Monoprice Still have issues

By Paul | Mar 16, 2010
View Comments

As you can see Monoprice.com and on their Facebook page, people are still getting Fraudulent charges. I just wanted to talk about this a little to remind people about Credit Card Security. I would expect you once they start to take Credit cards to start using Paypal one time Credit cards if you are going to buy anything from any other retailer. As you can see right now they are going to use Paypal checkout and Google Checkout to make purchases in the coming weeks.

This however is a small step to fixing the problem at hand. They are trying to be as transparent as possible with their customers but they will always have doubt when Monoprice starts to use Credit Cards in the coming future. It is going to be really interesting to see when that does come back up. I encourage everyone to use not give out your True Credit card information online and if you need to buy something online to use the PayPal.

This was a quick post to let people know about the news that is still going around with Monoprice!! Until this is fully fixed I suggest getting your cables from Amazon.com.

The Importance of having two layers or more of malware prevention

By Paul | Feb 3, 2010
View Comments

Photo by: nasa1fan/MSFC

Photo by: nasa1fan/MSFC

What do you mean layers?

An abstraction layer (or abstraction level) is a way of hiding the implementation details of a particular set of functionality. Software models that use layers of abstraction include the OSI 7 Layer model for computer network protocols, the OpenGL graphics drawing library, and the byte stream input/output (I/O) model originated by Unix and adopted by MSDOS, Linux, and most other modern operating systems.

Wikipedia

It is like when you go outside on a cold winters day and you put on more than one layer of cloths to prevent yourself from freezing or getting too cold.   It can help protect your from getting a cold or loosing a limb.  This is the same philosophy I will be talking about today.

Isn’t one Antivirus software Enough?

I get asked this question every time that I help remove malware from someone’s system with either a free Antivirus software or a purchased software, and has been infected with malware.  Every Antivirus company will tell you in detail how they can never catch every new or old Trojans, Malware, or Viruses.   They will tell you how the Malware is constantly changing and evolving, and today’s updates might not catch tomorrows malware.

List of Malware sites for Dec 10, 2009

By Paul | Dec 10, 2009
Comments Off

personalantivirus2

Personal Antivirus — Download SUPERAntiSpyware (Database Version 4349):

  • update-protection-z4.cn
  • update-protection-z6.cn
  • lenovosecurity01.cn
  • lenovosecurity51.cn
  • new-antimalware01.cn
  • update-protection-z1.cn
  • ferrari-scan9.cn
  • radius-protect-c1.cn
  • radius-protect-a1.cn
  • radius-protect-b1.cn
  • intel-secure10.cn
  • intel-secure20.cn
  • intel-secure90.cn
  • intel-secure02.cn
  • intel-secure01.cn
  • atomantispyware11.cn
  • atomantispyware21.cn
  • atomantispyware31.cn
  • atomantispyware51.cn
  • atomantispyware61.cn
  • pc-antispy013.cn
  • pc-antispy999.cn
  • pc-antispy051.cn
  • pc-antispy001.cn
  • windefscanm9.cn
  • windefscanm0.cn
  • vip-protectionv9.cn
  • vip-protectionz4.cn
  • windefscanm1.cn
  • vip-protectionv8.cn
  • top2009security.cn

Internet Antivirus Pro Scareware

  • ewiali.cn
  • ewiaguh.cn
  • inb6sh.com
  • divyza.cn
  • jynuroh.cn
  • jypebgi.cn
  • diwehym.cn
  • enoihup.cn
  • kanjiur.cn

Fake Scanner Pages:

  • scan.dewesan.cn
Rogue Antivirus scareware sites:

  • siteadware.com
  • antitroy.com
  • letmeguard-yourzone-pc.com
  • systempc-scan-check.net
  • livepcguard.com
  • downloadavr13.com
  • clean-vironmypc.net
  • cleanvir-onmypc.net
  • cleanviron-mypc.net
  • cleanvironmypc.net
  • internal-scanforpc.com
  • internal-scanforpc.net
  • internalscanforpc.com
  • internalscanforpc.net
  • safetyantispywareshop.com

