Tag Archives: F-Secure

Ransom Trojan KDV.153863 – Call Me, Pay The Fee, And I’ll Unlock Your Kidnapped Windows System

imageRansomware is a vicious form of malware, given that that it generally encrypts the victim’s files, or restricts the user’s ability to access the computer in some way. Payment of a ransom fee is the commonality in all ransomware attacks.

According to F-Secure, a new form of ransomware (KDV.153863), which reportedly locks the victim’s computer, leaving the machine essentially unusable, is currently circulating on the Internet .

An infection by KDV.153863 will lead to the following boot screen.

image

Graphic courtesy of F-Secure – click to expand.

In line with previous versions of this type of malware, an unlock code can be had (ostensibly for free), by following a set of specific instructions.

The following graphic sets out the method to be followed by the victim to obtain an activation code. The activation code does, in fact, unlock the victim’s computer. Cybercriminals with a conscience, or just good business strategy?

image

Graphic courtesy of F-Secure – click to expand.

You’ll notice in the screenshot that all of the available telephone numbers are international, and it’s by way of this recovery construction that the cyber crook profits.

The Trojan author, collaborating with rogue call center operators, has designed a four minute message routine which the victim is forced to listen to while exorbitant long distance toll fees are being generated. Similar, in a sense, to the old 900 premium-rate telephone number scams  Apparently, these fees are shared between the cyber crook and the call center operators.

Following the forced four minute message routine, the victim is given an unlock code (1351236) which, according to F-Secure, appears to be the same every time the number is called.

We’ve been dealing with this type of malware, on and off, for years. If previous experience is any indication (and it is), we can expect to see more of this type of malware, in a more general release, through the balance of this year.

Reduce the possibilities of infection by this and other malware, by taking the following precautions:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data. If you are infected this may be your only solution

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure your anti-virus software scans all e-mail attachments

Don’t store critical data on the system partition

Adhering to the best practices, as noted above, is no guarantee that your system won’t be penetrated. All things considered, running your computer in virtualization mode, while surfing the Net, is highly recommended.

Please read Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price, on this site, for information on virtualization.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

12 Comments

Filed under Cyber Crime, Cyber Criminals, cybercrime, Don't Get Scammed, Don't Get Hacked, Internet Security Alerts, Malware Advisories, Malware Alert, Ransomware, Software, trojans, Windows Tips and Tools

Uninstalling and Installing AntiVirus Software…

Antivirus software are complex programs designed to identify, neutralize or eliminate malicious content that invade your computer. Many people over a period of time will change from one brand of antivirus software to another. Antivirus software is big business and today there are many flavors and options available.

For example; there are (3)-three “FREE (for personal use)” reputable antivirus packages that are widely recognized (see below). I prefer any one of these over the major brand antivirus software packages due they are light on system resources, and are not bloated. As a matter of fact, I cannot remember ever having a commercial (paid for) version of an antivirus program on any of my computers at home.

avast

antivir

avg

The points of this article is to educate you to the fact that there are FREE antivirus software options available and that follow-up research may be required to “completely” uninstall (remove) antivirus software from your system in the event you desire to install another antivirus program.

Antivirus software, when running on your system, is hooked into many areas (i.e. registry, file system, resident memory, etc…) and uninstalling it can leave debris behind that can cause other systemic issues.

Antiviruses are like viruses; they can be hard to get rid of… To prove my point, I researched (9)-nine antivirus programs and found that every one of them had supplemental removal instructions or tools, in addition to following the typical Add/Remove console process found in Windows.

I have listed the sites below for convenience and reference. During this research I also found that locating this information was often buried deep in their sites and was not readily accessible.

Antivirus Programs – Uninstall Information & Links

Norton Removal Tool – The Norton Removal Tool uninstalls all Norton 2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton SystemWorks 12.0 from your computer. If you use ACT! or WinFAX, back up those databases before you proceed.

McAfee Consumer Products Removal tool (MCPR.exe) – uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Avast! uninstall utility – Sometimes it’s not possible to uninstall avast! the standard way – using the ADD/REMOVE PROGRAMS in control panel. In this case, you can use our uninstallation utility aswClear.

Avira AntiVir – Normally the Avira Registry Cleaner removes all entries that were created by AntiVir. In this way, it prepares your system for the installation of a new AntiVir version.

BitDefender Uninstall Tool – There are two methods of uninstalling BitDefender from your computer: using the system tools and using the special uninstall tool provided by BitDefender.

