Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Navigation
Sponsors

Entries in site (31)

Wednesday
Apr292009

Another Facebook Phishing going on again! (fbaction.net)

facebookphish1


(Click image to enlarge it)



[ad#cricket-right-ez]

It looks like site fbaction.net (Don't go there) is a phishing site for people today.  It looks like it would send out an Email with the Title being "hello'" and a link to this website.  This is being sent from people friends and should not login to Facebook through this site.  Remember the other [intlink id="3008" type="post"]Phishing sites that happen with Facebook[/intlink].


Someone is wanting your password to either spam others or to use it for other nefarious means.   For the time being anyone sending your a link should be sent through facebook and you will examine them one at a time.   You should not got this site.


Some other things you can do if you have done this is to reset your password.  You could also change it manually but you might not be able to use your current password because the Nefarious person has changed the password.  This will allow you to change the password without the current password.   You should also consider using a good [intlink id="2646" type="post"]Password Manager[/intlink], this will help you identify a fake Facebook site really easily.


If you use a good strong password, one with both Upper and Lowercase with Numbers and symbols, you will have a password that most people will not be able to guess.  This will help protect your account from being compromised.


Also with people sending files, it is also recommended that you install some [intlink id="2205" type="page"]free Anti-virus and Free firewalls[/intlink] to help prevent people from sending malware to your computer.

Friday
Feb272009

Rogue Fake Codecs on the Rise

Panda Labs has been talking about Adware/VideoPlay and they are seeing a lot of variants on this.   They even play a game, find the difference in the installation screen:



Now as you can see this look to be the same agreement in all those difference installation.  Some things to consider Never install any software from a website that you don't know Nothing about about.

Panda Labs also talks about these new variants in regards to what they do:

This file spreads by making copies of itself in the removable drives and it also creates an autorun.inf in order to be run when they are accessed. This file collects the data stored in the browsers, such as cookies, passwords, profiles, email accounts, etc, and connects to a remote address to send the information.
[Via Panda Labs Blog]

[ad#ad2-right]As you can see this makes you have very little security with your system.  I talk about Identity theft, and why you should always worry about your identity.   This however will make your passwords less secure and maybe even compromise you system to the point of having a data breach.   You need to be careful when you come by this, some fake codecs have been know to be scareware.  In which, the fake codecs installs a Trojan to tell you have a virus and try to make you buy a fake program to get rid of the Virus.  In one of my recent posts about Codecs and Facebook, I talked about the K-Lite Mega Codec Pack and how that will prevent you from installing these sociable links from friends and family.  The nice thing about this pack is it install all the really good codecs that you might come across on the web.  If you have this installed and there's a website that says you need a special codec, you'd know that it is either a fake codec or the author who made the video doesn't standardize.   In which case you will be more willing to leave that site without installing that codec.

If you follow these steps and also consider installing an Anti-virus and Firewall, you will be in a much better shape then when you first started out. Remember only you can prevent from getting a virus. You should also consider doing the registry edit that will prevent Autorun. As you can tell these new variants also are spread through USB and other removable media. This is the other way these programs are using to infect other systems.
Monday
Dec152008

Removing Win32/Bagle.HE worm

Here is another virus that seems to be spreading lately.   From the looks of it, it sees to be another email worm.  Here is what eset says:

Aliases


Email-Worm.Win32.Bagle.gt (Kaspersky), W32/Bagle.gen (McAfee), Trojan.Tooso!gen (Symantec)

[ad#ad2-right]Win32/Bagle.HE is a worm that spreads via e-mail. The size of its executable is 40565 B .

When executed the worm copies itself in the following locations:

  • Documents and Settings\All Users\Application Data\hidn\
    hldrrr.exe

  • Documents and Settings\All Users\Application Data\hidn\
    hidn2.exe


In order to be executed on every system start, the worm sets the following Registry entry:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drv_st_key

[ad#ad2-left]It seems to have a manual removal process, Unless you pay for the other software but according to the 411 on PC Security:
Win32/Bagle.HE worm is a “threat” that appears in security scans by fake antispyware WinDefender 2008.

