Monthly Archives: January 2009

SysAntivirus 2009 – Removal Instructions

Blender2 A local musician friend of mine, Jim Cope, who is a reasonably computer savvy user, was commenting this morning on the avalanche of rogue security software currently descending on unaware Internet users.

We happened to be discussing one of the most recent and sophisticated rogue security applications we are now forced to deal with – SysAntivirus 2009. As Jim so succinctly put it “It’s easy to be bitten by a dog like that”.

He’s right – unfortunately. SysAntivirus 2009 can be installed on a computer system without any action on the part of the user.

Delivery methods used by this parasite include Trojans, and Internet Browser security holes. It can also be downloaded voluntarily, from rogue security software websites from “adult” websites.

sysantivirus2009

Once installed this parasite can impact a computer in a number of ways including changing Internet browser settings, connecting to the internet, delivering adware, disguising itself to remain hidden from the user, and running as a background process.

The objective of SysAntivirus 2009, which is the objective of all Rogue Security Software, is to convince the victim to pay for the “full” version of the application in order to remove what are, in fact, false positives that this program is designed to display on the infected computer in various ways, including fake scan results, pop-ups and system tray notifications.

Rogue Security Software unfortunately, is generally very sophisticated and can write itself into multiple parts of the operating system, and in many cases, it can hide its files, registry entries, running process and services, making the infection difficult to find, and extremely difficult to remove.

If you are a victim of SysAntivirus 2009, or other Rogue Security Software, the following removal solutions will be invaluable.

Removal Solutions:

Bleeping Computer is a web site where help is available for many computer related problems, including the removal of this particular rogue software.

Malwarebytes, a very reliable anti-malware company, has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

You will also have the option of downloading the free version of Malwarebytes’ Anti-Malware, (I recommend that you do so), a highly rated anti-malware application which is capable of removing many newer rogue applications, including SysAntivirus 2009.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications including the removal of SysAntivirus 2009.

Please note: A high degree of computer operating system knowledge is a prerequisite to the successful removal of SysAntivirus 2009, as it is with the removal of any Rogue Security Software. If you lack this experience, it would be preferable that you enlist the aid of a computer savvy friend, or a professional.

Despite using any, or all, of the recommended tools, you may find that SysAntivirus 2009 is still resident on your system. This is possible due to the number of variations involved with this malware. In such a case, reformatting of the Hard Drive and a clean installation of the operating system may be the only alternative.

Comments Off

Filed under Anti-Malware Tools, Don't Get Hacked, Freeware, Geek Software and Tools, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Rogue Software, System Security, trojans, Windows Tips and Tools

SpySkype.C Trojan Wants to Talk to You!

Panda Security’s weekly report on viruses and intruders (1/30/2009) provides details on a recently discovered Skype Trojan classified by Panda as SpySkype.C. The initial objective of this malware is to steal the user’s login details.

According to Panda, the Trojan achieves its ends by convincing the user that a new Skype plug-in, Skype-Defender has been loaded onto the potential victim’s computer. As is common with this type of parasite, user action is then required to complete the infection.

Skype 1

Following the acceptance of the installation of the Trojan, users are instructed to enter their user name and password on a spoofed web page which are then transmitted to the malware’s author.

Skype 2

Luis Corrons, Technical Director of PandaLabs, explains the ultimate objective of the SpySkype.C Trojan is to use the newly infected account to spam the victims Skype contacts through the messaging service. According to Corrons “these messages can include a copy of this malware, or a different example of malware”.

To keep ahead of malware threats, go to Panda Security’s malware information site. For additional information on Skype scams read TechPaul’s Skype — “Windows Requires Immediate Attention”.. Not!

4 Comments

Filed under Don't Get Hacked, Interconnectivity, Malware Advisories, Skype, trojans, VOIP, Windows Tips and Tools, worms

Valentines Day Spam – You’ve Been Warned!

Valentine gif Ah, the power of love!

In real life love can leave you with a broken heart. In Internet life (not that it’s not “real”) love can leave you with a broken heart, a broken wallet, and much more likely, now that Valentines Day is almost upon us, a broken computer.

