Rogue Security Software Continues It’s Rampage – Some Solutions

If the day should ever come when anti-malware applications achieve a 100% effective rate in the detection of malware, or software developers develop operating systems and applications that are fully malware resistant, I’ll have to find something else to Blog about!

It doesn’t look like that day is likely to happen any time soon, however. In the meantime, Internet users will continue to download and test/tryout the latest, greatest, and newest anti-malware tools. Knowing this, Cyber crooks are blitzing the Internet with “rogue security software”, often referred to as “scareware”.

Scareware is a particularly vicious form of malware, designed specifically to convince the victim to pay for the “full” version of an application in order to remove what are, in fact, false positives that these program are designed to display on the infected computer in various ways; fake scan results, pop-ups, and system tray notifications.

Dialogue boxes, like the ones below, can be a powerful motivator. It’s no wonder then, that unaware computer users will often respond by clicking on the link which will take them to the product download site.

Using techniques such as the ones described earlier, cyber criminals are infecting more than 35 million computers with scareware/rogueware each month (roughly 3.50 percent of all computers), and earning more than $34 million monthly, through scareware attacks.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is  – ensure you have installed, and are running, an anti-malware application such as ThreatFire Version 4.7.0, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

Additional steps you can take to reduce the chances of infecting your system with rogue software.

Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.

Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.

Install an Internet Browser add-on such as WOT (Web of Trust), an Internet Explorer/Firefox add-on, that offers substantial protection against dangerous websites.

Always remember of course, that you are your own greatest line of defense against malware. STOP. THINK. CLICK.

If you are infected by scareware/rogueware, the following free resources can provide tools, and advice, you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Scareware is Destroyware – Not Just Malware

Scareware is a particularly vicious form of malware, designed specifically to convince the victim to pay for the “full” version of an application in order to remove what are, in fact, false positives that these program are designed to display on the infected computer in various ways; fake scan results, pop-ups, and system tray notifications.

According to Panda Security, approximately 35 million computers are infected with scareware/rogueware each month (roughly 3.50 percent of all computers), and cybercriminals are earning more than $34 million monthly, through scareware attacks.

Delivery methods used by these parasites include Trojans, infected websites, misleading advertisements, and Internet Browser security holes. They can also be downloaded voluntarily, from rogue security software websites, and from “adult” websites. As one of my friends put it “It’s easy to be bitten by a dog like that”.

The average computer user that I speak with informally, has no idea that rogue applications exist. But they do, and cyber crooks are continuing to develop and distribute scareware at a furious pace; there are literally thousands of variants of this type of malware currently circulating on the Internet. It’s fair to say; distribution has now reached virtual epidemic proportions.

Having watched the development and deployment of scareware over the last few years, and having noted the increasing sophistication of the current crop of scareware applications, I have come to the realization that scareware removal instructions have limited value, except perhaps, for the most technically sophisticated computer user. A reformat and a system re-install, are more than likely in the cards.

Yes, I know, there are literally hundreds of sites that will walk you through the process of attempting to eliminate this type of scourge, but simply put – if your computer becomes infected with the current scareware circulating on the Internet, you are, in most cases, wasting your time attempting to save your system.

If you doubt this, take a look at Trojan War Resolution: The Battle Won, in which Larry Walsh of eWeek, describes a three day marathon system recovery attempt which was ultimately successful, but…..

The best advice? Have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

If you have become infected by scareware, and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools, and advice, you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.

Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.

Install an Internet Browser add-on such as WOT (Web of Trust), an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

XP Antivirus 2010 is Back – Removal Instruction

Back in the day (the mid 1960’s), I heard an old time College Football coach (Darryl Royal, of the University of Texas Longhorns) say, in answer to a question concerning his plans for an upcoming game, “we’ll dance with who brung us”.

What he meant was, he would continue to go with the players, and plays, that had contributed to a winning season. Or, to put it more succinctly – success breeds success.

Cyber criminals, particularly those responsible for the rogue software/scareware application, XP Antivirus, have learned this lesson well. XP Antivirus is back, and is running rampant on the Internet at the moment; having morphed from previous versions we had to deal with in 2008, and 2009.

Of all the rogue security applications released to date, and there have been thousands of them, this particular one has been the most successful for the criminal developers.

I first wrote on this scourge in 2008, and in the interim period, that specific article has been read 130,000+times. In the last week or so, I was surprised to see this older article, suddenly jump to the top of the daily read chart.

This shift in popularity, coupled with a number of readers reporting having to deal with infections caused by XP Antivirus 2010, convinced me to cover the scareware issue once again.

Just like its predecessor, XP Antivirus 2010 installer can be found on adult websites, salacious news sites, or it can be installed manually from rogue security software websites.

