Tag Archives: harmful

Scareware Not Swine Flu – An Epidemic Nevertheless!

Cyber crooks are continuing to develop and distribute “rogue software”, also known as “scareware’,  at a furious pace; there are literally thousands of variants of this type of malware currently circulating on the Internet.

Unless you have had the bad experience of being trapped by this type of malicious software, you may not even be aware that such a class of software even exists. The average computer user that I speak with informally, has no idea that rogue applications even exist.  But they do, and distribution has now reached virtual epidemic proportions on the Internet.

It’s all about the money:

Rogue software is software that uses malware, or malicious tools, to advertise or install itself. After the installation of rogue software, false positives; a fake or false malware detection warning in a computer scan, are a primary method used to convince the unlucky user to purchase the product.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection, in many cases, virtually impossible to find and remove.

As well, the installation of such malware can lead to a critically disabled PC, or in the worst case scenario, allow hackers access to important personal and financial information.

(Current Internet infections – courtesy of Panda Security)

The highest rated articles on this Blog, in the last 12 months, have been those associated with this type of malicious software. It’s easy to see why.

So how much money is really involved here? Lots -according to Panda Security, approximately 35 million computers are infected with scareware/rogueware each month (roughly 3.50 percent of all computers), and cybercriminals are earning more than $34 million monthly through rogueware attacks.

image

(An example of a current rogue security application)

Recently, a reader of this Blog made the statement “These people (cyber criminals), should stop doing this and get a real job”. The obvious answer to this of course is – this is their real job! How many jobs – a relatively easy job at that – could produce this type of income?

The following two examples taken from this Blogs readers’ questions, illustrate the consequences of becoming infected by rogue security software.

Victim #1What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you.

Victim #2I unfortunately fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody.

I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks.

(These two readers were responded to privately.)

If you become infected by this, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage. Computer technicians do not provide services at no cost, so be prepared for the costs involved.

If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so. The following removal solutions will be invaluable.

The individuals / companies, who wrote and developed these free tools, and who offer free removal advice, are to be congratulated for giving back, so freely, to the Internet community.

Without their generous efforts, those infected by rogue applications, would be faced, without the assistance of a professional, with the unenviable task of performing a complete system reinstall, with a strong probability of losing irreplaceable Hard Drive data.

Free resources:

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Scareware Not Swine Flu – An Epidemic Nevertheless!

Filed under Don't Get Scammed, Don't Get Hacked, Firefox Add-ons, Free Anti-malware Software, Free Security Programs, Freeware, Internet Explorer Add-ons, internet scams, Malware Advisories, Online Safety, Panda Security, Rogue Software, Rogue Software Removal Tips, Scareware Removal Tips, Software, System Security, Windows Tips and Tools

Caution – Trend Micro’s HouseCall Spoofed

The Internet is increasingly like the Wild West – at least the Wild West we’re use to seeing portrayed in the movies.

The strong, fast with a six shooter, secure tough hombres (read – informed), survive; while the weak, the insecure and the unarmed, (read – uninformed), get their butts kicked. Once again we have a situation where this scenario is likely to play out.

In the last six months or so, I have focused primarily on Internet security issues on this Blog, with a particular emphasis on the massive number of rogue security applications flooding the web.

Since not all security scanners are equal, or 100% effective, I have recommended, in a number of articles, that online scanners are a viable alternative to installed malware scanners as a double check to ensure computer systems are free of malware infections. One of the scanners I have always recommended is, Trend Micro’s HouseCall.

Cyber-criminals, not satisfied with exploiting installable malware scanners, are now trying to exploit Trend Micro’s free online scanner HouseCall. The uninformed Internet user is, once again, the primary target of these cyber-criminals.

According to  Trend Micro, a surfer using a search engine such as Google, with a search string such as, “free online virus scan by Trend Micro”, can end up on a spoofed version of  HouseCall by clicking the link returned by Google. Not surprisingly, the spoofed site informs users their computers are infected with malware, and then teases them to purchase a fake anti-virus application in order to remove the fake threat.

Regular visitors to this site are aware of the substantial threat posed by rogue security application. For more information on this issue, checkout “ Rogue Security Software on the Rise – What You Need to Know Now!” on this site.

Trend Micro advises all users to go to their website home page directly for product information and services, instead of clicking on links to individual pages brought up by search engines. This advice should, in fact, be followed for all searches.

5 Comments

Filed under Don't Get Hacked, Interconnectivity, internet scams, Malware Advisories, Online Safety, Online Spyware/Virus Scanners, Rogue Software, Safe Surfing, Spyware - Adware Protection, System Security

Rapid Antivirus – Four Removal Solutions

The cyber criminals who develop and release “rogue security software” are still at it, and continue to flood the Internet with their parasitic applications.

