PolyMorphic Win32:Vitro Most Viraulent Virus
This seems to be an virus that is getting some people hit hard. I wanted to blog about this because of the nature of Virus and Trojans. I have read reports that this might be from Online Movies, and I have to say this is one reason why you must stay away from certain online movies. I am going to take a guess that this virus requires a special CODEC, and you downloaded it and installed it. It Could also be the update the Adobe Flash player idea to but still results in getting the Virus.
As I said before you take a risk when you go to sites you don’t trust or know anything about. You also should know that if you need a “SPECIAL” codec, you should just go on to another site. These sites that claim they need this special codec means only one thing they want to install something without your Knowledge.
So what is this Virus:
The Virut family of viruses uses polymorphism to hide from all anti-virus protection, it infects executable files. File infection makes it very hard to repair a system that has been infected. W32/Vitro injects code in running processes and hooks the following functions in ntdll.dll which transfers control to the virus every time any of these function calls are made.
Removing Win32/Bagle.HE worm
Here is another virus that seems to be spreading lately. From the looks of it, it sees to be another email worm. Here is what eset says:
Aliases
Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)
When executed the worm copies itself in the following locations:
- Documents and Settings\All Users\Application Data\hidn\
hldrrr.exe - Documents and Settings\All Users\Application Data\hidn\
hidn2.exe
In order to be executed on every system start, the worm sets the following Registry entry:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key
Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.
The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.
Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.
I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.
Figuring out the Email-Worm Win32.Zafi.b
Comments OffThis is another just I just saw on the web and wanted to talk about what this little Worm does and what it’s known Aliases:
Email-Worm.Win32.Zafi.b (Kaspersky Lab) is also known as: I-Worm.Zafi.b (Kaspersky Lab), W32/Zafi.b@MM (McAfee), W32.Erkez.B@mm (Symantec), Win32.Hazafi.30720 (Doctor Web), W32/Zafi-B (Sophos), Win32/Zafi.B@mm (RAV), PE_ZAFI.B (Trend Micro), Worm/Zafi.B (H+BEDV), W32/Zafi.B@mm (FRISK), Win32:Zafi-B (ALWIL), I-Worm/Zafi.B (Grisoft), Win32.Zafi.B@mm (SOFTWIN), Worm.Zafi.B (ClamAV), W32/Zafi.B.worm (Panda), Win32/Zafi.B (Eset)
It is written in Assembler, and packed using FSG. It is 12800 bytes in packed form, and 33292 in unpacked form.
This Worm seems to be running through email and file sharing sites, One thing it tries to do is stop the process and deletes:
fvprotect.exe
winlogon.exe
jammer2nd.exe
services.exe
It attempts to detect antivirus program files on the computer and overwrite them with a copy of itself.
www.2f.hu
www.parlament.hu
www.virusbuster.hu
www.virushirado.hu
CBS Confirms the Axe of Layoffs for CNET
Comments Off
CBS throws the gauntlet and says in a statement :
CBS Interactive continues its integration process, which now calls for the further combination of several portions of the division into unified groups oriented around similar content. This important move allows us to better align our premium content for our audiences and our advertisers, and also results in reduction in certain areas that are now duplicated in the new organization structure. We believe these moves are necessary to continue building CBS Interactive into the most creative, most efficient, most profitable and fastest growing Internet company in the media business.”
Is this Hardcore PC Falcon Northwest Mach V Extreme or not?
Comments Off
- Silverstone Temjin TJ03 full tower case
- Intel Core i7 965 Extreme processor — Overclocked to 3.8 GHZ
12GB of DDR3-1066
7200-rpm Hitachi Deskstar 7K1000 hard drive
All these are links are for those who would like to make this computer yourself. The links are where you could go to buy the parts. The price after you buy the parts are estimated at $7395 price and I think you could get that down to 5000$ if you look for rebates and other incentives. I wouldn’t mind having this computer for gaming myself. It sure would be nice to give for someone on the holidays. This would be good for people wh o are looking to computer game developers or people who are into 3D rendering. Just though I share this little review with you. They really did a fantastic review of this product on there site.
Looks like a scam to me : Personal Shopping Assistant!
Good afternoon!
