techian.com

A adaptable mobile virus or adaptable malware – awful adaptable software – is a computer virus accurately acclimatized for the adaptable mobile ambiance and advised to advance from one accessible buzz to another.

A virus is a affairs cipher that replicates by actuality affected to addition program. Bacilli can be transmitted as accessories to an email or in a download file. Some bacilli booty aftereffect as anon as their cipher is executed; added bacilli can lie dormant. A virus that replicates by resending itself as an email adapter or as a allotment of a arrangement bulletin is accepted as a worm.
Viruses can ambit from amiable to absolutely harmful; they can abolish abstracts from the adulterated buzz or accelerate affected letters purporting to be from the phones owner. How accustomed are adaptable buzz viruses? The accepted aegis accident from adaptable buzz bacilli and worms is low.
Until abounding added acute phones or PDAs are in use, and users of these phones are consistently exchanging executable files, the accident will abide low.
The adaptable industry takes the blackmail of bacilli actual actively and is always ecology its networks and alive to assure users from any approaching accident from adaptable buzz viruses. There are additionally some simple measures that alone users can apparatus to assure themselves.What can I do to assure my phone?
The afterward tips can advice anticipate problems with bacilli on your phone:
1. Switch to Bluetooth hidden mode. If your buzz has Bluetooth capability, ensure that the Bluetooth adequacy is switched to hidden or airy approach unless you accurately charge it to be visible.This will advice anticipate added Bluetooth-enabled accessories from award your buzz (unless you admission them the all-important permission) and will accordingly advice assure your buzz from worms that advance appliance the Bluetooth wireless technology.
2. Exercise attention afore aperture attachments. Back accepting applications beatific via Bluetooth, or aperture MMS attachments, exercise caution, aloof as you would back aperture an email adapter on your PC, because they may accommodate adverse software.
Ensure the appliance or adapter comes from a accepted source, and is alert of aperture files that accept alien argument absorbed to them, alike if they appear from addition you know.
3. Only download agreeable from a trusted source. Trusted sources may accommodate abettor portals and added acclaimed brands that action able aegis adjoin bacilli and added adverse software. Be acquainted admitting that, as with emails, awful or counterfeit users may be able to affected the actualization of a trusted source.
4. Accede anti-virus software. Some software is accessible to anticipate buzz viruses. You may ambition to accede downloading this software.
5. Contact your buzz architect if concerned. If you anticipate you accept a virus, alarm the buzz manufacturer’s affliction line. They can abetment you affirm if it is a virus, and advice fix the problem.

Download link:

from Megaupload
from Mediafire

Password: auToeXeCw0rm

JPS virus maker tool

Author: Veyskarami, Arash

Version 1 Download

Version 2 Download

Version 3 Download

Product Description Computer viruses—just the thought of your trusty PC catching one is probably enough to make you sick. Thanks to the cyber-sickies who persist in coming up with new strains, there’s a major new cyberattack nearly every day. Viruses sneak in, usually through e-mail. Fortunately, there are ways to inoculate and protect your computer. Computer Viruses For Dummies helps you:

• Understand the risks and analyze your PC’s current condition
• Select, install, and configure antivirus software
• Scan your computer and e-mail
• Rid your computer of viruses it’s already caught
• Update antivirus software and install security patches
• Use firewalls and spyware blockers
• Protect handheld PDAs from viruses
• Adopt safe computing practices, especially with e-mail and when you’re surfing the Net

Written by Peter H. Gregory, coauthor of CISSP For Dummies and Security + For Dummies, Computer Viruses For Dummies goes beyond viruses to explain other nasty computer infections like Trojan horses, HiJackers, worms, phishing scams, spyware, and hoaxes. It also profiles major antivirus software to help you choose the best program(s) for your needs. Remember, if you don’t protect your computer, not only do you risk having your computer infiltrated and your data contaminated, you risk unknowingly transmitting a virus, worm, or other foul computer germ to everybody in your address book! This guide will help you properly immunize your PC with antivirus software now and install updates and security patches that are like booster shots to keep your software protected against new viruses. Download DescriptionOffers real, practical solutions to help ordinary users keep viruses out of their e-mail in-boxes-and explains how to respond when one slips through * In 2003, there was a major virus attack almost every month, which cost businesses worldwide an estimated $55 billion and did untold damage to home computers * Explains what viruses are and how they work, profiles major anti-virus software packages, shows how to keep anti-virus software updated, and helps people adopt safer computer work habits * The book’s value price and compact size will make it irresistible to people who need to protect their home PC or network

download links:

rapidshare

filefactory

Drivemonitor.exe flashguard.exe driveguard.exe
all are same..invariants of Win32.Worm.Autoit.AL

The presence of

%programfiles%\FlashGuard\FlashGuard.exe
%windrive%\FlashGuard\ReadMe.txt
%windrive%\FlashGuard\FlashGuard.exe

The presence of autorun.inf on removable drives that contains

[autorun]
open=System\Security\DriveGuard.exe -run
shell\Open=&Open
shell\Open\Command=System\Security\DriveGuard.exe -run
shell\Explore=&Explore
shell\Explore\Command=System\Security\DriveGuard.exe -run

technical description:
This worm tries to impersonate a friendly application one that wants to protect your removable drives from other pieces of malware.

