 | Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here! |
Found new Internet Explorer Vulnerability
Found Internet Explorer (daxctle.ocx) Heap Overflow Vulnerability.
When Internet Explorer handle DirectAnimation.PathControl COM
object(daxctle.ocx) Spline method, Set the first parameter to 0xffffffff will triggers an
invalid memory write, That an attacker may DoS and possibly could execute arbitrary code.
Affected windows version:
Windows 2000
Windows XP
Windows 2003
Windows users.. check out Firefox, Opera, and whatever other nice browsers you can throw out there.
August 31, 2006 on 9:11 pm | In Exploits & Vulnerabilities | No Comments |Worm uses MS04-007, MS05-017, MS05-039, MS06-040 bugs
For the past several days, ISC have received all kinds of emails about the recent increase in scanning on port 139. One of loyal readers out there on the ‘Information SuperHighway’, Alex Pettinger, wrote and and gave us some netstat and fport outputs from one of his machines that seemed to be affected by the worm, (as well as a nice copy of it). It appears, in typical antivirus fashion to be named several things: McAfee is calling it “W32/SDbot.worm!MS06-040“, Sophos is calling it, “W32/Vanebot-A“, and Symantec is calling it, “W32.Randex.GEL“. (Yes, it’s been out for a couple days)
Let’s take a look at this bad boy shall we? How does it spread.. well, it uses: MS04-007, MS05-017, MS05-039, and of course, our favorite bug of the moment, MS06-040.
This one should be relatively easy to catch, look for machines pounding away over port 139 (from reader submissions it’s about 150 machines in just a few seconds, so it should be noisy), look for connections via IRC to “forum.ednet.es” over port 4915. (Until the next variant changes it, and we know it will). It has the ability to do a bunch of things including spreading to network shares..
For protect your PC block 139 and 445 at the router/firewall. Netbios traffic shouldn’t be allowed to exit or enter your network from egress points anyway.
Update your antivirus. At least daily. Patch your Windows.
August 31, 2006 on 9:05 pm | In Tips, Worms | No Comments |How to remove DriveCleaner (Uninstall instructions)
Drive Cleaner is rogue privacy/security program that gives exaggerated reports of security and privacy risks on a computer. The program then prompts the user to purchase a registered version of the software in order to remove the reported risks.
During installation, DriveCleaner configures itself to run automatically every time, when you start your computer. Once running, it will scan your computer and reports of security and privacy risks on the computer that cannot be removed unless you first purchase the software. Also the DriveCleaner may drastically slow the performance of your computer. Use the instructions below to remove Drive Cleaner and any associated malware from your computer for free.
Continue reading How to remove DriveCleaner (Uninstall instructions)…
Java extremely important update
Sun has released a fresh update for Java Runtime Environment. This is an extremely important update. JRE has long been used to install malware as it contains numerous vulnerabilities which allow remote code execution. Another important factor is that JRE works with all web browsers. This means that a vulnerability in JRE will affect all browsers.
The most serious issue in JRE has finally been fixed. The problem with previous JRE releases was that they didn’t prevent a Java applet from calling earlier JRE versions. As previous JRE versions aren’t uninstalled automatically this creates a very dangerous situation. If machines have the latest version of JRE, but older versions haven’t been manually uninstalled the machines are still vulnerable.
So install the latest update ASAP. Read the article How to update Java.
There have been reports in the past that the updater in the Java Control Panel will say that the latest version is present, even though it’s not. So double check that you have the latest version!
P.S. If you uninstall all the older versions you’ll probably free up quite a lot of space on your hard disk.
August 30, 2006 on 12:47 am | In Updates | No Comments |Don’t be a victim or how to make better choices
There are some current tools out there which may help users make better choices (or block their bad choices). I’m just going to talk about browser toolbars.
Continue reading Don’t be a victim or how to make better choices…
August 28, 2006 on 11:48 pm | In Best Programs, Free Software, Internet Browsers and Mail and News readers, Malware removal, Tips | No Comments |Sophos Anti-Rootkit Eliminates hidden applications and processes
Free Sophos Anti-Rootkit, finds and removes any rootkit that is hidden on your computer. Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care.
