Downloading LimeWire 1.5.2 from unauthorized website can bring dissaster
Posted by Hari Saryono on 8 April 2009
Limewire 1.5.2 now available for download. This P2P Sharing program offer many improvement including new look and more secure. Check out LimeWire official website for more.
I never use Limewire before, that’s why I want to try. My google search hit this website. It’s interesteing, isn’t it?. I don’t want to download from ddl, because I have no account there, so I download from LimeWire Official Website.
Scroll down this website. See an interesting one?. Yes, here’s the picture.
I click download the keygen, because download the serial link look broken. Before installing LimeWire, I just wonder if this keygen work. I click it twice, and…. nothing happen. I try again, clicking twice and… nothing happen.
For your note, I didn’t use any antivirus that time, because I just uninstalling my AVIRA 8 while downloading AVIRA 9 didn’t finish yet. This must be a virus, I suspected.
I try to CTRL+ALT+DELETE my computer and… bamm…
I found some interesting program “svcnost.exe”. Suspicious, right?. So I googled “svcnost.exe” and, in the same time I send “svcnost.exe” and keygen to avira lab. As you can guess, It’s a malware.
I don’t know what this virus really do, and I’m connected to the net when I clicked this keygen. Maybe they steal my password. Whatever, I’ve change it.
What’s this virus do?
According to what I read from various places, it will steal your data and sending itself to your contact email. The complete list is:
- Allow complete access to your computer without your authorisation/knowledge
- Destroy/corrupt data on your system
- Steal private information (I.E emails/passwords/credit card information)
- Sending spam emails from your computer without your knowledge
- Denial-of-service attacks (DOS) on internet websites
Trojans are commonly spread through e-mail attachments, chat rooms or received/downloaded files that give the impression they are actually something else.
How To Clean It?
After CTRL+ALT+DELETE and kill svcnost.exe process, Manually I search for svcnost.exe in regedit. I found 2 places where svcnost.exe exist. Just delete it.
Then I search svcnost.exe in my hard drive. I found only 1 place : c:/windows/system32/svcnost.exe, although other researcher found in another places. Maybe I terminate the process too soon.
If you find it, delete it.
FINALLY, I RECOMMEND TO INSTALL AVIRA 9 Free version.
Good Downloading Practice
Sometimes, we can’t avoid downloading from “high risk” site like what I’d explained. I suggest you activate antivirus automatic scanner.
- If scan result showing Keygen, it’s OK, you can disable your antivirus for a moment, run the keygen, apply it, zip your keygen for future use, and then activate your antivirus again.
- If scan result is Malware / Trojan, you better find another source or consider to buy.