List of Malware sites for Aug 21, 2009

By Paul | Aug 20, 2009
Comments Off

personalantivirus3

It has been kinda busy today for the Antivirus scareware sites but here they are.

Personal Antivirus Scareware Site:

  • check-for-malwarev3.com
  • safeonlinescannerv4.com
Internet Antivirus Pro Scareware:

  • fatuus.info

Rogue Antivirus scareware sites:

  • antivirusplus2010.com
  • mybestantivirusplus.com
  • internetantivirusplus.com
  • antivirusplus09.com
  • antivirus-plus-now.com
  • yesantivirusplus.com
  • goodantivirusplus.com
  • i-antivirusplus.com
  • nextantivirusplus.com
  • antivirusplus-ok.com
  • getavplusnow.com
  • antivirusplusnow.com
  • getantivirusplusnow.com
  • realantivirusplus09.com
  • freeantivirusplus09.com
  • addedantivirusstore.com
  • addedantivirusonline.com
  • myplusantiviruspro.com
  • yourcountedantivirus.com
  • easyaddedantivirus.com
  • addedantiviruslive.com
  • addedantiviruspro.com

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

Malicious Spammers target Bank of America

By Paul | Mar 14, 2009
Comments Off

I’ve saw two different security firms talking about Bank of America and I wanted to share with you:

Fake Bank Of America SitePicture from F-secure

The two sites are F-secure and Pandalabs who are talking about Bank of America and how they try to get you to install malware.  With Adobe having just sent out the new updates last month it looks like spammers are using this to get people to install Malware.

It is also been known to be floating around in Facebook this spam.  So if you get a link going to a site you don’t know about to see a video and it says you need a codec or the Adobe update you should turn right around and leave site. You should always type in the url of Your Bank and not go there through links.

From what they are saying it monitors Network traffic and Steals ICQ, POP3, and IMAP passwords.  If you find network traffic going to Hong Kong IP, then it is time to check to make sure all your Virus definitions are up to date and you’ve installed an Anti-virus and Firewall.  I would encourage  users to report it to Phishtank so that any other unsuspecting user or person going to that site will be warned.

Is Google the ultimate news source?

By Paul | Mar 12, 2009
Comments Off

As you know We had a big problem Monday Night and All day Tuesday. If you are a regular reader of this blog, you would of noticed either a 503 or lag. It was due to an article that I released late Monday night about the PIFTS.EXE and the so call conspiracy.

At the time, I was wondering and quite disturbed about what Norton Symantec was doing to the forums. So I blogged about this and wouldn’t you know my site was Held Hostage by Google. I kid you not, I had so many people come to my site in under an hour it wasn’t even funny.

So I sit here, asking a really good question is Google the News? I don’t know exactly when but according to Wikipedia Google was formed in 1998. The Google Motto is Don’t Be Evil, and I guess it makes them look like a news source. When did they get past the news site? I would hazard a guess that it was in late 2004 they started when they when Google gave people the first chance to own the stock on August 19, 2004, when Google became a publicly held company.

I got hit hard by Slashdot, Reddit.com, and Google.  In truthfulness, It was more of searches and people coming from Google than anywhere else. I would say Google was the 90% and and Slashdot and Redidit was 8% and the rest was from other websites for this one article. Now don’t get me wrong the 2% of people was my normal amount of people for the day. So you can imagine how many people actually came to my site over this fiasco.

Conspiracy theories run rampent due to PIFTS.EXE

By Paul | Mar 9, 2009
View Comments

(Looks like some of this was a 4chan gag, check my other post about it)

All of the sudden people around the World are seeing PIFTS.EXE popping up. Norton Antivirus is asking users if they want to accept it. Here what I do know:

Here’s some information I pulled from my Zone Alarm Logs. Does this make sense to anyone?

