Beware of AntiVirus 2009

Yesterday my friend brought his sister’s laptop claiming that the condition of laptop is in dying stage. The laptop took around 7-10 minutes to load from setup screen to Windows boot screen, after that it will take another approximately 3-4 minutes to load. (That’s different case). After the Windows loaded and the desktop icons starts to appear suddenly I was alerted that the Windows was attacked by numerous viruses and need to updated to latest virus definition to perform full scan – I mean A LOT of threats.

The antivirus program that prompted such alert is AntiVirus 2009 which made me suspicious slightly. So, I Google and it turned out to be a rogue anti-spyware program. According to Spyware.com, AntiVirus 2009 uses Trojans to lurk in porn/warez websites disguised as video codecs and, upon entering the system, floods the user with popups and fake system notifications, supposedly to inform the user of an infection. For further information about this threat and how to remove the malware kindly head to here.

Interesting about this program is once you installed you cannot uninstall it. I used Add&Remove Program in Control Panel, TuneUp Utilities and even Revo Uninstaller, there is no trace of AntiVirus 2009 thus you can’t uninstall it in usual way.

So, moral of the story don’t just simply install any software even though the description sounds damn cool, Google it first to verify the authenticity of the program.

Technorati Tags: spyware,malware,antivirus 2009

New Worm Exploit Windows Media Player

WORM_VB.ZAA is a new kind of worm that attempts to infect the Windows computers, being executed once the user starts Windows Media Player. According to the security company Trend Micro, the worm affected most versions of the operating system powered by Microsoft, including Windows 98, NT, ME, 2000, XP and Server 2003.

The worm is executed one the user starts Windows Media Player and displays the following message:

The worm modifies a certain registry entry to hide file extension names. It also hides files with System attributes by modifying another registry entry, Trend Micro added.

Moreover Trend Micro informed that WORM_VB.ZAA can be easily downloaded by visiting malicious websites equipped with the worm. In addition, it also can be deployed by another malware that has already been installed on the system.

Source: Trend Micro

Microsoft Updated Windows Genuine Advantage

Instead using disable programs on user's computer, Microsoft turned to use gentler approach based on nagging alerts if it suspects the software is pirated,.

The new version of Windows Genuine Advantage will be embedded with the first service pack for Windows Vista, due in the first quarter of 2008.

When computer user activate Windows Vista or try to download software from Microsoft's website, the Windows Genuine Advantage system scans the PC for signs of pirated software. If the copy of Vista is pirated, the glassy Vista user experience disappears and other features are suspended.

The desktop wallpaper will turn black and white notice will appear alerting users to the problem. As usual each time they log in, they will be prompted to buy legitimate software, and every hour. A reminder bubble will appear on the screen as well .

Besides that, Microsoft also said Monday the package of Vista updates will fix holes in the operating system that allowed pirates to create fake copies:

• the activation of software by computer makes before PC is sold
• extends given period to people who install new software, before they must activate it.

Microsoft also plans to offer an updates for Windows Genuine Advantage that will run the piracy check regularly.

Source: Tech2

Beware of Malicious PDF Files

Reuters reports that emails containing malicious PDF files putting computers at risk since Friday. The danger is more pronounced as because PDF attachments are usually not filtered at email gateways.

According to Finnish security software F-Secure, the emails look like credit card statements, with a subject line that says 'Your credit report', 'Personal Financial Statement', 'Balance Report' etc. The infected file has an attachment called report.pdf. When such PDF files are viewed on vulnerable machines, they start downloading software from servers in Malaysia or Sweden, which are now being cleaned.

Adobe claims to have patched the vulnerability in its latest updates to Reader and Acrobat; both tagged as version 8.1.1. Get the latest version from the here.

8 Best Free Anti-Spyware Softwares

Before you continue read this post, you might thought 'Do I need an anti-spyware installed in my PC?' and my answer definitely will be 'It depends on you'. Haha because it depends your on Internet surfing habit, if you prone to download everything you saw and the sites you visit (malwares infested), then you need one. I won't talk more about that for now maybe on coming post. If you uncertain about the spyware or generally known as malwares threats, head to Understand Types of Malwares and Its Definition. In this post I listed the anti-spyware softwares that I tested and satisfied ever since I start online.

