Mabezat removal

Mabezat is the most angry, vicious and smart I have ever seen (yet). It is a virus (not a Trojan and not a spyware) it DOES infect EXE files along with .MSI files and executables inside archives. The executable infected is not destroyed but will cause a full infection before it is started in any PC.
Continue reading “Mabezat removal”

Virus infection prevention tips.

Today’s viruses and worms are much smarter than they used to be,

Back in time with the start of Windows Xp, you could get infected by “Sasser” just by allowing an active Internet connection to stay connected.

Today most of the vulnerabilities are fixed, but you still can make mistakes that will ruin your computer for a long time.

Here are some tips that you can keep in mind to avoid getting infected.

1.When using Internet explorer, never install ActiveX plugins when you are asked to do so by the yellow bar on top on a website, never open no matter how much you trust the website is and no matter how much they tease you by not allowing you to view contents until you install, even if they say its a gift from your dead mother. The only exception is the flash player and the java virtual machine, and still you should get them from their original websites.

2. If someday you had to download an EXE using any torrent client. you should assume in mind a 50 50 probability that the file is infected. what you can do if you would die without that file is to scan it with an updated antivirus AND do the following trick: install winrar . if you don’t already have it installed and then right click the downloaded exe. if you see “Extract Here” and “open with winrar”

winrar to detect malwares
winrar to detect malwares

select open with winrar (you are not risking anything as long as you dont double click the file). you should see 2 exe files packed together one is MAY BE what you need and the other is a bundled Trojan malware.

3. Flash disks and portable hard disks are a MAJOR virus carrier and most of the widely spread viruses such  as  W32/Mabezat-A Win32. are spread by them. If you really had to insert a suspicious flash disk in your computer do the following:

  • Hold the shift key before you insert the disk and keep holding while you insert it and until the disk is fully recognized by the computer.
  • open “My computer” but don’t double click the disk yet, notice the driver letter for the disk.
An infected USB flash disk
An infected USB flash disk
  • write the driver letter followed by : in the address bar (if you think you are smart just by right clicking a selecting open, think again!). and hit enter.
  • to unhide viruses in the infected disk (assuming your computer is not yet infected do the following):
  • select “Run” from the start menu and type “cmd”
  • on the DOS prompt write the driver letter for your disk H: in the example.
  • write: attrib *.* -h -s -r
  • hit enter. and quickly see open the “my computer” window we used to open the disk.
  • If your disk is infected you should be able to see your cute viruses in the form of one or several exe files and one autorun.ini file DELETE THEM ALL.

4. Never open email attachments from people you don’t know, and never open suspicious attachments (exe, cmd, com, swf,vbs).

5.never install any toolbar for your explorer, you don’t need them believe me! if your life depended on it you can download the google toolbar.

6.avoid using file sharing software (Emule, shareaza, etc) as I read a while ago “They are a problem waiting to happen”.

Feel free to comment me if you disagree with any of the above.