PDF Exploits and how to prevent them

Now we know that there are PDF Exploits being used more and more to fake anti virus software. I am here to discuss how to make it harder for these exploits to happen in the first. So I will be walking you through using Firefox as the browser, so if you haven’t downloaded Firefox. I would recommend downloading it, it is much safer than using Internet Explorer.

In Firefox, Click Tools, and then Options:

AdobePDFprevent

You will look for anything that says Adobe in the Applications tab and select either Always ask or Save file.   I recommend setting it to “Always Ask” for the one reason you will know if you have visited a site that uses PDF’s, it gives you a warning of when some website tries to uses Adobes PDF reader.

I also go into Adobe Reader:

Click Edit>Preferences

AdobePDFprevent1

Disabling Javascript will help prevent some of the more common exploits in Adobe, and anyway I do not need Javascript enabled to read a PDF because I hate flashing stuff while I am trying to read.

AdobePDFprevent2

This will prevent it from using your web browser you will have to use Adobe Reader to read this.   From my understanding if you use Adobe Reader in your browser they can put redirects in internet explorer and have some control over what you browser does when you load it up.   This prevents any exploit from taking over IE, or Firefox because now they work alone and not together.   While you at it with Firefox, I would go into the Addons Section.   Click Tools>Addons and Disable the Adobe Reader Addon to be even more safer on the internet.

Now this won’t protect you a 100% but will greatly make it harder for those invisible Iframes to infect your system.   I also have Free AVG running and [intlink id=”3884″ type=”post”]SUPERAntiSpyware Pro[/intlink] running all the time to better protect my system.   You may need to download the PDF to be able to read it.  You can change the Firefox options above to save it instead of asking what you want to do.

List of Malware Sites for Aug 13, 2009

personalantivirus3

  • spyware-scannerv2.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware Site[/intlink])
  • homespywarescanner.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware Site[/intlink])
  • curtle.info ([intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink])
  • securityread.com (Like ([intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink])

These sites gets installed in unsuspecting computers by way of exploits, backdoors, Trojans, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in it but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Do a Full System with One of these Free Antivirus Software:

[ad#SUPERAntiSpyware]

List of Malware sites for Aug 12, 2009

personalantivirus3

There seems to be a couple sites today so I will update as needed:

  • antimalwareonlinescanv4.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • securityfolderprotection.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • computer-antivirus-scanv9.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • private-antivirus-scan9.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • spywarescannerv4.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • virusonlinescanv3.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • windowsprotectionsuite.com  (Rogue Antivirus Software)
  • securityscaninternet.com (Like [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • curtal.info  ([intlink id=”4217″ type=”post”]Scareware Site, tries to get you to install a Trojan[/intlink])
  • cowish.info [intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink]
  • scanasite.com (Like [intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink])
  • joinsecurityspot.com  (Like [intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink])
  • realnssecurity.com  (Like [intlink id=”4217″ type=”post”]Internet Antivirus Pro Scareware[/intlink])

These sites gets installed in unsuspecting computers by way of exploits, backdoors, Trojans, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in it but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Do a Full System with One of these Free Antivirus Software:

[ad#SUPERAntiSpyware]

Scareware Site — Internet Antivirus Pro

I was checking out the site unmast.info and this came up:

Internet Antivirus Pro

As you can see this try to scare you into doing two things.  It tries to Mimic the look of your hard drive and also tries to get you to download a program.  The Program is called Install.exe.  Downloading this file causes AVG and Windows Defender to Pop up with the Warning:

Internet Antivirus Pro1

As you can see this isn’t a good program to install and if you have then I recommend you doing a full system scan and removing this Trojan which I am sure has also installed other Malware like a botnet or something along that lines. Your Privacy isn’t safe on that computer so you should do these things as soon as possible.

Threat to System : Severe

[rating:5/5]

Advice : Do a Complete system scan and Remove this Trojan and any others that have been installed.

I recommend :

Do a Full System with One of these Free Antivirus Software:

[ad#SUPERAntiSpyware]

List of Scareware Sites for Aug 10, 2009

When I told you on the last post that today would be a more complete list, I guess I was right:

personalantivirus3

  • antispywareonlinescanv4.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • onlinebestscannerv3.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • get-rid-of-spyware.com(Possible [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink] site but is saying 403)
  • best-antivirus-security.com (Clone of [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • personalantivirusprotection.com ([intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink])
  • virusscanweb.com ([intlink id=”3114″ type=”post”]WinWebsec Scareware site[/intlink])
  • (I will update during the day as needed)

More than like get-rid-of-spyware.com is the domain they are using right now to scare people into buying or install that [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink].   Although this won’t help much with those warnings, in fact they will most like just keep hijacking your browser and send you to these pages.   Most of the time they want you to buy there Antivirus and try to persuade you by showing fraudulent software infections on your screen.  These types of software only make money they do not do anything else but to fool the person.   Then there are some sites that just try to alter the look just a little bit to get under the radar!!  You should never download or install software from these types of sites.   They most likely will have trojans, or create an even more scareware situation on the desktop.

<p style=”text-align: left;”><strong>Threat to System : <span style=”color: #ff0000;”>Moderate</span></strong></p>
<p style=”text-align: center;”><strong></strong></p>
<p style=”text-align: left;”>[rating:4/5]</p>
<p style=”text-align: center;”><strong></strong></p>

<p style=”text-align: center;”><strong></strong></p>
<p style=”text-align: left;”><span style=”color: #000000;”><strong>Advice</strong></span> : Do a Complete system scan and make sure you don’t have any more hidden malware.</p>

<strong>I recommend :

Do a Full System with One of these Free Antivirus Software:</strong>

[ad#SUPERAntiSpyware]

onlinebestscannerv3.com