Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Security Tool gets nastier

by Shanmuga
Thumbnail image for Security Tool gets nastier

Some recent versions of the Security Tool scareware now includes a ransom ware component that confounds the victims by blocking the desktop with a full screen scare message. It asks for a serial number that will supposedly be provided on purchasing Security Tool, to unlock the computer.

Read the full article →

Cannot run any programs after removing XP Guardian (TrojanWin32 FakeRean)

by Shanmuga

I used Microsoft Security Essentials to get rid of XP Guardian virus from my computer. Since then I am unable to run any .exe programs, Please help. Matt by email XP Guardian belongs to the family of Trojan:Win32/FakeRean. According to Microsoft the latest version “now uses individual names and looks for Windows XP, Windows Vista

Read the full article →

Virus Protector Analysis and Removal

by Shanmuga

Virus Protector is another one of those fraudulent security programs that uses scare messages in various colors, sizes and shapes to scam the unwary victims to part with their money for the fake product. The scare messages are many, flooding the desktop every few seconds making it unusable. The scare messages mainly warn about Spam

Read the full article →

Antivirus PC 2009 Analysis and Removal

by Shanmuga

Antivirus PC 2009 is a fraudulent security software program that is designed to scare the victims with multiple system alerts about non-existent malware infections in order to scam them into paying for its purchase.

Read the full article →

Google engineer posts sample code to show how to bypass DEP in Windows

by Shanmuga

"The disclosure of a new exploit technique that bypasses an important Windows security feature may result in more successful attacks against Microsoft’s newer operating systems, researchers said today.

Read the full article →

Too many passwords?

by Shanmuga

"How many web sites do you log into? Your bank? Facebook, Myspace and any number of other social networking sites? Auction sites? Shopping sites? Maybe lots of others too. Every site, of course, requires you to create a password. And if the site is serious about security, it may even set certain rules. For example,

Read the full article →

Antivirus software often foxed by malicious URLs

by Shanmuga

"Many malicious URLs are now invisible to URL filters and antivirus software alike, a web security company has found after conducting its own tests.

Read the full article →

Microsoft: Don’t press F1 key in Windows XP

by Shanmuga

"Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE). In a security advisory issued late Monday, Microsoft confirmed the unpatched bug in VBScript that Polish researcher

Read the full article →

Q and A: Malware analysis

by Shanmuga

"Greg Hoglund is the CEO and Founder of HBGary. He has been a pioneer in the area of software security. After writing one of the first network vulnerability scanners, he created and documented the first Windows NT-based rootkit, founding rootkit.com in the process. Greg went on to co-found Cenzic through which he orchestrated numerous innovations

Read the full article →

Websites offered free anti-hijack scans

by Shanmuga

"Web admins and owners are being offered a free service that will scan their sites for malware hijacks, alerting them automatically if malicious code is found. The QualysGuard Malware Detection, launched as a beta this week, uses a combination of ‘static’ and behavioural analysis to take a closer look at web pages under a given

Read the full article →

Attack of the Rogues: Fake Windows Action Center

by Shanmuga

Microsoft debuted Windows Security Center (WSC) with Windows XP SP2 that helps in checking the status of software Firewall, Antivirus software and Windows Automatic Updates. If any of the three is switched off or found outdated, the Windows Security Center sends the user an alert via a pop-up notification balloon. With Windows Vista, Microsoft added

Read the full article →

Microsoft investigates unpatched flaw that affects users running IE7 and IE8

by Shanmuga

"Microsoft on Sunday confirmed it’s investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE). The flaw could be used by attackers to inject malicious code onto victims’ PCs, said Maurycy Prodeus, the Polish security analyst with iSEC Security Research who revealed the vulnerability

Read the full article →

Desktop Security 2010 Analysis and Removal

by Shanmuga

A clone of Total PC Defender 2010, this scareware uses authentic looking fake Windows security center alerts and audio “virus found” alerts in addition to the usual system alert messages to scam the users to purchase a subscription. The system is rendered unusable due to many alert messages about non-existent infections.

Read the full article →

Security essentials 2010 Analysis and Removal

by Shanmuga

Security essentials 2010 a clone of Internet Security 2010 is a fake Windows security program trying to cash in on the name of the legitimate Microsoft Security Essentials. This scareware uses a variety of fake messages that are designed to imitate the Windows system alerts about non-existent malware infections to convince the user to purchase

Read the full article →

Advanced Defender Analysis and Removal

by Shanmuga

Advanced Defender is a fake security program that changes and disables the desktop background and then uses a flurry of false system messages in order to scare the user to purchase the program. This scareware disables the Windows task manager and stops Windows Security Center (wscsvc) to protect itself and blocks the execution of many

Read the full article →

Microsoft says malware causing blue screen crashes

by Shanmuga

"A hard-to-detect rootkit may be causing Windows XP systems to crash following Microsoft’s latest security updates. Windows users began flooding Windows support forums this week, saying that their computers had been rendered unusable with a blue-screen-of-death (BSOD) error after installing Microsoft’s February security updates, released Tuesday. On Thursday, Microsoft stopped shipping the MS10-015 update, which

Read the full article →

Rogue antivirus program comes with tech support

by Shanmuga

In an effort to boost sales, sellers of a fake antivirus product known as Live PC Care are offering their victims live technical support. According to researchers at Symantec, once users have installed the program, they see a screen, falsely informing them that their PC is infected with several types of malware.

Read the full article →

Chromium browser remixed as a security Dragon

by Shanmuga

"Windows security software vendor Comodo has added its contribution to the short list of Chromium-based browser remixes that have sprung up in the wake of Google Chrome’s success. Best known for its firewall software, Comodo’s Chromium browser is called Dragon, and it promises better security features than those available in Google Chrome. It is the

Read the full article →

Total PC Defender 2010 Analysis and Removal

by Shanmuga

Total PC Defender 2010 is a fraudulent program that uses fake system warning messages to convince the users to purchase a subscription. This rogue security software uses a irritating audio alert in addition to other fake system alerts. Once installed on the system Total PC Defender 2010 initiates a system restart and hijacks the desktop

Read the full article →

Antivirus Analysis and Removal

by Shanmuga

On being re-directed from a compromised website, this fake online virus scanner mimics windows explorer and simulates a antivirus scan by clever use of animated gif images and javascript. The fake scan will run even if the warning dialogue box is closed or canceled and the fraudulent software will be downloaded and run. Once the

Read the full article →

Antivirus Soft Analysis and Removal

by Shanmuga

Antivirus Soft belongs to the family of Antivirus Live. Once installed it completely takes over the system, aggressively displays a variety of fradulent alerts about non-existent malware and infiltration attempts. This scareware installs the Fake Windows Security Center where all the links lead to the payment page for Antivirus Soft. Hijacks Internet Explorer and automatically

Read the full article →

Internet Security 2010 Analysis and Removal

by Shanmuga

Once installed in the system, Internet Security 2010 produces a variety of fraudulent messages about non-existent malware. The scare messages are designed to scam the user to purchase a subscription. These scare messages are very frequent and insistent making the computer unusable. It blocked the execution of internet browsers internet explorer, firefox and google chrome

Read the full article →

Malware Defense Analysis and Removal

by Shanmuga

Malware Defense extensively uses the Windows logo, icons and other design elements in its interface. This rogue software installs the notorious ‘fake windows security center‘ (wscsvc32.exe). The Virus Protection part of the fake windows security center urges the victim to activate Malware Defense license. ‘Fake security center alerts‘ about Windows Firewall detecting unauthorized activity are

Read the full article →