The danger of Win32/Bagle.HE worm is supposed to scare you into wasting $49.95 on WinDefender 2008.

Unless you like getting ripped off, don’t download the software the Win32/Bagle.HE worm popup links to. You’re not really infected with Win32/Bagle.HE worm — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of Win32/Bagle.HE worm and WinDefender 2008, for free.

[via 411 on PC Security]

According to this site you can remove it by doing some steps.  I think Kaspersky has an easier way to remove it and it looks like most anti-virus software will remove this.   You need to remember that only you can prevent this from the future.   You should also update your windows update and make sure your system is up to date.
Friday
Dec122008

What is a Virus and Why do I have one

After seeing more and more the updates coming from the net.  I wanted to talk about what a Computer Virus or Trojan is and how you get it.   So how did  you could of gotten a Virus in the first place.   So here are some information to consider:

The vulnerability of operating systems to viruses


So what does that mean to you?  Most of the times when you get a virus you have a vulnerability in some place in your Operating system and it is either something that has not be known by Microsoft, Apple, and Linux or is know as a Zero-day Exploit. [ad#ad2-right]
A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or patchfree computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses.

[Via Wikipedia]

This is one of the most used because if it is an unknown exploit by the Operating System creators then they have a longer to us the exploit.  Most of the time hackers like to use this because that means there is a possibility of finding even more vectors to infect other systems.  You see if they can get on one system they can then find ways to get on other systems.

In the Old days, you'd ask

How Did I Get This Virus, Anyway?


You get a virus when you copy infected files to your computer, then activate the code inside by running the infected application or opening an infected document. How you copy the infected files is irrelevant: Viruses don't care if you get them as an e-mail attachment, a download, or via a shared floppy disk, though e-mail attachments are the most prevalent (and easiest) mode of transport.

[via PcWorld] (Dated Oct 13, 2000 11:00 pm)

That was before hackers wanted to infect for more personal gains.   There is a list of things that hackers want to get when they Infect a system and it is usually very few things.   In the Old days they wanted the fame but now they want money and to take control over the internet.  They usually want to infect for Money or to have computers become botnets.  Now We aren't talking about the Movie, I Robot.   Once a system becomes a bot it doesn't think for itself but follows a line of command from the Command and Control center.  So lets say we have  several hundred bots on one net, and the hacker blacked mailed a server saying if they didn't pay up they'd get DoS attacked.  With enough bots going to one site at one time can slow or even bring down a site, that is how A hacker sometimes uses a virus or trojan to get into a system.

Viruses & Trojans try to Avoid detection


So you have a virus, it wouldn't do a virus any good to be detected right after getting onto a system.   More and more, viruses are trying to avoid being seen and heard.  Most hackers who program are wanting to infect more than one system so they have to make really sure that you don't find out your infected.    So with that said there are several ways  and I won't try to explain them because I think the link talks about it better than I could.   It however will give people something to think about.


In the next few days there will be another post on How you will be able to figure out if you have a virus.  I had to talk about this first so people could understand how to figure out if you have in the next post.  So stay tuned for more
Wednesday
Dec102008

Office Depot Closed 126 Stores

This just came from USA Today, According to them and I'll quote:
Office Depot plans to close 112 underperforming retail stores in North America over the next three months. In addition, 14 stores will be closed in 2009 as their leases expire or other lease arrangements are completed, it said.

The retailer will also close six of its 33 distribution centers in North America, and says it plans to open about 20 stores in 2009, down from an earlier estimate of 40.



[Via USAToday]



[ad#ad2-right]

Although this isn't talking about layoffs but this will greatly impact people who will be jobless due to the closings.   SO I wanted to talk about how many per store,  I estimate it will be like 20 people per store on average.   So that will be around 2,500 people will be jobless in the stores and I don't know how many people will be jobless from the distribution center.   If you want to check out my other posts just click here.  If you search my site you will find even more tips and tricks to better help you be ready for the job market.