After the installation of XP Antivirus 2010 be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, XP Antivirus 2010 was developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

If the full program fee is not paid, XP Antivirus 2010 continues to run as a background process incessantly reporting those fake or false malware detection warnings. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool.

XP Antivirus 2010 Removal Instructions:

If you have become infected by XP Antivirus 2010, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools and the advice you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security app

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.

Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites.

As a form of added protection, you should consider running in a virtual environment while connected to the Internet. To find out what this means to your overall security, and to download a free virtual software application, please read “Download Free Returnil Virtual System 2010 Home”, on this site.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Nightmare Scareware – Be Prepared

Scareware, otherwise known as “rogue security software”, is the stuff of nightmares.

Scareware is a particularly vicious form of malware, designed specifically to convince the victim to pay for the “full” version of an application in order to remove what are, in fact, false positives that these program are designed to display on the infected computer in various ways; fake scan results, pop-ups and system tray notifications.

Delivery methods used by these parasites include Trojans, infected websites, misleading advertisements, and Internet Browser security holes. They can also be downloaded voluntarily, from rogue security software websites, and from “adult” websites. As one of my friends put it “It’s easy to be bitten by a dog like that”.

The average computer user that I speak with informally, has no idea that rogue applications exist. But they do, and cyber crooks are continuing to develop and distribute scareware at a furious pace; there are literally thousands of variants of this type of malware currently circulating on the Internet. It’s fair to say; distribution has now reached virtual epidemic proportions.

One of my Internet friends runs a specialized site, 411 Spyware , that deals specifically with malware removal advice, and virtually every day, she posts an article on a newly discovered scareware application.

Scareware is designed to continue to load on boot up, and will then generate its fake or false malware detection warnings. Even if the victim is tricked into paying for the “full” version, scareware will continue to run as a background process, incessantly reporting those fake or false malware detection warnings we talked about earlier. Over time, this type of software will essentially destroy the victim’s computer operating system, making the machine unusable.

While it’s true that reputable anti-spyware software is often capable of detecting rogue software if it attempts to install, this is not always the case. Anti-malware programs that rely on a definition database can frequently be behind the curve in recognizing the newest threats.

It’s all about the money:

So how much money is involved here? Lots – according to Panda Security, approximately 35 million computers are infected with scareware/rogueware each month (roughly 3.50 percent of all computers), and cybercriminals are earning more than $34 million monthly through scareware attacks.

At a personal level, I have heard some horrendous stories from readers where the common thread has been the debiting of their credit cards, multiple times, by the cyber-criminals responsible for the distribution of scareware.

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

Consider the ramifications carefully before responding to a Windows Security Alert pop-up message. This is a favorite vehicle used by rogue security application to begin the process of infecting unwary users’ computers.

Be cautious in downloading freeware, or shareware programs. Spyware, including scareware, is occasionally concealed in these programs. Download freeware applications only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications, since exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on, that offers substantial protection against dangerous websites.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Infected by Scareware? Get Your Wallet Out!

Downloading Fake/Rogue Software Hurt$

Scareware, rogue software, destroyware, call it what you will – if you become infected, you are in for a frustrating, time consuming, and in many cases, an expensive experience.

There are literally thousands of these applications currently in the wild blue, just waiting for the unaware computer user to fall into the trap. It’s such a lucrative business for cybercriminals, that we are now dealing with a virtual epidemic of this type of malware.

Most of these rogue application  use social engineering to convince users’ to download this type of unsafe application, and let’s face it – a dialogue box that states “WARNING! Your computer is infected with spyware! – Click here to remove it!”, is a powerful motivator for many unaware computer users. But here’s the catch – clicking on the OK button starts an infection process by rogue security software. It’s as simple as that!

After installation, false positives; fake or false malware detection warnings in a computer scan, and the promise to remove them, is the primary method used to convince the unlucky victim to purchase the product.

It’s a scam of course; but to make matters worst, the installation of rogue security software frequently leads to a critically disabled PC, or in the worst case scenario, allows hackers access to important personal and financial information.

An example of a rogue security application getting ready to pounce.

If you become infected by scareware then get your money out. Your wallet is going to take a hit – maybe two.

The following factual stories, brought to my attention by the very people who have been victimized, will point out the frustration, and the expense, of having to deal with a rogue software infection.

Victim #1 – “What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you”.

Victim #2 – “Unfortunately I fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received.

It was a nightmare trying to get in touch with anybody, and I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received.

Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks”.

Having watched the development and deployment of scareware over the last two years, and having noted the increasing sophistication of the current crop of scareware applications, I have reluctantly come to the conclusion that scareware removal instructions have limited value, except perhaps, for the most technically sophisticated computer user.

