System Security 2009

Posted by elise in Blog Latest Adware Threats, Latest Parasite Threats, Latest Spyware News, Latest Spyware Threats, Recent Articles, Top Parasite Threats, Top Spyware Threats on June 11th, 2009 | Leave a comment
TAGS: , , , ,

What is System Security 2009?
System Security 2009 is simply a clone of the infamous rogue anti-spyware named System Security. The same as most of false anti-spyware programs, System Security 2009 utilizes the deceive means to reach its purpose. By making use of the backdoor techniques, System Security 2009 usually intrudes PC system without your acknowledge or permission.

Once installed, it will flood PC system with unsolicited ads that show your machine is at risk. The progam will appear every now and then on your screen, continually scanning your PC and reporting a variety of supposed malware. To solve the program with System Security 2009, you must go to its website to pay for the license, in which you may be in high danger of downloading extra virus onto your system. In fact, System Security 2009 can not detect any infections because it does not have any legit virus scanning engine at all. Not only does it slow down your PC performance dramatically, System Security 2009 will also threaten your personal data and privacy.

Do you have System Security 2009?
If you have enough time and expertise, you can search your computer for System Security 2009 manually. However, it might take hours to find out all files of System Security 2009, and it is possible that System Security 2009 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for System Security 2009
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual System Security 2009 removal instructions
WARNING: The manually removal method is for advanced users. System Security 2009 manually removal can be difficult and time-consuming. There is no guarantee that System Security 2009 can be completely removed, for there are hundreds of files generated when System Security 2009 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below to remove System Security 2009 manually:

Navigate and stop the System Security 2009 processes:
SystemSecurity.exe
05643921.exe
install.exe

Navigate and delete System Security 2009 files:
systemsecurity.exe
SystemSecurity.lnk
SystemSecurity on the Web.lnk
Uninstall SystemSecurity.lnk
%desktopdirectory%\system security.lnk
%desktopdirectory%\ws\config.udb
%desktopdirectory%\ws\init.udb
%desktopdirectory%\ws\languages\english.lng
%desktopdirectory%\ws\languages\german.lng
%desktopdirectory%\ws\languages\spanish.lng
%desktopdirectory%\ws\systemsecurity.exe
%programs%\system security\system security.lnk
%desktopdirectory%\ws\systemsecurity.exe
05643921.exe
install.exe
%desktopdirectory%\system security 2009.lnk
%programs%\system security\system security 2009 support.lnk
%programs%\system security\system security 2009.lnk

Navigate and remove System Security 2009 registry keys
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\systemsecurity2009
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\systemsecurity2009 displayicon
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\systemsecurity2009 displayname
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\systemsecurity2009 shortcutpath
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\systemsecurity2009 uninstallstring

What are the symptoms of System Security 2009?

  • System Security 2009 may be advertised through the use of Trojans
  • System Security 2009 may pop up fake security alerts about infections
  • System Security 2009 may automatically run when you start Windows
  • System Security 2009 may cause privacy violated
  • System Security 2009 may cause the system damage

How do I keep away from System Security 2009
Once you have cleaned up System Security 2009, the most important point to prevent System Security 2009 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against System Security 2009 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Anti-spyware Software?
System Security 2009 is a type of Anti-spyware Software.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

N-case

Posted by elise in Blog Adware, Latest Adware Threats, Latest Spyware News, Recent Articles, Top Spyware Threats on June 8th, 2009 | 2 Comments
TAGS: , , , , ,

What is N-case?
N-case is a adware that automatically produces logs of your online activities, including the websites you have visited and keywords within your visited URLs. It then silently submits the log generated to the servers of 180Solution’s who releases N-Case. This malware also delivers targeted popup ads under direction of its controlling servers. Whenever PC starts up, N-Case would automatically launch and run at the background, generating unsolicited popup advertisements. It can even update itself.