Consulting with a client

By Paul | Oct 14, 2009
Comments Off

I had a consultation today with a client who wanted help with their new Acer AOD250-1962 10.1-Inch Pink Netbook – Over 3 Hours of Battery Life. So i went over email and the usual easy stuff. They aren’t really tech savvy so I had to slowly walk them over to how to get the most out of the of the system.    As I was working on the system and making sure it was running smoothly, I saw their broadband wireless  network was unencrypted, which is something you shouldn’t do.  So I had to talk to them about why it is ’so important’ to keep that encrypted.  You really don’t want people to be watching what you do on your wireless network do you?

So my client asked me to setup and secure there wireless broadband router.   I was being nice and decided, suffice it to say if they were having anyone borrowing their network for illegal stuff, they aren’t no more.

Fake Security Adviser from unsecurewebsiteblock.com

By Paul | Sep 28, 2009
Comments Off

unsecurewebsiteblock.com

So the first question is how do I know this is a fake site warning. Well I did my research I went to Phishtank.com and check to see if my URL was being blocked. I also clicked the link to see what this link went “Activate my Web protection software”.

This site now matter how real looking is a URL Hijacker and is what we call a scareware Sponsor for Alpha Antivirus and if your getting this screen it is time to get get Rid of it. You can check out the others like SecurityBrowseradviser.com it is exactly the same.

These sites gets installed in unsuspecting computers by way of exploits, backdoors, Trojans, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in it but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

List of malware sites for Sept 1, 2009

By Paul | Aug 31, 2009
Comments Off

personalantivirus3

Well with it being the end of the month it was to be expected here is a long list of sites.   So please read these carefully.

Personal Antivirus Scareware Site and How to Remove them:

  • live-virus-scanner9.com
  • tryantivirusscan.com
  • antispyware-scanner2.com
  • bewareofvirusattacks2.com
  • antivirus-scanner6.com
  • valueantivirusshop1.com

Internet Antivirus Pro Scareware*SUPERAntispyware gets rid of these too*

  • adjudg.info
  • atwain.info
  • caretz.info
  • gaudad.info
  • krapen.info
  • nevils.info
  • outliv.info
  • penvie.info
  • stampo.info
  • ticedu.info
  • unwept.info
  • gelded.info
  • dolchi.info
  • figgle.info
  • botled.info
Rogue Antivirus scareware sites:

  • securepcshield.com
  • myprotectedzone.net

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

AVG 8.5 Free Version Best on my system

By Paul | Aug 25, 2009
Comments Off

AVG Free 8.5

Pcworld has a released there top free Antivirus software picks.     Now let’s be clear on this, I am an a average user, and have tested these products out on my own laptop plus others and here is what I find.

According to Pcworld, Avira Antivir Personal is the top pick and claims to block 98.9 percent of samples:

Such less-than-friendly default behaviors make Avira AntiVir Personal a better choice for tech-savvy users who know how to muck about in the settings. If you’re willing to put up with a somewhat clumsy interface and the recurring pop-up ads, in return you’ll enjoy top-notch, free protection against malware. It’s not a bad trade-off by any means.

[Via Pcworld : Avira Antivir Personal Antivirus]

Now with Pcworld saying it isn’t a bad trade-off to have the Pop-ups and the default behaviors of this program, it doesn’t make me want to use this program since I am a gamer and the pop-ups would interfere with playing online games, not to mention if your not that tech savy person you’d have a lot of head scratching to  figure out this program.