Monday
Dec082008

Rumor is that Itunes will Remove DRM!

[ad#ad2-right]A report from last week brought to AppleInsider's attention by French technology site ElectronLibre asserts that it's now "clear" Apple will spark new interest in its music store by removing DRM from tracks published by Sony, Universal and Warner on December 9th.

[Via Apple Insider]

Although, this is somewhat unlikely I've got my own theories on this.  You see If Apple did this tomorrow that would be a BIG deal, due to the fact that Microsoft will be releasing there patches on the same day.  I find it would be a momentous occasion.

[ad#ad2-left]I can only guess why and the guess is just a guess.  If Itune's did remove there DRM the same time as Microsoft Patch Tuesday, I'd have to guess they will co-inside because of the difficulty of using the DRM, Digital Rights Management, on other products.  For example, Windows Media Player .  If Apple decided to approach Microsoft and come up with a way to make sure all DRM is stripped this would be the ideal situation.   Although this is highly unlikely, I'd have to think Apple wouldn't wait till tomorrow to strip the DRM.  They know Microsoft schedule.  We will have to find out in the coming days.
Sunday
Dec072008

Facebook : Beware Spam for breakfast. (Virus)

In today's society, we've been to complacent with people with people clicking links for the social group. In one such article on Channel Web, a nice little blog, says this:
[ad#ad2-right]


The worm was discovered by IT security provider Kaspersky Lab, which said the threat, Net-Worm.Win32.Koobface.b, is targeting Facebook users by creating spam messages and sending them to the infected user's friends via the site.

"Unfortunately, users are very trusting of messages left by 'friends' on social networking sites," said Alexander Gostev, senior virus analyst at Kaspersky Lab, in a statement. "So, the likelihood of a user clicking on a link like this is very high."


[Via Channel Web]



This seems to be a problem people thinking that a link someone sends them is a real good link but actually is a link to a video site. According to this article the links people are sending are actually a fake video link, telling you have to download some update to flash player, by downloading this program. The user gets involved with the virus and the fun begins. So how can you prevent this from happening, two ways one is a very good group of software to make sure you have the latest and greatest video codecs. That too can be something they'll say you need and if you've already installed this list of codecs then you know they'll not telling the truth and you can quickly get away from the site laughing.


[ad#ad2-left]What's this program name, it is call the K-lite Mega Codec pack. In this Pack you will be able to play almost everything without having to go download another program. This is done by people who want you to have all the latest codecs installed so you don't have to go by a program you'll only going to use once a month.



Once you've done that, you'll no longer have to worry for the most part about codecs. There will be times when you might have to visit that site and update them but that will be far less.


The other thing you must remember is if it says you must update your player. That should be a sign that there is something. I'll always go to the site and check for example Adobe. If it says I need to update my flash I'll manually type it into my browser. This way you will know you have the latest updates, if you need to update the flash player by all means go to here and update.


If you got the virus I'd check out my Anti-virus and Anti-Spyware page and that should show you will you need to get rid of the Virus. This virus is very easy to get rid of, just download any one of the anti-virus software and install it. Don't forget to update the virus database while your at it. That should fix the problem pretty fast. Remember the only way to prevent from getting the virus is YOU.

Thursday
Dec042008

sinowal.trojan Problems.

Trojan-PSW:W32/Sinowal.CP drops and loads a password stealing component on the infected system and tries to steal account information from it. It also tries to steal information that is required to access certain online banks' and online payment systems' websites.

