These malware authors have made more domains to use for there fake Antivirus suites:

Personal Antivirus Scareware Site:

• antivirus-scannerv15.com
• professionalmalwarescanv7.com
• scan-your-computer-now.com
• bestantispywarescanv4.com
• removeallthreatsnow.com

• osadwarekill.com
• cressy.info
• unowed.info
• fatted.info
• declin.info

Rogue Antivirus scareware sites:

• scanandsearch.net
• sponlinescan.cn
• scanspywaresonline.net
• scansponline.cn
• onlinequickscan.com
• antivirusdoktor.com
• antivirus-doktor.com
• antivirus-doktor-2009.com
• antivirusdoktor-2009.com
• antivirusdoktor.com

Most of the time, These sites are injected into one's browser by way of a Trojan taking over the system. If left untreated these sites will become more and more profound trying to get you to install them. Most of the time these are installed in unsuspecting computers by way of exploits, backdoors, or unsafe downloading practices. This usually means that if you have it you should remove it by any means necessary because this software has been know to cause more and more trouble as time goes by. This software is fake ware, it tries to tell you have a virus and that they can get rid of it. In fact, this software is not designed with Antivirus engine in mind but to illicit pop ups and warning to raise the users security concerns about the computer in question. Downloading programs from bit torrents or other unsafe ways can and most likely will have these types of programs installed alongside the program you wanted.

Threat to System : Moderate

Rating:

Advice : Make sure your system is free from any more malware, Trojans, or Viruses that are hidden. You may need to install this software after you boot in to safemode, it is also advised to scan in safemode.

Download SUPERAntiSpyware

Download Malwarebytes

©2010 . All Rights Reserved.

I’ve done my usual looking around and found some Rogue Antivirus sites that I call scareware:

• tb2car.com
• rundaqimao.com
• shuncheng2car.com
• dakbesy.cn
• befynru.cn
• scanworldwideweb.com

All these sites are scaring users into installing software that does nothing but bothers the users into registering this software. You should not visit these sites are active right now and are spreading the malware and getting people to install malware. If you have installed this scareware software, I would recommend removing with really Antimalware software and not pay for these fake products.

Threat to System : Moderate

Rating:

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Download SUPERAntiSpyware

Download Malwarebytes

©2010 . All Rights Reserved.

I have found some other sites that are fake Antivirus:

• anti-malware-pro.com (Rouge AntiMalware Software)
• allowsecurityshield.com (Scareware site)
• securedvirusproscanner.com (Personal Antivirus)
• antivirus-best-scannerv2.com (Personal Antivirus)

Most of these sites try to scare you into either installing software or buying their fake software.   Some of these sites have used exploits to install a Trojan or two to have your browser redirect to these sites.   This means that there might be more than one virus or Trojan on your system

Threat to System : Moderate

Rating:

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

Download SUPERAntiSpyware

Download Malwarebytes

©2010 . All Rights Reserved.

I was looking around on Google and thought I just for giggles check out the Piratebay complaints. I tried going to the site and here’s what Popups:

I tried on OpenVPN and my Local ISP, It keeps saying that. I then tried on my Cricket Modem and it tells me the connection has been interrupted, like something stops the connection in the first place. I can ping it and I can Tracert the Site but I can’t even view it. I would like to know if Anyone else is having this problem also. Although I’ve not checked Thepiratebay.org complaints for quite some time because I’ve been so busy with my website. If you want to watch your favorite shows check out these sites like Hulu, CBS, NBC, ABC, ABC FAMILY and TNT.TV for free. I am just curious as to what happened and does this have anything to do with Net Neutrality?   Anyway I wanted to talk about this and see what people are saying.  Anyone know what is going on?  Let’s talk about this and help everyone by saying what you know.   I don’t know if Thepiratebay.org is down but I do wonder if someone is preventing people from getting to the website.   I’ll update when I have more information.

©2010 . All Rights Reserved.

Well, this just came to light with The Spywareguide blog. I’ve seen some activity about Where’s my refund lately and I thought I tell you how to make sure you’re on the right site. If you’re expecting a refund check the OFFICIAL SITE. The Official Site is http://www.irs.gov and nothing else. If you want to find out about some of the most common Phishing attempts check out the Phishing advice from the IRS.