List of Fake AV sites for Aug 22, 2009

By Paul | Aug 21, 2009
Comments Off

personalantivirus2If you know anything about the Malware writers they are always registering new domains and here is the newest ones they are using:

Personal Antivirus Scareware Site:

  • antispywarebestscanner.com

  • professionalvirusscanv3.com
  • professionalcomputerscanv2.com
  • scan-your-pc-now.com
  • professionalspywarescanv8.com
Internet Antivirus Pro Scareware:

  • hopest.info
  • suffic.info
  • cressy.info
  • unowed.info
  • inclin.info

Rogue Antivirus scareware sites:

  • securitytoolsite.com (Fake Scanner)
  • webscansecurepc.com (Fake Scanner)

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

List of Malware sites for Aug 21, 2009

By Paul | Aug 20, 2009
Comments Off

personalantivirus3

It has been kinda busy today for the Antivirus scareware sites but here they are.

Personal Antivirus Scareware Site:

  • check-for-malwarev3.com
  • safeonlinescannerv4.com
Internet Antivirus Pro Scareware:

  • fatuus.info

Rogue Antivirus scareware sites:

  • antivirusplus2010.com
  • mybestantivirusplus.com
  • internetantivirusplus.com
  • antivirusplus09.com
  • antivirus-plus-now.com
  • yesantivirusplus.com
  • goodantivirusplus.com
  • i-antivirusplus.com
  • nextantivirusplus.com
  • antivirusplus-ok.com
  • getavplusnow.com
  • antivirusplusnow.com
  • getantivirusplusnow.com
  • realantivirusplus09.com
  • freeantivirusplus09.com
  • addedantivirusstore.com
  • addedantivirusonline.com
  • myplusantiviruspro.com
  • yourcountedantivirus.com
  • easyaddedantivirus.com
  • addedantiviruslive.com
  • addedantiviruspro.com

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

Securing Your Wordpress blog

By Paul | Aug 6, 2009
Comments Off

In the last few blog post we talked about:

This post we discuss securing your Wordpress blog and creating even more of a Wordpress Firewall, as I call it.   You don’t know what bot or person might be lurking around your blog to get access to installing malware or worse off taking control over your blog for there own nefarious reasons.

Photo by: Terry Mun

Photo by: Terry Mun

Now since you have installed Wordpress and have it working now what do you want to do blog?  Blogging will be coming later in this series but for right now we want to take a good look at removing your Default Admin user.   Like the default routers admin profiles and password this makes it even easier for a hacker to try to find out the password.  Although You should never use a simple password.   You should always use numbers and letters in random order to make a really strong password and have it at least 8 characters long.  The longer it is the better off you at preventing unauthorized access to your blog and your blog posts.

How to Send Files Securely — Securezip

By Paul | Jul 2, 2009
View Comments

I’ve been testing out Securezip the last few days and I am convinced this is the best option people can use to send files through email.

How does Email work?

So Let’s get down to the basics of Email.   Email uses DNS just like the web pages it also can be Sniffed if you are using a public hotspot or other unecrypted networks.   We’ve seen people talk about Email Privacy and documents alone can be the most private thing we have.

Email has to be sent through several different servers that you have no control to get to its final destination.   So if your really paranoid you know that a server could be used for the man in the middle scenario.   In which some server claims to be the final destination and here it is copied and sent on to the true person.

Securing your Email

As you can see email privacy is as easy as telling people everything they want to know about you.  Email Security is always going to be an ever evolving technology, because those who want to listen will tend to find ways to listen. You could use PGP Email Encryption to prevent people from reading your emails but what about the files?

Wordpress Security Tips — For the untrained :

By Paul | Jun 10, 2009
Comments Off

I was reading over at Malware Diaries, about a hacker that doesn’t secure his exploits.  What gets me is that I am so surprised that he did that, then I thought about it and I read what Trend Micro had to say about it:

Creating a website is indeed a big task but, considering the present threat landscape, monitoring it and keeping it secure from attacks is a bigger one.
Website administrators have the responsibility to keep their systems malware free, secure web server files from unauthorized access, and keep their website clean of malicious codes, for their own sake and most especially, their visitors’.

[via Trend Micro blog]

Now admittedly Trend talks about the Gumblar and how they compromise websites with either a FTP password stealer or and SQL Injection.  These are a common practice with hackers and thief to get the credentials to use your server for their means.   So I wanted to talk about some things you can do to better protect your Wordpress blog.   Since I have a Wordpress Blog this was something I know about.

