Tag Archives: Spyware Warrior

WistaAntivirus LIES! – Fake Anti-malware Software

Recently, a reader of this Blog commenting on the epidemic of rogue security software infesting the Internet had this to say “We are being protected from the terrorists in the sky. When are we going to get protected from terrorists on the internet??????  It is getting out of hand, and no one is getting arrested for ripping off the consumer.  These people are sick and need to get a real job!” Ripping you off though, is their real job, and a very lucrative one at that!

Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does; and regrettably, as this reader points out, it is becoming more widespread.

In the last few days, the cyber criminals behind the creation of WinDefender 2008 have morphed this parasitic rogue security software application into WistaAntivirus. So now we have one more software parasite to add to the epidemic of rogue security software infesting the Internet.

A rogue security application like WistaAntivirus is an application that uses malware, or malicious tools, such as the ZLOB or Vundo Trojan, to install itself on the victim’s computer. Like many dangerous applications of this type, WistaAntivirus is usually found on free download sites, and adult websites. Or it can be installed from rogue security software websites, using Trojans or manipulating Internet browser security holes.

After the installation of WistaAntivirus be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, WistaAntivirus was developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

If the full program fee is not paid, WistaAntivirus continues to run as a background process incessantly reporting those fake or false malware detection warnings. Over time, this type of software will essentially destroy the victim’s computer operating system, making the machine unusable.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs), can be behind the curve in recognizing the newest threats. Nevertheless, it is critically important that your Anti-malware programs definition database is always kept current.

An additional safeguard is, ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover (latest version released July 7th, 2008), will safely remove a number of rogue security applications.

SmitFraudFix available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

An absolute necessity is making sure that any security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.

What you can do to reduce the chances of infecting your system with rogue security software.

Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.

Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications where exposure to rogue security applications is widespread.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Do not click on unsolicited invitations to download software of any kind.

4 Comments

Filed under Anti-Malware Tools, Browser add-ons, Firefox Add-ons, Free Security Programs, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety, Internet Safety Tools, internet scams, Malware Advisories, Online Safety, Rogue Software, Software, Spyware - Adware Protection, System File Protection, System Security, Virus Repair Tools, Windows Tips and Tools

XP Antivirus Lies! – Fake Anti-malware Software

There seems to be an epidemic of rogue security software on the Internet at the moment; much of it using social engineering to convince users’ to download an unsafe product.

The message here is: do not click on unsolicited invitations to download software of any kind.

To expand on that point; you need to be sure that any security application you are considering installing on your computer is recognized as legitimate by industry experts. To do that, visit Spyware Warrior, an excellent web site that will advise you what products work and have a deserved reputation for quality performance.

Rogue security software such as XP Antivirus 2008, is software that uses malware, or malicious tools, to advertise or install itself. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does.

This particular rogue security software’s installer is usually found on adult websites, or it can be installed manually from rogue security software websites.

After the installation of XP Antivirus 2008 be prepared for false positives; fake or false malware detection warnings. As with all rogue security applications, XP Antivirus 2008 was developed to mislead unaware computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

If the full program fee is not paid, XP Antivirus 2008 continues to run as a background process incessantly reporting those fake or false malware detection warnings discussed earlier. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool.

There have been some reports indicating that XP Antivirus 2008 has the potential to capture and transmit personal and financial information, although this remains largely unverified.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis, to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover (latest version released May 30/08), will safely remove a number of rogue security applications.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

What you can do to reduce the chances of infecting your system with rogue security software.

  • Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
  • Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.
  • Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.
  • Do not click on unsolicited invitations to download software of any kind.

44 Comments

Filed under Anti-Malware Tools, Firefox Add-ons, Free Security Programs, Freeware, Interconnectivity, Internet Explorer Add-ons, Internet Safety Tools, internet scams, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Spyware - Adware Protection, System Security, Windows Tips and Tools

Don’t Download Advanced XP Fixer – Another Rogue Security App.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does.