It’s time once again to be on the lookout for Valentine’s Day spam, and to be particularly cautious this year, of any emails that contain the subject line words “Me and You,” “In Your Arms” and “With all my love”.

Unaware users who click on the embedded link contained in these spam emails will be rewarded by having their computer infected with the Waledec Storm worm. As an added reward, the worm will gather email addresses stored on the victims machine and attempt to infect the relevant computers.

valentines day 3

(Click pic for larger)

Researchers at many of the major security vendors believe, this year’s spam campaign is being brought to us by the same folks who used the Storm botnet in both 2007 and 2008, to flood the Internet with Valentine’s Day spam.

It’s estimated that this year, 8 per cent of “romantic” emails, or one in every 12 emails, is likely to contain malware.

You know what to do, right?

Install WOT (Web of Trust), an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites, and as a bonus, offers protection against questionable or unsafe links in your email. For more information on this impressive security add-on please read “Love WOT And It Will Love You Right Back!”, on this site.

Don’t open emails that come from unknown sources.

Don’t click on any links included in email messages, even though they may come from reliable sources. Instead, type link in the address bar.

Don’t run attached files that come from unknown sources; especially these days.

Stay alert for files that claim to be Valentine’s greeting cards, romantic videos, etc.

Make sure you have an effective security solution installed, capable of detecting both known and new malware strains.

1 Comment

Filed under Anti-Malware Tools, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety, Internet Safety for Children, Malware Advisories, Online Safety, Software, Spyware - Adware Protection, System Security, trojans, Viruses, Windows Tips and Tools, worms

Recover Damaged CD/DVD Data – Free CD Recovery Toolbox

damaged_cd So how many coasters do you have that started life as critical backup CD/DVD’s, or the CD/DVD’s that you entrusted to store a lifetime of photo memories? Well if you’re like most of us, you may have more than one.

As a long term file storage medium, CD/DVD’s are, in effect, all-purpose, durable and, generally inexpensive. The difficulty in relying on this storage medium however is; they aren’t always as reliable as we sometimes seem to think.

Recently, I experienced CD failure when testing a system using a special boot CD called, “The Ultimate Boot CD”, which ironically failed to boot despite the decisiveness of its name.

There I was stuck with an unreadable CD; but being the “geeky” kind of guy that I am, and having been through similar situations in the past, I’ve learned to double up on all my diagnostic tools. Later, I confirmed that the unreadable CD had not been burned correctly – the deadly “bad burn”.

So you’re not alone in turning what you may consider to be, unusable/unreadable CD/DVD’s into expensive coasters. But there is a solution that can help you to recover damaged data that you may have considered unrecoverable. Stepping into the picture is CD Recovery Toolbox, a free CD/DVD file recovery tool.

cdrecovery_page03normal

(Click pic for larger)

This small, free application was designed to recover damaged files on CD, DVD, HD DVD, and Blu-Ray disks. It can recover files that have been lost as a result of physical damage to the disk, (scratches, chips, and so on), or as a result of a bad or inaccurate recording.

The program scans damaged CD and DVD disks and produces a listing of files and folders on the media, which it can recover. Be aware however, that depending on the degree of damage, there may be files that the application cannot recover.

In testing this product’s file recovery ability on a severely scratched and chipped disk, I’m happy to say that it recovered 934 files out of a total of 936, that Windows could not read, and it did this in less than 2 minutes

Data recovery is generally a complex process, but even beginners will have an easy time with this application based on it’s step-by step wizard, which makes the use of the tool very simple and convenient.

I have read a number of unrealistic complaints from some users, who have noted this application is “slow” at recovery. Instead of being thankful that a free application such as this can in fact recover what would normally be unrecoverable, and perhaps irreplaceable data, they whine and complain. Here’s some advice for those users – give your head a shake, and learn to be thankful!