The Spyware Guide blog talks about sites that looks to be IRS but are actually just phishing for information.  Some of the ones they talk about are:

gicrisis.org/data/refundtax/SearchTAXERR.php

irs-2009.com/refund/refunds.html

collectrefund-irs.com/refund/refunds.html

cimaonline.ca/application/Internal/Revenue/Service/pas.php?certegy_vm=trueportlet_change_1_actionOverrideFchaseonlineFchangeFprocessDetails_windowLabel_portlet_process_pageLabel_page_process

jklabs.cz/phpayv2/admin/import/.secure/www.irs.gov/get-refund/refunds.php?Where_is_my_refund&Get_Refund

Although this list will most likely change this is just starting for people who filed there income tax. Some things to Remember are:

You can generally access information about your refund 72 hours after IRS acknowledges receipt of your e-filed return, or three to four weeks after mailing a paper return

Via IRS.GOV

So if you’ve filed your Taxes it should be getting to you in 3 to 4 weeks although as you get closer to the March 15, 2009 Deadline it will take longer so you should consider filling early to prevent from having to wait to long for your return.  If you follow the rule that any email claiming  to be from IRS is not true and shouldn’t click or install any software.  You should however tell the IRS as quickly possible about this attempt to get sensitive information.  If you want to protect your  system from virus or even think you have a virus, trojan, or Malware please check my Malware Resource for further information on removing it!!

.

©2010 . All Rights Reserved.

In today’s society, we’ve been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:

The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user’s friends via the site.

“Unfortunately, users are very trusting of messages left by ‘friends’ on social networking sites,” said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. “So, the likelihood of a user clicking on a link like this is very high.”

[Via Channel Web]

This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they’ll say you need and if you’ve already installed this list of codecs then you know they’ll not telling the truth and you can quickly get away from the site laughing.

Once you’ve done that, you’ll no longer have to worry for the most part about codecs. There will be times when you might have to visit that site and update them but that will be far less.

The other thing you must remember is if it says you must update your player. That should be a sign that there is something. I’ll always go to the site and check for example Adobe. If it says I need to update my flash I’ll manually type it into my browser. This way you will know you have the latest updates, if you need to update the flash player by all means go to here and update.

If you got the virus I’d check out my Anti-virus and Anti-Spyware page and that should show you will you need to get rid of the Virus. This virus is very easy to get rid of, just download any one of the anti-virus software and install it. Don’t forget to update the virus database while your at it. That should fix the problem pretty fast. Remember the only way to prevent from getting the virus is YOU.

©2010 . All Rights Reserved.

Trojan-PSW:W32/Sinowal.CP drops and loads a password stealing component on the infected system and tries to steal account information from it. It also tries to steal information that is required to access certain online banks’ and online payment systems’ websites.

[via F-secure]

It seems to be a very hard virus to remove but there are ways to get rid of this virus.   Some tips and tricks to get rid are:

• Check out my Anti-Virus Page
• Computing.net
• The Geek Police
• How to Detect Sinowal

This are the beginning steps to get rid of a Virus but it will be a really hard virus because it wants to stay in your system.  You should also Restart in Safe mode and Try to remove that virus that one.   You will also want to disable your system restore due to the fact that it will be in there and might come back if you restore your system.  Just some simple tips to help keep you safe on the net.

©2010 . All Rights Reserved.

I was just getting done with that story about the Walmart Stampede, and thought I would encourage people to check these good sites for people to check out for great deals.   I have been looking through sites combing for some great sites to find the best deals and here they are:

• Dealio — Dealio will not only show you sneak peaks at Cyber Monday ads, but we will also send you directly to the store so that you can purchase the often limited inventory Cyber Monday deals before they disappear. Best of all, there is no need to hop from site to site – Dealio has all your Cyber Monday shopping covered.
• CyberMonday – Shop hot holiday deals from more than 500 merchants. All of Shop.org’s proceeds from CyberMonday.com support the Ray Greenly Scholarship Fund.
• Cybermonday Mahalo Deals — This Mahalo page collects links to websites offering information and discounted merchandise for Cyber Monday.
• Best Cyber Monday Sales –Well, I finally put together a list of the top retailers throughout the country with links directly to their Cyber Monday deals.
• Shopzilla –  The company’s mission is to enable shoppers to quickly and easily find compare and buy anything, sold by virtually anyone, anywhere. Each month, Shopzilla connects millions of consumers with thousands of stores.