[via F-secure]

[ad#ad2-right]It seems to be a very hard virus to remove but there are ways to get rid of this virus.   Some tips and tricks to get rid are:

This are the beginning steps to get rid of a Virus but it will be a really hard virus because it wants to stay in your system.  You should also Restart in Safe mode and Try to remove that virus that one.   You will also want to disable your system restore due to the fact that it will be in there and might come back if you restore your system.  Just some simple tips to help keep you safe on the net.
Wednesday
Dec032008

Is this Hardcore PC Falcon Northwest Mach V Extreme or not?



[ad#ad2-right]Just saw this on PcWorld Reviews and thought I'd talk about the specs. I would love to get one of these for my self. It comes with:


All these are links are for those who would like to make this computer yourself.   The links are where you could go to buy the parts. The price after you buy the parts are estimated at $7395 price and I think you could get that down to 5000$ if you look for rebates and other incentives.   I wouldn't mind having this computer for gaming myself.   It sure would be nice to give for someone on the holidays.  This would be good for people wh o are looking to computer game developers or people who are into 3D rendering.  Just though I share this little  review with you.   They really did a fantastic review of this product on there site.
Friday
Nov282008

Some good CyberMonday Sites to look at for 2008!

I was just getting done with that story about the Walmart Stampede, and thought I would encourage people to check these good sites for people to check out for great deals.   I have been looking through sites combing for some great sites to find the best deals and here they are:

[ad#ad2-right-1]

  • Dealio -- Dealio will not only show you sneak peaks at Cyber Monday ads, but we will also send you directly to the store so that you can purchase the often limited inventory Cyber Monday deals before they disappear. Best of all, there is no need to hop from site to site – Dealio has all your Cyber Monday shopping covered.

  • CyberMonday -- Shop hot holiday deals from more than 500 merchants. All of Shop.org's proceeds from CyberMonday.com support the Ray Greenly Scholarship Fund.

  • Cybermonday Mahalo Deals -- This Mahalo page collects links to websites offering information and discounted merchandise for Cyber Monday.

  • Best Cyber Monday Sales --Well, I finally put together a list of the top retailers throughout the country with links directly to their Cyber Monday deals.

  • Shopzilla --  The company's mission is to enable shoppers to quickly and easily find compare and buy anything, sold by virtually anyone, anywhere. Each month, Shopzilla connects millions of consumers with thousands of stores.


These are just a few that I could find and wanted to let people decide where they would like to go!!
Tuesday
Nov252008

Some program Vulnebilities Detected!!

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I've found:
Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.


[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets "you easily create, sign and distribute configuration profiles using a web browser". A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program's files folder.


Streamripper Multiple Buffer Overflows
Streamripper "records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows." Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system.


Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure.   if I find any others I'll let you know!!!
Friday
Nov212008

Google Creates the ultimate Search Wiki!!

Google has started to do let people rate the searches and help find the better articles. Google is calling it Searchwiki. Here is a screen shot:



[ad#ad2-left]You can now help judge and rate search results.   You can also X out the ones that are not right.   I am going to play around with this even more.  It started out on Google Trends and Now people are all wanting to know more about this.   This could help my site even more.   I want to know what others are thinking about this?  Is this Good or can this be good for the spammers?  You decide.

Some other Websites talking about this are:

These are just a few but I wanted to let you see what other websites are talking about this new feature. I do want to hear what you think about all this and what is likely to come later on?


Monday
Nov172008

Memorex releases a cheaper Blue Ray player than a PlayStation 3.


According to there website It can do this:

* Progressive scan Blu-ray Disc player 1080p capability for higher definition video content
* Full HD 1080p, DVD up-conversion up to 1080p (480p, 720p, 1080i, 1080p), 24p, 60p video frame rate
* Multi-channel audio content (supports more advanced Dolby Digital Plus, Dolby TrueHD and DTS-HD)
* BD-ROM, DVD-ROM, DVD, DVD-R/-RW, DVD+R/+RW, DVD-R DL, DVD+R DL, CD-ROM, CD, CD-R/-RW
* 16:9 / 4:3 picture select
* On-screen graphical user interface
* Slow motion function (2x - 4x - 8x)
* RW/FF play function (2x - 4x - 8x - 16x)
* VFD display


[ad#ad2-left]The price of the unit at Memorex is 269.99$.   I think this is a great buy if all you need is a blue ray player.  Cheaper than buying a PS3.  Although if you want to buy a PlayStation 3 to play games and also watch movies on it that is still a good deal.   So why buy this player,  this will  not play games and keep your happy.
Saturday
Nov152008

Stargate Atlantis ends after the 5 Season!