Quick facts:

Recovers files/folders from CD and DVD’s

Recovers files larger than 4 GB

Detects lack of free space on the designated storage hard drive

System Requirements: Windows 98/ME/2K/XP/2K3/Vista

Download at: Download.com

6 Comments

Filed under CD/DVD Recovery Tools, CD/DVD Tools, Freeware, Geek Software and Tools, Software, Utilities, Windows Tips and Tools

SUPERAntiSpyware Free Edition – Layered Malware Defense

stolen-laptop SUPERAntiSpyware – the name says it all. In a world of hyperbole, exaggeration, overstatement, and embellishment the SUPER, in this case, means just that.

Given the increasing number of Trojans, Spyware, Virus’, Phishing Scams, Identity Theft Scams, and other threats we now face, there is no one anti-malware tool that is likely to identify and remove all of this rogue malware that infests the cyber world. So to ensure maximum safety, it’s important to have layered defenses in the ongoing fight against system infection.

The free edition of SUPERAntiSpyware (last updated December 31, 2008), is an excellent choice, as a secondary line of defense in this battle. This free version of the award winning program, with its easy to employ interface, is used by millions of people worldwide to protect their computers.

SuperAntispyware 1

(Click pic for larger)

While SUPERAntiSpyware is well known for its high malware detection rate, it has not in the six months I have been testing it, discovered anything which the other anti-spyware programs, that I use have not found. This speaks to the high quality of many competing anti-malware applications, and not to any short comings in SUPERAntiSpyware.

A simple, intuitive, and easy to use interface makes SUPERAntiSpyware straightforward to setup, customize and run, for both less experienced and expert users alike.

One extra feature in this anti-malware product caught my attention however; a repair function which allows the user to recover settings frequently wrecked by malware, and which are often not recoverable despite removal of the malware process. These settings include Internet connections, lost desktops, the ability to edit the registry and frustratingly, access to the task manager.

SuperAntispyware 2

(Click pic for larger)

Since SUPERAntiSpyware does not provide real time protection against infection, like many free versions of anti-malware programs, I would not recommend then, that you use this free version of SUPERAntiSpyware as a stand alone security application since it simply will not offer you adequate protection. Instead, use it only as an on-demand canner.

Despite this real-time protection shortcoming in the free version, SUPERAntiSpyware deserves its reputation as a first class security application, and it’s definitely worth considering adding to your security toolbox as a secondary line of defense.

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, SUPERAntiSpyware is very well priced at $29.95 US.

SuperAntispyware 3

(Click pic for larger)

Fast facts:

High malware detection rate

Small footprint and low resource usage

Easy to setup, customize and run

Custom scanning of hard drives, removable drives, memory, registry, and more

Detects and removes spyware, adware, malware, Trojans, dialers, worms, keyloggers, rootkits and hijackers

Free for personal use

Prevents potentially harmful software from installing or re-installing (paid version only)

Examines over 50 critical system points on start up and shuts down (paid version only)

System Requirements: Windows 98, 98SE, ME, 2000, XP, Vista or Windows 2003

Download at: Download.com

Alternative free anti-malware applications reviewed, and downloadable, on this site:

Spyware Doctor Starter Edition

Spyware Doctor Starter Edition from PC Tools is an excellent choice, as a secondary line of defense. This free version of the award winning program, with its easy to use interface, is used by millions of people worldwide to protect their computers; it’s reported there are a million+ additional downloads every week. Be aware however, there is no real-time protection offered with this version and this is the reason I recommend this application as a secondary scanner only.

Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats. If anything, I find it perhaps a little overly aggressive. On the other hand, better this than the alternative.

AVG Anti-Virus Free Edition

AVG Anti-Virus Free now incorporates protection against spyware through a new combined anti-virus and anti-spyware engine as well as a “safe-searching component” which has been incorporated into the new AVG Internet Security Toolbar. This program scans files on access, on demand, and on schedule and scans email incoming and outgoing. I recently added this application to my Windows 7 (beta) machine, and to this point it has performed flawlessly.

Malwarebytes’ Anti-Malware

Malwarebytes’ Anti-Malware is an excellent choice, as a secondary line of defense. The free version of this speed demon (it’s faster at scanning than any anti-malware program I’ve tested in the last 2 years), with its easy to employ interface, is used by millions of people worldwide to protect their computers.

