Smokey's Security Weblog

veritas odium parit

AQMRB – Alliance of Qualified Malware Removal Boards™

I am really pleased to announce that a new Security Alliance is born: AQMRB – Alliance of Qualified Malware Removal Boards™.

Aim of the Alliance is, to provide the user searching for malware remove help with the best available and fully qualified services to remove malicious content from his PC, this all free of charge. Only boards that satisfy an extensive list with demanded qualifications/demands can apply for AQMRB membership, all applications will be thoroughly reviewed and evaluated, this with the aim that only fully qualified boards can join the Alliance.


AQMRB is an Alliance of fully qualified Malware Removal Boards.

AQMRB main aim is to serve customers searching and asking for malware removal help in the best possible way.

AQMRB guarantee free professional malware removal help to non-commercial users.

AQMRB boards offer malware removal help solely provided by staff that are trained and graduated at acknowledged malware removal schools/universities.

AQMRB is a non-profit, volunteer network of independent Malware Removal Boards, and is not affiliated with any organisation.

General Info

More info about the Alliance can be found here: AQMRB
Boards that have the intention to join the Alliance are invited to look at the home page of AQMRB for demanded qualifications.

On behalf of AQMRB,

Smokey, Founder

July 18, 2010 Posted by | Anti-Spyware, Anti-Virus, Bundleware, Malware, News, Phishing, Recommended External Security Related Links, Toolbarware | , , , , , , , , | Leave a comment

CNET’s offer rogue Anti-Spyware for download

Surprising to me, and probably with me most blog readers, is the fact that CNET’s, property of CBS Interactive, offer rogue/malicious programs for download.

Regular blog visitors will remember the two articles I wrote past week about Intelinet Internet Security of well-known scammer Cashier Myricks, a malicious program advertised as  “Award Winning Spyware Remover” and “acknowledgements of the software by security experts”.

In the meanwhile it should be clear to everyone that Intelinet Internet Security is a rogue Anti-Spyware Program and therefore have to be rated as Malware. It is very surprising that CNET “apparently” isn’t informed about that piece of malware and stick determined to the download offer. I write “apparently” because I am informed that CNET is warned by several readers that the program is malicious, besides I informed today CNET’s Editor in Chief Scott Ard via an email. An so called “return to sender email”…

Well, I have now some curious questions to CNET:

1. Are all available downloads approved before download release?
2. If the answer is no, how will be guaranteed that all downloads are trustable?
3. Is there a CNET QA Department, and, if yes, what are the efforts of that department to keep the download archive clean?

The fact that CNET still offer Intelinet Internet Security for download let raise another question: how many other malicious programs are offered by CNET? Till we have a satisfying elucidation from CNET I can only advise: to protect your PC and all data on it, don’t download anything from their download archive. The software can be contaminated.

In case CNET need a review of my recent Intelinet Internet Security articles, here you go:

December 31, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links | , , , , , , , , , , | 5 Comments

New kind of malicious software could pose a danger to Windows users who download music files on peer-to-peer networks

A new kind of malicious software could pose a danger to Windows users who download music files on peer-to-peer networks.

The new malware inserts links to dangerous Web pages within ASF (Advanced Systems Format) media files.

“The possibility of this has been known for a little while but this is the first time we’ve seen it done,” said David Emm, senior technology consultant for security vendor Kaspersky Lab.

If a user plays an infected music file, it will launch Internet Explorer and load a malicious Web page which asks the user to download a codec, a well-known trick to get someone to download malware.

The actual download is not a codec but a Trojan horse, which installs a proxy program on the PC, Emm said. The proxy program allows hackers to route other traffic through the compromised PC, helping the hacker essentially cover their tracks for other malicious activity, Emm said.

The malware has worm-like qualities. Once on a PC, it looks for MP3 or MP2 audio files, transcodes them to Microsoft’s Windows Media Audio format, wraps them in an ASF container and adds links to further copies of the malware, in the guise of a codec, according to another security analyst, Secure Computing.

The “.mp3” extension of the files is not modified, however, so victims may not immediately notice the change, according to Kaspersky Lab.

“Users downloading from P2P networks need to exercise caution anyway, but should also be sensitive to pop-ups appearing upon playing a downloaded video or audio stream,” Secure Computing said.

Trend Micro calls the malware “Troj_Medpinch.a,” Secure Computing named it ” “Trojan.ASF.Hijacker.gen” and Kaspersky calls it “Worm.Win32.GetCodec.a.”

Source / full article: PCWorld Business Center

July 18, 2008 Posted by | Advisories, Alerts, Downloads, Malware, News, Recommended External Security Related Links | , , , , , , , , , , , , , , , , | Leave a comment

Free HJT/OTL (formerly OTListIt2) Log Analyzing and Malware Cleaning Services again available on Smokey’s

After a period of a closed HJT/OTL (formerly OTListIt2) Log Analyzing/Malware Cleaning Forum I am pleased to announce that from now on Smokey’s Security Forums offer again HijackThis & OTL Log Analyzing & Malware Cleaning related Support, Help and Advice.

This (free) help will only be provided by full qualified HJT/OTL Analyzers/Malware Hunters, this for reason of maintaining the high standards of my forums: Help and Support only by qualified people.

Update 2010-14-03: Guests allowed to post on Smokey’s for Log Analysis and Malware Removal help

April 25, 2008 Posted by | Advisories, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , , , , , , , , | Leave a comment