[Lockergnome] Computer Security ~ March 21, 2009

Lockergnome's Computer Security ~ March 21, 2009    Problem attachind data from Poker Edge StepTree software and hidden Windows files Firefox shortcut to desktop Can't See Ads Taskbar Disappeared No "Recent Files" in Office 2007 How to edit photoshop filter categories? I Need A Keylogger Dns Resolver Cache MY PC gets restarted itself and makes a noise like aeroplane Help with my bsafe filter!!!! scrolling Printing the Attachment line Firefox extention GMail Manager 0.5.7 Anyone that still remembers NT? Vampix v1.0.03: Vampix lets you add black and white effects to your digital images by extracting (removing) colors from the images and creating a partial B&W effect. With some patience, you can create a neat effect, however we found it to be mostly hit and miss, with limited control over the results, and a rather complicated interface that lacks documentation. [348k] [Win98/ME/2k/XP] [FREE] [SnapFiles]... [Click Here to Download] Lockergnome help - Antivirus Discussions Avira Antivir: how can I load the config. file? URGENT! Online attackers feed off Norton forum purge Windows 98 / Acrobat 6 appears not vulnerable to JBIG2 buf.. AVG Free AntiVirus -some problems lately- anyone else? Instruction: Step by step to convert all movies and music (i Boot Virus unable to format Reinstall win xp Virus? malware? mesh nfl jerseys,nfl authentic jerseys,nfl custom jerseys McAfee SiteAdvisor ratings may be 1 year out-of-date Is there an Antivirus that can search *on demand* for malw.. Bit Defender uninstall Can't login to Norton Internet Security Diary of a computer tinkerer Minor site update How to rip DVD and edit DVD Lockergnome help - Trojans/Spyware Discussions Plethora of problems from one stupid action. Spyware Doctor Offer Help for yet another search engine hijack? I've been hijacked... google, yahoo, etc. results redirected Momma told me not to get Hijacked.... spyware and cookies My google is hijacked Another google hijack Pop ups continuous when i am in a web browser Need help getting Bot off my computer. Virus/Trojan help needed...... Another Search Engine Hijack Victim Vietnampathfinder Travel Another Google search problem Trying to clean up PC Lockergnome help - Antivirus Discussions - General Discussions Avira Antivir: how can I load the config. file? URGENT! Windows 98 / Acrobat 6 appears not vulnerable to JBIG2 buf.. Instruction: Step by step to convert all movies and music (i Boot Virus unable to format Reinstall win xp Virus? malware? mesh nfl jerseys,nfl authentic jerseys,nfl custom jerseys McAfee SiteAdvisor ratings may be 1 year out-of-date Is there an Antivirus that can search *on demand* for malw.. Diary of a computer tinkerer Minor site update How to rip DVD and edit DVD Empty Installation Screen. ESET Smart Security at discount? Eric Schmidt: Mafia child pornography Percentage of Viiruses not blocked Lockergnome help - Antivirus Discussions - McAfee Anybody had to deal with McAfee's new Download Manager? Norton vs McAfee? McAfee Uninstall has crippled me McAfee ePO CMA Install Issues w/ Framework Service AVS is no more, AOL now using McAfee McAfee Enterprise AV Problem McAfee Virus Scan Enterprise Update problem help please Uninstall McAfee Firewall Kaspersky vs McAfee and Norton McAfee isn't picking up a pest!!! Infamous McAfee framework service problem McAfee updated then msconfig gives "access denied, log in .. McAfee, Vista and Dell- an installation from hell McAfee SLOWS my computer to a snail's pace! push mcafee epo agent Lockergnome help - Antivirus Discussions - Symantec/Norton Online attackers feed off Norton forum purge Can't login to Norton Internet Security are going to buy norton 2009? How do I "reset" Symantec scan history? Secure storage system svichoost.exe anyone? How to un-install NORTON suite? AVG vs Norton NAV 2007 total removal ??? Infostealer cancelling Norton subscriptions Norton 360 vs. printer/scanner issues Norton Internet Security 2007 Problem With Norton SystemWorks and Windows XP Login Symantec Client Firewall - Preset exception lists? Lockergnome help - Antivirus Discussions - AVG AVG Free AntiVirus -some problems lately- anyone else? AVG 8.0 Problems Galore AVG Free Edition 8.0.175 Unable to install AVG free 8.0 Problem installing paid AVG 8.0 - ewido conflict AVG free command line Problems uninstalling AVG Free 7.5 stop AVG Gaelicum removal tool running on startup Network question with AVG 8.0 Quick Scan? AVG 8.0 and ZoneAlarm = Vista crash AVG always requiring restart AVG 8.0 Download Question AVG installation problems Need a bit of help with AVG Lockergnome help - Antivirus Discussions - F-PROT Is F-Prot for DOS no longer supported? F-Prot Fisk Intl' F-Prot What is latest version of F-Prot for DOS free version? F-Prot for Dos not scanning all files F-Prot server down? F-Prot Antivirus ftp://ftp.f-prot updates taking