Do you have N-case?
If you have enough time and expertise, you can search your computer for N-case manually. However, it might take hours to find out all files of N-case, and it is possible that N-case will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for N-case
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual N-case removal instructions
WARNING: The manually removal method is for advanced users. N-case manually removal can be difficult and time-consuming. There is no guarantee that N-case can be completely removed, for there are hundreds of files generated when N-case installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below to remove N-case manually:

Navigate and stop the N-case processes:
N/A

Navigate and delete N-case files:
%ProgramsDir%\n-Case\
%ProgramsDir%\nCase\
%SystemDir%\msbb.exe
%SystemDir%\msbb.dll
%SystemDir%\msbb1.dll
%WinDir%\ncmyb.dll

Navigate and remove N-case registry keys
N/A

What are the symptoms of N-case?

  • N-case may connect itself to the internet
  • N-case may hide from the user
  • N-case may stay resident in background

How do I keep away from N-case
Once you have cleaned up N-case, the most important point to prevent N-case and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against N-case and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Adware?
N-case is a type of adware.

Adware is a type of software that displays or downloads advertisements to a computer after the software is installed or while the software is in use. These advertisements can be banners or pop up windows. Some types of adware may even collect the user’s information and display advertisements in the web browser according to the information collected.

Adware can slow down your PC by consuming heavily Memory and CPU resources. Adware can also mess your Internet connection by using bandwidth to resume advertisements. Meanwhile, your system may be in risk of inefficiency because most adware applications are not properly programmed.

Trojan Wind32/Heur

Posted by elise in Blog Latest Spyware News, Latest Spyware Threats, Recent Articles, Top Spyware Threats, Trojans on May 24th, 2009 | 2 Comments
TAGS: , , , ,

What is Trojan Wind32/Heur?
Trojan Wind32/Heur is a hazardous Trojan genetic detection that is able to self-reproduce via the local and network drive, usually installed onto your system without your content. This infection spreads itself to PCs via spam emails, share network, corrupted media files, porn websites and other related illegal websites. Trojan Wind32/Heur is also capable of downloading and executing additional malware in the infected machine, which results in delivering fake security pop-ups and redirecting search results of system browsers. It can even disable security programs and firewall software.

Do you have Trojan Wind32/Heur?
If you have enough time and expertise, you can search your computer for Trojan Wind32/Heur manually. However, it might take hours to find out all files of Trojan Wind32/Heur, and it is possible that Trojan Wind32/Heur will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Trojan Wind32/Heur
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Trojan Wind32/Heur removal instructions
WARNING: The manually removal method is for advanced users. Trojan Wind32/Heur manually removal can be difficult and time-consuming. There is no guarantee that Trojan Wind32/Heur can be completely removed, for there are hundreds of files generated when Trojan Wind32/Heur installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below to remove Trojan Wind32/Heur manually:

Navigate and stop the Trojan Wind32/Heur processes:
N/A

Navigate and delete Trojan Wind32/Heur files:
N/A

Navigate and remove Trojan Wind32/Heur registry keys
N/A

What are the symptoms of Trojan Wind32/Heur?

  • Trojan Wind32/Heur may may sneak into your system through insecure websites
  • Trojan Wind32/Heur may download other malware such as rogue anti-spyware applications
  • Trojan Wind32/Heur may cause popups of false and exaggerated results
  • Trojan Wind32/Heur may slow down computer process
  • Trojan Wind32/Heur may decrease system performance

How do I keep away from Trojan Wind32/Heur?
Once you have cleaned up Trojan Wind32/Heur, the most important point to prevent Trojan Wind32/Heur and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Trojan Wind32/Heur and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Trojan?
Trojan Wind32/Heur is a type of trojan.

Trojan is a general term for malicious program that sneaks into PC system without the user’s permission. Most Trojans exhibit some forms of hostile or malicious behaviors. They can contain a virus, a password grabber or they can be a RAT (Remote Access Trojan) that is designed to allow remote control over your system. Some Trojans contain built in scanners that automatically scan the Network from your computer, looking for another copies of themselves.

As told in the Aeneid by Virgil and mentioned in the Odyssey by Homer, the term Trojan comes from Greek mythology about the Trojan War. According to legend, the Greeks presented the citizens of Troy with a large wooden horse in which they had secretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city.

