Hello Again Readers,

So many people have come to me when I tell them they’re infected and said something like, “Oh, I thought that was normal!” Well I’m here today to tell you some of the signs that you’re infected with some sort of malware. By no means is this a complete list, but I tried to pick out some of the more common ones. If you`d like to discuss this further, feel free to e-mail me and we can talk.

So the first one is that most variations of the Smitfraud infection install something that tells you that you’re infected. The fake antivirus post from Dec 29, 2008 is part of it. Those programs that say you’re infected are the most obvious.

Another obvious sign is when your desktop background changes to something like this:

Random shortcut icons like that look like virus or spyware removal programs also get added to your desktop. These icons are actually shortcuts to infected web pages that download more malware so your poor computer gets even more infected.

Tied in with this are random spam messages that pop up when you’re doing nothing. As seen below:

Please don’t click “Ok” it will only harm your computer. It may look real, but consult a professional.

Another key thing to notice is that when you type in something into your address bar, you end up going somewhere else or instead of the web page you want coming up, you get a search of the words you put in. This is a good indication an infection corrupted your host file. To view or fix this you could find the hidden file in your Windows system folders but it`s a bit of a pain if you don’t know what you’re doing.

An example is let`s say you type in www.hotmail.com. Trend Micro shows an image of a fake Hotmail page:

It’s a bit blurred but if you look carefully the page in the address bar is no longer “http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1231879587&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fn%3D1568145402&id=64855″ but instead something totally unrelated. Most people don`t even check to ensure that the address in the address bar is the same one they typed in once the page loads. Let this be a lesson to you, DOUBLE CHECK!

My next question to you is, if you look in the region of your address bar up at the top of this window, do you have a bunch of toolbars there? If so, uninstall them. If you can’t uninstall them, it’s an infection. Plain and simple. Also, when you’re installing software and it asks you to install something totally unrelated like the “Ask toolbar”, uncheck the box! They get annoying, take up a lot of space and memory, and are just plain useless. A common one that has been getting installed on users computers is called “Mirar” (Seen below) as described by Symantec, this toolbar needs to be manually installed and is a pain to remove.

Finally, a topic of consideration is when you think to yourself “Oh boy is my computer running slow!” This is a good indication that you have something else lurking in the background. Also, most computers have a little LED light on the front of the case that show when the hard drive is in use. If you`re not doing anything and that LED is going nuts, there`s a good chance something is going on in the background you can`t see.

So be safe, have a good antivirus program running, and remember to practice your safe surfing tips!

malware annoying, antivirus, Apple, common sense, danger, malware, Phishing, spyware, tips, Trend Micro

Hello to all you Apple users!

As many of you have probably already heard, Apple had a post on their website saying that users should use some sort of anti virus software for their Mac computers. Macs are still affected by viruses but they are not as wide spread as Windows as Windows boasts nearly 90% of the market share for home computers. However, Mac advertising is getting better, and therefore they are gaining a higher market share and malware authors are starting to lean more towards creating malware for Macs.

According to the Swiss Federal Institute of Technology, Apple has been known to be slow at patching their zero day vulnerabilities (when a security problem is publicly disclosed without a patch). Thus, the well known antivirus companies (Symantec, Mcafee, Kaspersky, etc) have been working on anti virus programs Macs. A free one similar to SpyBot for PC is ClamXav. There is also a free download from Apples website.

One of the key vulnerabilities released recently is a trojan downloader called OSX_JAHLAV.A. A trojan is essentially a program that looks real but isn’t. A downloader essentially downloads files onto your computer.

This file in particular is loaded through a spam message. It links to a video that doesn’t play. The error that comes up says you need to download a video codec to play the file. The file that downloads is called ‘install.pkg’.

This package opens to code-live7000.dmg, an install file for the malware. Don’t be fooled by thinking there is only one possibility for the name. It is easy for the file to be changed to any other name to cause confusion.

The install looks incredibly real as seen by the screenshots courtesy Trend Micro.

Anyways, to sum it all up, nothing beats a users intuition. If it looks too good to be true, don’t click it. If it’s not from a trusted source, don’t open it! A good anti virus scan every couple of weeks is a good idea. I wouldn’t use the common programs that are available on the market, as those are generally the ones malware authors try to get around first.

Hope that helps!

malware antivirus, Apple, Mac, malware, spyware, Trend Micro, virus