Mobile Win32 malware defenses

I was reading up on the latest in Win32 malware and want to point you to some content about Win32 virus protection for mobile devices. Yes, even our cell phones and PDA’s are vulnerable to malicious attacks by hackers. I would think the iPhone is immune to anything Win32 related since it has it’s own operating system but if you have a cell phone or PDA running Windows Mobile, this could be of interest to you.

Read the article here.

More great information about mobile malware:

• iPhone creates mobile malware tipping point – On the downside, the iPhone also presents the tipping point that will trigger both an explosion of mobile malware, and an increase in Mac OSX malware. Not many can say they are the catalyst for good and bad megatrends—so all hail Steve …

• My 2008 Security Predictions! – I just have to start with this quote from Rich Mogul: “… Legions of armchair futurists slobber over their keyboards, spilling obvious dribble that they either predict every year until it finally happens or is so nebulous that they claim …

• On-Device Defenses for Mobile Malware – Brighthand – On-Device Defenses for Mobile Malware Brighthand, CA – 59 minutes ago Antivirus scanners, host intrusion detection programs, personal firewalls, and email spam filters are all designed to stop viruses, worms, …

Win32 Removal for the Win32/adware.virtumonde Virus

In an article written on a data recovery blog I monitor they give a good description of the Win32/adware.virtumonde virus. Although it appears that the are trying to promote their data recover tools at the end of the post, there is still some great details about this virus. I’ve never used any of their tools so I can’t recommend them but they do accurately state that a good virus cleaner suite can remove this virus. There are some tools on this site that I have recommended in the past for win32 removal and the virtumonde virus is very containable.

In a direct quote from their blog – “It is a very powerful virus which is said to completely destroy the data and software of your system by going through Java. It generally enters into your system using bogus BHO (Browser Helper Objects) and DLL files attached to Exploere.exe and Windlogon. The general symptom of this virus is the pop windows which appear while using Internet.

You may also notice pop up windows on your computer when you begin Windows, generally showing some error messages related to DLL files with bizarre names. You will notice that these files are in Windows/System32 folder.”

Go read the whole article.

Win32 Removal of trojan-downloader.win32.agent (ZLOB)

I am posting this video with some hesitation. It is a VERY involved and detailed video and can cause the casual computer user a LOT of frustration. In my opinion purchasing a good Win32 removal software is an easier way to go but what I do like about it is that it gives you a real look at what we all had to do before we had software to help us out. Many times I still do this type of trojan removal simply because I have A LOT of experience and I’m comfortable with it.

Watch the video BUT…. don’t try this at home:

Win32 Removal – How to get rid of Win32 Virus

I recently got attacked by the Win32 Virus and after doing lots of work and research on the web I’ve found this to be a common problem. I DID finally get rid of it but I want to give back to the Win32 Virus Removal community that helped me out by creating this blog.

This blog will be solely dedicated to the Win32 Virus Removal!

I’ve done enough research to know that now every solution works for everyone. I will detail my solution here but will do regular research to find out what is working for other people. If you have a solution that works for you please feel free to comment!!

Try worked for me:

in the Start/run… type in the command SFC/Scannow. This command will check all your system files and replace or fix any that have been corrupted or changed. (Make sure you have a copy of your OS handy, will ask for the CD). The New Win32 virus attaches itself to the winlogon.exe file, which is a system file and therefore cannot be deleted or quarantined. The SFC/scannow command fixes this corrupt file and any others that might have been corrupted and now you are able to scan your pc.

Next, I went to the McAfee website and downloaded the latest bootscan.exe file to do a Bootscan virus check in safe mode and I also did a virus scan in DOS mode with McAfee’s latest Superdat file.

Make sure you disable your system restore first!