The best advice? Have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

However, if you have become infected by scareware, and you want to try your hand at removal, then by all means give it a try. There are literally hundreds of sites that will walk you through the process of attempting to eliminate this type of scourge, but the following sites are among the best I’ve found, at providing the tools, and the advice, you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix – available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

The following recommendations are repeated (particularly for new or inexperienced users), on what steps can be taken to reduce the probability of having to deal with a rogue software infection.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Scareware? Maybe (Destroyware? Definitely)

So, you picked up a “scareware” infection. Should you, as the name implies, be “scared”? In my experience, scared doesn’t really cut it, nor does shocked, or alarmed. No, horrified is perhaps the best way to describe that sinking feeing that occurs following a scareware infection. You’ll see why.

While it may be true that this type of malware, otherwise known as “rogue security software”, is scary, it is so much more than that. A more accurate name for this parasitic infectious software is “destroyware”, since the effect it has on a victim’s system is just that.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection virtually impossible to find and remove without causing operating system damage.

Once infected by this type of malware, the chances of a safe system recovery are essentially non-existent. The installation of such malware invariable leads to a critically disabled PC. A reformat and a system re-install, are more than likely in the cards. (A good reason to have multiple partitions on your Hard Drive).

Yes, I know, there are literally hundreds of sites that will walk you through the process of attempting to eliminate this type of scourge, but simply put – if your computer becomes infected with the current scareware circulating on the Internet, you are, in most cases, wasting your time attempting to save your system.

If you doubt this, take a look at “My scareware night and how McAfee lost a customer”, in which the author (Larry Dignan of ZDNet), describes a system recovery attempt which was ultimately successful, but…..

The best advice? Have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage.

If you have become infected by scareware (rogue software), and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools and advice you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix – available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Scareware Not Swine Flu – An Epidemic Nevertheless!

Cyber crooks are continuing to develop and distribute “rogue software”, also known as “scareware’,  at a furious pace; there are literally thousands of variants of this type of malware currently circulating on the Internet.

Unless you have had the bad experience of being trapped by this type of malicious software, you may not even be aware that such a class of software even exists. The average computer user that I speak with informally, has no idea that rogue applications even exist.  But they do, and distribution has now reached virtual epidemic proportions on the Internet.

It’s all about the money:

Rogue software is software that uses malware, or malicious tools, to advertise or install itself. After the installation of rogue software, false positives; a fake or false malware detection warning in a computer scan, are a primary method used to convince the unlucky user to purchase the product.

Rogue security software can write itself into multiple parts of the operating system, and in many cases it can hide its files, registry entries, running process and services, making the infection, in many cases, virtually impossible to find and remove.

As well, the installation of such malware can lead to a critically disabled PC, or in the worst case scenario, allow hackers access to important personal and financial information.

(Current Internet infections – courtesy of Panda Security)

The highest rated articles on this Blog, in the last 12 months, have been those associated with this type of malicious software. It’s easy to see why.

So how much money is really involved here? Lots -according to Panda Security, approximately 35 million computers are infected with scareware/rogueware each month (roughly 3.50 percent of all computers), and cybercriminals are earning more than $34 million monthly through rogueware attacks.

(An example of a current rogue security application)

Recently, a reader of this Blog made the statement “These people (cyber criminals), should stop doing this and get a real job”. The obvious answer to this of course is – this is their real job! How many jobs – a relatively easy job at that – could produce this type of income?

The following two examples taken from this Blogs readers’ questions, illustrate the consequences of becoming infected by rogue security software.

Victim #1 – What do you do if you were duped into buying the XP Antivirus software? Should I take any precautions such as canceling credit card and/or email passwords etc.? Is my home edition of avast! 4.8 Antivirus enough to keep me safe from bogus and/or rogue software???? Please help…my computer is my life! Thank you.

Victim #2 – I unfortunately fell for the “virus attack” after trying to remove it, gave in and bought the XPAntivirus. They charged me not only for what I had bought but charged me again, $ 78.83 for something which I hadn’t ordered, nor ever received. It was a nightmare trying to get in touch with anybody.

I finally connected with a guy with an accent, who told me to E-mail the billing service re: my problem. I wrote them tried to call, it’s been a week, and they still won’t contact me to clarify what occurred. I printed off a purchase order from them when I bought the XP which verifies what I received. Anybody know what state their in, I’ll notify the states attorneys office. These people are crooks.

(These two readers were responded to privately.)

If you become infected by this, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage. Computer technicians do not provide services at no cost, so be prepared for the costs involved.

If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so. The following removal solutions will be invaluable.

The individuals / companies, who wrote and developed these free tools, and who offer free removal advice, are to be congratulated for giving back, so freely, to the Internet community.

Without their generous efforts, those infected by rogue applications, would be faced, without the assistance of a professional, with the unenviable task of performing a complete system reinstall, with a strong probability of losing irreplaceable Hard Drive data.

Free resources:

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Total Security 2009 Scareware – Panda Security Takes a Look

Courtesy of Panda Security.