forever to download F-PROT for Linux - Trying to check bootsector F-prot DOS run in Windows DOS BOX or real mode MS-DOS modifying memory usage of a program (F-Prot)? AdAware 1.06 conflict with F-Prot 3.16b NOD32 vs. F-PROT? Commercial message from F-Prot Can I run F-Prot for DOS in XP's DOS window? Lockergnome help - Antivirus Discussions - Panda mother-in-law's computer riddled pfdnnt program not found after uninstalling Panda IS unable to install Panda Panda 2007 - internet/lan problem Panda and PATH command problem with panda antivirus 2007 How about Panda PANDA FIREWALL ALLOW IP RANGE OF LAN Panda Titanium 2006 virus and anti spyware a scan schedule.. problems found with panda dont no how to get rid panda titanium antivirus plus antispyware 2006 renew license how to move panda businesSecure panda update script panda for linux free? Annoying Panda Notifications Lockergnome help - Antivirus Discussions - Free Antivirus System files protected eEye Blink free anti-malware and firewall Has anyone tried the free Spyware Doctor Starter Edition -.. 4 windows XP installation ! Trend Micro 2008 compared to Avast 7.5 task bar pop-up spyware malware fix problem with the Resident Shield of AVG7.5 BugHunter Signature Update August 4th, 2007 - 10,953 signa.. Freeware Software BugHunter Update! 07.09.2007 Free Anti-Virus programs BugHunter Signature Update 06.24.2007 free anti virus software? Delete or Put in Chest? Network Tools for Windows Lockergnome help - Antivirus Discussions - Others Bit Defender uninstall Unable To UnInstall TrendMicro's PC-Cillin?? G-Data Antivirus or NOD32? Trend Micro PC-Cillin Internet Security 2007 Issue RunScanner 0.9.5 released! Bit Defender Finds This Trend Micro Pc-cillin Trend PC-Cillin and Windows 98SE Upgrade? Trend Micro PC-cillin trendmicro internet security restore quarantines problem BitDefender on demand only new files and folders created by BitDefender? Is it BitDefender free now? Where can I download it? BitDefender 10 vs Kaspersky 6 Network Tools for Windows Lockergnome help - Trojans/Spyware Discussions - General Discussions Plethora of problems from one stupid action. Spyware Doctor Offer Help for yet another search engine hijack? I've been hijacked... google, yahoo, etc. results redirected Momma told me not to get Hijacked.... spyware and cookies My google is hijacked Another google hijack Pop ups continuous when i am in a web browser Need help getting Bot off my computer. Virus/Trojan help needed...... Another Search Engine Hijack Victim Another Google search problem Trying to clean up PC Infected .sys and .dll files, access denied? Lockergnome help - Trojans/Spyware Discussions - Lavasoft Ad-Aware Ad-Aware crashes on Opera cookies - why? Adaware error whist scanning problem ad-aware & spybot spybot and addaware ADAWARE 2007 ADAWARE SE COMMAND LINE OPTIONS Ad-Aware Updates Adaware will not finish Adaware definitions "588 days old" ??? Does BitDefender interfere with Ad-Aware? Ad-Aware ref file problem Kaspersky and Ad Aware Pinging all the experts here -->Zone Alarm anti-spyware ju.. Updates: Latest Defs. Jun. 15th?! AdAware found regkey items...advice? Lockergnome help - Trojans/Spyware Discussions - Webroot Spy Sweeper Vietnampathfinder Travel Spy Sweeper v 6.0.2.39 stopping spysweeper spy sweeper under vista Spy Sweeper Interface Problem Allow specific ad sites in v5.5? Webroot Antivirus any good? XP Shutdown/Restart Problem after installing Spy Sweeper. Not Sure Spysweeper 5.3.2.2361 is Working Restart Problem (Spy Sweeper) webroot spysweeper How good is SpySweeper Antivirus extra module? spy sweeper 5.0 problems? Spy Sweeper: ma vi sembra possibile? SpySweeper dected Perfect Keylogger. Now what? Lockergnome help - Trojans/Spyware Discussions - Spybot S&D Trojan horse virus SHeur.BSLA Spybot-B I am SICK of w32.spybot.worm spybot search and destroy Spybot 1.4 & Win 95 k6ber.exe hacktool and msnsgrs.exe spybot TeaTimer Issues Spybot S&D Allow Change Problem SpywareBlaster and Spybot Search & Destroy. Spybot Search and Destroy Updates Folder Tea-Timer (Spybot) spybot question Hits with Spybot Spybot & The Bane of the '!!bad checksum!' Spybot MasterStat Basketball Statistics-Tracking Software: MasterStat is an easy, fun and productive way to collect and manage basketball statistics live or post-game and evaluate your players' performances. MasterStat consists of two point-and-click applications for providing real-time and post-game numerical and visual information: the MasterStat program and Excel 2000 Basketball Workbook. MasterStat and the Excel workbook provide the numbers; but, you need visual information such as a shot chart and MS Excel 2000 graphs of your stats to know what goals... [Click Here to Download] Administrivia © 1996-2008, Lockergnome LLC. ISSN: 1095-3965. ISIPP Accredited. All Rights Reserved. Web site hosted by the folks who bring us Lockergnome.net.