[ad#ad2-left]After 5th season there will be no more weekly shows of Atlantis.   According to Gateworld:
Atlantis remains an extremely strong performer in DVR-delayed viewing, though, often building as much as 25 to 30 percent on its premiere night audience.

I kept saying Atlantis should of been on Hulu, just like every other show they would have a more solid audience and more  viewers to count.  The only reason Eureka and others got more ratings was because they could watch the latest shows on Scifi or Even Hulu.  Unlike Stargate Atlantis on Hulu, they only have small clips.   In order to build a fanbase, you need to build around the most current way to show the show off.   Granted it still did rather well with ratings and all but it could of done better by putting it on HULU.   There are sites out there that would like to Save Atlantis and I agree with them.  I would love to see more seasons of Atlantis, and see it on HULU.
Monday
Nov102008

Antivirus Professional 2008 uses Scare tactics

[ad#ad2-right-1]
We came across a rogue today called Antivirus Professional 2008 that uses GeoIP Lookup as part of its scare tactics. This site uses Flash and script to create the effect of an online scan, that then attempts to push an installer at the visitor. The NoScript extension for Mozilla Firefox is an excellent way to mitigate against this kind of garbage.

[Via F-secure]



It seems that there is a site out there, that seems to be trying to scare you into downloading there software. If you have any questions about this site please feel free to check out what I've found out:
Registration Service Provided By: ESTDOMAINS INC
Contact: 1.3027224217
Website: http://www.estdomains.com
Domain Name: ANTIVIRUS-ONLINE-SCANNER.COM
Registrant:
N/A
Serento faloimitator@list.ru


Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Creation Date: 07-Jun-2008
Expiration Date: 07-Jun-2009
Domain servers in listed order:
ns2.antivirus-online-scanner.com
ns1.antivirus-online-scanner.com
Administrative Contact:
N/A
Serento faloimitator@list.ru


Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Technical Contact:
N/A
Serento faloimitator@list.ru


Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Billing Contact:
N/A
Serento faloimitator@list.ru


Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732



[ad#ad2-right]Now as you can see this site is located in Russia, and if that's the case it is probably some virus itself to take control of your system to do what they want with it. So you best advice is if you think you have a virus then check out my recommendations these are all free to download and try. Unlike this site, they are legitimate and actually do what they promise.  If you want to email them you can but It don't think it will help.

*UPDATE on that Website*


According to F-secure that site is now Suspended.  Great job guys.  We are now fighting these people even better than I'd thought.
Saturday
Nov082008

Avg detected Trojan Horse Generic 12.htc?



Just got a warning from AVG about, trojan horse generic 12.HTC, haven't heard of it, anyone out there hear if this one? apparently it infects explore.exe, and after months of explore.exe crashing I'd say it's a legit virus.


[Via Answer Bag]



Some tricks and tips to remove this little virus is quite simple. It is embedded in your system so how do you remove this threat? Easy follow these steps and you will have a better chance of getting rid of the virus:

  1. Find out all you can on the virus -- Finding out the extent of where the virus lays is really a good idea.  Just because you found one place doesn't mean it isn't also hiding some other place.  Some good ways to figure out where it might be is to download Hijackthis and Then onces you download it and install.  Run it, and when you get the LOG file you will want to go to HijackThis Log Analysis Site 1 and HijackThis Log Analysis Site 2, and see what it says.