2009/03/09 18:26:44 — New Program — PIFTS.exe — Destination IP: 67.134.208.160:80 — outgoing — blocked — Destination: ping.lifecycle.norton.com

2009/03/09 18:47:52 — Program Access — PIFTS.exe — Destination IP: — outgoing — blocked — Destination:

2009/03/09 18:48:28 — Changed Program — Windows Explorer — 207.46.248.249.80 — outgoing — blocked — Destination: sa.windows.com
[Via The Symatec Forums]

This indicates that the program tried to change tactics to go out on the net.  I look a look for this and it is SwapDrive.  So this must be an update to Swapdrive but I am unsure as to why it pops up that way.  The other ip is in Africa or at least take the .80 out of the equation and it points to an Africa IP.  (It looks to my mistake in that little part, “to error is human” Check out this  post about it)  Although just recently Norton Decides to Delete that thread and people are really worried about why?  Is this a cover up of some sort because there is a exploit in the Wild that we don’t know about?  These are good questions that need to be answered.   Here is what one posted about this just after they deleted the forum thread:

Fake Emails about Windows Support spam!

By Paul | Mar 9, 2009
Comments Off

According to Trend Micro, Some malicious software is being sent to unsuspecting users about Windows SP1 andSP2 having a error that could damage software or even hardware.  See Trends blog with the photos of the fake spam.

Although from time to time Microsoft does send out security information to Technet subscribers people have also used this in the past to get people to install Viruses and Malware, like this one that installs TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information

Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.

[Via Microsoft]

So if you get an email from Microsoft you’ll probably want to delete it.  Any Microsoft communications will be sent from the Update center.  You should never install software that is from an untrusted website.    If you are concerned you should check the web and find out what people are saying about the situation and see if it is a scam or true!!  Remember only you can prevent a virus or Malware!

Microsoft Releases the Patch Information for March

By Paul | Mar 4, 2009
Comments Off

Microsoft Has Released the Patch information For march and This is what is expected to be patch on March 11, 2009:

  • Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (Kb949029) — This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.  (affected System : Microsoft Office)

Cracking and Warez sites are Host of Trouble!!

By Paul | Mar 3, 2009
View Comments

It is nothing to laugh at and should be understood that gamers have no freedom right now.   That said this new Variant to Virux Trojan is in regards to Win32/Vitro Trojan.  It seems tobe infecting .exe and .Scr files just like this.

According to Trend Micro:

The downloaded malware include variants under the FAKEAV, TDSS, and VUNDO families. Infection chains, however, are notable for the presence of VIRUT and VIRUX malware. VIRUX and VIRUT attacks were initially about the volume of infected PCs. The numbers are massive enough to worry Web users and security researchers: around 20,000 PCs are infected per day
Read more: “Crack Sites Distribute VIRUX and FakeAV

Now it seems to be more and more sites with getting computer infected. It also seems the Malware writers are using these servers for helping infect essentially gamers computers. So for the time being, if you have a favorite game and you want to:

  • No-CD Crack (This is good for those who want to play the game without the CD)
  • Key Gen Cracks (This is used for pirated version of a game)
  • Update Cracks (This is used to prevent CD checking or Also prevent Version Checking)

Facebook Goes Phishing again

By Paul | Mar 1, 2009
Comments Off

In one of my Previous articles about the Koobface Worm, I talked about the way they were infecting the systems and what you need not do.

It seems that Trend Micro has seen an even more rise in people downloading the WORM_KOOBFACE.AZ and Seems to be on the RISE. This is all done with a Social engineering and Has had some attempts before with this little worm on Facebook.

After your Infected with this new Variant, it searches for cookies and Sends out a message to people from:
* facebook.com
* hi5.com
* friendster.com
* myyearbook.com
* myspace.com
* bebo.com
* tagged.com
* netlog.com
* fubar.com
* livejournal.com

This seems to be a social engineering Nightmare for these websites and as yet are unsure what else it does but it says the same thing it did before by saying “This is a Video of You on the Street.” Which is bogus but none the less people click and think they have to download a codec or update their Flash. Social Engineering is on the rise and will be taken seriously. You should read the full report from Trend on what it does but you also should have an anti-virus and Firewall installed to prevent this from happening in the first place. The only true way of preventing this is not to be fooled, you should NEVER Download from a site you don’t know or trust. See all the Facebook articles for more information.

Viacom might be going to HULU

By Paul | Dec 31, 2008
Comments Off

According to some of the news post people are worried about Viacom leaving Time Warner. Now Here’s where Viacom might be going digital. What do I mean Digital, I am talking about going to HULU. If Viacom doesn’t sign a deal with Time Warner, that would leave a space ope for someone else like Hulu.