According to the Sunbelt Blog, from Sunbelt Software, the developers of one of the best anti-malware tools available, CounterSpy antispyware software, Rapid Antivirus “is a new rogue security product from the “SpywareNo” family”.

(Click pic for larger)

Just like all rogue security applications, Rapid Antivirus is an application that uses malware, or malicious tools, to advertise or install itself. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does, and it has now reached virtual epidemic proportions on the Internet.

Luis Corrons, technical director of PandaLabs, recently stated that “more than 30 million users have been infected by this new wave of fake antivirus programs”.

Like most parasitic applications, this particular rogue security software’s installer is often found on adult websites, or it can be installed manually from rogue security software websites like RapidAntivirus.com.

Quick Tip: If you had installed WOT (Web of Trust), an Internet Explorer/FireFox add-on, which provides protection against questionable or unsafe websites, you would have seen the following dropdown transparent warning curtain, triggered on visiting RapidAntivirus.com.

After the installation of Rapid Antivirus be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, Rapid Antivirus was developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find and remove.

As well, the installation of such malware can lead to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

(Click pic for larger)

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats. Nevertheless, it is critically important that your Anti-malware programs definition database is always kept current.

An additional safeguard is, ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

If you are a victim of Rapid Antivirus, the following removal solutions will be invaluable. The individuals/companies, who wrote and developed these free tools, are to be congratulated for giving back, so freely, to the Internet community.

Without their generous efforts, those infected by rogue applications, would be faced with the unenviable task of performing a complete system reinstall, with a strong probability of losing irreplaceable Hard Drive data.

Rogue application removal solutions are freely available at:

Bleeping Computer is a web site where help is available for many computer related problems, including the removal of this rogue software.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications. As well, you can download Malwarebytes Anti-Malware application, a superior anti-malware program.

Rogue Fix at Internet Inspiration.

14 Comments

Filed under Anti-Malware Tools, Firefox Add-ons, Free Security Programs, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety, internet scams, Malware Advisories, Manual Malware Removal, Online Safety, Rogue Software, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Rogue Security Software – It’s All About the Money!

Cyber crooks are continuing to develop and distribute “rogue security software”, at a furious pace; there are literally thousands of variants of this type of malware circulating on the Internet.

Unless you have had the bad experience of installing this type of malicious software, you may not even be aware that such a class of software even exists. But it does, and it has now reached virtual epidemic proportions on the Internet.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. After the installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are a primary method used to convince the unlucky user to purchase the product.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find and remove.

As well, the installation of such malware can lead to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

(Current Internet infections – courtesy of Panda)

The highest rated articles on this Blog, in the past few weeks, have been those associated with this type of malicious software. It’s easy to see why.

According to Luis Corrons, technical director of PandaLabs, “more than 30 million users have been infected by this new wave of fake antivirus programs”. This begs the question – why infect Internet users’ computers in this way?

Money – and lots of it. As Corrons explains “extrapolating from an average price of €49.95, we can calculate that the creators of these programs are receiving more than €11 million (U.S. $15 million), per month”

(An example of a rogue security application – click image for larger view)

Recently, a reader of this Blog made the statement “These people (cyber criminals), should stop doing this and get a real job”. The obvious answer to this of course is – this is their real job! How many jobs – a relatively easy job at that – could produce this type of income?

The following two examples taken from this Blogs readers’ questions, illustrate the consequences of becoming infected by rogue security software.

Victim #1What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you.

Victim #2I unfortunately fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody.

I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks.

If you are a victim of Rogue Security Software, the following removal solutions will be invaluable. The individuals/companies, who wrote and developed these free tools, are to be congratulated for giving back, so freely, to the Internet community.

Without their generous efforts, those infected by rogue applications, would be faced with the unenviable task of performing a complete system reinstall, with a strong probability of losing irreplaceable Hard Drive data.

(An example of a rogue security application – click image for larger view)

Rogue applications removal solutions are freely available at:

Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.

Rogue Fix at Internet Inspiration.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue security software:

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications where exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Antivirus and anti-spyware are not the only rogues, and fake popup warnings are not the only method of attack– read “Have Your PC Running Like New — Not!” on TechPaul’s site, for a great post on other methods cyber criminals use to infect unwary users’ computers.