Nowadays, Trojan is flooding on the Internet, and a Trojan may be widely redistributed as part of a computer virus. Therefore, Trojan has been one of the leading causes of computer breakings.

Kido Worm

Posted by elise in Blog Latest Adware Threats, Latest Spyware News, Latest Spyware Threats, Worm on May 22nd, 2009 | Leave a comment
TAGS: , , ,

What is Kido worm?
Kido worm is a polymorphic worm that has been spreading through the Internet community since the end of 2008. This worm makes use of a critical vulnerability in Microsoft Windows to propagate via local network and removable disks. PCs with un-patched system or low network security are more likely to be infected. Once installed on the machine, this worm inhibits system restoration, prevents access to security websites, and even brings malware to the infected machines without user’s consent.

From a report researched by the most leading antivirus software vendors, a list of 100 top malware in 2009 is revealed, in which 26 variants of Kido worm are included. It can be easily seen that Kido worm takes up substantial proportion of the top most malicious programs.

PC users are strongly recommended to remove the Kido worm once found and keep the antivirus program up-to-date.

Do you have Kido worm?
If you have enough time and expertise, you can search your computer for Kido worm manually. However, it might take hours to find out all files of Kido worm, and it is possible that Kido worm will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Kido worm
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Kido worm removal instructions
WARNING: The manually removal method is for advanced users. Kido worm manually removal can be difficult and time-consuming. There is no guarantee that Kido worm can be completely removed, for there are hundreds of files generated when Kido worm installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below to remove Kido worm manually:

Navigate and stop the Kido worm processes:
N/A

Navigate and delete Kido worm files:
%Temp%\[Random].dll
%System%\[Random].tmp
%Temp%\[Random].tmp
%Program Files%\Internet Explorer\[Random].dll
%Program Files%\Movie Maker\[Random].dll
%All Users Application Data%\[Random].dll

Navigate and remove Kido worm registry keys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\”ServiceDll” = “Path to worm”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\”ImagePath” = %SystemRoot%\system32

What are the symptoms of Kido worm?

  • Kido worm may connect itself to the internet
  • Kido worm may hide from the user
  • Kido worm may stay resident in background

How do I keep away from Kido worm
Once you have cleaned up Kido worm, the most important point to prevent Kido worm and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Kido worm and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Worm?
Kido worm is a type of worm.

In a computer, a worm is a self-replicating computer program that does not alter files but resides in active memory. The difference between a computer worm and a computer virus is that a computer virus can not run itself. A virus usually needs a virus program to run, and the virus code also runs as part of the host program. However, a worm does not need a host program to run; it uses a network to spread itself over computers on the network.

The original computer worm was released (maybe accidentally) on the Internet by Robert Tappan Morris in 1988. The Internet Worm used sendmail, fingerd, and rsh/rexec to spread itself across the Internet.

The SQL Slammer Worm of 2003 used vulnerability in Microsoft SQL Server 2000 to spread itself across the Internet. The Blaster Worm, also of 2003, used vulnerability in Microsoft DCOM RPC to spread itself.

The Melissa worm of 1999, the Sobig worms of 2003 and the Mydoom worm of 2004, all spread through e-mail. These worms shared some features of a Trojan horse, in that they spread by enticing a user to open an infected e-mail attachment.

Mydoom also attempted to spread itself through the peer-to-peer file sharing application KaZaA. The Mydoom worms attempted a Denial of Service (DoS) attack against SCO and Microsoft.

Worm.Win32.Mabezat.b

Posted by elise in Blog Latest Spyware News, Latest Spyware Threats, Recent Articles, Top Spyware Threats, Worm on March 6th, 2009 | 2 Comments
TAGS: , , , ,

What is Worm.Win32.Mabezat.b?
Worm.Win32.Mabezat.b is a polymorphic parasitic file infector of executable files that propagating itself by making use of removable media and shared folders in LAN. Meanwhile, Worm.Win32.Mabezat.b is a worm for the Windows platform that searches for executables on local drives and the network.

