Windows – Page 12 – 37'.news ¯\_(ツ)

November 26, 2011

Malware Alert: Cloud AV 2012

On Wednesday November 23rd, 2011; the day before Thanksgiving Day I received a call.

“Hey, just want to let you know I was using my computer and Cloud AV 2012 just installed itself.”

Yeah, that’s a Malware.

I was getting ready for my Thanksgiving trip, so I had to work on this malware problem later. Bleeping Computer has a great instructions on removing Cloud AV 2012.

I am documenting what I’m doing to remove Cloud AV 2012.

I want to know if Combofix can completely remove Cloud AV 2012. I ran Combofix in Safe Mode with Networking. It took about 15 minutes for Combofix to find some malware and removing them, unfortunately it is not enough.
The next step is to run Malwarebytes’ Anti-Malware.
I ran Spybot – Search and Destroy to clean up whatever part of malware it can find.
I ran Combofix again, and it found a few leftover Cloud AV 2012 files.
Reboot the computer a few times and so far I do not see any suspicious activities.

I’m going to put this computer on quarantine for a few days and see if Cloud AV 2012 is completely gone.

November 23, 2011

Windows 7 on Mac mini.

When running windows on virtual machine is not enough, I fired up Boot Camp on the Mac mini to install Windows 7.

Previously I was running Windows in Parallels 7, unfortunately there are some hardware that wouldn’t interface correctly in the virtual machine.

November 2, 2011

Persistence of bootkit

Platform: Windows XP, Windows Vista and Windows 7.

Symptoms, but not limited to:

Search results using browser search box including Chrome and Internet Explorer 9 Omnibox are redirected to other sites.
Internet Explorer is running in the background on login, using large amount of memory.

After long troubleshooting sessions I figured out that a bootkit was present on this computer.

A bootkit hides itself by modifying the master boot record.

The particular bootkit I was dealing with was not detected by Combofix, Malwarebytes’ Anti-Malware and many others. The only anti-malware program detected the bootkit was Hitman Pro 3.5.

If you are dealing with a persistent malware infection that redirects search results, try using numbers of anti-malware softwares. In addition to that, search for “Google redirect virus” using an uninfected computer. The malware redirects search result system-wide. On the infected system, search results were redirected on Internet Explorer, Safari, Chrome and Firefox. The malware will redirect search results on any browsers installed on the system.

It is almost 5 o’clock in the morning. I have not had a minute of sleep. I’ll clean up this post later.

May 5, 2011

Windows 7 Experience Index on 2011 15-inch MacBook Pro Core i7.

I finished installing Windows 7 on 2011 15-inch MacBook Pro Core i7 through Boot Camp early this morning. Why you asked? Because there’s a specific audio software that would run on Windows. I tried using virtualization within Mac OS X but it performed so poorly. I did upgrade the RAM to 8GB.

Anyway, here’s the Experience Index:

April 15, 2011

VLC 1.1.9 and Perian 1.2.2 is now available.

Hot off the Update-Thursday:

VLC 1.1.9
http://www.videolan.org/vlc/releases/1.1.9.html

VLC is available for Linux, Mac OS X and Windows.

——-

Perian 1.2.2
http://perian.org/#download

“Requirements: Mac OS X 10.4.7 or higher because 10.3 makes the iceweasel cower in fear.”

That always makes me chuckle.

March 14, 2011

Internet Explorer 9

Microsoft has released Internet Explorer 9 through Technet and MSDN.

Windows XP and below are not supported.

February 22, 2011

Windows 7 Service Pack 1 Is Now Available For Everyone.

Microsoft releases Windows 7 Service Pack 1 on this Patch Tuesday for everyone to download. Windows 7 SP1 was previously available to OEM, Technet members and Enterprise clients.

From Microsoft:

Learn how to install Windows 7 Service Pack 1 (SP1)

Windows 7 Service Pack 1 can be directly downloaded from Microsoft.