Everyone has heard of the latest scandal regarding the “whatever.com” site being hacked and vital information for over one million people being stolen. Now what would a hacker want with the information some would wonder? The thought behind a hackers motives in most cases, is to just be able to hack the site that says it is “hack proof”. In other cases involving fraud, it is to obtain your personal information and either uses it for spamming or to sell it to scam artists. In any case, a site that is hacked has legal responsibilities one would think.

The latest big websites attacks is more than likely just the theft of work history and name along with references. Now if the information also included Social Security information or annual salary requirements as well as cell phone numbers and credit card or bank information, people are going to have major problems. This type of activity happens all the time, but we only hear about the big news companies in the spotlight. Now if a pet product site that is just starting out and is not a well-known name, they are not going to divulge that information and if they do, it will not make the news headlines.

Everyone uses the Internet for one reason or another and if you are like most people, you may shop, look for work, play games or just browse. In any cases, you need to be careful how you supply your information. A secure site to display your information needs to contain encryption to protect your information if it is for buying and gaming as well. Anytime you give out personal information about yourself, you want to know your information is protected. With the latest scare with hacked websites, people have to wonder, what will they do with that information?

As hackers become more devious in their endeavor to hack into websites and steal the information, more IT technicians will work harder to make the sites and products to secure the sites even better. All the scares that we encounter with our Internet experiences are just another form of criminal activity, unfortunately, it can cause problems for the entire world. Protecting yourself and your computer from a hack attack is top priority and every day, businesses are upgrading their systems and infrastructures to protect vital information.

The best way to protect yourself some had said is, never give out personal information. Unfortunately, this is not always possible. If you want to shop, look for work, do some gaming or sign up for important newsletters and promotions, you have to supply the pertinent information. Therefore, using a little caution as to what sites you use is great, but as it was proved with Monster, even the best of sites can endure problems. This however, is no reason to stop using the Internet.

You just need to be aware of the threat and use good judgment when you visit a website. Some day we will see a system to track and stop hackers from stealing vital information. Companies who make the software and other software for security measures work hard every day to find new ways to stop a hacker. As the hacker gains more strength, software developers gain more security knowledge to stop them in their tracks.

Total Security 2009 is a rogue program that claims to be a legitimate antivirus tool but it is actually a malware. It has its origins to the Antivirus 360 which was also a rogue security software. Total Security Virus impersonates the Windows Security Center showing fake alerts that your system is supposedly unprotected. The main intention of Total Security virus is to scare the user in order to purchase the rogue software.

Total Security virus is very persistent in staying alive on your system. It hijacks your Internet Explorer thus blocking your ability to visit legitimate security sites for downloading antivirus tools. It also prohibits the user from opening the windows task manager saying that “task manager has been disabled by your administrator”. I have found a solution for cleaning up Total Security 2009 after searching around. Let’s see together how to do it:

1. Go to Start>Search>For files or Folders
2. On the left side of the search window, select the option “All files and folders”
3. Under the field “All or part of the filename” type *.exe
4. Click on the “When was it modified?”, select “Specify Dates” and on the drop down menu select “created date”. Below that, enter your current date in both “from” and “to” fields.
5. Hit the Search button. It will find an executable under the following folder:

c:/documents and settings/all users/application data/10176254

6. Browse to the above path. If you don’t see the folder “application data”, then go to Tools>Folder Options>View and Select “Show Hidden Files and Folders”
7. Maybe the folder numbers at the end will be different in your case, but they should be under the application data path. Go to the folder and rename it. Then Restart your computer.
8. After restarting, the malicious program will not find its executable to run it, so hopefully you will be able to run your antispyware tool.
9. Download Free Trial of Spyware Doctor Here and perform a free scan of your system. It will find all files associated with Total Security on your system. The free version of spyware doctor is for scanning purposes. To clean up the infection you will need to register the program.

Another tip for removing Total Security, is to use the “sysinternals” process explorer at the following link. (http://live.sysinternals.com/procexp.exe). Run the program and find the process tsc.exe. Click the Red X button to kill the process. You may also find a process with a random number. Kill that one as well.

 Good luck.

Important Note: If you got infected with TrustCop and paid money for it, you must contact your credit card company immediately and request your money back.

In this article I will show you with details how to remove TrustCop virus (either automatically or manually) from your computer. For a free scan of your computer to verify if you are infected with TrustCop virus, download the Antispyware tool below, install it and perform a full system scan.

