Sunday, October 26, 2008

Fake DivX codec

Here's a new Zlob fake codec variant, which touts itself as DivX codec. The dropper is named as DivXCodecPKG.7.exe and is hosted at http://softawe-download-forpc.com (66.232.126.78). Whois information for this domain can be found here.



As of now, detection by AVs are not good. VirusTotal scan result can be found here.

Wednesday, October 22, 2008

Chandrayaan-1 launched successfully

Quick update! The Chandrayaan-1 has been successfully launched and placed in its orbit. Get more info here.

Tuesday, October 21, 2008

Chandrayaan-1 – The countdown begins!

Chandrayaan-1 is an unmanned Lunar exploration mission by the Indian Space Research Organization, and is also first Moon mission by India.



Chandrayaan is carrying 12 payloads - 6 Indian and 6 from other International space agencies - for conducting various experiments. More information about Chandrayaan is available here:

Chandrayaan-1 Mission brochure
Chandrayaan-1 photos
Payloads and experiments
PSLV Launch Vehicle

And, we are all set for launch! The launch is scheduled on 22nd October 2008, 0550 hrs IST. Catch the live webcast at the ISRO website.

Wednesday, October 01, 2008

Spyware Guard 2008

Spyware Guard 2008 is a new rogue application. Does that name sound familiar? Well, yes, there is a legitimate application named SpywareGuard (note that there is no space between Spyware and Guard, and there is no 2008) from Javacool Software. Please do not get confused!!

Spyware Guard 2008 is hosted at www.spywareguard2008.com (67.19.176.187), registered by ESTDomains (whois lookup). Here's a screenshot of the website:



The IP address 67.19.176.187 also hosts a fake online video page, with the domain name http://porn-movies-online.net. This page pushes yet another variant of Zlob fake codec hosted at http://pyroscanner.com (67.19.176.188).



By the way, the Spyware Guard 2008 installer is named as SpywareGuard2008.exe, and here's how the rogue application looks:



VirusTotal scan results of the installer can be found here. Stay away from this rogue!

Update: SpywareGuard2008 removal guide can be found here.