Archive for December, 2007

The Year in Review

As the year comes to a close … it appears that Trojan.Zlob/Codec remains the #1 threat. This is mainly due to the coordinated effort of the Malware writers and the Rogue Anti-Spyware community … While the detection rates have become better for the commercial Antivirus/Antispyware products, the “freeware” versions have failed to keep pace and […]

eMusic Toolbar

I have been contacted several times this year regarding the entry for eMusic  in my HOSTS file … so I thought I’d give them a second look, since they were previously detected as “Adware.eMusic” by the majority of Antivirus/Antispyware programs. I highlighted the “It’s safe. No spyware, adware, or malware” … OK sounds good … […]

Beware of fake DNS Error pages

These sites have created their pages to look exactly like a typical (Microsoft IE7) DNS Error page … Notice the links for “AntiSpywareSuite” … which is yet another WinFixer clone … and the download is from: hxxp://content.onerateld.com/antispywaresuite(dot)com/AntiSpywareSuite/install_en.exe (URL disabled) Other sites with the same exact fake page … all hosted at: Ukrtelegroup Ltd via ESTDOMAINS/PrivacyProtect […]

Another fake free Movie site

Hopefully regular readers of this blog do not fall for these offers of “it is absolutely free” … Accessing the above site you see the typical “ActiveX Object Error” bogus prompt … Clicking any of the above button results in (codecmeg4049.exe) Trojan.Win32.DNSChanger.akt (VirusTotal results)Both sites involved are hosted (where else) Cernel which is typically home to the […]

Another malicious fake scanner site

Following up on an email tip from Adrienne … what’s interesting while the fake scan is running the site tries to download/install “Install2486.cab” … however my AV kills the download …  Clicking on any of the links on the page results in the site downloading “Install2486.exe” … This site is hosted at Hostfresh via ESTDOMAINS/PrivacyProtect which […]

AntiSpywareControl yet another Rogue/Suspect Anti-Spyware Product

Landing on the following site the viewer is presented with not only a “IFrame.Exploit” and the typical adult content, but several interesting banners … (MVPS HOSTS file users are already protected from the IFrame.Exploit) Look familiar? … well let’s see where this leads us … (as if I didn’t know “Independently certified” … and “100% free […]

Christmas comes early

This year the wife and I decided to treat ourselves to a new flat-screen … Samsung HP-T5054 50-inch Plasma HDTV Although the photo doesn’t really do the picture quality justice … it sure is a big jump from a 32″ !! I can’t wait to try this out as a PC Monitor … enjoy the holidays […]

Limelight distributes hundreds of Rogue Antispyware products

Looks like Limelight is involved in distributing hundreds of Rogue Antispyware products … the majority of these are from “LocusSoftware” which I have mentioned before. However I found an interesting video produced by Symantec that shows all these clones … and there are hundreds! So let’s take “SpyGuardPro” as an example … Oops … Google […]

More malware found at Limelight Networks

Seems the harder I look the more malicious content is found running from Limelight Networks … at least Google has flagged on of the previous entries I mentioned as malicious … [emphasis added] It appears Limelight has moved several of the previous entries to another server within their network … then I found a few […]

Beware of Ransomware

After reading a blog post by fellow Microsoft MVP “Donna’s SecurityFlash” I thought I’d do a little follow-up … “The ransomware was included in adware “Uccplay.” Victims are led into thinking the adware is a multimedia player, but when they install it, the program copies all video files stored on the computer to a hidden […]