  • Wordpress Security Scan –  This is a great plugin to help you identify and also suggests how you can fix them to prevent a hacker from getting in the first place.

You’ve got hacked thanks to Twitter : Don’t “email me at”

By Paul | May 17, 2009
Comments Off

I was reading a blog post about Spammers Harvesting Sorrow From Twitter.

Something came to my mind, so I did a little research and a lot of thinking and it finally came to me. It is easy for someone to find your email and use it for there own means. There are several different scenarios I can come up with:

  • Impersonating someone you know –  It is quite simple to find out who we know and who we follow.  You can always find someone who you don’t know the email address of and make it seem like your them to get even more information from the person.
  • Receiving Viruses, Trojans, or worms –   Although if you have a good Anti-virus this one won’t be getting to you but  according to ESET : 10 percent of computer users didn’t know if they had anti-virusware installed. This means that there are going to be some success for malware authors to send out a virus to every who twitters there email address and still have success.

Microsoft to Release One Crictical update for Tuesday

By Paul | May 9, 2009
Comments Off

Microsoft has release the information for May’s Patch Tuesday and it looks like there is one major update for Power point:

ms09patchtuesday1

The Affected software is MS Office 2000, MS office Xp, MS Office 2003, Ms Office 2007, Power point viewer, and MS compatibility pack for Word, Excel, and Power point 2007.

What will be coming out for Tuesday is as Followers for Non-security Releated:

  • Windows PowerShell 1.0 for Windows Vista (KB928439)
  • Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847)
  • Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
  • Windows Malicious Software Removal Tool – May 2009 (KB890830)/Windows Malicious Software Removal Tool – May 2009 (KB890830) – Internet Explorer Version
  • Update for Windows Mail Junk E-mail Filter [May 2009] (KB905866)

Although some of this is usual like the Malicious software removal tool, and Windows Junke e-mail filter, we won’t know what else will be released until Tuesday.  Some of the updates will be minor like the Powershell, I am guessing tis will help get ready for SP2, and the SP1 for the .NET framwork also looks to be getting ready for SP2.  So I will keep you updated if i find out what else is released on Tuesday!

Miketechshow Listener Roundtable : #242 Backups

By Paul | May 3, 2009
Comments Off

We had a great time talking about backing up our system. On a side note, I’d like to tell people that During the Round table, I was restoring my system due to a major network issue. The system wouldn’t stay connected at all to my network or my USB A600 Cricket Modem.  I used the A600 Modem during the podcast with Skype, so the quality isn’t as good as it should but that is due to two different factors.  One I had a cheap headset and two the bandwidth limitations.  This however shows that this is possible and works really well.  I also used the Antenna for the Skype meeting.   It actually seems like a stable connection.   Although Mike has told us in his email this might be the last Round Table, so if you want this to continue you can either email him or twitter him telling him you want to keep seeing these podcasts.  I also talk about Roboform and how I make sure the passwords are backed up.   We did talk about making sure to test our backups, so we know if the backup process works.   I have to say my backup procedure was without doubt working for me.   Even though I had some issues with Vista security updates after the restore, my restore to laptop didn’t take more than an hour to get the programs that I wanted back on the system.
Mike Tech Show Listener Roundtable #242 Backups

Twitter Spam attempt: “See the NSFW pics twitter deleted from my profile here”

By Paul | May 1, 2009
Comments Off

Looks like this might have been a improper adult content or maybe a Malware attack:
nsfwspam1

If people are wonder what NSFW means:

Not suitable/safe for work (NSFW), not work-suitable/safe (NWS), or not school-suitable (NSS) is Internet slang or shorthand. Typically, the NSFW tag is used in E-mail, movies (such as on Youtube) and on interactive discussion areas (such as internet forums, blogs and community websites) to mark URLs or hyperlinks which may be sexually explicit or include audio containing profanity, helping the reader avoid potentially objectionable content.
[via Wikipedia]

