Wednesday, October 21, 2009

Sysinternals Releases Disk2vhd v1.0

Sysinternals has recently released Disk2vhd that "simplifies the migration of physical systems into virtual machines (p2v)."

Disk2vhd is a utility that creates VHD (Virtual Hard Disk - Microsoft’s Virtual Machine disk format) versions of physical disks for use in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs)


More here.

Thursday, October 15, 2009

Sysguard / Winifighter Clones

Here are some screenshots of the members of this scareware family:

[gickr.com]_6c803672-8a5f-25e4-5109-31b55ebdf362

Beware of these rouge apps.

Tuesday, October 13, 2009

Winifighter Clone: TrustFighter

RogueAntiSpyware.Winifighter_TrustFighter6

Another scareware has been spotted in the wild and it calls itself TrustFighter. This is a recent addition to the Winifighter family of scareware.

Same as other members of this family of scareware, as in a previous post, TrustFighter creates heaps of junk binary files in the %systemroot% and %system% directories.

Sample junk files are the following:

%systemroot%\51c0vzr24975.dll
%systemroot%\51cbthreatz1991.ocx
%systemroot%\524699py69fz.bin
%systemroot%\525z1vi9us4e4.cpl
%systemroot%\5294viz115.exe
%systemroot%\5eddaddwar9167z.dll
%systemroot%\5ezast95l495.dll
%systemroot%\5ezdaddware2359.cpl
%systemroot%\5z09s9yware545.cpl
%systemroot%\5z56th5eat19149.bin
%systemroot%\5z85thief22759.cpl
%systemroot%\5z99addware2835.ocx
%systemroot%\5z9bba5kdoor525.dll
%systemroot%\5z9cth5ef13559.cpl
%systemroot%\5zfdaddware950.bin
%systemroot%\5zfesparse709.exe
%systemroot%\6169th5zf99.ocx
%systemroot%\6210spywa5e192z.ocx
%system%\1905szea51146.cpl
%system%\190979iru57z7.ocx
%system%\190cszywa591879.exe
%system%\19105vizus1c.bin
%system%\19179virusz65.ocx
%system%\1930thief97z5.cpl
%system%\19559spamboz6bb.ocx
%system%\1958stezl2595.cpl
%system%\195b5hreat39894z.exe
%system%\19645worm7zd.exe
%system%\1969spz715.bin
%system%\1977zhacktool54d.cpl
%system%\19792troz5aa.bin
%system%\1987th5z92904.cpl


Here are some domains participating in this campain:

securityannounce(dot)com
securityadjust(dot)com
bestmalwaredetect(dot)com
pcprotectzone(dot)com
trustfighter(dot)com


Unsuspecting users get set back by $49.95 from their hard-earned money.