Top

Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Blog Index

Subscribe to our mailing list

* indicates required
Email Format

View previous campaigns.

Powered by MailChimp

Follow Us

Navigation
Sponsors

Entries in issue (9)

Friday
Feb202009

PDF Zero Day Vulnerability in the Wild

Author: AuthorPaul Sylvester | Date: DateFriday, February 20, 2009 at 9:33AM |
From sources all over the internet, Adobe made a sent out a Security bulletin yesterday:
APSA09-01 (Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat)

[ad#ad2-right]A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

Adobe Plans on patching this March 11, 2009

and According to some other reports are saying:
Symantec Security Response has received several PDF files that actively exploit a vulnerability in Adobe Reader. We are continuing to remain in contact with Adobe on this vulnerability in order to ensure the security of our mutual customers.

[via Symantec]

With PDF files being used all over the business world, this will create undo problems with the IT Field.  This also could be used to make Botnets and make the network involved become sluggish.   It must be warned that there are a whole wide variety of possibilities that could be done with this exploit.  Shadowserver Foundation recommends disabling the Javascript in your Adobe Reader.  Until the patch comes out you will need to be careful on what you open up and possibly check each and every PDF with an Anti-virus.  This should help minimize the likely hood of getting a virus or Trojan, but is not going to be a 100%.  The only way you can prevent a 100% right now is not to use PDFS until they have Fixed this problem.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Sunday
Dec142008

Signs of a Computer Infection!

Author: AuthorPaul Sylvester | Date: DateSunday, December 14, 2008 at 8:46PM |
So I was thinking this morning what I missed and I totally missed on how you might be able to tell if you have a computer virus. It does me no good to talk about a virus if you don't know you're infected. I was thinking of the times I had a client who had trouble but wasn't what I thought.

So How do you know?


Some people would say it depends on factors but here are what I call clues that make me suspect a virus:[ad#ad2-right]

  1. Slow or Sluggish computers --  Here is what I know if the computer is really slowing down and have a dual core or quad core.  If you are running a system and sees a lot of hard drive activity even when the computer is idle then it might be a virus or it could be a program doing what it is supposed to be doing.  So this is somewhat of an indication but not always.

  2. Slow internet connection on the computer or on the network -- Due to the fact that most people have a router that is connected to all the computers and if you internet connection on all your systems are slower than normal then you could have a virus.  I use Speed Test website to help determine this.

  3. Corrupt files or Missing files --  Sometimes you have a text documents or files that are missing and you have to pay to get them back.   It's an old scheme and usually once your files have been encrypted you can't get them unencrypted.  So this is why I added this one also because it varies from virus to virus.

  4. Programs don't work like they used to --  This is also a very common association with a virus because virus makers don't have time to test it out on a variety.   Most of the time if you get a call that a program is no longer working tat would be the first thing I'd look at, if not check to see what other programs have been installed lately.

  5. In some cases more files are the Hard drive --  This can be a indication of a virus because the virus might be using the system to host files or other such illegal activity.   Although this is happening less and less it can still be a possibility and should be checked out.   I like to use a graphical tree size program to determine if that is the truth.

  6. Pop ups or Browser redirects -- this is a common thing along the way.  It's always the same and saying something like "you have a virus" or "You unprotected and you might have a virus".  The theme here is to scare the user into buying there product that does not do anything.   It sometimes even looks like a real anti-virus program or spyware program but in truth it is just a scam.  In some cases it will send you to a site because it keeps wanting you to buy the product.

  7. DNS Changes on you -- Some hackers like to have you go through there server so they can watch everything you do online.  They are wanting to get the sensitive information of bank account, and other important accounts.  This is really the ones that need to get off your system asap.


[ad#ad2-left]These are the signs I've seen in the past that would indicate a virus but as with any problem.  You will need to check for all the possibilities.   It is always going to be an issue with people because most people don't know about the signs, now you do and you can now be a better computer user.  It is you who can only fight viruses by knowing all the possible system and only you can defeat a virus.  In the next article I will talk about the tools to help you find and defeat a virus.   This will be a big blog post because I have so much to teach and explain.   If you like these post by all means leave a comment and help spread the word.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Wednesday
Dec102008

Fix Shutdown Problems in Vista!

Author: AuthorPaul Sylvester | Date: DateWednesday, December 10, 2008 at 9:43AM |
[ad]
In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility.  One thing it seemed to fix on my system has been the shutdown time.  It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute.   So if you've not installed this update please install it soon.   I would like to know if people are seeing the same thing I am.   I've found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs.  This should fix most of the problem with older programs.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Thursday
Nov202008

Vista has a new Vulnebility!

Author: AuthorPaul Sylvester | Date: DateThursday, November 20, 2008 at 11:41AM |
According to Techworld.com,  Vista has a new Vulnerability that could let a hacker infect a Vista machine with a rootkit.  The talk from them is quite intriguing.   I will quote it to better let you know what the Vulnerability is:
The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

[ad#ad2-left]Phion notified Microsoft about the problem on 22 October. Microsoft indicated to Phion that it would issue a patch with Vista's next service pack. Microsoft released a beta version of Vista's second service pack to testers last month. Vista's Service Pack 2 is due for release by June 2009.
[via Techworld.com]

The way they could do this is through the Device IO Control which in turn could corrupt the Kernel of Windows Vista.  Now we all know that Microsoft will release a patch quicker than 6 months away.  According to this article, people are already looking for the exploit and want to know more about it.  I would be willing to bet they will have a patch out sooner than later.  Probably January or Febuary, which will be a big deal because no one will expect it.  I would also imagine hackers will start trying to figure out how they could install software as quick as possible before Microsoft pushes out the patch.   So what can you do to protect yourself, Get a firewall, a Antivirus and learn how to protect yourself to prevent yourself from getting a computer virus.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Tuesday
Nov112008

AVG Detected a False Positive

Author: AuthorPaul Sylvester | Date: DateTuesday, November 11, 2008 at 4:19AM |
[ad#ad2-left]According to Security and The Net:

An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue.