So Viacom isn’t happy with Time Warner, or They want to go IPTV. Some of the Headlines I’m seeing are:

These are just a few that I am seeing pop up around the internet.  So what does that mean to the internet user?  Well On one of there show’s like Dora the Explorer on Nickelodeon will begin to stream some of the shows previews on Dec 29, 2009 for it’s next show.  When you go to Nickelodeon Site you get this:

nickplea

Warning Signs of Hard Drive Trouble

By Paul | Dec 21, 2008
Comments Off

For every computer there comes a time when you have a problem with hardware or software. This is for those who want to learn the signs of possible fixes for having hard drive problems. Although if you know you’re hard drive is dieing then you better back it up as quickly as possible. You will of course need to get the back up software to protect your data.  If you have special drivers you will need to backup yours drivers.  If you have an OEM system then you will need to backup the Hidden Partition.

So what are the warning signs of a hard drive failure:

  • Unexpected freezing of Windows — When Windows Locks up and you have to reboot or getting a Blue Screen of Death.   You have no choice but to restart because you can’t do anything with windows.
  • Losing data files — if you seem to see files being lost or deleted without your direct input.  It might be a sign of a computer virus or it could be a damaged hard drive.

Digital Convert boxes for Feburary 17, 2008

By Paul | Dec 17, 2008
Comments Off

It being close to the change over, I’d figure I’d show you some of them and talk about them. To better help people make up there minds on what might be there choice of a Digital Converter Box. This is to help people get the most out of there products.

The Specs for this Converter is:

Zenith DTT901 Digital TV Tuner Converter Box

21oyeyvylql_sl160_

  • Digital TV Tuner Coverter Box
  • Analog Pass-Through for Low-Power TV Stations broadcasts
  • On-Screen Program Information with Remote Control
  • Simple Connection to TV with supplied RF Cable
  • Parental Control to Manage TV Programs and advanced Closed Captioning

$59.95 Free Shipping

It could be on sale so check the link for more price options.  I also found this one that is a little more expensive but supposed to be better:
GE 23333 Digital to Analog TV Converter Box

41ht9h42hbl_sl160_

  • Smart Antenna Interface
  • Simple Setup
  • Analog Pass Through
  • Dolby(R) Digital Sound
  • Receives Over-Air Hdtv Signals

$76.99 Free Shipping

Signs of a Computer Infection!

By Paul | Dec 14, 2008
Comments Off

So I was thinking this morning what I missed and I totally missed on how you might be able to tell if you have a computer virus. It does me no good to talk about a virus if you don’t know you’re infected. I was thinking of the times I had a client who had trouble but wasn’t what I thought.

So How do you know?

Some people would say it depends on factors but here are what I call clues that make me suspect a virus:

  1. Slow or Sluggish computers –  Here is what I know if the computer is really slowing down and have a dual core or quad core.  If you are running a system and sees a lot of hard drive activity even when the computer is idle then it might be a virus or it could be a program doing what it is supposed to be doing.  So this is somewhat of an indication but not always.
  2. Slow internet connection on the computer or on the network — Due to the fact that most people have a router that is connected to all the computers and if you internet connection on all your systems are slower than normal then you could have a virus.  I use Speed Test website to help determine this.

Figuring out the Email-Worm Win32.Zafi.b

By Paul | Dec 13, 2008
Comments Off

This is another just I just saw on the web and wanted to talk about what this little Worm does and what it’s known Aliases:

Email-Worm.Win32.Zafi.b (Kaspersky Lab) is also known as: I-Worm.Zafi.b (Kaspersky Lab), W32/Zafi.b@MM (McAfee), W32.Erkez.B@mm (Symantec), Win32.Hazafi.30720 (Doctor Web), W32/Zafi-B (Sophos), Win32/Zafi.B@mm (RAV), PE_ZAFI.B (Trend Micro), Worm/Zafi.B (H+BEDV), W32/Zafi.B@mm (FRISK), Win32:Zafi-B (ALWIL), I-Worm/Zafi.B (Grisoft), Win32.Zafi.B@mm (SOFTWIN), Worm.Zafi.B (ClamAV), W32/Zafi.B.worm (Panda), Win32/Zafi.B (Eset)

This worm spreads via the Internet as an attachment to infected messages, and also via local and file-sharing networks.
It is written in Assembler, and packed using FSG. It is 12800 bytes in packed form, and 33292 in unpacked form.