1 Comment

Filed under Anti-Malware Tools, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Free Security Programs, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety, internet scams, Malware Advisories, Manual Malware Removal, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, trojans, Viruses, Windows Tips and Tools

Get a Risk Analysis of Your Running Processes – ProcessScanner Free

Do you ever wonder about the processes running on your computer? Do you wonder if your anti-malware applications have caught all of the dangerous adware/viruses/Trojans that your computer has been exposed to, as you surfed cyberspace? Do you ever wonder if your machine is as speedy as it could be, or as stable as it needs to be?

Most anti-malware applications have a good, but far from a perfect record of preventing/detecting/removing malware. Since there is no perfect anti-malware application it’s important to be aware of the processes and services that automatically run in the background on your computer. Checking these occasionally, can help you in preventing unwelcome surprises down the road.

Because I’m a security freak, justifiable so I think, I’m always interested in any new tool that can assist me in keeping my machines free of harmful, or potentially harmful, processes or services.

ProcessLibrary.com (a Microsoft Gold Certified Partner), the company that offers what has often been called the world’s leading and most definitive process listing service available for Windows users, recently released ProcessScanner. This small executable not only scans your Windows computer for all running processes, but in addition tells you what’s running, what each process is associated with, and most importantly, a risk analysis of each process.

For example, do you have isass.exe running on your machine? Well if you do, your machine is infected with the Optix.Pro virus which carries in its payload, the ability to disable firewalls and local security protections, as well as a backdoor capability. ProcessScanner will advise you to disable and remove isass.exe immediately.

The information ProcessScanner provides you with can be useful in a number of ways. For example, I continuously notice on machines running XP Professional particularly, the large number of unnecessary processes or services that load on startup, which add limited or no functionally to the specific computer. You might be surprised to find the same situation on your computer where unnecessary processes/services are hogging your system resources and slowing down your computer.

This free service from ProcessLibrary.com can help you determine which of these you can turn off. However, be careful in turning off services. Turn off the wrong one(s), and you may find that you are unable to boot your machine. Spend some time on the Internet investigating which services are safe to turn off, or better yet read, Speedup Your PC – Turn Off Unnecessary Services in XP, on this Blog.

You won’t be alone in trying to determine how to proceed on any specific issue you are unsure of; ProcessLibrary’s forum contains plenty of help and information for new users.

Quick facts:

· No installation required

· Portable device compliant

· Fast scan time

· Identification of all running processes

· Threat level of all processes

· Free

If you’re like me, and you are always looking for additional applications to add to your security toolbox, or you are simply curious about what’s happening behind the scenes on your machine, then I highly recommend you download this program.

Processlibrary.com has been recommended by, amongst others, The Washington Post, USA Today, Yahoo and PC Magazine’s Top 100 Classic Websites.

Download at: processlibrary.com

3 Comments

Filed under Anti-Malware Tools, Freeware, Software, System File Protection, System Process Scanners, System Security, System Utilities, Utilities, Windows Tips and Tools

Rogue Security Software On The Rise – What You Need to Know Now!

If the day should ever come when anti-malware applications achieve a 100% effective rate in the detection of malware, or software developers develop operating systems and applications that are fully malware resistant, I’ll have to find something else to Blog about! It doesn’t look like that day is likely to happen soon however. In the meantime many of us will continue to download and test/tryout the latest, greatest, and newest anti-malware tools.

Knowing this, Cyber crooks will continue to develop and distribute “rogue security software”. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. Often, after installation on a system, an attempt is made to force users to pay for removal of nonexistent spyware. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

After installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are the primary method used to convince the unlucky user to purchase the product. After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

Another warning message typical of rogue anti-spyware software is as follows: “System has detected a number of active spyware applications that may impact the performance of your computer. Click the icon to get rid of unwanted spyware by downloading an up-to-date anti-spyware solution”.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove WinAntiSpyware/WinAntiVirus, SpyAxe, VirusBlast, VirusBursters, as well as a number of other rogue applications.

Download from MajorGeeks.com

An absolute must is to make sure that the security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.

Some current rogue software includes:

  • AntiVirGear
  • AntiVirusGold
  • Cleanator
  • DriveCleaner
  • EasySpywareCleaner
  • InfeStop
  • Malware Alarm
  • PCSecureSystem
  • PestTrap
  • SpyAxe
  • Spydawn
  • Spylocked
  • SpySheriff
  • SpySpotter
  • Spyware Quake
  • Spyware Stormer
  • Spy-Rid
  • System Live Protect
  • UltimateCleaner
  • VirusHeat
  • VirusProtectPro
  • WinAntivirus2006
  • WinFixer

Always remember of course, that you are your greatest line of defense against malware. STOP. THINK. CLICK

19 Comments

Filed under Anti-Malware Tools, Internet Safety, Internet Safety Tools, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, System Security, Windows Tips and Tools