM and Skype users are sent a message link with a message such as “Does my new hair style look good? bad? perfect?” or “My printer is about to be thrown through a window if this pic won’t come out right. You see anything wrong with it?”.
Once the user has click the link it will forward it to cloak rapidshare.com for downloading of a zip file that contains the jpg file but the file is actually not a picture file but rather a com executable file. Once the file has been installed it will send messages from the YM contact lists and injects the message and url.
In order to prevent this worm from spreading is to update your anti-virus and antispyware softwares and stop clicking url even if the sender is listed in your contact file.
Click here for a list of free antispyware downloads.
Spyware News
tagged latest malware, malware removal tool, Skype malware, YM worm by admin