We found your resume at _________________ and we would like to propose you a
position of Personal Shopping Assistant.Imagine having an exciting job with incredible salary (up to $100,000/year) that
lets you use your creativity while being paid to shop. Welcome to the world of
personal shopping!As we know shopping is the world’s favorite leisure activity, but in our busy
society an increasing number of people need to hire someone to do their
shopping. Thus personal shoppers are more in demand than ever before.There are absolutely NO START-UP FEES and NO FEES for being employed at this
position. As long as you live in the USA, and you have a credit card or any
other line of credit, have 1 or 2 free hours during the day – you are eligible
for this job!
This is what you will have to do in short:
• Purchase the requested goods using your credit card.
• Send us receipts.
• Wait for us to issue a credit to your credit card in the amount of purchase
plus shipping fee plus your commission which comprises 10%.
• Ship out the goods.
• You are finished, come back for a new list of goods.
Alien Ware Extreme Gaming Notebook M17 17 Inch
Looks like they are out of stock on this Laptop but they do have Alienware M17x-2857DSB 17-Inch Laptop (Black) which looks to be an upgraded version of this one!!!
- Windows Vista® Home Premium (32- and 64-bit)(default)
- Windows Vista® Ultimate (32- and 64-bit)
- Intel® Core™2 Duo Or Quad and Extreme Processors (12MB Cache, 1066MHz FSB)
Intel® PM45 + ICH9M-E Chipset up to 4 GB
ATI Mobility Radeon™ HD 3870 (Also Comes with CrossfireX Enabled) - Dual Harddrive In Raid 0 Config or you can have a single hard drive
- 5400 RPM – Up to 1TB (2 x 500GB)
- 7200 RPM – Up to 640GB (2 x 320GB)
So I saw this and had to tell people this is a sweet laptop for people who like to go and play games in a large group. You would be able to play for hours on end, all you would need is an power cord. I would love one of these to try out. If you want to go check it out or buy it. Here’s the Alienware M17x-2857DSB 17-Inch Laptop (Black).
Find Other Alienware Products
Toshiba Rolls out the Mobile Gaming Laptop!
Comments Off
o Genuine Windows Vista Ultimate (SP1, 64-bit7 version) (default)
o Genuine Windows Vista Home Premium (SP1, 32-bit version)
* Intel Core 2 Extreme Processor1 QX9300* 4096MB PC38500 DDR3 1066MHz SDRAM3
* 128GB Serial ATA SSD3
* 320GB (7200 RPM) Serial ATA HDD3
* DVD SuperMulti (+/- double layer) with Labelflash drive
* NVIDIA GeForce 9800M GTS graphics with NVIDIA SLI technology 512MBx2, GDDR3 discrete graphics memory
* Atheros 802.11 b/g/n wireless-LAN
This looking so sweet, to get the full picture check out the Toshiba Gaming website : Qosmio: X305 Let me know if anyone wants to buy me one!! 
I wouldn’t mind one these myself!!
Mahalo Lay’s off around 10% of it’s workforce!!
Comments OffWe’ve laid off a just under 10% of our full-time staff, cut our overhead by doing smart things like renting desks (we have six desks/offices available fyi), and reorganized our editorial department to focus on freelance positions over in-house editors. The net result
of the effort is we are giving Mahalo another year of “dry powder” (or runway) to complete our mission.
This is not to be unexpected after all the talk about the recession coming our way. It does however emphasizes the need for companies to consider there profit margins and accounting strategy.
Mahalo was launched in May 2007 as an Alpha test. That is to say only a select number of people were able to access the site and create feedback to the development of the site. As of January of 2008 it is in what we call the Beta test phase. Which means more people are testing it out and find out it’s flaws to report back about where they need to improve. Mahalo’s directory employs human editors to review websites and search engine results.
Little Big Planet Delayed Due to offending phrases.
Comments Off
Just off the presses folks, “Little Big Planet” has been delayed. Here’s what Sony is saying:
“During the review process prior to the release of LittleBigPlanet, it has been brought to our attention that one of the background music tracks licensed from a record label for use in the game contains two expressions that can be found in the Qur’an.
“We have taken immediate action to rectify this and we sincerely apologize for any offense that this may have caused. We’ll confirm the new launch date shortly.”
[via dot.life]
So here I am as a gamer waiting to see all this and they have to stop it due to so called “offending phrases”, I would like to know what they were.
I am going to take a guess that it will be a short delay they have to get all the product they shipped and ship new ones to the stores. It will create a big deal in the US due to all the new releases that are coming out just before Christmas so I would have to think around December if they are lucky.