TrustCop is another malware program that appeared recently on the Internet. It looks like a legitimate security antivirus scanner, but it is actually a rogue program with a sole purpose to steal money from innocent computer users. TrustCop infiltrates your computer with the help of a Trojan virus. The Trojan first gets into your PC (maybe from freeware programs that you installed or via browsing illegal websites) and then it downloads and installs TrustCop. The Trojan virus will then configure TrustCop to start automatically every time you boot your computer. Also, several random files will be created on your hard disk which will look like virus infected files. The purpose of these fake files is to have them “detected” by the TrustCop program which will ask you to purchase its full version in order to delete them. The picture below shows how TrustCop performs a fake scan of a computer system in order to convince the user that it is supposedly a legitimate security tool.

To get rid of TrustCop virus you can follow either the Automatic or the Manual method I will explain below. The Automatic method is recommended for a safe TrustCop removal. The manual method is recommended ONLY if you are expert in Windows Operating System, since it involves messing around with the Registry which can cause fatal problems if you don’t know what you are doing.

Remove TrustCop Automatically

Fortunately there are a few trusted Antispyware tools on the market which can effectively remove TrustCop virus and many other malware programs permanently. One such tool is the famous Spyware Doctor from PCTools software company. I would recommend to Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.

If you have already downloaded Spyware Doctor from the beginning of this article (Free Scan Button) then you can skip this step.

After Downloading Spyware Doctor, run it and have it scan your PC for free. The free version of Spyware Doctor is for malware detection only. After detecting the TrustCop virus, you can purchase the full version to automatically clean up your PC from TrustCop or from any other viruses that reside on your system. If you don’t have already an Antispyware tool, then it is an excellent opportunity now to get a good one, like Spyware Doctor.

Remove TrustCop Manually

Before proceeding any further, I strongly suggest you to backup everything, and especially your registry. We take no responsibility for any damage you may cause to your computer.

Step1: Stop the following Processes

(Note: some processes might have a different name on your case)

• TrustCop.exe
• uninstall.exe
• 28a6d9wnlzader1957.exe
• ca85mxcq.exe

 
Step2: Unregister the following DLL files

(Note: To unregister a DLL file, open a command prompt window and type:
C:\> regsvr32 /u filename.dll ). You may need to navigate to exact path where the DLL file is located.
 

• 288995acktool3z1.dll
• 10134spamb9zb95.dll
• 1015zpyware2930.dll

 
Step3: Delete the following Registry Values (be careful)

HKEY_CURRENT_USER\Software\TrustCop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TrustCop
HKEY_LOCAL_MACHINE\SOFTWARE\TrustCop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “ca85mxcq.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “TrustCop”

Step4: Delete the following files

c:\Program Files\TrustCop Software\TrustCop\TrustCop.exe
c:\Program Files\TrustCop Software\TrustCop\uninstall.exe
c:\Program Files\TrustCop Software\TrustCop
c:\Program Files\TrustCop Software
c:\Documents and Settings\All Users\Desktop\TrustCop.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\TrustCop
c:\Documents and Settings\All Users\Start Menu\Programs\TrustCop\1 TrustCop.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\TrustCop\2 Homepage.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\TrustCop\3 Uninstall.lnk
%Temp%\ca85mxcq.exe
c:\WINDOWS\10134spamb9zb95.dll
c:\WINDOWS\1015zpyware2930.dll
c:\WINDOWS\10753tzo5931.bin
c:\WINDOWS\system32\288995acktool3z1.dll
c:\WINDOWS\system32\28935virus54z.ocx
c:\WINDOWS\system32\28a6d9wnlzader1957.exe

Then, reboot your machine and cross your fingers!!!

GOOD LUCK

If you have ever been infected with the Google Redirect virus, you’ll know how annoying it can be. A Google Redirect virus affects your searching abilities. When you go to Google, or any other search engines, and do a search, the virus randomly redirects you to websites that are totally irrelevant to your search terms. Your computer will also start to slow down dramatically. It may take you two or three tries to eventually end up on the right site.

Not only is a Google redirect virus very annoying and time consuming, but it also may lead to a malicious website that could further infect your computer. Your computer can become infected with spyware and other viruses, also known as browser hijacking.

Most of the time you’ll never know that your computer has been taken over. Then the spyware infiltrates your system and gets access to personal information like credit card numbers, passwords, personal banking info and more. This is the start of your identity being stolen.