Kaspersky’s Antivirus Removal Tool – Some errors might occur when deleting Kaspersky Anti-Virus product via Start > Control Panel > Add\Remove Programs. As a result the program will not be uninstalled or will be partially uninstalled. The removal tool is required to remove a variety of their products.

F-Secure Internet Security (and antivirus) – Should you decide to uninstall, F-Secure does not provide its own uninstaller. You must use the Microsoft uninstaller found in Add and Remove Programs within the Command Console. After a reboot we found no Registry files, but we did find several program and log files in an F-Secure directory tree on the root drive.

Trend Micro Antivirus – Trend Micro Support to remove Trend Antivirus plus AntiSpyware from my computer?

AVG – Open the directory with AVG Free Edition installed in and run the SETUP.EXE file or download the current installation file of AVG Free Edition from here and run it to start installation process. A window with following options will be displayed during the installation process: Add/Remove Components, Repair installation or Uninstall.

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC.

6 Comments

Filed under Anti-Malware Tools, Free Security Programs, Freeware, Software, Uninstall Managers, Uninstall Tools, Utilities, Windows Tips and Tools

Uninstalling and Installing AntiVirus Software…

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC.

Antivirus software are complex programs designed to identify, neutralize or eliminate malicious content that invade your computer.  Many people over a period of time will change from one brand of antivirus software to another.  Antivirus software is big business and today there are many flavors and options available.

For example; There are (3)-three “FREE (for personal use)” reputable antivirus packages that are widely recognized (see below).  I prefer any one of these over the major brand antivirus software packages due they are light on system resources, and are not bloated.   As a matter of fact, I cannot remember ever having a commercial (paid for) version of an antivirus program on any of my computers at home.

Avast

Avira AntiVir

AVG

The points of this article is to educate you to the fact that there are FREE antivirus software options available and that follow-up research may be required to “completely” uninstall (remove) antivirus software from your system in the event you desire to install another antivirus program.

Antivirus software, when running on your system, is hooked into many areas (i.e. registry, file system, resident memory, etc…) and uninstalling it can leave debris behind that can cause other systemic issues.  Antiviruses are like viruses; they can be hard to get rid of…  To prove my point, I researched (9)-nine antivirus programs and found that every one of them had supplemental removal instructions or tools, in addition to following the typical Add/Remove console process found in Windows. I have listed the sites below for convenience and reference.  During this research I also found that locating this information was often buried deep in their sites and was not readily accessible.

Antivirus Programs
Uninstall Information & Links

Norton Removal Tool – The Norton Removal Tool uninstalls all Norton 2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton SystemWorks 12.0 from your computer. If you use ACT! or WinFAX, back up those databases before you proceed.

McAfee Consumer Products Removal tool (MCPR.exe) – uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Avast! uninstall utility – Sometimes it´s not possible to uninstall avast! the standard way – using the ADD/REMOVE PROGRAMS in control panel. In this case, you can use our uninstallation utility aswClear.

Avira AntiVir -Normally the Avira Registry Cleaner removes all entries that were created by AntiVir. In this way, it prepares your system for the installation of a new AntiVir version.

BitDefender Uninstall Tool – There are two methods of uninstalling BitDefender from your computer: using the system tools and using the special uninstall tool provided by BitDefender.

Kaspersky’s Antivirus Removal Tool – Some errors might occur when deleting Kaspersky Anti-Virus product via Start > Control Panel > Add\Remove Programs. As a result the program will not be uninstalled or will be partially uninstalled.  The removal tool is required to remove a variety of their products.

F-Secure Internet Security (and antivirus) – Should you decide to uninstall, F-Secure does not provide its own uninstaller. You must use the Microsoft uninstaller found in Add and Remove Programs within the Command Console. After a reboot we found no Registry files, but we did find several program and log files in an F-Secure directory tree on the root drive.

Trend Micro Antivirus –  Trend Micro Support to remove Trend Antivirus plus AntiSpyware from my computer?

AVG – Open the directory with AVG Free Edition installed in and run the SETUP.EXE file or download the current installation file of AVG Free Edition from here and run it to start installation process. A window with following options will be displayed during the installation process: Add/Remove Components, Repair installation or Uninstall

4 Comments

Filed under Anti-Malware Tools, Antivirus Applications, Don't Get Hacked, Free Security Programs, Freeware, Interconnectivity, Secure File Deletion, Software, Spyware - Adware Protection, System Utilities, trojans, Viruses, worms