Thursday, July 9, 2015

New Internet Attacks NOW, Beware, PUA files Other Internet Issues-Breaking News

I see the internet attacks lasting until late Friday night I have seen this so many times. With hackers, wanna be hackers, pros, that want the internet freedom and speech gone, I have long said, this is a concerted attack and so I would say be on the alert Today and Friday night.

Or its the start of the kill switch, anything to take your PC down, and sale you stuff that makes it worse.

The information I gathered fast to post. This is a true, cyber alert hands down.

I was on my live email, and while emailing I had an active hack attack, web root stops this great software, and PC mag. number one choice again Web root is different, more live stop of on the moment hackers on my email, that was a first, flowed by 5 other attacks.


A potentially unwanted application (PUA) is a program that contains adware, installs toolbars or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks.

For this reason, ESET assigns such applications a lower-risk category compared to other types of malicious software, such as Trojan horses or worms. While installing your ESET product, you can decide whether to enable detection of PUAs, as shown below (Figure 1-1):

Search Tips
What is a potentially unwanted application or potentially unwanted content?
KB Solution ID: SOLN2629|Last Revised: May 19, 2015
Potentially unwanted applications

A potentially unwanted application (PUA) is a program that contains adware, installs toolbars or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks.

For this reason, ESET assigns such applications a lower-risk category compared to other types of malicious software, such as Trojan horses or worms. While installing your ESET product, you can decide whether to enable detection of PUAs, as shown below (Figure 1-1):

Figure 1-1
Click the image to view larger in new window



Warning–Potential threat found

When a PUA is detected, you will be able to decide which action to take. See Figure 1-2 for an example:

Disconnect: This option ends the action and prevents the potential threat from entering your system.
No action: This option allows a potential threat to enter your system.
To allow the application to run on your computer in the future without interruption, click Show Advanced Options and select the check box next to Exclude from detection.

Search Tips
What is a potentially unwanted application or potentially unwanted content?
KB Solution ID: SOLN2629|Last Revised: May 19, 2015
Potentially unwanted applications

A potentially unwanted application (PUA) is a program that contains adware, installs toolbars or has other unclear objectives. There are some situations where a user may feel that the benefits of a potentially unwanted application outweigh the risks.




These settings can be modified in your program settings at any time. Click your ESET product version below for more
When a PUA is detected, you will be able to decide which action to take. See Figure 1-2 for an example:

Disconnect: This option ends the action and prevents the potential threat from entering your system.
No action: This option allows a potential threat to enter your system.
To allow the application to run on your computer in the future without interruption, click Show Advanced Options and select the check box next to Exclude from detection.

Warning:

Potentially unwanted applications may install adware, tool bars, or contain other unwanted and unsafe program features.

Figure 1-2
Potentially unwanted applications–software wrappers

A software wrapper is a special type of application modification that is used by some file-hosting websites. It is a third-party tool that installs the program you intended to download but adds additional software, such as tool bars or adware. The additional software may also make changes to your web browser’s home page and search settings. Also, file-hosting websites often do not notify the software vendor or download recipient that modifications have been made and do not easily allow opting out of modification. For these reasons, ESET classifies software wrappers as a type of PUA to allow users to accept the download or not.
I was given a PUB.file a few and all not good. Found where you do not want to find worms, infections. Worse the registry, next the Window/system 32, ouch not good.

I noticed things started going wrong when I re loaded skype it alone has 4 such PUB files not happy with skype and clearly shows less privacy and the D.O.D. cyber dept. Is collecting everything, so be that, so what. I have started to use a search engine. called start page the best, filters out all traces, can go on line with no name, IP detection as I.P can be changed often this helps.

Get ready this happened last Dec to Feb very hard took our network down. Now with the DSL line, faster can use anytime same price, but more attacks odd, keep aware cyber attacks from whoever, is on the rise, I see it everyday, and not able to sign into certain websites as data width to small, so yes, it has already started last year and many people have posted on this.

Sp cyber attack day or days be alert, clean your PC, do back ups and learn how to keep your PC up and running.

More information.