It looks like this was done with using Tinyurl and has been flagged for either Spam, Fraud, Malware, or Any other use that is illegal. I am glad Tinyurl did catch this and stop it. If you see something that say NSFW in your twitter account your best bet is to delete it and go on with your life. I am sure it is something your should not go to probably because it was a malicious way to get your to go to the link. If you want to preview the urls that are used by Tinyurl, just visit the preview feature. If anyone else hears of some kind of Twitter attempt let me know and I’ll blog about it. This would be the best time to install Free Anti-virus and Free Firewalls to help prevent from getting Viruses or Malware.

Adobe PDF Zero Day Warnings : Experts agree

By Paul | Apr 29, 2009
Comments Off

All the Security experts online are talking about The 2 Zero Day Adobe Vulnerabilities:

As you can see this seems to be one of those Adobe problems we had in the past with Javascript.   They seem to be having a major problem with Javascript vulnerability and the old saying is to just to disable Javascript in PDF’S again.   Adobe is calling this a Potential Adobe Reader issue and is suggesting that the users disable Javascript until this is fixed with a security update.

This is mostly affect the corporate world more than the private sector because of the fact corporate world will use PDF by sending them through emails.   I suggest installing another reader and these are all free.

Be advised the vulnerabilities affects Linux, Windows, and Macintosh systems.  This will most likely mean that even Macintoshes could be used to create even more botnets and will need to disable there Javascript until this issue is fixed or maybe they would like to find another reader themselves.  This also goes for Linux users but I have not heard of anything in the wild yet.

Don’t forget to install some free Anti-virus and Free Firewalls to help protect your system from becoming a botnet.

Microsoft released April Patch list for Patch Tuesday

By Paul | Apr 9, 2009
Comments Off

aprilpatchtue

To see what systems are affected please see the bulletin for further details.   Some of the updates have to do with IE 6 and IE 7, maybe it is time to update to IE 8.  It looks like if you update to IE 8 you will not have to worry about the Remote Code Execution.  There also seems to be a remote code execution for DirectX 9.0A, B, and C.  This however doesn’t affect DirectX 10 and if you have a Vista machine please consider updating to DirectX 10.

The other one is a MSDTC program that has a vulnerability of Elevation of Privileges that needs to be fixed.  There will of course be more than this for April but these are the ones that Microsoft has determined to be release for Tuesday.  There are going to be at least 8 Different patches for Windows XP, and some For Vista.  Some will be only for XP and others will be for XP and Vista.

Then Microsoft Internet Security andAcceleration server will have an update to prevent a Denial of Service attack.  This will be needed to patch on the server side as soon as possible.  Then there is the Excel Remote Code execution that needs to be fixed.  It looks like CVE-2009-0238 is the one that this is being patched for but this is only a guess.

Now is the best time to get Autopatcher ready for this update because this will be quite a big update.  You should also update your anti-virus software and Firewall.

Electric Company fear Mongering gone wrong!!

By Paul | Apr 9, 2009
Comments Off

I saw this talking going on at Arstechnica and SANS Interenet are Talking about the Elecric Company Fear mongering. Here’s what Ars Says:

It sounds like something straight out of Hollywood. Current and former US security officials have reported that foreign nations have penetrated the cybersecurity barriers surrounding the US electrical grid, water system, and even financial networks. Although no known attempts have been made to activate the booby traps said black hats left behind, such sleeper cells could activate suddenly during a war or crisis, plunging the nation into a disaster only Bruce Willis and that Mac dude could avert.

[Via Arstechnica]

This was posted today with people asking the question Is the Electric company have a viruses or have a worm? I don’t know but these fears are coming from the Wall Street Journal:

WASHINGTON — Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

[Via Wall Street Journal]

Now let’s talk about this, This is being a talked about on a friends Podcast, The Caffination Podcast. This is where I have figure we should talk about this. I think Sans Internet Storm says it better than I could:

The Seriousness of the Twitter Vulnerability?