Ad-Aware 2007 7.0.2.3
Ad-Aware provides protection from known Spyware including: Data-mining, aggressive advertising, Parasites, Scumware, selected traditional Trojans, Dialers, Malware, Browser hijackers, and tracking components.
Download

AVG Anti-Spyware 7.5.1.43
Anti-Virus programs offer insufficient protection against urgently growing threats like Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers.
Download

HijackThis 2.0.2
HijackThis scans areas of your registry and hard drive and returns a log of items which it detects. As this tool is recommended for advanced users only, we recommend you run a scan and then post your log file on a support forum, where someone will be able to suggest which entries to remove.
Download

RootkitRevealer 1.71
RootkitRevealer is an advanced root kit detection utility. It output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
Download

Spybot Search and Destroy 1.5.1.17 Beta
Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer.
Download

Spyware Terminator 2.0.1.224
Bring your computer protection to the next level! Get unique combination of real-time antispyware protection together with alerts preventing you to enter potentially dangerous websites.
Download

Windows Defender 1.1.1593
Microsoft Windows Defender (formally known as Windows AntiSpyware) is a security technology that helps protect Windows users from spyware and other potentially unwanted software.
Download

How to Hack Password Protected Windows XP

Felt lost and angry because you dumb enough to forget your Windows logon password? You should be . The most common or classic hack is CTRL+ALT+DEL trick, if you don’t know about this don’t worry I will explain it along with the other tricks.

Trick 1:

1. At logon screen type CTRL+ALT+DEL 3 times and a small window will pop up after that.
2. Delete the existed username and type Administrator, leave the password box blank.
3. Hit Enter, now you able to login into Windows
4. Then, go to Start Menu>Control Panel>User Accounts. You can delete your account password and save new password (something that easy to remember so you won't forget again)
   

*Usually when fresh copy of Windows XP installed in PC or laptop, there is a hidden account and that’s Administrator account. By default the Administrator account is not password protected, that’s why by using this trick you can access to Administrator account. However, some smart user set password for Administrator account as well made this trick unusable.

Trick 2:

If Trick 1 didn't work out you can download Winternals ERD Commander to override the Windows XP password. How to do it? Watch the video below.

Hacking Win XP Password

Before you start Google Winternals ERD Commander, I would like to tell you that Winternals ERD Commander is not cheap and Winternals offerings no longer available for purchase since Microsoft acquires Winternals on July 17, 2006. Don’t get me wrong for provided useless trick because you can download the Winternals ERD Commander through P2P and torrents sites – I’m downloading it. Look for me if you couldn’t get it.

Acknowledgement:

This post is meant for educational purposes only and any act that one indulges into crime and privacy intrusion, the problem is solely yours. There quite numbers of solution but those are after login hacks not before login. If I missed anything kindly let me know.

Bluetooth Enabled Devices at Risk: Symantec

Symantec Corporation has cautioned users of the possible dangers of using Bluetooth-enabled devices. Users of such devices are prone to several attacks such as:

1. BlueSpamming – sendng spam to a Bluetooth enable devices
2. BlueJacking – sending a message from your Bluetooth enabled devices PDA to a stranger who also has a Bluetooth enabled device
3. BlueSnarfing – copy address information such as business card data from a person’s Bluetooth phone In the vicinity
4. BlueBugging – allows the hacker to initiate phone calls, send and read SMS, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet

However, Symantec noted that BlueSpamming does have a low-leve security riks. BlueSnarfing is also quite dangerous as it could allow hackers to sneak and scan through the data. BlueBugging is the biggest threat where hackers can remotely control a handset while making calls without permission.

The day to day Bluetooth device user faces and even I faced before – is receiving an unknown file from a unknown identity which finally turns out to be the file is actually a virus or malicious code to corrupt the device. So how to escape yourself from such attacks – just turn off the bloody Bluetooth and use it when you want to use. Isn’t it simple enough?