Potentially Unwanted Applications and You-By By Adam McNeil

PUA’s (Potentially Unwanted Applications) are often nuisance applications which serve little purpose other than using your computer as a gateway for online advertisements or as a catalyst to deliver annoying applications that may pester you to the point where you want to throw your computer out a window. Anti-Malware companies usually have pretty weak detection of these types of programs and have generally failed to protect their customers’ computers from this sort of bloatware. As a result, countless users have to suffer through agonizing pains of pop-up windows, webpage redirects, search redirects, and sometimes even bluescreens just to try and get their daily TMZ fix.

The problem from an Anti-Malware point-of-view stems from the fact that many of these types of PUA applications could have legitimate uses for some people who choose to install the software. Some people may enjoy the fact that their Google search results are redirected to some no-name search company (that often still uses Google results anyway) and that advertisements are inserted into their browser window all in exchange of being able to use that email smiley program for free. But the reality is, most people who obtain software in such a way have no interest in all the redirects, pop-up’s and advertisements. They simply want their smileys – which leads to the second problem.

People don’t read what appears on the screen!

If users of such downloaded software would often just read the dialogue windows that appear, they would see that a combination of a few carefully selected ratio boxes would usually allow them to obtain their much-desired smiley program without obtaining all the garbage that comes along with it.

From a malware research perspective, it’s downright impossible to determine the intent of all the users of a software product. If we know that a certain application is being distributed via a deceptive download manager, but also, know some people use that same product for their own personal benefit, it becomes a difficult task in trying to make a determination whether or not to advise removal of the software in question. Many of us grew up in an era where the folk who were knowledgeable with computers would advise novice users to “download a program and just click next, next, next, until it is installed”. People learned the behavior of not reading and just clicking. (SouthPark devoted an entire episode to this exact issue) So I guess it should only be expected that people who have a financial motivation to install software to your computer have capitalized on this fact.

Take example the image to the left. This particular download manager attempts to install at least 5 different applications (We cut the image by 1 screen for the sake of saving space). After all the applications have been installed, our home page and search results were redirected. Advertisements were inserted to our browser windows and plugins were added to the browsers themselves. Simply reading the screen and clicking the ‘Decline’ button would have thwarted almost all of those unwanted behaviors.

Cases like what are shown above are usually quite easy to make a determination. We’ve previously written about many different campaigns that were distributing Potentially Unwanted Applications. If you wish, you can read about some recent campaigns here:

Other cases are a bit more vague, and making a determination on these types of installations is not so easy. We’re not setting out to write a blog post where we call-out reputable software vendors who bundle software with their products for the sole purpose of trying to earn a few dollars, but we would like to point out a recent example which has come to our attention and which highlights the difficulty we face when trying to make determinations within the PUA category.

We have recently been provided a WinZip installer that we are flagging as PUA.Open.Install. The file in question writes files to the computer system identified as OpenInstall. Users who downloaded this particular Winzip wrapper were not presented with any sort of opt-out mechanism and after installation the users have software related to the security vendor AVG installed to their machine, plus have their homepage redirected without consent or authorization. (Please note that we don’t detect any of the WinZip or AVG files as PUA, simply the download wrapper.)

The MD5 in question can be seen from the following VirusTotal page:


And Alternate way to get rid of this;


Spigot “PUP.Optional.Spigot.A” Removal Guide

Spigot is an Potentially Unwanted Program (PUP.Optional.Spigot.A) also detected as (Adware.Spigot) that displays ads by Spigot, advertisement banners and sponsored links within Internet Explorer, Firefox and Google Chrome. The Spigot adware is bundled with certain free software that primarily installs to your computer with or without your permission and knowledge. When the Spigot adware is installed on your computer, it will display underlined words that will show pop up advertisements and other unwanted ads in your browsers. Also pop-ups with fake updates of your browser, Adobe FlashPlayer and Java, are a well known problem of the Spigot adware. And these pop-ups can be a risk to become infected with other malware.

As already mentioned, this type of adware is bundled with free software downloaded from Softonic, Cnet, Brothersoft and similar download sites. While installing certain free programs that may contain additional software (adware, it is important that you pay attention to the End User License Agreements (EULA), and the installation procedure. When you have the possibility of an Custom or Advanced installation option, it is a good idea to select these as they will typically disclose what other (unwanted) software will also be installed.