  2. See if you can remove the Hidden Virus -- After you find out what the extent of virus may lay.  You will need to download these programs.  Run whichever ones you like to see if you can locate and delete the virus.  You may also consider using one of the several onine services to see what they might suggest or see if they can find this virus.

  3. Check your services and reboot sequence -- After you think you've gotten rid of the virus, reboot and do a rescan.  Usually the Virus will respawn after you reboot, some of them have a command in the reboot sequence.   You may want to check your reboot sequence, by check with MSCONFIG.  Sometimes it is hidden but if you check through the MSCONFIG for any files that might not need to load.  Also check the services tab and see if there is any services that may not be needed.  The best bet is to google search each service or program that is in there and see if that might fix the problem.


  4. Might be time to re-install Windows -- Although this is the hard for people, this can sometimes fix the most challenging virus.  You need not have to loose your important data.  The only thing to remember when you back up is when restore you data after you re-install windows.  Just remember one thing, if it is  an .EXE, .COM, .BAT, and .MSI extensions than that might risk you getting the virus all over again.  Although remember that you will need the other tools I talked about on #2 to keep from getting the virus again.


These are some tricks I use to get rid of a virus and now I've shared them with you and now it is up to you do the work.  If you have any tips or tricks to get rid of a virus leave a comment.
Friday
Nov072008

Reports are coming in that WPA is no longer secure!

[ad#ad2-left-1]
According to a media reports, Erik Tews and Martin Beck claim that they have found a way to unlock the Temporal Key Integrity Protocol (TKIP) key, used by WPA, to read data sent from a wireless router to laptop computers. According to the researchers, the key can be cracked in 12-15 minutes.

[via Sophos]

According to Sophos, they are claim that people can now watch what you are doing on a Wireless router to a laptop. Although this isn't to be unexpected this is a very serious out come. It is now easier to watch what people are doing online. So does that mean people can see everything you do? Not necessary. According to some people this is harder than it seems, most of the websites you visit are not encrypted, but websites that use the "https" protocol are more safer to use online. You should be safe if you are buying things online as long as you are sure it is secure. Some other steps to take to help make it harder to unencrypte your wireless single is to use Roboform promotion codes you will get for 10% or 20% off the purchase price!!

[ad#ad2-right]Some other steps to consider are:




If you have a wireless router and want to be secure with any transactions online you might think about hooking up to the internet via the CAT5 cable.  This is one way to prevent anyone from seeing what you are doing online and protects your privacy.  Although this too can be overcome in certain circumstances they are much harder to do and implement so you are safer this way than with most others.
Thursday
Nov062008

Mattel introduces the new Welfare Barbie.

[ad#ad2-left]Mattel will be introducing the new welfare barbie doll,or laying off 1,000 jobs. According to Bloomberg and I'll quote:
Mattel Inc., the world's largest toymaker, said it would cut about 1,000 jobs, or 3 percent of its global workforce, as it faces higher manufacturing costs amid the worst financial crisis since the Great Depression.

[via Bloomberg]

If you're like me and you want to cringe every time you hear another place is laying off people. I say we are still in a downward spiral. Everyone is saying that even Jason Calacanis, in his recent email he sent to all his fellow readers, he talked about the Rich not buying anything they didn't need. He said that is good, I however wonder how far the hole goes before we hit rock bottom.

[ad#ad2-right]According to some analysts, they are talking about this lasting another year or more. On another note, according to Kotaku and I'll quote on this one to:
We have received a letter purportedly sent by THQ CEO Brian Farrell to explain to his employees the reasoning behind the company closing five studios and laying off staff from two others. The closed studios are Helixe, Sandblast Games, Locomotive, Mass Media and Paradigm.


[via Kataku]

Now I've talked enough about Layoffs in the past and I won't talk to much but I do hope this changes in the new future. If you want to find the other ones that I talked about just search my site, they are all there with out any problems.

[Thanks to Kyle Rees for the suggestion on the heading]