The Commission of the European Union (EU) has recently released statistics on notices of unsafe consumer products that have been processed through their rapid information system (RAPEX). In April 2010 the Commission validated 145 notifications. Guess what tops the list of unsafe products? Cars? Nope, it’s toys for children. Of the 152 total notifications received, toys continue to top the list of unsafe products with 29% of the total notifications; clothing, textiles and fashion items - 19%, autos - 17%, electrical appliances -12%, cosmetics - 7%.
The notifications validated in April covered 11 different types of risk such as injuries (24%), chemical (18%), choking and strangulation (14% each), electric shock (10%).
Regarding the country of origin of the products identified as presenting a serious risk, more than half (53%) originated from China including Hong Kong. Another 19% of unsafe products originated in EU. For a comparison, only 2% came from US. Another good reason to buy American!
June 10, 2010
March 25, 2010
Energizer Duo USB Charger: Backdoor Trojan Issue
Can a battery charger present a security risk to your computer? You bet, it can. Of course, not a charger itself, but a free software that comes with it. US-CERT (a United States Computer Emergency Readiness Team which is part of the Department of Homeland Security) has just issued a Vulnerability Note stating that "Energizer DUO USB battery charger software allows unauthorized remote system access".
For reference, Energizer Holdings, Inc. is one of the world's largest manufacturers of batteries, battery-powered devices and flashlights. Chances are your portable player uses their batteries. In 2007, Energizer introduced Duo USB Charger that can charge Nickel Metal Hydride batteries from a USB port. It had optional downloadable software that let you view the battery charging status. Well, it has been found that this software included a file Arucer.dll which is a backdoor Trojan that allows unauthorized remote access to your computer. According to Symantec, this Trojan operates with the privileges of the logged-on user and listens for commands from anyone who connects and can perform various actions, such as the following:
• Download a file
• Execute a file
• Send a directory listing to the remote attacker
• Send files to the remote attacker
• Modify the registry
The solutions recommended by US-CERT are: remove the Arucer.dll file, remove "Run DLL as an App" exclusion from the Windows Firewall, and block or restrict network access. Energizer acknowledged the security issue. It has removed this software download and are now directing consumers to download an uninstall software that should eliminate the vulnerability.
For reference, Energizer Holdings, Inc. is one of the world's largest manufacturers of batteries, battery-powered devices and flashlights. Chances are your portable player uses their batteries. In 2007, Energizer introduced Duo USB Charger that can charge Nickel Metal Hydride batteries from a USB port. It had optional downloadable software that let you view the battery charging status. Well, it has been found that this software included a file Arucer.dll which is a backdoor Trojan that allows unauthorized remote access to your computer. According to Symantec, this Trojan operates with the privileges of the logged-on user and listens for commands from anyone who connects and can perform various actions, such as the following:
• Download a file
• Execute a file
• Send a directory listing to the remote attacker
• Send files to the remote attacker
• Modify the registry
The solutions recommended by US-CERT are: remove the Arucer.dll file, remove "Run DLL as an App" exclusion from the Windows Firewall, and block or restrict network access. Energizer acknowledged the security issue. It has removed this software download and are now directing consumers to download an uninstall software that should eliminate the vulnerability.
March 22, 2010
AVE.exe (Total Vista Security) Virus Removal
I recently wrote about removal of fake security alert Anti-Virus System Pro. The main step in the removal procedure was restarting PC in safe mode and running Malwarebytes (mbam.exe). Unfortunately, it does not work with a new modification of this virus, called Total Vista Security that runs a program file ave.exe. This program continues running in safe mode and prevents you from starting mbam. So, how to stop it? You can temporarily stop ave.exe process via Task Manager but it reappears in a moment. What does ave.exe do? Basically it does the same as similar fake security alert malware- it prevents you from opening any program on an infected computer and is trying to trick you into buying their software. Don't pay them - you can fix the problem for free in minutes. I managed to get rid of this malware just by restoring my computer to a previous date.
To use the system restore while this virus is running you can begin as if you are restarting the computer in safe mode via Start menu:
Start> Shut Down>Restart.
When Windows shuts down and the screen becomes blank, start hitting F8 key until you hear a beep and a menu appears. Select Safe Mode with Networking, hit Enter and then hit Enter again on selection of your operating system (such as Windows XP). After computer restarted and you logged in, it asks you if you want to proceed into Safe mode or use System Restore. Select System Restore and choose a past date when you are sure you had no viruses. Note that this process does not affect your files, only the programs you might install or update since the restore date you chose. After restoring your system you should be able to download (if you have not done it yet) and run free Malwarebytes (mbam.exe). Just update it to the latest version first. The above ave.exe removal guide does not constitute a professional advice: if you choose to use it, do it at your own risk. It worked for me, but of course I can't guarantee it would work for everyone.
To use the system restore while this virus is running you can begin as if you are restarting the computer in safe mode via Start menu:
Start> Shut Down>Restart.
When Windows shuts down and the screen becomes blank, start hitting F8 key until you hear a beep and a menu appears. Select Safe Mode with Networking, hit Enter and then hit Enter again on selection of your operating system (such as Windows XP). After computer restarted and you logged in, it asks you if you want to proceed into Safe mode or use System Restore. Select System Restore and choose a past date when you are sure you had no viruses. Note that this process does not affect your files, only the programs you might install or update since the restore date you chose. After restoring your system you should be able to download (if you have not done it yet) and run free Malwarebytes (mbam.exe). Just update it to the latest version first. The above ave.exe removal guide does not constitute a professional advice: if you choose to use it, do it at your own risk. It worked for me, but of course I can't guarantee it would work for everyone.
Subscribe to:
Posts (Atom)
Posts