By Paul | Mar 25, 2009
Comments Off

twitter_110 The main question is how much do you want to know about this?  Yes I am talking about a Vulnerability that could risk your twitter account or even yet inject malious software into the computer.

We’ve seen that there have been twitter phishing in the past, and Facebook phishing have made people wonder out much do we depend on Twitter.

Lance James and Eric Wastl have provide Proof of Concept for this vulnerability, according to Information Weekly:

James cautions that XSS vulnerabilities should be taken seriously because they can reach beyond Web pages. “A lot of people think XSS is limited to the Web,” he said. If there’s another vulnerability in the victim’s browser, the Twitter flaw could be used to launch additional malicious code, he explained.

As you can see there is more to this problem then meets the eye.  For one using the URL redirects could be one way this could be used.  No telling what other vulnerabilities lay for the client side twitter programs.   Twitter has a long way to go to be security minded, and yet Twitter hasn’t said what they will do to fix this problem.

Are You and Your Friends Fine — Virus Spam

By Paul | Mar 22, 2009
Comments Off

Logged into my Google Email and was checking my spam to see what I see and this one draws my attention:

virusspam

I think I know where this is leading me but I click the link and this website with the Reuters logo pops up:

fakesvideo

Now as you can tell this looks authentic but when I did go to this site, AVG detected some trojan.  It blocked it, but  the file that it is downloaded called “save.exe” and I have talked about flash player fake updates.  I have seen other blogs talking about dirty bomb news report leads to malware.  I don’t know about you but if I wanted to update my flash player, I go to the source and not use any links.  It is wise not to download any programs or files and run them without properly checking them out for viruses and Trojans.  You should have a firewall and anti-virus running at all times and that will help but it is your actions that help your prevent from getting viruses or Trojans.

Free Syncronization and Backup programs

By Paul | Mar 18, 2009
Comments Off

So I talked about finding some free backup utilities on the Mike Tech Show Listener Roundtable Show # 234.

I said I would publish some good free ones programs to backup your system files and I think I have done it.  Here’s are some great ones that I recommend for anyone who doesn’t want to pay for a backup program:

Allway Sync –  Works with Windows Vista/XP.  It supports : Hard Drives, Removable Hard Drives, Network Drives, Amazon S3, FTP Server, Offsitebox.com, and WEBDAV Folder.  This program is also quite portable and can be used on more than one computer with the portable version.(A600 USB Broadband Modem for Free after Instant online web only rebate + Mail in rebate. First month free and free shipping. Buy now!)

ViceVersaWindows 98, Me, 2000, XP, Vista. Vice Verse FREE will compare files in two folders (source and target) and synchronize file differences.  There isn’t much else you can do with this but It does look to be good for small backups and older system.

Acebackups — is a powerful tool to create completely secure backups of your data. Store your data on any local storage device, on CD, DVD or on your remote FTP server!

Malicious Spammers target Bank of America

By Paul | Mar 14, 2009
Comments Off

I’ve saw two different security firms talking about Bank of America and I wanted to share with you:

Fake Bank Of America SitePicture from F-secure

The two sites are F-secure and Pandalabs who are talking about Bank of America and how they try to get you to install malware.  With Adobe having just sent out the new updates last month it looks like spammers are using this to get people to install Malware.

It is also been known to be floating around in Facebook this spam.  So if you get a link going to a site you don’t know about to see a video and it says you need a codec or the Adobe update you should turn right around and leave site. You should always type in the url of Your Bank and not go there through links.

From what they are saying it monitors Network traffic and Steals ICQ, POP3, and IMAP passwords.  If you find network traffic going to Hong Kong IP, then it is time to check to make sure all your Virus definitions are up to date and you’ve installed an Anti-virus and Firewall.  I would encourage  users to report it to Phishtank so that any other unsuspecting user or person going to that site will be warned.

Is Google the ultimate news source?

