Top

Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Blog Index

Subscribe to our mailing list

* indicates required
Email Format

View previous campaigns.

Powered by MailChimp

Follow Us

Navigation
Sponsors

Entries in Detected (6)

Thursday
Feb122009

Polymorphic w32/Scribble and what that is:

Author: AuthorPaul Sylvester | Date: DateThursday, February 12, 2009 at 1:06PM |
Having read the Graham Cluley's Blog about "Court halted by fast-spreading virus". I wanted to talk about this one because of the need to let people know about this little Virus and what you see when you are infected.

This virus modifies the Windows Host file so it redirects the host to a loopback address. It also uses the I-frame Injection into HTM, PHP or ASP file extensions. W32/Scribble-a, also known as Virus.Win32.Virut.ce, PE_VIRUX.A, or Virus:Win32/Virut.BM allows a users to control the machine through IRC.
[ad#ad2-right]
Although originally misidentified at the time of the initial infection on 4th February as the Conficker worm, the infection was ultimately declared by officials to be "W32/Virut.n" (which Sophos has detected as the W32/Scribble-A virus since 3rd February).

[Via Graham Cluley's Blog]

Sopho's Has a removal tool for this to help disinfect a system that is infected. I also want to remind people about the need for backups and the need for Anti-virus Software, including a free firewall, will not protect you 100% of the time but will help you identify and possibliy remove a virus, Trojan, and worm from you system. Just like the seriousness of the Conflicker Worm, this too should be taken seriously due to how it is easily spreading. And with Valentines Day just a few days and some Other Holidays that will be coming up, you can bet this virus will start infecting even more systems. You should also backup your data weekly if not monthly. I'd suggest doing a backup on a Early Sunday Morning before 4am so the system won't be used.  I'll update you if there is anything else about this virus on my blog later.  Just wanted to let people know to be watching for this little virus on and offline!!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Dec052008

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

Author: AuthorPaul Sylvester | Date: DateFriday, December 5, 2008 at 5:45PM |
A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox's Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

[ad#ad2-right]So having seen this I thought I'd come up with ways around this to better protect yourself.  One way to prevent this from getting your sensitive data is to get a program like Sandboxie.   You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer.   I'd also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening.  It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free  to download and try.  It will encrypt your passwords so if they don't know the master password then they are out of luck.  Roboform is also good for coming up with some strong passwords.  Just some suggestions to prevent from people seeing your sensitive data, you don't want anyone to get that data.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Saturday
Nov292008

Spying on Spyware.ISpynow!!

Author: AuthorPaul Sylvester | Date: DateSaturday, November 29, 2008 at 7:08AM |
[ad#digg-right]This is another Virus that is going around and thought I'd tell you about it:
Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]



[ad#ad2-left]Now this one isn't to hard to figure out what happened.  You have to manually install it on your system to get infected.  Symantec has a great way on uninstalling this annoyance.  I also suggest checking out my other program list just in case you don't want to buy Symantec Anti-Virus programs.  Some other things to check out is:

This is just the beginning in getting your system clean.  You have to keep all you programs up to date and one way I do that is with Appsnap.  This little program keeps you programs up to date from Virus to Firewall.  I hope this helps people prevent and control spyware.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Tuesday
Nov252008

Some program Vulnebilities Detected!!

Author: AuthorPaul Sylvester | Date: DateTuesday, November 25, 2008 at 9:23AM |
Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I've found:
Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets "you easily create, sign and distribute configuration profiles using a web browser". A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program's files folder.

Streamripper Multiple Buffer Overflows
Streamripper "records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows." Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure.   if I find any others I'll let you know!!!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Wednesday
Nov122008

You have an undelivered UPS/FEDEX Package. (Virus)

Author: AuthorPaul Sylvester | Date: DateWednesday, November 12, 2008 at 1:00PM |
From what I've seen so far. There seems to be a new rash of email going around with the heading that makes it look and feel like either UPS or Fedex. Saying that you have an undelivered package from them and to either print the order confirmation or to click a link. I will say this once, if you get this delete it. Fedex and UPS will never hide the link and tell you have an package waiting in the email. They will leave a note your door. You must ask yourself how Fedex/UPS found out your email address to tell you have a package waiting? They don't and they won't, just a fact.

[ad#ad2-right]UPS/FedEx Delivery Failure : Snopes

TROJ_DLOADR.GG and TSPY_ZBOT.NM Trojan, which will Monitor and try to steal your data. The other one is a ZBot and will try to steal you data also. If you need help removing this virus, I'd suggest checking out my other virus article Avg detected Trojan Horse Generic 12.htc?. There are a lot of ways to remove this virus but the first step is never click on any links in your emails. I also wrote about Some Important programs to prevent yourself from having viruses and Malware!! This will help prevent and fix the common virus problems you might have.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Tuesday
Nov112008

AVG Detected a False Positive

Author: AuthorPaul Sylvester | Date: DateTuesday, November 11, 2008 at 4:19AM |
[ad#ad2-left]According to Security and The Net:

An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue.

[Via Security and The Net]


[ad#ad2-right]I bring this up because this is a false positive according to AVG. AVG since sent out another update to there Database and you can go and update the database to get rid of this problem. If you need to restore that DLL check out the article Security and The Net, they got some excellent suggestions on fixing the problem.

If you've not been affected by this yet, you probably won't be. It is yet unknown how many people have been affected. I'm blogging about this to tell people about this and to warn people that not all of warnings from AVG are true and that is why you should always ask before you delete or do anything to your system. I always USE google when it comes to these types of questions
VPN4ALL best privacy&encryption
Comment3 Comments | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,