By

Remove Trojan.Acedeceiver

Albireo

There are 75.23 million iPhone users around the world. That sheer number of users would naturally attract a handful of malware authors. As we all know, iPhones are very expensive phones and most people who would get this kind of smartphone normally has money to burn. An iPhone 6S costs at around $649 from the Apple Store. That is a big amount of money by my standards.

There are a lot of computer security scientists who have been monitoring a new Trojan which infects Windows computers but its main purpose is to download and install malicious apps to iPhones. They named this malware, Trojan.Acedeceiver.

This malware was first discovered lingering on cyberspace on March 16, 2016 and infects computers using Microsoft’s Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP operating systems. There is a big chance that it can also penetrate on Windows 8, Windows 8.1, and Windows 10 computers. But don’t despair there are steps which you can follow to remove Trojan.Acedeceiver.

The Trojan.Acedeceiver malware will gets downloaded and installed by users on their desktops and laptops who think that this is beneficial for their computers not knowing its malicious intent. Once it has been installed it will stay on the background process and then activates if an iPhone is connected to the compromised computer via USB (Universal Serial Bus) connection. It will then upload and install more iOS malware to the connected iPhone without the user’s consent.

Researchers are still finding out what malware does the Trojan.Acedeciever inject on iPhones and what are their capabilities but I’m sure some of them are info stealers (malware who steal information from its targets).

To remove Trojan.Acedeceiver, you can run the Norton Power Eraser (NPE) software. If that does app does not succeed in cleaning your computer you need to follow these steps below.

Boot your computer to “Safe Mode with Networking”. One your computer has booted, open a browser and then download and run Rkill. This is to make sure that all malicious software related services are terminated and won’t interfere with the next steps. With the same browser that you have opened, download and install Malwarebytes or SuperAntiSpyware and then run a full scan. The scan should run for a few minutes depending on the specs of your computer. After the scan is done restart your computer to complete the process.

After following those steps, your computer should be malware free.

By

Remove Backdoor Pepperat Completely From Your PC

58The best type of protection you can have from a malware attack is common sense. The ability to discern between a legitimate website, legit email attachment, and software download is key to your computer being malware free since most prolific and destructive malware was spread through email attachments and downloads from torrent and other file sharing sites. It is also essential that users install anti malware and potent firewall software to protect you from automatic malware attacks.

The people behind these antimalware software work day in and day out to keep our computers safe. They identify potential threats and work out ways on how to clean them. They have recently discovered another trojan released into the wild last March 11, 2016.  They named it the Backdoor Pepperat trojan. This one behaves like any trojan out there. It infiltrates and infects computers and then opens a backdoor to let other malicious software in.  Once other malware gets in to your computer, all hell will break loose. The re is a big chance that all your data will be compromised or your system files become corrupted and will render your computer useless in the long run. You need to act fast to remove Backdoor Pepperat malware before it is too late.

The Backdoor Pepperat Trojan mainly affects computers using Windows 95, Windows 98, Windows ME, Windows XP, Windows 7, Windows NT, Windows 2000, Windows Server 2003, Windows Server 2008 operating systems. No need to worry if you are using Linux variants (Ubuntu, Edubuntu, Solaris, etc.) or Apple’s OSX.

images (3)

To effectively remove Backdoor Pepperat Trojan, you need to disconnect the infected computer from the internet and delete all files on your hard drive. You can do multiple passes of hard drive cleaning and reinstall a fresh copy of your operating system. This method is the surest way to remove Backdoor Pepperat trojan. The only bad thing about this method is that you will lose all your files and you would have to reinstall your hardware drivers and all other needed software. Always have multiple backups of your most important files. You will need them in cases like this.

If you don’t want to reformat your computer you can also do a full scan of your most trusted antimalware software.  You can use Avast, AVG, Eset, SuperAntiSpyware, Malwarebytes, and Comodo security. This is the easiest way but there is a big chance that the Trojan will resurface.