This week’s PandaLabs report looks at Total Security 2009, yet another
example of the many fake antiviruses in circulation.

This type of malware passes itself off as legitimate software applications in order to steal users’ money by tricking them into believing that they will eliminate threats that actually do not exist.

Once installed on the target computer

Total Security displays a warning indicating that the computer is at risk.

Then, it simulates a system scan reporting a series of infections in order to scare users into buying the antivirus solution.

On finishing the scan, Total Security displays a screen offering a solution to the
user’s problem.  The solution consists of activating the fake antivirus.

However, to activate the product, users must pay a fee to the anti-malware vendor. After this, users receive a code they must enter in the program.

Once they do this, the malicious application stops displaying warnings about
threats. This aims to make users believe they have actually bought an antivirus product, whereas, in reality, no infection has been removed and users are not protected against threats.

Total Security installs on computers just as if it were a legitimate security solution. It creates a shortcut in the desktop, another one in the program directory of the Start menu and a third one in the Add or Remove Programs section.

This malware can reach users in a variety of ways: through links in spam messages, downloaded from a malicious Web page, etc. Once run, the
program launches the installation process.

More information about these and other malicious codes is available in
the Panda Security Encyclopedia. You can also follow Panda Security’s online activity on its Twitter and PandaLabs blog.

If you become infected by this, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage. Computer technicians do not provide services at no cost, so be prepared for the costs involved.

If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools and the advice, you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Infected by Scareware? You’re Toast!

Regular readers of this site may well have wondered why I have not dealt with the issue of so called “scareware” removal, in some time.

Frankly, articles dealing with the removal of scareware generate huge numbers of hits. Often, a single article dealing with the newest form of scareware, and how to eradicate it from an infected system, will produce 1,000 + hits in a day on this site.

So what’s the problem then; why not write about it – bloggers love to get loads of hits, right? Well yes, bloggers do like to get loads of hits, so that’s not a problem. The problem is whether or not advice on how to remove scareware leads to a malware free system.

Having watched the development and deployment of scareware over the last two years, and having noted the increasing sophistication of the current crop of scareware applications, I have come to the conclusion that scareware removal instructions have limited value, except perhaps, for the most technically sophisticated computer user. I’m not fussy on having to give up 1,000 + hits a day, but……

While it may be true that this type of malware, otherwise known as “rogue security software”, is scary, it is so much more than that. A more accurate name for this parasitic infectious software is “destroyware”, since the effect it has on a victim’s system is just that.

Once infected by this type of malware, the chances of a safe system recovery are essentially non-existent. The installation of such malware invariable leads to a critically disabled PC. A reformat and a system re-install, are more than likely in the cards.

Yes, I know, there are literally hundreds of sites that will walk you through the process of attempting to eliminate this type of scourge, but simply put – if your computer becomes infected with the current scareware circulating on the Internet, you are, in most cases, wasting your time attempting to save your system.

If you doubt this, take a look at Trojan War Resolution: The Battle Won, in which the author (Larry Walsh of eWeek), describes a three day marathon system recovery attempt which was ultimately successful, but…..

The best advice? Have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage. Computer technicians do not provide services at no cost, so be prepared for the costs involved.

If you have become infected by scareware (rogue software), and you want to try your hand at removal, then by all means do so.

The following free resources can provide tools and advice you will need to attempt removal.

Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.

411 Spyware – a site that specializes in malware removal. I highly recommend this site.

Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.

SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

What you can do to reduce the chances of infecting your system with rogue software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

Additional precautions you can take to protect your computer system:

When surfing the web: Stop. Think. Click

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all email attachments

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

You’re in Luck – Perfect Defender 2009 License Key

Since this site gets so many Google hits from surfers looking for a free license key for Perfect Defender 2009 – more than 150 in the last few days alone, I just had to write this article.

If you ended up on this site looking for this free key, let me tell you – you’re damn lucky.

Here’s the scoop:

Perfect Defender 2009 is a rogue security application, and like all rogue security applications, Perfect Defender 2009 is a master at using Trojans, and fake advertising, to convince Internet users to install this rogue application.

The objective of Perfect Defender 2009, which is the objective of all Rogue Security Software, is to convince the victim to pay for the “full” version of the application in order to remove what are, in fact, false positives that this program is designed to display on the infected computer in various ways, including fake scan results, pop-ups and system tray notifications.

Rogue Security Software unfortunately, is generally very sophisticated and can write itself into multiple parts of the operating system, and in many cases, it can hide its files, registry entries, running process and services, making the infection difficult to find, and extremely difficult to remove.

If you have installed this parasitic application then you need to read Perfect Defender 2009 – 3 Removal Solutions, on this site.

One last thing: those individual who attempt to cheat software developers and distributors of their justified earnings, deserve everything they get – including massive malware infections!

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.