8 Comments

Filed under Anti-Malware Tools, Antivirus Applications, Don't Get Hacked, Freeware, Software, System Security, trojans, Viruses, Windows Tips and Tools, worms

Downloading Fake/Rogue Software Hurt$

Being a member of the Blogging community has a major upside. It allows me to have direct contact with a great many other Internet users; many more than I would have the opportunity to communicate with, in any other way.

One of the benefits is the real life issues that other users are dealing with, come to my attention quickly. Overwhelmingly, these issues and experiences are positive, but given the current state of Internet security the negative issues that affect Internet users are an unavoidably part of the package.

Over the last year or so, I have written 40 or more articles concerning rogue security software. Here’s why.

adware 3 There is an epidemic of rogue security software on the Internet at the moment; much of it using social engineering to convince users’ to download an unsafe rogue security application.

Rogue security software uses malware, or malicious tools, to advertise or install itself on an unaware user’s computer. After installation, false positives; fake or false malware detection warnings in a computer scan, is the primary method used to convince the unlucky user to purchase the product.

After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

To make matters worst, the installation of rogue security software frequently leads to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

So what does this mean to real people; people like you and me? Let me share with you the following factual stories on the impact that rogue software has on people, brought to my attention by the very people who have been victimized:

Victim #1 - “What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you”.

Victim #2 - “Unfortunately I fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody, and I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks”.

banking1

If you are a new computer user or relatively inexperienced on the Internet then the following recommendations are for you.

A good partial solution to the problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application, RogueRemover to help you remove rogue software and to help keep you safe and secure.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

The following recommendations are repeated particularly for new or inexperienced users.

What you can do to reduce the chances of infecting your system with rogue security software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

4 Comments

Filed under Anti-Malware Tools, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Freeware, Geek Software and Tools, Interconnectivity, Internet Safety, Malware Advisories, Online Safety, Rogue Software, Software, Spyware - Adware Protection, System Security, Viruses, Windows Tips and Tools

Monster.com Hacked – Irresponsible Response

monster OK, so let’s say your Doctor’s (substitute a professional of your choice), office was burglarized and all medical records, including yours, were stolen.

Your Doctor, nice guy that he is, didn’t want to cause you unnecessary anxiety, so he didn’t advise you that your confidential records were now out in the wild blue.

Can’t, or won’t happen, you’re thinking. Think again.

Monster.com, a web site that bills itself as the “world’s leading career network” is a web site used by people looking for a new job. Information required to register with the site includes, user IDs and passwords, email addresses, names, phone numbers, and some basic demographic data.

According to Patrick Manzo of Monster Worldwide, Monster.com suffered a database penetration (sometime this month – no date given), during which “certain contact and account data were taken”. So let me rephrase that for you – Monster was hacked and personal information stolen.

Simply put – if you have an account with Monster.com, your confidential information is now freely available to the vast hoards of cyber criminals who trade in this currency.

Your minimum expectations, if you are registered with Monster.com, should be that you would be notified of such a serious breech. Not too much to expect, I would suggest.

But no, Monster’s view is, since there is no direct evidence of misuse of the stolen information (yet), a small notice of this occurrence posted on their main page is sufficient notice. No other notification that your personal information is now at risk. Bizarre!

Note to Monster: Hey, don’t worry about this massive penetration of your data base – these cyber criminals just dropped in to have a look around your obviously under protected database environment.

Your attitude flies in the face of reality. Get real! You obviously need to be dragged, kicking and screaming into the real world of cyber crime.

As a consequence of this penetration, if you are a Monster.com customer, you need to do the following at once:

Change your password for ALL your accounts, not just Monster.com.

Be on guard against “phishing” fraudulent emails, and fraudulent telephone calls in the near term.

It’s not very often that I’m struck speechless by the shenanigans pulled by some of the larger Internet entities but this one; well it’s just too calculated, too condescending, too….. too damn stupid!

3 Comments

Filed under Application Vulnerabilities, Don't Get Hacked, Interconnectivity, Internet Safety, Malware Advisories, Networking, Online Safety, Privacy, Spyware - Adware Protection, System Security, Windows Tips and Tools