This Worm seems to be running through email and file sharing sites, One thing it tries to do is stop the process and deletes:
fvprotect.exe
winlogon.exe
jammer2nd.exe
services.exe

It attempts to detect antivirus program files on the computer and overwrite them with a copy of itself.

It also attempts to conduct DoS attacks on the following sites:

www.2f.hu
www.parlament.hu
www.virusbuster.hu
www.virushirado.hu

Crafty little Trojan:W32/DNSChanger.ARNF

By Paul | Dec 11, 2008
Comments Off

Saw this post and couldn’t resist talking about it.   This was talked about on F-secure.    It looks like they use a program call “Homeview Installer” and after you install it you get the Trojan:W32/DNSChanger.ARNF.   So how do you get that off your system?  Before we talk about that, let’s talk about what it does.  According to F-secure:

This malware is dropped onto the system by Trojan-Dropper:W32/Agent.FLN. It is used to change the DNS settings on a system so that information such as passwords and credit card details can be retrieved.

[Via F-secure]

What you need to do to get rid of this of this Trojan is to scan your system.   You will also need to understand that this is a really good Trojan, it sees to modify your DNS and also your Registry.   Once you located and destroyed it you will then want to remove all your restore points.  After that you will want to check my other resources to better protect yourself.   You are the only one to prevent a virus from getting on your system.   If you like this one check out my other post as well.

Fix Shutdown Problems in Vista!

By Paul | Dec 10, 2008
Comments Off


In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility.  One thing it seemed to fix on my system has been the shutdown time.  It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute.   So if you’ve not installed this update please install it soon.   I would like to know if people are seeing the same thing I am.   I’ve found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs.  This should fix most of the problem with older programs.

Facebook : Beware Spam for breakfast. (Virus)

By Paul | Dec 7, 2008
Comments Off

In today’s society, we’ve been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:


The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user’s friends via the site.

“Unfortunately, users are very trusting of messages left by ‘friends’ on social networking sites,” said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. “So, the likelihood of a user clicking on a link like this is very high.”


[Via Channel Web]

This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they’ll say you need and if you’ve already installed this list of codecs then you know they’ll not telling the truth and you can quickly get away from the site laughing.

trojan.zlob removal tricks!!

By Paul | Dec 6, 2008
Comments Off

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.”  So to remove this little Trojan you would want to download one an Anti-virus and firewall.   Once you install the software the program should fix the problem for you.   This one seems to be really easy to fix.   So Please read my post on how to better protect your self if you want to prevent this in the future.

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

By Paul | Dec 5, 2008
Comments Off


A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

So having seen this I thought I’d come up with ways around this to better protect yourself.  One way to prevent this from getting your sensitive data is to get a program like Sandboxie.   You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer.   I’d also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening.  It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free  to download and try.  It will encrypt your passwords so if they don’t know the master password then they are out of luck.  Roboform is also good for coming up with some strong passwords.  Just some suggestions to prevent from people seeing your sensitive data, you don’t want anyone to get that data.

Are you patched, Secunia Says NO

By Paul | Dec 5, 2008
Comments Off

Secunia BlogThink you’ve got nothing to worry about, according to Secunia 98% of computers are not fully patched and are vulnerable to some kinda of attack.

So I wanted to talk about this a little and give you a few good ways to make sure you are patched.  There are several ways to get your system up to almost 100%.

Some things to do is make sure you have your Windows systems updated.  This is easy to make sure, if you have an internet connection you can just check for updates.  If you don’t know how to do it, it is quite simple, Just go here.    If you have Windows Vista all you have to do is hit Start and type in the search box “Windows Update” and hit Enter and you will be taken to the update page.


If you have a system that is off of the Net you could use the Clone of Autopatcher Program to do it for you.   You also need to update all your secondary programs such as Audacity, Open Office, and other programs that you use weekly.

Viacom and ATT layoff some people. (12,850 People)

By Paul | Dec 4, 2008
Comments Off


Today, we are announcing a company-wide restructuring plan that includes staffing reductions in all divisions. This will result in a reduction of our worldwide workforce of approximately 7 percent, or about 850 positions. We are also suspending salary increases for the Company’s senior level management in 2009. In addition, after a comprehensive review of our operations, we will write down certain programming and other assets. These three actions will bring us significant cost savings and other efficiencies.

