Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Unwanted Adware Abuses Utility of Windows that would Secure Computer

An adware program, which's widely prevalent, has been hindering Internet-users from downloading AV solutions via exploiting certain utility of Windows created for the computer's security, published securityweek.com in news on November 23, 2015.

Given the name Vonteera, the adware exploits the verification utility of Windows for digital signature that the User Access Control of Windows performs to check executable files.

User Access Control (UAC) encourages end-users to confirm every time any software aims at changing the system for something which depends upon admin privileges. Consequently, malicious software gets obstructed from quietly acquiring admission into the system fully, when run from any low privileged user account.

When any trusted publisher digitally signs a file executed, the UAC exhibits alerts for confirmation showing various degrees of risk, like for an unsigned file alternatively one approved with any certificate that is self generated that, however, Windows cannot connect with a source of trustworthy certificate, there will be one exclamation mark in yellow for the UAC alert.

But in case a blacklisted certificate is used to sign the file then UAC will just halt the file's execution while exhibiting a red alert.

Apparently, Vonteera's developers who aim at compromising Web-browsers and exhibiting advertisements in it have determined that it is easy to exploit this action of UAC for not allowing end-users to download security software.

Researchers at Malwarebytes observed that Vonteera included thirteen certificates into the list of untrustworthy certificates that Windows saves in its store following which they categorized the adware as Trojan. These included certificates are from anti-virus companies such as Avira, AVG, Avast, BitDefender, Baidu, Lavasoft and ESET.

By making this inclusion to the list of untrustworthy certificates, Vonteera makes sure that programs digitally authorized using these certificates won't get run. The adware further stops installation of files taken from websites which utilize the said certificates.

Anybody attacked with adware while his anti-malware program doesn't function Malwarebytes suggests he sanitize his certificate folder by clicking on certificate manager, eliminating all the certificates of anti-malware or anti-virus firms out of Unwanted Certificates folder followed with executing an anti-malware for eliminating the Vonteera.

» SPAMfighter News - 11/27/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page