[Via Security and The Net]


[ad#ad2-right]I bring this up because this is a false positive according to AVG. AVG since sent out another update to there Database and you can go and update the database to get rid of this problem. If you need to restore that DLL check out the article Security and The Net, they got some excellent suggestions on fixing the problem.

If you've not been affected by this yet, you probably won't be. It is yet unknown how many people have been affected. I'm blogging about this to tell people about this and to warn people that not all of warnings from AVG are true and that is why you should always ask before you delete or do anything to your system. I always USE google when it comes to these types of questions
VPN4ALL best privacy&encryption
Comment3 Comments | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Saturday
Oct252008

WOW:Chamber of Secrets might have a Copyright issue on there Hands!!

Author: AuthorPaul Sylvester | Date: DateSaturday, October 25, 2008 at 5:51PM |
[ad#ad2-right]

At any rate, the quest is called Chamber of Secrets and asks you to investigate the Servant's Quarters of Karazhan for a new NPC (possibly boss). [via Curse.com]





So I sit here thinking how interesting this could be!!!  WOW is having a quest called "Chamber of Secrets".  Now I don't know much but this might infringe on Harry Potter's Book Chamber of Secrets?  Would someone like clarify me this point.  I'm going to keep my eye on this one!!!
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , ,
Thursday
Oct232008

Microsoft Windows Server Service Vulnerability (MS08-067)

Author: AuthorPaul Sylvester | Date: DateThursday, October 23, 2008 at 2:27PM |
A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.

On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.

Note: This vulnerability is being exploited in targeted attacks.

[via FrSirt]


[ad]


This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!

*UPDATE*
According to Microsoft:
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
[Via Microsoft Security Bulletin]
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Oct172008

AVG detected trojan ; Generic11.BEOG

Author: AuthorPaul Sylvester | Date: DateFriday, October 17, 2008 at 8:39AM |
I had a Friend tell me his system detected  this Trojan GENERIC11.BEOG.  I did my research and right now.  It looking like Adobe added something to there recent updates *see updates below*.   I'll  Have to check with some other sources but it looking like AVG over did it again and found something that might just be an AVG issue.  (correction)


[ad]

I usually wait before updating something like adobe.  It is sure to be some minor change to adobe but if your are worried here's the link to watch and see what people are asking or talking about this false positive:

Malwarebytes Security Forums

It seems that AVG is calling this possible virus but yet it looks like it is a false positive.  So don't you worry.  If it was a true virus you'd probably would never know!! ;)

[ad]

*UPDATE*

I installed Adobe 9.0 and updated the virus scan database for AVG.  It hasn't found any thing yet but I am still scanning my system.  I'll let you know if it finds this false positive on my Vista machine!!  I'm doing this to test it out!!!  Come back later to find out the results of the test.  (if you like this website by all means google this website so it too can be on google trends.   I want to see it be up on google trends for a day or two.)

*UPDATE #2*

Just did a whole system scan.  It did not find anything.  So I will be doing a reboot and scanning again.   It might be something that is attached to a PDF, if you went to a malicious website.   So I will do another scan.

*Update #3*

I just rebooted and almost finished scanning with AVG.  I still haven't found anything wrong.   I have did some more digging into what might cause it.   I just did a look registry look up on {AC76BA86-7AD7-1033-7B44-A90000000001} and I found out something really interesting.   It's a PDFFile_8.ico File.  This is tells me this is an Icon for the desktop.   I'm using one of the examples from Malwarebytes Security Forums to try to figure out what might be infected.

Here's what AVG said after it finished scanning my system:



So I must assume that it is neither Adobe or AVG who have anything to do with this.  I will have to say that it must be a real infection as to not having any viruses after an install of Adobe.  How do you get this type of virus.  Check out my article on : Some Important programs to prevent yourself from having viruses and Malware!!

There you will find some useful tips on how not to get infected and other useful tools to help restore you system to it's glory days.

So I will tell my friend to do a full virus scan and double check the results.  I can't replicate the so called virus but I am sure there is something going on with the HASH files of the AVG Database and something might be coming back from the adobe install that has the same HASH files.  That also might be making AVG flag it as an Virus or Trojan.  I might never know though.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , ,
Saturday
Dec152007

Hot, sexy bot sweet-talks personal data out of chatters

Author: AuthorPaul Sylvester | Date: DateSaturday, December 15, 2007 at 9:39AM |
[ad#ad2-left]
Security software company PC Tools warns that the bot can easily be used for malicious purposes. The company said that the program's ability to mimic human behavior to dupe chatters is worrisome, and could readily be used to collect all manner of information. "As a tool that can be used by hackers to conduct identity fraud, CyberLover demonstrates an unprecedented level of social engineering," said PC Tools senior malware analyst Sergei Shevchenko in a statement. "CyberLover has been designed as a bot [robot] that lures victims automatically, without human intervention. If it's spawned in multiple instances on multiple servers, the number of potential victims could be very substantial."
[Via Arstechnica]

This is really a security issue here. Never give out your personal information online. I just want to post this to remind people not everything online is safe.
VPN4ALL best privacy&encryption
Comment1 Comment | in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,