Lavasoft News - January 2008 Lavasoft News - January 2008

Bad Behavior

This month’s malware pick, highlighted in order to help you understand how to keep it off your system, is a threat known as Zlob. While we’ve warned computer users in the past about this online enemy, Zlob is currently one of the most predominant threats, according to Lavasoft Researchers.

Understanding the Threat
Zlob Trojans are a form of malware that usually masquerade as a codec needed to play a video, and then install adware or malware onto the user’s system. You may also see Zlob referred to as fake codecs, Zlob codecs, and Smitfraud Trojans.

The Bad Behavior
Computer users often become infected with this malware when attempting to download videos. Users may receive a message that a special “codec” is needed to view content. However, the codec is actually a fake, a Zlob Trojan capable of downloading more of its kind onto your system, along with a variety of adware and rogue anti-spyware.

Before installing the required “codec”, you may even have to accept an End User License Agreement (EULA), either spelling out exactly what will be downloaded onto your machine, or showing a fake EULA to make you believe the download’s legitimacy.

How can you tell if you’ve been infected? The tell-tale signs include loads of unwanted adware and a “nag” screen taking over your desktop in the form of a security warning or pop-up; the message warns that your system is infected, and demands that you run a specific program to fix your PC. The security warnings often mimic valid programs, like Windows Security Center, to feign legitimacy.

Winning Strategies
To avoid getting infected with this underhanded malware, all it takes is a little caution and awareness of the problem. Below are Zlob prevention tips from the security experts at Lavasoft.

  • Fully read EULAs and privacy statements before installing. If the EULA is hard to find or difficult to understand, reconsider installing the software. By not fully reading the EULA, you may agree to questionable activities by the software vendor and even to installing spyware and adware on your computer.
  • Use up-to-date real-time protection. Real-time protection is key in keeping malware off of your system. Ad-Aware 2007, especially the real-time protection of Ad-Aware 2007 Plus or Pro, is an important weapon in the malware fight. Other armor you should equip your system with is updated anti-virus software, a firewall, and the latest security patches from Microsoft.
  • Be wary of adult content videos. Zlob Trojans often masquerade as codecs needed to view pornographic videos. If you see a link for “free porn”, chances are it’s a sure way to get your PC infected.
  • Watch out for fake anti-spyware software. Never pay for a program that installed itself to your computer. This is a hallmark of rogue software.
  • Verify files before downloading. Never download software or a file without knowing exactly what it is. If you are unsure about a certain download, verify it by using an online virus scanner site or check with an expert at an online security forum, like Lavasoft’s Support Forums.

Lavasoft Registry Tuner - $29.95 More Info Buy Now
By the Numbers
500Percent increase in Trojan tools and code used to steal passwords, log keyboard strokes, and infect users with malware during the first half of 2007.
Source: Microsoft’s Security Intelligence Report, IT News
Term of the Month Term of the Month
Your computer’s registry is a database integrated into certain operating systems that stores information (including user preferences, settings and license information) about hardware and software installed on your PC.
Source: Anti-Spyware Coalition Glossary
Tips & Tactics
Spam filters certainly make our online lives easier. But how can you be sure to filter out only the junk and not your favorite newsletters or other good mail? Read More.
5 Star Quality Award
Ad-Aware 2007 received FileCluster’s 5 Star Quality Award after being tested on performance, ease-of-use, functionality, and user feedback. See more awards landed by Lavasoft products.
Spyware Education Center Lavasoft Blog Support Center

Lavasoft AB Lilla Bommen 1, 411 04 Gothenburg, Sweden | |