Are There Musicians in our Community? Give a Sketch, Get a Sketch What is Your Color? How to Unzip ZIP Files Online How to Open Files with Unknown File Extensions How to Create a Chat Room for Free How to Locate Local Twitter Tweeters What Web Communities do Artists Use? How to Track Your Sleep Habits Are You Looking for a Free Internet Whiteboard? What do You Know About Online Videos? What Colors Complement Each Other? More Headlines UFO Near CA Navy Weapons Base Why is CNN failing? Selling Fake Security Applications Eddie Money on HammondCast KYOU Radio today TomTom To Microsoft - My Daddy Can Beat Up Your Daddy! Google Continues To Grow: Should We Be Worried? Newt is Now Pandering to the Religious Right You?ve Got my Federal Reserve Caught in Your Bonus! Antivirus Solutions : They All Suck Sometimes Google?s Chrome Starts To Shine & Shine FaxZero A Fairy Tale Keep Column Headings In View In Excel 2007 Google Adds an Un-mail Feature Windows 7 And The Bad Economy Will Kill Apple Sales Lossless MP3 Format Released ? But No Claims for Quality Will Internet Explorer 8 Be Known As The Daughter Of Vista? Today?s Rays of Sunshine Dell 19? Flat Panel For $99 Gnomie Savings On Sunbelt VIPRE Anti-Virus And Anti-Spyware Further Help Find Conference Mobile Blogs eBooks Buy Coupons Domains Games Sponsor Download Help Join MP3s Home

TrendLabs | Malware Blog - by Trend Micro - 3 new articles

 