When the Spigot adware is installed on your computer without your knowledge, it is not easy to remove. Usually, there is a Uninstall Program entry that uninstalls Spigot from your computer, but mostly there are still many remnants behind of the adware that causes problems. In this case, you need to use the specialized tools found in this removal guide to cleanup your computer. To remove this adware from your computer and cleanup the installed browsers, please use the Spigot removal guide below.

Spigot “PUP.Optional.Spigot.A” Removal Guide

This adware removal guide provides guidance on how to remove adware and Potentially Unwanted Programs (PUP’s) from your computer. Potentially Unwanted Programs is a general name of any doubtful program, including browser hijackers, malicious browser extensions, spyware, that tries to damage a computer, steal personal data, or perform other such malicious behavior.

Because the instructions to remove any adware related program from Internet Explorer, Firefox and Google Chrome are the same, they are located on a separate page on this website. Click on one of the links above, to read the complete manuals with instructions to remove any malicious browser extension, hijacked start page from your browsers.
1. Uninstall Spigot from Windows Control Panel

Go to Start > Control Panel > Programs > Uninstall a Program.
Now you will see a screen to uninstall or change a program.
Search for the name of the ‘Spigot’ and click on Uninstall/Change.


On the next screen, you need to confirm the uninstall process follow these steps to remove this program from your computer.
Click OK to proceed with the removal process of the program.

2. Remove Spigot with AdwCleaner-OK free download, use and eleta will look into ths one.


Download AdwCleaner (from the download button above) to your desktop.
Important! Before starting AdwCleaner, close all open programs and internet browsers.
Double click on AdwCleaner.exe to start the program
Windows Vista/ 7/8 users right-click and select Run As Administrator.
Click on the scan button,
When the scan is ready click on the Clean butten.


Your desktop icons will be disappear, this is normal so don’t be worry about that.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
Close the text file that opens after the restart, double click on adwcleaner.exe to run the tool.
Click now on Uninstall, then confirm with yes to remove AdwCleaner from your computer.

3. Remove Spigot with Malwarebytes Anti-Malware

Malwarebytes Anti-Malware (MBAM) is a surprisingly effective anti-malware program that let you check the presence of malware. But Malwarebytes has also a very strong detection of Potentially Unwanted Programs (PUP’s), only the PUP detection will show up unchecked on the results list by default. You have to manually check them for removal.

Tip: If you want more advanced features and the real-time protection you can purchase the full version of Malwarebytes Anti-Malware that will protect you from being infected.

I always used Malwarebytes, alway a top pick, of late, no matter how you instal it, it installs even if you decline the free paid trial, it fowls up everything, to bad. Super ant-spyware very good, antivirus Webroot, AVG, others.


Download Malwarebytes Anti-Malware (from the download button above) to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware
Then click Finish. If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is Checked (ticked) and click on Remove Selected.
You can use the right mouse button to check the ‘Check all items‘ option before you click on Remove Selected


When removal is completed, a log report will open in Notepad.
If you accidentally close it, the log is automatically saved and can be viewed by clicking the Logs tab.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
After the restart in Normal mode, start Malwarebytes Anti-Malware again and perform a Quick scan to verify that there are no remaining threats.

That is the information I quickly gathered as I know when Internet attacks hit, always day on a certain day, like Today Thursday July 9, maybe into Friday as said take precautions and get your PC running smother with checks, always once a month, def rag the hard drive, get rid of un used software look in programs all for these folders not always easy to find and many times has a file.dll or other that stops the full removal.

Its a big hassle when you minister on line.

Note, most do not know this IT fact. When you do a virus or maleware scan, sign out and sign in to admitted user account, this is where most are, and most people get false readings running a scan under administrator, the low level user is how they invade the most, do that one thing, change to low level user, scan, no help, do it again in safe mode, safe mode is different, but finds it all, also disconnect to the internet, and disable the ant virus while running anti malware, and reverse.
Hope this IT bit helps some.


No comments:

Post a Comment

No Troll , Moles, Or Holes LOL.no links to product or service