Archive for Virus

Conficker : ِِAnother Windows Dangerous Worm

Posted in Articles - مقالات, General, Security with tags , , , , , on April 2, 2009 by wassimnet


The Conficker worm, sometimes called Downadup or Kido has managed to infect a large number of computers. Specifics are hard to come by, but some researchers estimate that millions of computers have been infected with this threat since January.
If you are unable to reach our web site, you may be infected. In that case you will need to get to a computer that is not infected, download this specialized Conficker removal tool and run it on the infected machine before installing new antivirus software

What does the Conficker worm do?
The Conficker worm has created secure infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.

The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

How does the worm infect a computer?
The Downadup worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

Who is at risk?
Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.

What to do if you are infected
If you are reading this page, your computer is probably not infected with Conficker as the worm blocks access to most security web sites.
If you have a computer that is infected, you will need to use an uninfected computer to download a specialized Conficker removal tool.

Advice to Stay Safe from the Downadup Worm:

Stay Secure

1. Run a good security suite (we are partial to Norton Internet Security 2009 and Norton 360 Version 3.0).
2. Keep your computer updated with the latest patches. If you don’t know how to do this, have someone help you set your system to update itself.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
5. Be smart with your passwords. This includes

1. Change your passwords periodically
2. Use complex passwords – no simple names or words, use special characters and numbers
3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

Q: What should I do if my PC is infected?

A: If you have a computer that is infected, you will need to use an uninfected computer to download a specialized Conficker removal tool from. The tool is available here.

Q: Am I safe if I don’t go to questionable web sites?

A: No. The Conficker worm seeks out computers on the same network. You can be in a coffee shop, an airport or in the office and the worm will quietly try to attach to your computer and run itself.

Q: How do I know if I am infected?

A: The best way to know if you are infected is to run a good antivirus product. One symptom that may indicate you are infected is finding that your computer is blocked from accessing the web sites of most security companies.


How To Remove the Kavo Virus? كيف تزيل فايروس الكافو

Posted in Software - برامج with tags , , on September 10, 2008 by wassimnet

لقد لاحظت بالامس أنّ الكمبيوتر أصبح بطيئاً بشكل ملحوظ، وقد كان الويندوز اكسبلورر يصدر الكثير من الاخطاء، فعرفت فورا بأن الكمبيوتر مصابا بفايروس ما. بالرغم من أننّي قد نصّبت برنامج “أ ف ج” المضاد للفايروسات و لكنّه لم يكتشفه. عرفت لاحقا أنّ اسم الفايروس هو “كافو” و قد أصبت به عن طريق إحدى اليو إس بي

بحثت في الانترنت فوجدت برنامج تايواني الصنع، لم أفهم كثيرً عليه، و لكن سوف أريكم كيف قام هذا البرنامج الجميل بحذف الفايروس من الكمبيوتر. أولا، قم بإنزال البرنامج من القسم المخصص للداونلوود، سوف تجد صندوق مكتوب عليه

Downloads Box

 برتقالي اللون، سوف تجد برنامج اسمه قم بإنزاله

بعد الانزال شغل البرنامج و انظر الى الصورة لمعرفة أي زر يجب الضغط عليه

أضغط على الصورة للتكبير

Yesterday I noticed that my computer is slowing down, the windows Explorer started to show me errors of the Send To and Don’t Send ones :P. Anyway, I knew that I might have virus running in my PC and eating up the resources. Altough I’ve AVG Free Edition Installed and Fresh Updated but it couldn’t find the virus “KAVO” that’s the name.
I went to Google like usual to find a solution and I found a small progam or a patch to fix this problem and eliminate the virus from my computer, the interface of the patch is not in English but I could run it anyway.
Here’s what you have to do to remove the virus:
1 – Download the Anti-Kavo from the Downloads Box in Orange, you will find it in the sidebar of the website.
2- After you download it, run it and to be sure what button you must press to fix the problem, look at the picture on the top.