Antispywaremaster.com Virus


Yet another Myspace virus. It can be seen on Myspace forums. Pop ups offer you to download Antispywaremaster.com software telling you are infected with thousands of trojans and viruses. It is similar to WindowsAntivirus 2008 and AntispywareDeluxe.

The standard message is:

Warning! xx suspicious files found! Potentially dangerous files were found on your system during the last scan! IT is highly recommended to remove them as soon as possible…
Remove Now!”

DO NOT CLICK ON THE AD!!!

The pop up is impossible to close, so you have to close the Myspace malicious page as soon as possible and use popup blockers and firewall.

If you got infected, first stop asm.exe and/or Antispywaremaster.exe processes /Alt+Ctrl+Del/ to open Task Manager, find processes and delete them.

Then run regedt32 and find and delete the following registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\AntiSpywareDeluxe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiSpywareDeluxe_is1
HKEY_LOCAL_MACHINE\SOFTWARE\AntispywareD
HKEY_CURRENT_USER\Software\AntiSpywareMaster
HKEY_CURRENT_USER\Software\{5222008A-DD62-49c7-A735-7BD18ECC7350}

/Hint – try Edit menu –> search from the root ‘MyComputer’ for ‘AntiSpyware’ and delete all results found/

At the end, find and delete the following files:

AntiSpywareMaster 7.3.url
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareMaster.lnk
%UserProfile%\Desktop\AntiSpywareMaster.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareMaster\AntiSpywareMaster.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpywareMaster\Uninstall AntiSpywareMaster.lnk

/Hint – try Search console –> search ‘MyComputer’ for word ‘AntiSpyware’ as file name and delete all files  found/

Advertisements

Myspace Possible_HiFrm Virus


Myspace Possible_HiFrm Virus is detected by Trend Micro mainly in login pages.

It means this is a possible malicious software using iframes to redirect your browser.

Myspase itself is not spreading viruses. This is done by users who have put some corrupted scripts in their profiles.

If you are visiting unknown Myspace page and your anti-virus program alerts for possible virus, it  is better to leave this site immediately.

The Suspicious MySpace pages contain malicious javascripts that are detected as JS_DIRESEX.A.

The script is programmed to invisibly connect you to a pornsite. If such site which pops up unexpectedly – you have been infected.

As advice in case your computer behavies strange when visited some MS pages, you have to use pop up blocker, firewall, anti-virus programs /of course./ You have to delete temporaly Internet files and restore to earlier point.

Net-Worm.Win32.Koobface net worm infects Myspace and Facebook users


There is a new virus spreading among both Facebook and Muspace uswers – Net-Worm.Win32.Koobface.

It has two variants: Net-Worm.Win32.Koobface.a. /for Myspace/  and Net-Worm.Win32.Koobface.b /for  Facebook/

In  their malicious action, the net worms transform victim computers  into zombie computers to form botnets.

What is a Botnethttp://en.wikipedia.org/wiki/Botnet 

The Net-Worm.Win32.Koobface.a. /for Myspace/ worm creates many commentaries to friends’ accounts.

 The Net-Worm.Win32.Koobface.b /targets Facebook users/ creates many spam messages and sends them to the infected users’friends via the Facebook.

Messages and comments can include ‘Paris Hilton Tosses Dwarf On The Street’; ‘Examiners Caught Downloading Grades From The Internet’; ‘Hello’;’ You must see it!!! LOL. My friend catched you on hidden cam’;’ Is it really celebrity? Funny Moments’ and many others.

Messages and comments include links to http://youtube     .pl.

If you click on this link, you are redirected to http://youtube      .ru,  – a site which contains a video clip.

If the user wants to watch it, a message pops up reading that you need the latest version of Flash Player to watch the funny clip.

Of course, instead of the latest version of Flash Player, a malicious file called codecsetup.exe is downloaded to  victimcomputer; this file is also a network worm.

Myspace Hide Extended Network code


In this small tutorial I will show you how to hide extended network box from your Myspace profile.

Just copy the code below and paste at the end of the “About Me” section of your Myspace profile:

<style type=”text/css”>table td table tr td.text table {visibility:hidden;}
table td table tr td.text table table, table td table tr td.text table table td.text {visibility:visible;}
td.text table {position:relative; top:-175px;}
td.text table table {position:static;}
</style>