[via Gawker]

This is a Sad day for the telecommunications industry both AT&T and Viacom are laying off people. According to reports Viacom will lay off around 850 people. ATT will layoff 12,000 Jobs. Here’s the quote from Associated Press:

AT&T Inc. joined the recession’s parade of layoffs Thursday by announcing plans to cut 12,000 jobs, about 4 percent of its work force.

[Via Associated Press]

So in all today total that is 12,850 people who are going to be laid off. This is another set of layoffs but isn’t the last to see the whole list of of Layoffs in the Tech industry that I’ve talked about please click this link. You may find some usefull tidbits if you search my blog enough, I’ve got some great tips on getting hired and what you should do to be prepared.

Apple’s Immunity, Botnet sanctuary.

By Paul | Dec 3, 2008
Comments Off

Apple Immune? No way!

But is Apple projecting a false sense of security just to save face? Many experts repeatedly warn that all operating systems are susceptible to viruses, and as the Mac becomes more popular OS X will inevitably become a bigger target for malicious attacks.

[via Pcworld]

Having said that I feel the notion that Apple is trying to keep there reputation as a virus free system. I can only hope that they stay that way. Which as much as I know, Apple will most like start to be the main source for botnets, because of the lack of security.

According to reports on this blog, people are worried Apple stance on it being the safest and having so much immunity to viruses. Apple in the past has stated they have mislead people with there firewall. Yet Apple takes down that suggestion of having an Anti-virus(Quietly).

Everything I’ve seen suggest that virus writers and Malware writers will MOST likely start targeting the Mac OS X, they know Apple sense of security is Vulnerable to attack and they will exploit it more and more. So what does that mean for Apple, it just means that soon every hacker who has a botnet will want a piece of the Apple Pie and is right now.

You asked for it, Now it’s real — Vista SP2 Dec 4,2008

By Paul | Dec 2, 2008
Comments Off


Beginning Thursday Dec. 4th, we will be making the Windows Vista and Windows Server 2008 Service Pack 2 Beta available to everyone through a Customer Preview Program (CPP). The CPP will launch on TechNet and be available to anyone interested in trying out this service pack. The CPP is intended for technology enthusiasts, developers, and IT Pros who would like to test Service Pack 2 in their environments and with their applications prior to final release. For most customers, our best advice would be to wait until the final release prior to installing this service pack.

[Via Technet]

Yes you heard right, you can get into the Beta of Vista SP2 and not have to wait till April.  Some things to remember:

  • It is a Beta
  • It will Have Bugs
  • It is for people who want to test it out
  • It should only be installed for people who need to test it out

Stop botnets in its tracks With a Firewall!

By Laforge129 | Nov 30, 2008
View Comments

According to PC World and I’ll quote:

According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.

[via PC World]

Now let’s talk about this, having been seeing recent surges of people getting infected.  I’ve come to the conclusion that companies like AVG and other Anti-Virus companies are keeping up.   Now true if all you have is an Anti-virus and nothing else that greatly increases your likely hood of getting a virus.

In a recent virus storm, We have people finding my site because of a Good Firewall.   No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it.  So let’s talk about how to prevent botnet attacks.   This is relatively easy and if you follow some common rules.   You to could be less likely to be infected.  I will say this most people don’t do these common tips and they should do them.

Spying on Spyware.ISpynow!!

By Laforge129 | Nov 29, 2008
Comments Off

This is another Virus that is going around and thought I’d tell you about it:

Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]

Now this one isn’t to hard to figure out what happened.  You have to manually install it on your system to get infected.  Symantec has a great way on uninstalling this annoyance.  I also suggest checking out my other program list just in case you don’t want to buy Symantec Anti-Virus programs.  Some other things to check out is:

Microsoft issues Vista patches out of Monthly Patch Cycle!

By Laforge129 | Nov 26, 2008
View Comments

KB957321,KB959108,KB959130


Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:

Kb957321

An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

KB959108

The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

Some program Vulnebilities Detected!!

By Paul | Nov 25, 2008
Comments Off

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Microsoft kills a fake antivirus tool from 994,061 computers!