Here are the latest updates for security-news@awsoda.net "TrendLabs | Malware Blog - by Trend Micro" - 3 new articles WALEDAC Spamming Madness Ichitaro Exploits Progress Complex Malcode Behind ILOMO Reinfection More Recent Articles Search TrendLabs | Malware Blog - by Trend Micro WALEDAC Spamming Madness Aside from spamming our mailboxes with dire news of bombings in our local cities, WALEDAC is also very busy filling our mailboxes with more unwanted emails. This time, peddling various pills, meds, and male enhancements. Here’s a gallery of pharma vendors advertised in Waledac spam mails. Figure 1. Canadian Pharmacy, a known long time advertiser in spam. Figure 2. Canadian Health & Care Mall Figure 3.Pharmacy Express Figure 4. ED Express. Figure 5. Advanced Laboratories Inc., trying to convince men that they need an Enlarge Patch. Figure 6. Waledac also peddles OEM Software too. All of the shown spam messages above are already blocked by the Trend Micro Smart Protection Network. Other users are advised to delete any similar spam messages that may happen to land in their inbox. Here are previous reports related to WALEDAC: Fake Obama News Sites Abound What is Old is New Again: Malicious New Year e-Card Spam Waledac Localizes Social Engineering WALEDAC Spreads More Malware Love Just Got Unlucky: Part 3 WALEDAC Loves (to Spam) You! Post from: TrendLabs | Malware Blog - by Trend Micro WALEDAC Spamming Madness • Email to a friend • Article Search • Related • View comments • Track comments • • Ichitaro Exploits Progress On March 11, Regional TrendLabs in Japan found a zero-day exploit attack that targeted Just System's well-known Japanese word-processor, Ichitaro. The malware exploting the vulnerability was noticed to arrive via spam and via malicious websites using the Ichitaro file extension name, .JTD. The malware ( TROJ_TARODROP.BA) drops a file {random letters}.tmp ( TROJ_DROPPER.PAO) that in turn drops another file named  beer80.exe ( TROJ_AGENT.KLQW). Notable of this scheme is that after TROJ_TARODROP.BA and TROJ_DROPPER.PAO have executed their routines, the last dropped Trojan (TROJ_DROPPER.PAO) creates non-malicious files using them to overwrite itself and the initial TROJ_TARODROP.BA. Thus, when the user checks the files after the infection is completed, all the user will see are legitimate Ichitaro files (this is considered to be a stealth technique applied by the malware). Unknown to the user at that point is that the final payload TROJ_AGENT.KLQW is already and still in the system. This Trojan (TROJ_AGENT.KLQW) gathers the following information from the affected system then sends the data to a remote site: Computer Name IP Address Process ID of (injected) legitimate process, svchost.exe OS version Locale Information Figure 1. the sleight of hand is performed by the second malware in line, TROJ_DROPPER.PAO. According to Trend Micro researchers, the initial attack on Ichitaro happened in August 2006. Since then, every time a new Ichitaro vulnerability is found, cybercriminals are expected to attempt to exploit it–and they do so with increasing social engineering savvy. Past attacks followed the same straightforward drill: the first malware exploits the vulnerability and the second one conducts the main routines such as autostart and dropping files, etc. It is only recently (in 2008) we have begun to see the additional overwriting trick meant to fool users. Previous Ichitaro-related attacks include the following: New Ichitaro zero-day exploit discovered Ichitaro Exploited Anew A Closer Look at Ichitaro Information on this vulnerability, as well as the patch provided by Just System, can be found on their website. Read the Japanese writeup of this attack from the Japanese Malware Blog. Post from: TrendLabs | Malware Blog - by Trend Micro Ichitaro Exploits Progress • Email to a friend • Article Search • Related • View comments • Track comments • • Complex Malcode Behind ILOMO Reinfection Last week, Trend Micro was alerted to the increasing number of ILOMO infections.  ILOMO Trojans  (some examples are TROJ_ILOMOB.,TROJ_ILOMO.F, and TROJ_ILOMO.L) arrive on systems via Web-based exploits and use different infection routines for the payload. Notable with these variants is that even when users have deleted the malicious file from the hard disk, its code remains actively injected in system memory. In effect, users are continuously annoyed of the reinfection symptoms. Analysis of TROJ_ILOMO’s spaghetti-like code reveal several things. Once running in an infected system, a variant updates its own Gates-List which is probably part of the infected nodes that forms its peer-to-peer botnet. This model is quite similar to the one used by the Storm botnet. The malware saves this list in the registry. Figure 1. Registry list. Entries on the list have the format {IP address}/{certain strings} and they are considered to be a list of compromised machines. With an updated Gates-List, the ILOMO malware then attempts to access the sites and download binary encrypted data. It stores the values in the local registry in values named M00, M01, and M02. The ILOMO Trojan decrypts then the data, which in fact forms an malicious executable code that is later injected to certain Internet Explorer processes. Figure 2. Injected code. Once found, it injects the downloaded and now decrypted code and executes this remote thread. This said thread enables ILOMO to perform additional malicious activities on the infected system. TROJ_ILOMO variants have also been found to send and receive information from certain IP addresses, thereby compromising system security. Confidential or private information may find its way to cybercriminals in this attack too. Trend Micro Smart Protection Network already detects and blocks TROJ_ILOMO and its adjacent droppers, preventing them from executing in systems. Post from: TrendLabs | Malware Blog - by Trend Micro Complex Malcode Behind ILOMO Reinfection • Email to a friend • Article Search • Related • View comments • Track comments • • More Recent Articles Online Risks Thrive Despite a Down Economy Spanish Spam Abuses Reply-To, Contains Downloader Waledac Localizes Social Engineering Bogus Facebook, Malware, and a Dancing Girl Patches Released by Microsoft and Adobe

---

Click here to safely unsubscribe now from "TrendLabs | Malware Blog - by Trend Micro" or change subscription settings

---

 

---

Unsubscribe from all current and future newsletters powered by FeedBlitz

---

Your requested content delivery powered by FeedBlitz, LLC, 9 Thoreau Way, Sudbury, MA 01776, USA. +1.978.776.9498