Frequently, after installation on a system, an attempt is made to force users to pay for removal of nonexistent malware. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental including slowing down the computer drastically.

After installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are the primary methods used to convince the unlucky user to purchase the product. After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

Advanced XP Fixer (a clone of WinIFixer), is rogue anti-spyware software from Bakasoftware (Bakasoftware.com), which also operates under the name Pandora Software, that tricks users into installing the program and attempts to convince the user that the computer has been infected. Reportedly, Advanced XP Fixer can also be installed through Internet browser exploits, or by means of the Zlob or Vundo.Trojans.

When the program runs, a warning message appears indicating that the computer has been infected by malware. Subsequently, a screensaver launches which shows cockroaches eating the desktop.

As with all rogue security applications, Advanced XP Fixer was developed to mislead unaware computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application. If the full program fee is not paid, Advanced XP Fixer continues to display warning messages.

To complicate matters Advanced XP Fixer has the potential to reduce a computer’s performance by exploiting its resources, and may delete files and disable applications.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

A further resource worth noting is the Bleeping Computer web site where help is available for many computer related problems, including the removal of rogue software.

There seems to be an epidemic of rogue security software on the Internet at the moment; much of it using social engineering to convince users’ to download an unsafe product. So you must be sure, that any security application you are considering installing on your computer is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance, is Spyware Warrior.

2 Comments

Filed under Anti-Malware Tools, Free Security Programs, Freeware, Internet Safety, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Don’t Install PCAntiSpyware – Rogue Security Software!

One of the many things that being a member of the Blogging community permits me to do, is pass on critical information concerning new, or evolving, Internet security threats.

Often I am notified of these threats by readers who either email me directly, or by readers commenting on a particular article.

Such was the case this morning when I received a comment from Mark, a Blogger himself at mark-techwalker pointing out the dangers of PCAntiSpyware a cloned version of the rogue anti-spyware threat PCCleaner. You can read his article on how this virulent piece of malware infected his daughter’s machine on his Blog.

In researching this malware I have discovered that PCAntiSpyware is capable of hijacking the desktop, after it infects a computer, by way of web browser security holes. As well, it can be inserted onto a machine by a number of Trojan downloaders.

As with all rogue security applications, PCAntiSpyware was developed to mislead unaware computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application. Of course this application, since it is rogue software, can not detect or remove spyware.

Worse, PC-AntiSpyware has the potential to gather private and personal information from an infected machine. This could include passwords, credit card details, and other sensitive information.

As Mark pointed out in his comments, PC-AntiSpyware relies, to some extent, on social engineering to convince unaware users to install this very dangerous malware application. Remember that you are your own greatest line of defense against social engineering attempts. STOP. THINK. CLICK.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove WinAntiSpyware/WinAntiVirus, SpyAxe, VirusBlast, VirusBursters, as well as a number of other rogue applications.

An absolute must is making sure that the security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.

PCAntiSpyware quick facts:

  • Changes browser settings
  • Shows commercial advertising
  • Stays resident in background
  • Has the potential to steal private information

11 Comments

Filed under Anti-Malware Tools, Internet Safety, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Spyware - Adware Protection, System Security, Windows Tips and Tools

Don’t Download AntiSpywareMaster – Rogue Security Software!

Most of us go into curiosity mode when we surf the Internet. One of the keys to the success of the web is that it can, in fact, satisfy our curiosity about almost anything we can think of. Over time we have learned to satisfy this curiosity simply by a mouse click here, and a mouse click there.

So, if you were interested in anti-malware security software, (most surfers are), how likely is it that you would click on the following piece of advertising that states –

“AntiSpywareMaster guarantees your safety online proving reliable non-stop protection of your computer thanks to unique combination of features the most effective ones to ensure the best antivirus defense of PC. (Find out more)”. Given our web induced curiosity, the chances are that at least some surfers will click on this.

In reality however, if you had clicked on this particular ad you would have begun the process of infecting your computer with malware (AntiSpywareMaster) that in the end would attempt to convince you to spend $30 – $50 to remove false positives; fake or false malware detection warnings, that this program is designed to install on your machine.

