ATTENTION:
I just move this blog into single one Account, but I forgot the image I upload on this blog are in old Picasa. So you may image missing in an article. All images will be reverted only for articles in July 10th's first page and fetured articled shown in slide show.

26 May 2011

Fraud: Windows Firewall Unit, A FAKE ANTISPYWARE

5/26/2011 No comments

windows_firewall_unitJust today, my brother’s laptop got this f**king fakeware. This fake antispyware named as Windows Firewall Unit. With a good interface and so trustable look in it, this is an awesome fake shit I ever see. If your computer just got this shit, you’re in the right place to read (but in rude language, because I’m so fed up when dealing with this shit).

Behavior

It blocks all 3rd party applications and pretend them as viruses, and also prevent your existing security softwares to run. It will perform a fake system scan and will always say that your system is critically at risk. They will ask the users to fix it by only one way, pay them, and this is exactly a fraud. Some sources said that even after paying them, this software might installing another fakeware again.

 

Interface

windows_firewall_unit (1)

The interface is awesomely beautiful to trust. Even an ‘Ask for genuine Microsoft software’ pic is exist there. I’m firstly suspecting this application as a fakeware from its help. It neither says any copyright nor patent listed. I also find an oddness as this is a Firewall software, but handles all security functions (perhaps they’re all fake on this fakeware).

 

Messages Warned by Windows Firewall Unit:

As cited from 2viruses.com, these are:

INFILTRATION PHASE:

Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a seriuos possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press ‘OK’ to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

 

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.

comment from me: this is the shittest shit you may see. But if you take a look. I think the button should not be in classic Windows style. The real Microsoft Security Essentials will always follow the visual style or have an own-sytled buttons. If you got what I say, perhaps you know.

fake_microsoft_security_essentials_alert

AFTER RESTARTING WINDOWS AND HAPPEN AFTER YOU LOG ON:

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

 

Removal

I’ve seen the best way is on PCHubs.com, but I found it’s fail, since Windows Firewall Unit is also starting when you log on Safe Mode. So, I’ve got the best way but still following the way from PCHubs.com. You may required to ask for administrator help for this if you don’t know the instruction I say.

  1. Download SmitFraudFix from the official site: http://siri.geekstogo.com/SmitfraudFix.php
  2. After you downloaded it, move it into an easily reachable location if executed with Command Prompt.
  3. Since Windows Firewall Unit blocks all application (Command Prompt (cmd.exe) is also blocked) and this shit still active when running in safe mode, we have a last hope: Run in safe mode with Command Prompt. To activate it, just press F8 before the Windows starts booting (the loading Windows screen), then choose Safe Mode with Command Prompt. This mode is only running cmd.exe and blocks all other programs to run, at least until you activate it through cmd.exe. That’s why we can still bypass the Windows Firewall Unit with this mode.
  4. Run SmitfraudFix.exe from the file location. For example, if you put the file on D:, just type D: and then enter. It will access the D: folder. Then, you type SmitfraudFix.exe then enter.CWindowssystem32cmd.exe (3)
  5. A new window will appear, this is the program. Choose 2 and enter.Fix01b
  6. After SmitFraudFix performs initial removal process, then it will ask you “Do you want to clean the registry?” select Y for yes.

 

So that’s all folks. I’m already fed up with this shit, and alhamdulillah I’ve already fix it with my way. Thanks…

0 komentar:

Post a Comment

You can submit your comment as I can revise my opinion! Please!!!

 
Design by Wordpress Theme | Bloggerized by Free Blogger Templates | coupon codes