By Paul | Mar 12, 2009
Comments Off

As you know We had a big problem Monday Night and All day Tuesday. If you are a regular reader of this blog, you would of noticed either a 503 or lag. It was due to an article that I released late Monday night about the PIFTS.EXE and the so call conspiracy.

At the time, I was wondering and quite disturbed about what Norton Symantec was doing to the forums. So I blogged about this and wouldn’t you know my site was Held Hostage by Google. I kid you not, I had so many people come to my site in under an hour it wasn’t even funny.

So I sit here, asking a really good question is Google the News? I don’t know exactly when but according to Wikipedia Google was formed in 1998. The Google Motto is Don’t Be Evil, and I guess it makes them look like a news source. When did they get past the news site? I would hazard a guess that it was in late 2004 they started when they when Google gave people the first chance to own the stock on August 19, 2004, when Google became a publicly held company.

I got hit hard by Slashdot, Reddit.com, and Google.  In truthfulness, It was more of searches and people coming from Google than anywhere else. I would say Google was the 90% and and Slashdot and Redidit was 8% and the rest was from other websites for this one article. Now don’t get me wrong the 2% of people was my normal amount of people for the day. So you can imagine how many people actually came to my site over this fiasco.

Fake Scareware Sites Popup after the Pifts.EXE Conspiracy

By Paul | Mar 10, 2009
Comments Off

There Seems to Be a Fake site that are popping up today right after what happened with PIFTS.EXE. I just happen to Google it to see what people are talking about and this appears on the front page.

Not a real site!!

As you can see this leads to a server in Poland and once you go to it you see:

Not a real virus scanner

I will be reporting this to Phishtank. This is scareware which means  there is no real VIRUS because and you
Should never believe the screens when you see something like this. According to Wikipedia:

Some websites display pop-up advertisement windows or banners with text such as: “Your computer may be infected with harmful spyware programs. Immediate removal may be required. To scan, click ‘Yes’ below.” These websites go as far as saying that a user’s job, career, or marriage would be at risk. Products using advertisements such as these are often considered scareware. serious scareware applications qualify as Rogue software.
[Via Wikipedia]

Conspiracy theories run rampent due to PIFTS.EXE

By Paul | Mar 9, 2009
View Comments

(Looks like some of this was a 4chan gag, check my other post about it)

All of the sudden people around the World are seeing PIFTS.EXE popping up. Norton Antivirus is asking users if they want to accept it. Here what I do know:

Here’s some information I pulled from my Zone Alarm Logs. Does this make sense to anyone?

2009/03/09 18:26:44 — New Program — PIFTS.exe — Destination IP: 67.134.208.160:80 — outgoing — blocked — Destination: ping.lifecycle.norton.com

2009/03/09 18:47:52 — Program Access — PIFTS.exe — Destination IP: — outgoing — blocked — Destination:

2009/03/09 18:48:28 — Changed Program — Windows Explorer — 207.46.248.249.80 — outgoing — blocked — Destination: sa.windows.com
[Via The Symatec Forums]

This indicates that the program tried to change tactics to go out on the net.  I look a look for this and it is SwapDrive.  So this must be an update to Swapdrive but I am unsure as to why it pops up that way.  The other ip is in Africa or at least take the .80 out of the equation and it points to an Africa IP.  (It looks to my mistake in that little part, “to error is human” Check out this  post about it)  Although just recently Norton Decides to Delete that thread and people are really worried about why?  Is this a cover up of some sort because there is a exploit in the Wild that we don’t know about?  These are good questions that need to be answered.   Here is what one posted about this just after they deleted the forum thread:

Fake Emails about Windows Support spam!

By Paul | Mar 9, 2009
Comments Off

According to Trend Micro, Some malicious software is being sent to unsuspecting users about Windows SP1 andSP2 having a error that could damage software or even hardware.  See Trends blog with the photos of the fake spam.