AntiSpywareMaster, released within the last few days, is rogue security software that uses false advertising, (frequently on free download, Warez and porn websites), malware, or malicious tools, to install itself. As is usually the case with Rogue software, after installation, AntiSpywareMaster will attempt to force users to pay for removal of nonexistent spyware.

Luis Corrons, technical director of PandaLabs, the center of Panda Security’s technical support services, in describing AntiSpywareMaster states, “When we analyzed this malicious code we found a file containing information about the infections to display. So, seemingly, this anti-spyware already knows the malicious code it will detect, before it has even begun to scan the computer! Evidently, this is a malicious program”

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove WinAntiSpyware/WinAntiVirus, SpyAxe, VirusBlast, VirusBursters, as well as a number of other rogue applications.

An absolute must is making sure that the security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.

Some current rogue software:

· AntiVirGear

· AntiVirusGold

· Cleanator

· DriveCleaner

· EasySpywareCleaner

· InfeStop

· Malware Alarm

· PCSecureSystem

· PestTrap

· SpyAxe

· Spylocked

· SpySheriff

· SpySpotter

· Spyware Quake

· Spyware Stormer

· Spy-Rid

· System Live Protect

· UltimateCleaner

· VirusHeat

· VirusProtectPro

· WinAntivirus2006

· WinFixer

Always remember of course, that you are your greatest line of defense against malware. STOP. THINK. CLICK.

Share this post :

12 Comments

Filed under Anti-Malware Tools, Free Security Programs, Freeware, Interconnectivity, internet scams, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Rogue Security Software On The Rise – What You Need to Know Now!

If the day should ever come when anti-malware applications achieve a 100% effective rate in the detection of malware, or software developers develop operating systems and applications that are fully malware resistant, I’ll have to find something else to Blog about! It doesn’t look like that day is likely to happen soon however. In the meantime many of us will continue to download and test/tryout the latest, greatest, and newest anti-malware tools.

Knowing this, Cyber crooks will continue to develop and distribute “rogue security software”. Unless you have had the bad experience of installing this type of malicious software, you may not be aware that such a class of software even exists. But it does.

Rogue security software is software that uses malware, or malicious tools, to advertise or install itself. Often, after installation on a system, an attempt is made to force users to pay for removal of nonexistent spyware. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

After installation of rogue security software, false positives; a fake or false malware detection warning in a computer scan, are the primary method used to convince the unlucky user to purchase the product. After all, a dialogue box that states “WARNING! Your computer is infected with spyware! – Buy [XYZ] to remove it!” is a powerful motivator. Clicking on the OK button takes the user to the product download site.

Another warning message typical of rogue anti-spyware software is as follows: “System has detected a number of active spyware applications that may impact the performance of your computer. Click the icon to get rid of unwanted spyware by downloading an up-to-date anti-spyware solution”.

Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.

A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.

As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove WinAntiSpyware/WinAntiVirus, SpyAxe, VirusBlast, VirusBursters, as well as a number of other rogue applications.

Download from MajorGeeks.com

An absolute must is to make sure that the security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.

Some current rogue software includes:

  • AntiVirGear
  • AntiVirusGold
  • Cleanator
  • DriveCleaner
  • EasySpywareCleaner
  • InfeStop
  • Malware Alarm
  • PCSecureSystem
  • PestTrap
  • SpyAxe
  • Spydawn
  • Spylocked
  • SpySheriff
  • SpySpotter
  • Spyware Quake
  • Spyware Stormer
  • Spy-Rid
  • System Live Protect
  • UltimateCleaner
  • VirusHeat
  • VirusProtectPro
  • WinAntivirus2006
  • WinFixer

Always remember of course, that you are your greatest line of defense against malware. STOP. THINK. CLICK

19 Comments

Filed under Anti-Malware Tools, Internet Safety, Internet Safety Tools, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Software, System Security, Windows Tips and Tools