Worm.Win32.Mabezat.b usually copies itself into existing folders of removal drives. The used filenames are the followings:
Adjust Time.exe
AmericanOnLine.exe
Antenna2Net.exe
BrowseAllUsers.exe
CD Burner.exe
Crack_GoogleEarthPro.exe
Disk Defragmenter.exe
FaxSend.exe
FloppyDiskPartion.exe
GoogleToolbarNotifier.exe
HP_LaserJetAllInOneConfig.exe
IDE Conector P2P.exe
InstallMSN11Ar.exe
InstallMSN11En.exe
JetAudio dump.exe
KasperSky6.0 Key.doc.exe
Lock Folder.exe
LockWindowsPartition.exe
Make Windows Original.exe
MakeUrOwnFamilyTree.exe
Microsoft MSN.exe
Microsoft Windows Network.exe
msjavx86.exe
NokiaN73Tools.exe
Office2003 CD-Key.doc.exe
Office2007 Serial.txt.exe
PanasonicDVD_DigitalCam.exe
RadioTV.exe
Recycle Bin.exe
RecycleBinProtect.exe
ShowDesktop.exe
Sony Erikson DigitalCam.exe
Win98compatibleXP.exe
Windows Keys Secrets.exe
WindowsXp StartMenu Settings.exe
WinrRarSerialInstall.exe

Do you have Worm.Win32.Mabezat.b?
If you have enough time and expertise, you can search your computer for Worm.Win32.Mabezat.b manually. However, it might take hours to find out all files of Worm.Win32.Mabezat.b, and it is possible that Worm.Win32.Mabezat.b will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Worm.Win32.Mabezat.b
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Worm.Win32.Mabezat.b removal instructions
WARNING: The manually removal method is for advanced users. Worm.Win32.Mabezat.b manually removal can be difficult and time-consuming. There is no guarantee that Worm.Win32.Mabezat.b can be completely removed, for there are hundreds of files generated when Worm.Win32.Mabezat.b installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for Worm.Win32.Mabezat.b removal manually:

Navigate and stop the Worm.Win32.Mabezat.b processes:
N/A

Navigate and delete Worm.Win32.Mabezat.b files:
N/A

Navigate and remove Worm.Win32.Mabezat.b registry keys
N/A

What are the symptoms of Worm.Win32.Mabezat.b?

  • Worm.Win32.Mabezat.b may spread via Trojans
  • Worm.Win32.Mabezat.b may install spyware to your computer
  • Worm.Win32.Mabezat.b may repair its files, spread or update by itself
  • Worm.Win32.Mabezat.b may violate your privacy and compromises your security

How do I keep away from Worm.Win32.Mabezat.b
Once you have cleaned up Worm.Win32.Mabezat.b, the most important point to prevent Worm.Win32.Mabezat.b and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Worm.Win32.Mabezat.b and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Worm?
Worm.Win32.Mabezat.b is a type of Worm.

In a computer, a worm is a self-replicating computer program that does not alter files but resides in active memory. The difference between a computer worm and a computer virus is that a computer virus can not run itself. A virus usually needs a virus program to run, and the virus code also runs as part of the host program. However, a worm does not need a host program to run; it uses a network to spread itself over computers on the network.

The original computer worm was released (maybe accidentally) on the Internet by Robert Tappan Morris in 1988. The Internet Worm used sendmail, fingerd, and rsh/rexec to spread itself across the Internet.

The SQL Slammer Worm of 2003 used vulnerability in Microsoft SQL Server 2000 to spread itself across the Internet. The Blaster Worm, also of 2003, used vulnerability in Microsoft DCOM RPC to spread itself.

The Melissa worm of 1999, the Sobig worms of 2003 and the Mydoom worm of 2004, all spread through e-mail. These worms shared some features of a Trojan horse, in that they spread by enticing a user to open an infected e-mail attachment.

Mydoom also attempted to spread itself through the peer-to-peer file sharing application KaZaA. The Mydoom worms attempted a Denial of Service (DoS) attack against SCO and Microsoft.