Continue reading Sophos Anti-Rootkit Eliminates hidden applications and processes…
August 28, 2006 on 7:54 pm | In Free Software, Rootkit | No Comments |Netcraft Toolbar
Netcraft has a really nice toolbar which can provide visual clues as well as speed bumps to doing something unsafe. It can actually block access to a site pending user verification (ok so we all know most users click OK on anything that pops up to get it out of the way).
Continue reading Netcraft Toolbar…
August 27, 2006 on 8:02 am | In Free Software, Phishing | No Comments |SpoofStick
A spoofed website is typically made to look like a well known, branded site (like ebay.com or citibank.com) with a slightly different or confusing URL. The attacker then tries to trick people into going to the spoofed site by sending out fake email messages or posting links in public places – hoping that some percentage of users won’t notice the incorrect URL and give away important information. This practice is sometimes known as “phishing”. SpoofStick makes it easier to spot a spoofed website by prominently displaying only the most relevant domain information.
August 26, 2006 on 8:40 am | In Free Software | No Comments |NoScript very nice toolbar for FireFox
Extra protection for your Firefox: NoScript allows JavaScript, Java and other executable content only for trusted domains of your choice, e.g. your home-banking web site.
This whitelist based preemptive blocking approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality…
Experts do agree: Firefox is really safer with NoScript 
Download NoScript now.
August 26, 2006 on 8:37 am | In Free Software | No Comments |HostsMan 3.0 beta for Windows was released
HostsMan is a freeware application that lets you manage your Hosts file with ease.
You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the Server that supplies these little gems.
Continue reading HostsMan 3.0 beta for Windows was released…
August 23, 2006 on 6:28 am | In Free Software | No Comments |Malware Removal:
- How to remove AWM Antivirus (Uninstall instructions)
- How to remove antivirspace.com browser hijacker
- How to remove antivirlock.com browser hijacker
- How to remove antivirmars.com browser hijacker
- How to remove Advanced Security Tool 2010 (Uninstall instructions)
- How to remove Red Cross Antivirus (Uninstall instructions)
- How to remove AVDefender 2011 (Uninstall instructions)
- How to remove fake Microsoft Security Essentials Alert
- Remove antivirdial.com browser hijacker
- How to remove NetworkControl or Network Control (Uninstall instuctions)
Recent Forum Posts:
- Buy Avapro Online Without Prescription | Buy Avapro No Rx
- Antimalware Doctor - help!
- Virus pretending to be Microsoft internat explorer
- Antimalware Doctor
- Security Suite Virus - Unable to start computer
- exact same problem removed antimalware doctor, can't get online
- Malwarebytes removed antimalware doctor, can't get online
- Google redirect: HiJackthis log (at wits end)
- MBAM_ERROR_ADD_TO_RESULTS (0,6)
- Antimalware doctor won't let me run HijackThis...
Recent Comments:
- God!! youre a life saver! i mean pc saver!...
- Derek, what shows your browser when you trying to...
- Adrienne, download HijackThis from ...
- Joey, start a new topic in our Spyware removal for...
- Amjad, download the suggested programs above to an...
- luke, what shows you PC when you trying run any ap...
- Eva, try the following: rename the core Malwareby...
- Then you need to download the suggested programs a...
- mark, probably you have clicked to a google ads. U...
- DA, you are logged as Administrator ?...
Categories:
Archives:
- September 2010 (2)
- August 2010 (21)
- July 2010 (9)
- June 2010 (11)
- May 2010 (11)
- April 2010 (7)
- March 2010 (19)
- February 2010 (20)
- January 2010 (26)
- December 2009 (26)
- November 2009 (23)
- October 2009 (26)
- September 2009 (18)
- August 2009 (12)
- July 2009 (10)
- June 2009 (10)
- May 2009 (7)
- April 2009 (18)
- March 2009 (21)
- February 2009 (15)
- January 2009 (13)
- December 2008 (7)
- November 2008 (15)
- October 2008 (14)
- September 2008 (10)
- August 2008 (5)
- July 2008 (3)
- June 2008 (4)
- May 2008 (5)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Help by linking to us:
- MyAntiSpyware needs your support. Please make a link from your site to us.
Use the button:
Bookmark Us:
My Anti Spyware - Free antispyware programs and Spyware Removal Instructions.