Author Archives: John Barrett

How many times you faced the next scenario ? Your installed antivirus find a virus in your system, ask for your options, you choose to delete it, the antivirus tries to do so, it reboot the computer to complete the deletion procedure but the virus is reported again ?  No matter how many times the deletion procedure is repeated, the virus is still there ? There are cases when only disinfection is available as an option, when an important file part of  the operating system is infected as: explorer.exe, svchost.exe, services.exe, winlogon.exe, lsass.exe or smss.exe. In these cases, to delete or quarantine such a vital file will render the operating …

Continue reading →

Sometimes the things can go wrong even for the best of us. Let’s suppose we have a  reputed antivirus, an antispyware as a complementary security tool and a firewall installed in the PC, we keep the system and these programs always up-to date. Despite all of our efforts to stay away from troubles, we just get infected with a trojan virus. The golden rule is to periodically scan your computer with an up to date antivirus which theoretically will get rid of any trojan virus but always will work this method ? An antivirus can not alert us in the case of an infection with an unknown or very new …

Continue reading →

Apple fans claim in a voice as a cry of triumph that their machines are more secure than Microsoft Windows machines until to the point they does not need to run an antivirus software for their protection and even they push the things dangerously far saying an antivirus for Mac will provoke more troubles than it helps. On the other side, the staff at Apple affirms the Mac OS X security high level is inherited from Unix and as a consequence it’s open source, the most important Mac OS X components are reviewed and improved by security experts worldwide. I can not stop to ask myself, how it is Mozilla …

Continue reading →

Tatanga is a new discovered banking trojan affecting almost all Windows browsers : Internet Explorer, Mozilla Firefox, Google Chrome, Safari for Windows, Opera, Maxthon, Netscape and Konqueror. The trojan is written in C++ programming language and uses rootkit technologies in order to hide its files. The targeted banks are located for now in: Spain, United Kingdom, Germany and Portugal but it is expected to be seen an extended range of action in the near future as the trojan has a very poor antivirus detection rate. It can perform automatic transactions with the stolen banking credentials spoofing the real balance and banking operations of the users and try to avoid antivirus …

Continue reading →

Already few days have passed since the Relevant Knowledge globe sits there in the taskbar in Notification area.  I was very busy the last few days and I don’t give too much attention to it but today looking at it, I start to ask myself how this globe got there? I don’t remember to got  installed anything with that name, Relevant Knowledge for sure a parasitic program and I decided to track back, what program carried it on? Because in my opinion, to install something in a computer without its owner knowledge or agreement is  highly immoral and unethical, even more is very dangerous. It’s a logical flow of thoughts, …

Continue reading →

A new player enters the malware scene targeting financial institutions with a name from the James Bond movie Goldfinger. It’s Oddjob trojan and I must admit the researchers from trusteer.com prove a lot of imagination giving the name of a deadly character to this newly discovered trojan. The trojan code seems to be not finalized yet, rather in a beta stage or a testing phase and the analysis reveals that its creators from Poland(Eastern Europe) are striving to improve the code functionalities. At this moment banks from USA, Denmark, UK, Poland to name only a few, are the favourite targets of the trojan which acts in the adress space of …

Continue reading →

Yesterday I received an email from one of my visitors bringing to my attention an incredible fact. He said that his computer was infected by malware just visiting Google images, looking for an image of the romanian president Basescu. I was a bit skeptical but he insisted these were the facts, so I reproduced his actions. Navigating to  google.com –>Images, I typed in the Search box basescu, this is a partial screenshot with google images results : I clicked on the first thumbnail and all the browser(Opera) requests were logged with Burp Proxy Suite, an intercepting proxy server for HTTP traffic, acting like a man-in-the-middle between the browser and the …

Continue reading →