By

Remove Infostealer.Boyapki.D

cyber-malware-attack-threats1Millions of malware attacks happen every single day. These attackers come from all over the world with different motivations why they do what they do. Some malware authors do attack computer systems for the money. Some are politically motivated. Some just do it for kicks while some just want to watch the world burn. Conspiracy theorists also believe that malware are also written by antimalware companies so they can constantly sell their products. It is quite logical because who would want to buy antimalware software if there are no malware attacks.  That is still a topic of debate, so we’ll just leave that be for now. One of the most dangerous kind of malware is the kind that infiltrates your computer and steal your important data. This kind of attacks have already put a lot of people’s lives in jeopardy and financial ruin.

Infostealer.Boyapki.D is an example of a malware that steals information from infected computers. Technically, this malware is classified as a Trojan horse.  This malware was first detected by IT security experts on January 28, 2016, which is quite recent. It can infect computers using the Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP operating systems. This Trojan horse could be infecting up to thousands of computers by now.

This Trojan spreads through downloads from torrents and shady websites. Once it has entered your computer it will automatically create this registry entry to make sure it runs every time the infected computer starts.

Malware-attack

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”ipv4″ = “%System%\rundll32.exe %Temp%\[RANDOM FOLDER NAME]\[RANDOM FILE NAME].dll\,CallWindows”

It will now steal files (.cer and .der) from the NPKI folder and sends those files to these following servers.

fuckbangzi.lofter.com

100.43.160.70

 

The Trojan will also redirect internet traffic on the infected computer to these following sites:

search.naver.com

www.kbstar.ccm

www.knbank.vo.kr

openbank.cu.vo.kr

www.busanbank.vo.kr

bamking.nonghyup.ccm

www.shinhan.ccm

www.wooribank.ccm

www.hanabank.ccm

www.epostbank.bo.kr

www.ibk.vo.kr

www.daum.net

 

To remove Infostealer.Boyapki.D, you have to first disconnect your computer from the internet for it stop sending data to the attacker’s server.  Then you have to boot your computer to “Safe Mode”. You can now run a full scan of your preferred antivirus program. You can use antimalware programs from Avast, McAfee, Norton, Malwarebytes, AVG, and SuperAntiSpyware. A full scan from these reputable software will usually remove Infostealer.Boyapki.D.  After doing the full scan you should restart your computer for the changes to take effect.

 

Always be mindful of the websites that you visit and the files that you download from torrent sites. To stay out of trouble always use reputable IT security software.

 

By

ARP Spoofing

ARP_Spoofing-example

ARP spoofing is a method that hackers use to send spoofed or hacked ARP (Address Resolution Protocol) messages to a Local Area Network or LAN. The hacker can redirect traffic which was meant for the host or target default gateway to be directed to the hackers IP address. This could be a predecessor for a DDoS (Direct Denial of Service) attack, session hijacking, or man in the middle attacks. An undetected and untreated ARP spoofing attack can lead to disable and destroy small time home LANs or large corporate servers. A lot of modern server takedowns this past few years started with this kind of method.

The Hacktool.ARPSniffer is one the tools that is pretty much capable of disrupting and stopping traffic through ARP spoofing. This malware was first detected February 6, 2007 and has infected thousands of computers using the Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP operating system. There is also a big chance that systems using Windows Server 2003, and Server 2008 could also be infected. Once this has infiltrated your network, it can overload and bust your servers and routers by overwhelming it with internet traffic.  You don’t need to remove Hacktool.ARPSniffer if you have installed decent and trusty firewall software as this would not be able to penetrate your system.

If your system gets infected with this malware, you will notice that network communication will  be slower or just be totally non-existent.  You will also notice a disruption on your internet service. To remove Hacktool.ARPSniffer, you need to disconnect the infected computer from your Local Area Network. After that you’d have to disable System Restore. Once System Restore has been disabled, you’d have to reboot your computer to Safe Mode.  Once it’s there, you need to run the small yet useful program named RKill. This piece of nifty software will disable services that are related to malware. After that, you can now run a full scan of your preferred anti-malware software. You can use Malwarebytes, Norton Antivirus, SuperAntiSpyware, Avast, or AVG. These are the best out there on the market which will be more than enough to remove Hacktool.ARPSniffer. You will need to restart your computer for the changes to take effect.