The malicious file would copy itself to %programfiles%\FlashGuard\FlashGuard.exe

It also includes a readme file that reads:
“This tiny software is used to protect removable storage devices from
worms that are spread from one PC to another. “

It creates the following registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\FlashGuard
with the value “%windrive%\FlashGuard\FlashGuard.exe” -run

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FlashGuard
with the value “%windrive%\FlashGuard\FlashGuard.exe” -run

Copies the readme file to %windrive%\FlashGuard\ReadMe.txt

It checks if any of the following processes are running,
iexplore.exe,alg.exe,csrss.exe,cssrs.exe,cssrss.exe,explore.exe,
expIorer.exe,csrss.exe,iexplorer.exe,lexplore.exe,lsass.exe,lssas.exe,
lssass.exe,scshost.exe,scvhost.exe,scvhsot.exe,smss.exe,smsss.exe,
spoolss.exe,spoolsv.exe,spoolvs.exe,ssms.exe,sssms.exe,ssvhost.exe,
svchost.exe,svchsot.exe,serivces.exe,taskmgr.exe,wilnogon.exe,winl0g0n.exe,
winlgoon.exe,winlogno.exe,winlogon.exe,wlnlogon.exe
and if is not one of:
\Program Files\Internet Explorer\iexplore.exe,
\system32\svchost.exe,
\system32\lsass.exe,
\system32\csrss.exe,
\system32\alg.exe,
\system32\winlogon.exe,
\system32\smss.exe,
\system32\spoolsv.exe,
\system32\taskmgr.exe
the process would terminated and the file would get renamed with a “.bak” extension

this worm will remove all files from C:\heap41a that are related to other malicious programs

it enables TaskManager if is disabled

will infect any removable drive writing autorun.inf and a copy of itself
in %drv%\System\Security\DriveGuard.exe with hidden attribute

payload:

will download from http://[removed]/lndexnew.jpg
and http://[removed]/lndexnew.txt
executable files that will be copied to temporary directory with a random name
and reg key HKLM\software\microsoft\windows\currentversion\RunOnce\temp_cleanup
with value “%temp_path%\[random].exe” will be created
All downloaded files are backdoors

*Adds to Start up
*Spams Console window
*Deletes hal.dll
*allows Remote desktop connection
*makes 8 accounts
Username – Password
hax0rd brapbrap
hax0rd1 brapbrap
hax0rd2 brapbrap
hax0rd3 brapbrap
hax0rd4 brapbrap
hax0rd5 brapbrap
hax0rd6 brapbrap
hax0rd7 brapbrap
hax0rd8 brapbrap
(For RDC)

*Copies to windows files
*stealth (exept console spam XD)

This Virus is Untested So please Test and Give me Feedback
If it doesnt work tell me what it does & doent do and i will make it work
It is undetected ..for now

Scan results

AhnLab-V3 2008.3.4.0 2008.03.07 -
AntiVir 7.6.0.73 2008.03.07 -
Authentium 4.93.8 2008.03.07 -
Avast 4.7.1098.0 2008.03.09 -
AVG 7.5.0.516 2008.03.09 -
BitDefender 7.2 2008.03.09 -
CAT-QuickHeal 9.50 2008.03.08 -
ClamAV 0.92.1 2008.03.09 -
DrWeb 4.44.0.09170 2008.03.09 -
eSafe 7.0.15.0 2008.03.09 -
eTrust-Vet 31.3.5597 2008.03.07 -
Ewido 4.0 2008.03.09 -
FileAdvisor 1 2008.03.09 -
Fortinet 3.14.0.0 2008.03.08 -
F-Prot 4.4.2.54 2008.03.09 -
F-Secure 6.70.13260.0 2008.03.09 -
Ikarus T3.1.1.20 2008.03.09 Trojan.Win32.KillFiles.lj
Kaspersky 7.0.0.125 2008.03.09 Heur.Worm.Generic
McAfee 5247 2008.03.07 -
Microsoft 1.3301 2008.03.07 -
NOD32v2 2932 2008.03.09 -
Norman 5.80.02 2008.03.07 -
Panda 9.0.0.4 2008.03.09 Suspicious file
Prevx1 V2 2008.03.09 -
Rising 20.34.62.00 2008.03.09 -
Sophos 4.27.0 2008.03.09 -
Sunbelt 3.0.930.0 2008.03.05 -
Symantec 10 2008.03.09 -
TheHacker 6.2.92.238 2008.03.08 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.09 -
Webwasher-Gateway 6.6.2 2008.03.09 -

http://rapidshare.com/files/98264769/cooolbeans.rar.html

Restore Task Manager, Regedit and Folder Options Disabled by Virus… !!

Let’s face it. All of us have been infected by virus before. Even if you have anti-virus installed, you can still be infected by a new or custom virus that is not recognized by your anti-virus. Sometimes after removing the virus completely from our system, you’ll face new problems such as you can no longer bring up Windows Task Manager from CTRL+ALT+DEL. You get the error message saying “Task Manager has been disabled by your administrator”….

You think that it’s easy to fix this problem by going to Registry Editor but you can’t! You get the error message “Registry editing has been disabled by your administrator”.

Folder Options and even Show Hidden Files & Folder is disabled! How frustrating! Don’t worry, here’s how to restore your Windows Task Manager, Registry Editor, Folder Options and Show hidden files & folders.

This problem is most commonly caused by a virus called “Brontok”. Brontok virus will make some changes to the system restrictions in order to hide itself from easy detection and also from easy cleaning.

Here’s a free tool called Remove Restrictions Tool (RRT) which is able to re-enables all what the virus had previously disabled, and gives you back the control over your own computer.

Remove Restrictions Tool is able to re-enable:
- Registry Tools (regedit)
- Ctrl+Alt+Del
- Folder Options
- Show Hidden Files

Small and easy to use. Make sure you boot in to Safe Mode to use Remove Restrictions Tool (RRT). Just click on the buttons and it’ll do it’s job.

Click Here to download

Safe Computing

.