Home >>

From the monthly archives:

March 2010

XP AntiMalware Analysis and Removal

by Shanmuga
Thumbnail image for XP AntiMalware Analysis and Removal

XP AntiMalware belongs to the family of Trojan:Win32/FakeRean infecting users running Windows XP. It is installed by a trojan dropper file which is capable of installing a rogue with any one of the names from its stable, with a matching fake Windows Security Center.

Read the full article →

Win 7 Security Analysis and Removal

by Shanmuga
Thumbnail image for Win 7 Security Analysis and Removal

Win 7 Security is one of the recent rogue security software being installed by Trojan FakeRean. This trojan chooses randomly from a list of names each time it is installed. It has the following list of names for Windows 7: Win 7 Security, Win 7 Defender, Win 7 Defender Pro, Total Win 7 Security, Win

Read the full article →

ave.exe: A multiple-rogues-in-one Trojan FakeRean

by Shanmuga
Thumbnail image for ave.exe: A multiple-rogues-in-one Trojan FakeRean

ave.exe is a variant of av.exe installed by the Trojan FakeRean. Just like av.exe, this variant also chooses randomly from a list of names each time it is installed. It has a list of names for all the current versions of Windows with a mathching fake Windows Security Center or a fake Windows Action Center.

Read the full article →

XP Security Tool 2010 Analysis and Removal

by Shanmuga
Thumbnail image for XP Security Tool 2010 Analysis and Removal

XP Security Tool 2010 belongs to the family of Trojan:Win32/FakeRean infecting users running Windows XP. It is installed by a trojan dropper file which is capable of installing a rogue with any one of the names from its stable, with a matching fake Windows Security Center.

Read the full article →

Security Tool gets nastier

by Shanmuga
Thumbnail image for Security Tool gets nastier

Some recent versions of the Security Tool scareware now includes a ransom ware component that confounds the victims by blocking the desktop with a full screen scare message. It asks for a serial number that will supposedly be provided on purchasing Security Tool, to unlock the computer.

Read the full article →

Cannot run any programs after removing XP Guardian (TrojanWin32 FakeRean)

by Shanmuga

I used Microsoft Security Essentials to get rid of XP Guardian virus from my computer. Since then I am unable to run any .exe programs, Please help. Matt by email XP Guardian belongs to the family of Trojan:Win32/FakeRean. According to Microsoft the latest version “now uses individual names and looks for Windows XP, Windows Vista

Read the full article →

Virus Protector Analysis and Removal

by Shanmuga

Virus Protector is another one of those fraudulent security programs that uses scare messages in various colors, sizes and shapes to scam the unwary victims to part with their money for the fake product. The scare messages are many, flooding the desktop every few seconds making it unusable. The scare messages mainly warn about Spam

Read the full article →

Antivirus PC 2009 Analysis and Removal

by Shanmuga

Antivirus PC 2009 is a fraudulent security software program that is designed to scare the victims with multiple system alerts about non-existent malware infections in order to scam them into paying for its purchase.

Read the full article →

Google engineer posts sample code to show how to bypass DEP in Windows

by Shanmuga

"The disclosure of a new exploit technique that bypasses an important Windows security feature may result in more successful attacks against Microsoft’s newer operating systems, researchers said today.

Read the full article →

Too many passwords?

by Shanmuga

"How many web sites do you log into? Your bank? Facebook, Myspace and any number of other social networking sites? Auction sites? Shopping sites? Maybe lots of others too. Every site, of course, requires you to create a password. And if the site is serious about security, it may even set certain rules. For example,

Read the full article →

Antivirus software often foxed by malicious URLs

by Shanmuga

"Many malicious URLs are now invisible to URL filters and antivirus software alike, a web security company has found after conducting its own tests.

Read the full article →

Microsoft: Don’t press F1 key in Windows XP

by Shanmuga

"Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). In a security advisory issued late Monday, Microsoft confirmed the unpatched bug in VBScript that Polish researcher

Read the full article →

Q and A: Malware analysis

by Shanmuga

"Greg Hoglund is the CEO and Founder of HBGary. He has been a pioneer in the area of software security. After writing one of the first network vulnerability scanners, he created and documented the first Windows NT-based rootkit, founding rootkit.com in the process. Greg went on to co-found Cenzic through which he orchestrated numerous innovations

Read the full article →

Websites offered free anti-hijack scans

by Shanmuga

"Web admins and owners are being offered a free service that will scan their sites for malware hijacks, alerting them automatically if malicious code is found. The QualysGuard Malware Detection, launched as a beta this week, uses a combination of ‘static’ and behavioural analysis to take a closer look at web pages under a given

Read the full article →

Attack of the Rogues: Fake Windows Action Center

by Shanmuga

Microsoft debuted Windows Security Center (WSC) with Windows XP SP2 that helps in checking the status of software Firewall, Antivirus software and Windows Automatic Updates. If any of the three is switched off or found outdated, the Windows Security Center sends the user an alert via a pop-up notification balloon. With Windows Vista, Microsoft added

Read the full article →

Microsoft investigates unpatched flaw that affects users running IE7 and IE8

by Shanmuga

"Microsoft on Sunday confirmed it’s investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE). The flaw could be used by attackers to inject malicious code onto victims’ PCs, said Maurycy Prodeus, the Polish security analyst with iSEC Security Research who revealed the vulnerability

Read the full article →