Getting your network attacked can be a hassle because not only your internet connection will be disrupted, your routers can also be busted. To prevent this kind of attack it is recommended that you install a decent firewall software.

By

Knowing Nimda Worm

download

The early 2000’s was era most affected by widespread malware attack because security software was not yet that advanced during that time and also operating systems during that period still had lots of security loopholes or bugs. Another factor is that we, computer users, were not yet that aware of basic security measures to avoid being hit by malware. One of the malware that wreak havoc during that era was the Nimda virus.

Nimda, spelled admin backwards, hit the internet on 2001 and spread widely affecting up to 40 million of computer systems in just 22 minutes. It is regarded as one of the malware that spread the fastest. This worm was released just one week after the 9/11 attacks which led to the speculation that Al Qaeda was behind these attacks but experts debunked this theory. Most security experts believed that this malware originated from China and have proof about their theory even if the Chinese government denied their allegations.

Nimda primarily targeted internet servers and its purpose was to slow down internet traffic. It is regarded as one of the most widespread DDoS (Direct Denial of Service) attack and spread mostly through email. Crashed web servers caused more than $10 billion in damage due to loss of productivity and revenue. A lot of web based services shut down temporarily and it took a long time remove Nimda Worm from their servers and it took longer to restore affected systems. The Nimda worm infestation opened the eyes of the computing public about the damage caused by malware that are spread through email.

The worm’s primary target were servers but it also affected personal computers using the Windows 95, Windows 98, Windows ME, Windows 2000, and Windows XP operating systems. It creates a backdoor to these affected personal computers and gives the author admin access giving him full control which means the author or authors of this worm can do pretty much whatever he wants on the infected computer. He can copy or destroy important files and gather important data. Users of personal computers spent lots of  time and money to remove Nimda Worm.

Life’s lessons are sometimes learned the hard way and we all learned a valuable lesson that we need to invest more and beef up our computer security.  It is also important not to open emails and download attachment’s from senders that we do not know.

By

Fix Windows Error UNMOUNTABLE BOOT VOLUME

high-volume_318-10728Since Windows 8 was released to the public last October 2012 a lot of complaints from disgruntled users have surfaced. Simple users, like me, was disappointed with the new “Start Screen” due to the absence if the ever useful “Start Button”. Instead they have put all apps on the start screen. They called this the Metro UI which is quite sharp but it is still not as user-friendly as the Windows 7’s layout. This was solved by putting a sort of Start Button on the Windows 8.1 update. A good thing about Windows 8 though is that the startup and shutdown times have greatly improved as well as its overall speed and responsiveness.

Not only does users complain about the UI but also with errors that regularly occur when you are using the system. One of the most common error is UNMOUNTABLE BOOT VOLUME accompanied with a Blue Screen of Death. No need to fret as there as you can already fix Windows Error UNMOUNTABLE BOOT VOLUME. This error is caused by a corrupted file system, a corrupted or damaged hard disk, improperly configured boot.ini, and loose SATA cables on the motherboard and hard disk ends.

unmountable-boot-volume

The first step in fixing Windows Error UNMOUNTABLE BOOT VOLUME is to check the SATA cables connecting the hard disk to the motherboard. You’d have to power off your system and disconnect the external cables connected to the board (power cable, VGA / HDMI cable, mouse, and keyboard). After disconnecting the cables, open the side panel of your computer’s casing. Unplug both ends of the SATA cables. Reconnect all the external cables that you previously disconnected and power on your system. Check if the steps above solved the issue. If the steps above did not solve the issue, try changing the SATA configuration on the BIOS from ATA to AHCI mode or the other way around. If the issue still persists try to use the automatic repair function of Windows 8. If that technique fails you need to reinstall Windows. If reinstalling Windows will not work, then your hard disk might be defective and would need a replacement.

Using Windows 8 can be a dreadful experience, thankfully the Windows 8.1 update has addressed most of the negative comments about this operating system and technicians have been working day in and day out to fix Windows Errors of this operating system.

Skip to toolbar