By Paul | Nov 25, 2008
Comments Off


According to Arstechnica and I’ll quote:

Win32/FakeSecSen has gone by various names, including Micro Antivirus 2009, MS Antivirus, Spyware Preventer, Vista Antivirus 2008, Advanced Antivirus, System Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus, XPert Antivirus, Power Antivirus, and Ultra Antivirus 2009. Furthermore, it is skinnable, so each of these variants has a different GUI, although the basic functionality is the same: bother users with warnings of malware until they pay up.

The Microsoft Malware Protection Center recently released some data on how the removal tool performed this month: FakeSecSen was removed from 994,061 machines. That number isn’t the highest Microsoft has recorded before, and the number of removals depends on which malware Microsoft adds each month and how widespread it is.

[via Arstechnica]

This seemed to of happened this month with the usual Windows update.  If you haven’t updated your system just yet you should.   This troublesome fake virus seems to have been killed  from several systems.  This could effectively make it harder for these guys who ever designed this program to make money.  I hope microsoft does even more virus removals in next month.  If you still want to try to get rid of these viruses don’t forget to check out my tips on Virus removal.

How to disable autorun the easy way!!!

By Paul | Nov 21, 2008
Comments Off

I read a report from Cnet about USB devices spreading Virus and I will quote:

The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices,” said Gunter Ollmann, chief security strategist for IBM’s ISS security division. “They are today’s floppy drives.”

An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. The Mac has an equivalent function, according to Ollmann.

[Via Cnet]

In order to disable “autorun“, which in Vista is called Autoplay. In order to disable Autoplay from starting when you insert media into your computer here is how you do it:

You will need to be Logged in as Administrator before this can be done:

Next click start and type “Autoplay” without quotes. It will bring up a screen but all you have to worry about is this:

Vista autorun

Get your Cricket Broadband to Activate Manually!

By Paul | Nov 18, 2008
Comments Off

I recently bought a Cricket Broadband USB for 40$ a month. I tried to get the system to activate it automatically but that kept on failing. Finally called the tech support and found out this little tip. So here is how you manually activate it:

Once your are to the Quicklink Mobile Menu you will want to hit Control-D:

It will bring up this:

The Password to get into manually activate your Broadband USB card is six zeros no more no less!!

Once your enter the password your will get this screen:

Activation Code : Same from above Six Zero’s

Phone Number : The Phone number that is your broadband card

The IMSI (Min) Code : You will find that in the Indirect Dealer Copy.  It will be the one telling you another number.   In mine it said this:

“In order to program your phone, you will also need the following number (###)###-#### (MIN)”

Enter that number in there without any special characters it would be ########## and then press enter.   Close out the Quicklink Mobile menu and reload it.   Then click Connect and you should be ready to go!!!

You have an undelivered UPS/FEDEX Package. (Virus)

By Paul | Nov 12, 2008
Comments Off

From what I’ve seen so far. There seems to be a new rash of email going around with the heading that makes it look and feel like either UPS or Fedex. Saying that you have an undelivered package from them and to either print the order confirmation or to click a link. I will say this once, if you get this delete it. Fedex and UPS will never hide the link and tell you have an package waiting in the email. They will leave a note your door. You must ask yourself how Fedex/UPS found out your email address to tell you have a package waiting? They don’t and they won’t, just a fact.

UPS/FedEx Delivery Failure : Snopes

TROJ_DLOADR.GG and TSPY_ZBOT.NM Trojan, which will Monitor and try to steal your data. The other one is a ZBot and will try to steal you data also. If you need help removing this virus, I’d suggest checking out my other virus article Avg detected Trojan Horse Generic 12.htc?. There are a lot of ways to remove this virus but the first step is never click on any links in your emails. I also wrote about Some Important programs to prevent yourself from having viruses and Malware!! This will help prevent and fix the common virus problems you might have.

Next Page »

Bad Behavior has blocked 924 access attempts in the last 7 days.

© 2009-2010 Tech-Linkblog.com All Rights Reserved -- Copyright notice by Blog Copyright

Tech-Linkblog.com is Digg proof thanks to caching by WP Super Cache

© 2007 Tech-Linkblog.com and Hosted by Justhost and domain through Godaddy, - WordPress Themes by DBT -- Who links to my website?