Although from time to time Microsoft does send out security information to Technet subscribers people have also used this in the past to get people to install Viruses and Malware, like this one that installs TSPY_BANKER.MCL. TSPY_BANKER.MCL monitors the affected user’s online transactions and steals banking related information

Microsoft sends e-mail messages to subscribers of our security communications when we release information about a security software update or security incident. Unfortunately, malicious individuals can and have sent fake security communications that appear to be from Microsoft.

[Via Microsoft]

So if you get an email from Microsoft you’ll probably want to delete it.  Any Microsoft communications will be sent from the Update center.  You should never install software that is from an untrusted website.    If you are concerned you should check the web and find out what people are saying about the situation and see if it is a scam or true!!  Remember only you can prevent a virus or Malware!

How do you like your Cricket USB Modem?

By Paul | Mar 7, 2009
View Comments

Lately I talked about the A600 USB 3G modem and Now I want to hear from the Readers?  You see I can’t do my best reviewing these with comments from the readers, that being you.

techlinkblog[AT]gmail.comClick the picture to send me email, just remember to replace “AT” with “@”.

So I want to hear what you think about either the USB UM100 Modem or the A600 USB 3g Modem?  Here a re a few things to answer when you write your email.

Something will go to the people who email me?  I want to publish some of these comments on my blog for all to read.  I want to hear if what I am publishing helps you?  I will even give your credit as  to who wrote it.  If you have a site or something you want to promote by all means add that to your testimonial.  Here’s the basic questions that should be talked about:

  • Which one did you buy? (Cricket USB A600 or Cricket USB UM100)
  • Did you Upgrade from the Cricket USB UM100 to the Cricket USB A600?
  • Are you using it for travel or Primary internet?
  • Is it for business or Pleasure?

When do you “Never Fold”

By Paul | Mar 5, 2009
Comments Off

So I got this email and wanted to show you just how try to get you to link to their site:
neverfoldspam

I got this email and wanted to talk about how people link to sites they shouldn’t.  Although this a real site, I had my doubts from the get go.   You see it talks about sending 21 visitors to my site.  I got to the site Neverfold.net which after I looked and there I am but I wonder why? Because Poker and Calicanis have nothing in common with Poker or at least news and all that.
Tech-linkblog site

As you can see when you go to that site via the link he gives me, which by the way if you weren’t paying attention is a hidden link with Neverfold.net/?pg=YKchR. As you can see this is a way for him to know when you click it to put your name on the forum page. You can tell because Ref: YKchR is at the bottom of the email. This is most likely a generated email by a bot, I did even more research to find out more information. I found out that the so call 5k to 7k page views were bogus. I checked with Alexa, and I find out this:

I hate Snopes Spam

By Paul | Mar 5, 2009
Comments Off

As you know Snopes is used to find out about urban Legend and Rumors:

I received a Virus alert from my RSS feed about Email virus warning.  It even adds a Snope URL.  The Author just copies and pasted the virus warning into the blog without even going to Snopes.


According to Snopes and I’ll quote:
Although the Postcard virus is real, it isn’t a “BIG VIRUS COMING” (it’s already been around in multiple forms for a long time now), it will not “burn the whole hard disc” of your computer, CNN didn’t classify it as the “worst virus” ever, and it doesn’t arrive in messages bearing a subject line of ‘Invitation.’

[Via Snopes]

Now as you can tell the link described in the blog post was “http://www.snopes.com/computer/virus/postcard.asp”. If you went there, you’d have seen this as a not really true and some parts of this might be but that part about burning your Hard drive or even consider the Worst virus isn’t true.

Some things you need to consider before forwarding anything is:

  • Is it completely True?
  • Is it Legitimate?  (True blown warning about something like a product recall  or something important like that)

Next Page »

Bad Behavior has blocked 906 access attempts in the last 7 days.

© 2009-2010 Tech-Linkblog.com All Rights Reserved -- Copyright notice by Blog Copyright

Tech-Linkblog.com is Digg proof thanks to caching by WP Super Cache

© 2007 Tech-Linkblog.com and Hosted by Justhost and domain through Godaddy, - WordPress Themes by DBT -- Who links to my website?