These are just a few that I could find and wanted to let people decide where they would like to go!!

©2010 . All Rights Reserved.

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure.   if I find any others I’ll let you know!!!

©2010 . All Rights Reserved.

Atlantis remains an extremely strong performer in DVR-delayed viewing, though, often building as much as 25 to 30 percent on its premiere night audience.

I kept saying Atlantis should of been on Hulu, just like every other show they would have a more solid audience and more  viewers to count.  The only reason Eureka and others got more ratings was because they could watch the latest shows on Scifi or Even Hulu.  Unlike Stargate Atlantis on Hulu, they only have small clips.   In order to build a fanbase, you need to build around the most current way to show the show off.   Granted it still did rather well with ratings and all but it could of done better by putting it on HULU.   There are sites out there that would like to Save Atlantis and I agree with them.  I would love to see more seasons of Atlantis, and see it on HULU.

©2010 . All Rights Reserved.

According to a media reports, Erik Tews and Martin Beck claim that they have found a way to unlock the Temporal Key Integrity Protocol (TKIP) key, used by WPA, to read data sent from a wireless router to laptop computers. According to the researchers, the key can be cracked in 12-15 minutes.

[via Sophos]

According to Sophos, they are claim that people can now watch what you are doing on a Wireless router to a laptop. Although this isn’t to be unexpected this is a very serious out come. It is now easier to watch what people are doing online. So does that mean people can see everything you do? Not necessary. According to some people this is harder than it seems, most of the websites you visit are not encrypted, but websites that use the “https” protocol are more safer to use online. You should be safe if you are buying things online as long as you are sure it is secure. Some other steps to take to help make it harder to unencrypte your wireless single is to use Roboform promotion codes you will get for 10% or 20% off the purchase price!!

Some other steps to consider are:

• 10 ways to keep your wireless router Secure
• Understanding your wireless router

If you have a wireless router and want to be secure with any transactions online you might think about hooking up to the internet via the CAT5 cable.  This is one way to prevent anyone from seeing what you are doing online and protects your privacy.  Although this too can be overcome in certain circumstances they are much harder to do and implement so you are safer this way than with most others.

©2010 . All Rights Reserved.

I’ve had some Anti-virus problems in the past few weeks and have been trying to see if it is my system or if it was just luck of the draw.  So I did some research and found some sites that you should not go to, or download from.   These sites have been know to spread the fake anti-virus malware software.   So I wanted to warn people of some common websites that have been known to have viruses on them:

• hxxp://movieportal2008q.com/freemovie/Movie/xxxx/x/ — this site usually tries to send you the “Trojan.HTML.Zlob.AG” Virus.
• hxxp://porntubedot.com/xxxxxxxx/WatchFreeMovie.php –This site usually tries to send you the “Trojan.Dropper.SMN” Virus.
• hxxp://handballfondi.it/xxxxxx1.php — This site is one of the new Malware sites that looks like Youtube,   When you go to this site they say you need a special to play a video clip.  Most of the time when you get something like this, it is going to try to install Malware. A good broad set of Codecs that you may want to download is called Klite Mega Codec, which if you us that you should never need to download any other codec to play a movie clip from any site online.
• hxxp://0scanner.com/—censored—/ –  This site usually tries to send you the “Adware.FakeAntiVirus.L” virus.  Another site trying to install malware.

If you want to check your system, here are some places to go to get a free Anti-virus check:

• Panda Security Active Scan
• Trend Micro House Call
• Kaspersky Labs Free Virus Scan
• Symantec Free Antivirus Scan
• Bitdefender Free Online Scanner
• F-Secure Online Scanner

If you have any other ways sites that we should avoid by all means comment about it. I would love to hear sites that you know are bad!!

©2010 . All Rights Reserved.