The first thing you should do to get rid of the Google redirect virus is to scan your computer using any free spyware scanner. Sometimes this simple scan and clean will clear out the virus. If that doesn’t work, then try scanning your computer in the ‘safe mode’. Then remove any infected files.

If the previously mentioned solution doesn’t work then you’ll have to go out and buy a trusted anti-spyware software like PCTools’ Spyware Doctor. When you’re looking for an anti virus software you should be going online to find one that has had some good reviews written about it. Spyware Doctor has received great reviews through the years like PC Magazine Editor’s Choice and PC World Best Buy Award. Go ahead and download Spyware Doctor below and perform a free scan of your system. This will give you an excellent view regarding the health of your system and verify if you are infected with Google Virus or any other malware.

When you do find one tool that you trust, simply download to your computer by following the prompts. Once it has been successfully downloaded you can run the ‘scan’ feature of the program. This will initiate the scanning of all your files and directories and notify you when it has found a malicious virus. This process may take a little time as it has a lot to go through. Once the program has finished its scan, you can view a list of all the infected files and directories.

In most cases you’ll have the option of completely deleting them or you can have them quarantined or sent to a vault for safe keeping. Either one of those options are sufficient. To make 100% sure that your anti virus software found all there was to find, it is recommended that you reboot your computer and do another scan.
If you want to remove a Google redirect virus completely, and make sure that it doesn’t come back, then purchasing an anti virus software will be your best bet. Some anti virus software will come complete with life time updates, while others may only be good for one year. So be sure that you know exactly what you’re getting. Another great way to find software that will eliminate the Google redirect virus is to talk to your local computer repair store like Geek Squad or similar. A lot of the time they’ll tell you to bring it in, but if they’re kind they’ll tell what they would use to fix it.

EDIT: There is a final version of BackTrack4 released, both an ISO image and a VMWare image. Also, backtrack is now distributed from www.backtrack-linux.org instead of remote-exploit.org. I suggest you to download and install the final VMware version.

I have been using BackTrack3 so far for my ethical penetration testing tasks with great success. I decided recently to give BackTrack4 a try, even if it’s still in Pre-Release stage. The guys at remote-exploit state that even if it is pre-final stage, this release is the sturdiest from all previous BackTrack versions so I decided to try it now rather than waiting for the final release. A notable change with BackTrack4 is that it uses Ubuntu now as the underlying operating system which is a very good move in my opinion.

First download the BackTrack 4 pre-final file (bt4-pre-final.iso) from its original location from http://www.remote-exploit.org/backtrack_download.html. The file comes in dvd ISO format. Save the iso file locally on your hard disk.

• Start the VMWare Workstation and go to File>New>Virtual Machine
• Select Typical Install
• Select option to use Installer Disc image file (iso)
• Click the Browse button to find the ISO image that you downloaded above.
• Click Next, select Linux and for version select Ubuntu.
• Click Next and select the location where the Virtual Machine will be installed.
• Leave the defaults (maximum disk size 8GB and Store Virtual disk as a single file).
• Click Next and Finish.
• Go to “Edit virtual machine settings” and change the network adapter to “Bridged”.
• Power on the virtual machine.
• This will boot up the Live CD from the ISO image and give you several boot options. Select the first option (BackTrack Framebuffer 1024×768).
• After it boots, it will get you into command line prompt as root@bt:#
• Type startx
• This will take you into the graphical interface of BackTrack. However you are still under Live CD. Any changes you make will be lost with next reboot. Therefore you need to install it on the VMWare virtual disk.
• Double click the “install.sh” script that you see on the desktop. This will start the installation procedure. Follow all steps. This will finally install BackTrack on the VMWare disk.
• Press “Restart” button to reboot. After rebooting, it will now boot from the VMware disk and not from the Live CD. At the login prompt, enter the username and password that you configured during the graphical installation above.
• You need to configure a root password here. Type “sudo passwd root”. It will ask you for your own user password to execute the command above. Then it will ask you to enter new password for root (twice). After that, the password for root will be changed.
• Login as root and get into graphical interface with startx.
• You are ready to Rock Baby!!!

I advice you to visit the offensive security blog (http://www.offensive-security.com/blog/) to read some very useful posts about BackTrack4. Especially useful is the post about upgrading the Kernel which is required because of a security hole in the default Kernel of bt4.