August 2012 - Posts

Win 8 Security System Removal Guide

Win 8 Security System is a rogue anti-spyware program from the Rogue.FakeRean-Braviax family. This program is installed via web sites that display fake online anti-malware scanners that state your computer is infected and then prompt you to download and install the rogue. This program is classified as a rogue because it displays fake security alerts, fake scan results, hijacks your installed web browsers so that they display virus alerts, and utilizes other malware that attempt to hide the presence of the rogue.

http://www.bleepingcomputer.com/virus-removal/remove-win-8-security-system

Posted Thu, Aug 30 2012 17:38 by Don
Filed under:

Spybot Search & Destroy Weekly Update - Aug 29, 2012

2012-08-29
Adware
++ Baidu.Hao123
Malware
+ Fraud.PrivacIE
Trojan
++ Bancos.dl + Banload + Fraud.ShippingDetails.svc + Win32.Banker.visdes.br + Win32.Muollo + Win32.ZBot
Total: 2557407 fingerprints in 796476 rules for 6740 products.

http://www.safer-networking.org/about/updates/

Posted Wed, Aug 29 2012 8:23 by Don
Filed under:

Removal instructions for Boan Killer

What is Boan Killer?

The Malwarebytes research team has determined that Boan Killer is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=114998

Posted Wed, Aug 29 2012 4:59 by Don
Filed under:

Mozilla Firefox v15.0 Released: August 28, 2012

  • NEW  Silent, background updates
  • NEW  Support for SPDY networking protocol v3
  • NEW  WebGL enhancements, including compressed textures for better performance
  • NEW  Localization in Maithili (see all available locales)
  • CHANGED  Optimized memory usage for add-ons
  • DEVELOPER  JavaScript debugger integrated into developer tools
  • DEVELOPER New layout view added to Inspector
  • DEVELOPER High precision event timer implemented
  • DEVELOPER The CSS word-break property has been implemented.
  • DEVELOPER New responsive design tool allows web developers to switch between desktop and mobile views of sites
  • HTML5 Native support for the Opus audio codec added
  • HTML5 The <audio> and <video> elements now support the played attribute
  • HTML5 The <source> element now supports the media attribute
  • FIXED Focus rings keep growing when repeatedly tabbing through elements (720987)

Known Issues

  • Unresolved Debugger breakpoints do not catch on page reload (see 783393)
    Unresolved on v15 Resolved in v16
  • Unresolved If you try to start Firefox using a locked profile, it will crash (see 573369)
  • Unresolved For some users, scrolling in the main GMail window will be slower than usual (see 579260)
  • Unresolved Windows: The use of Microsoft's System Restore functionality shortly after updating Firefox may prevent future updates (see 730285)

http://www.mozilla.org/en-US/firefox/15.0/releasenotes/

 

Posted Tue, Aug 28 2012 15:55 by Don
Filed under:

SpywareBlaster Database Update - Aug. 27, 2012

35 Internet Explorer
0 Restricted Sites
0 Firefox

15480 items in database

http://www.brightfort.com/downloads.html

Posted Mon, Aug 27 2012 16:48 by Don
Filed under:

Microsoft Security Bulletin Minor Revisions Issued: August 22, 2012

Summary

The following bulletin has undergone a minor revision increment.
Please see the appropriate bulletin for more details.

* MS12-060 - Critical

Bulletin Information:

* MS12-060 - Critical

- http://technet.microsoft.com/security/bulletin/ms12-060
- Reason for Revision: V1.2 (August 22, 2012): Corrected the update
replacement information for Microsoft SQL Server 2000 Analysis
Services Service Pack 4. This is an informational change only.
There were no changes to the detection logic or the update files.
- Originally posted: August 14, 2012
- Updated: August 22, 2012
- Bulletin Severity Rating: Critical
- Version: 1.2

Posted Thu, Aug 23 2012 3:55 by Don
Filed under:

Spybot Search & Destroy Weekly Update - Aug 22, 2012

2012-08-22
Adware
+ Pricepeep + Win32.InCore
Malware
+ FakeAlert.WindowsSecurityWorkstation
PUPS
+ SweetIM
Trojans
+ Atraps.br + Bancos + Bancos.prx + Fraud.ShippingDetails.svc
Total: 2556870 fingerprints in 796367 rules for 6736 products

http://www.safer-networking.org/about/updates/

Posted Wed, Aug 22 2012 8:58 by Don
Filed under:

Removal instructions for Kotech-Protect

What is Kotech-Protect?

The Malwarebytes research team has determined that Kotech-Protect is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=114520

Posted Mon, Aug 20 2012 4:41 by Don
Filed under:

Removal instructions for WindowsBoanPatch

What is WindowsBoanPatch?

The Malwarebytes research team has determined that WindowsBoanPatch is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=114491

Posted Sun, Aug 19 2012 10:21 by Don
Filed under:

Removal instructions for Super Boan

What is Super Boan?

The Malwarebytes research team has determined that Super Boan is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue.

http://forums.malwarebytes.org/index.php?showtopic=114218

Posted Wed, Aug 15 2012 5:28 by Don
Filed under:

TechNet Webcast: Information About the August 2012 Security Bulletin Release

Event ID: 1032522490

Starts: Wednesday, August 15, 2012 11:00 AM
Time zone: (GMT-08:00) Pacific Time (US & Canada)
Duration: 1 hour(s)

Language(s): English.

Product(s): computer security and information security.

Audience(s): IT Decision Maker, IT Generalist and IT Manager.

Join us for a brief overview of the technical details of this month's Microsoft security bulletins. We intend to address your concerns in this webcast. Therefore, Microsoft security experts devote most of this webcast to answering the questions that you ask.

Presented by:

Dustin Childs, Senior Security Program Manager, Microsoft Security Response Center, Microsoft Corporation and Jonathan Ness, Principal Security Development Lead, Microsoft Corporation

Register Online

Posted Tue, Aug 14 2012 13:19 by Don
Filed under:

Microsoft Security Bulletin(s) for August 14, 2012

Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: »www.microsoft.com/technet/security and »www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

»technet.microsoft.com/en-us/secu···ms12-aug

Critical (5)

Microsoft Security Bulletin MS12-052
Cumulative Security Update for Internet Explorer (2722913)
»technet.microsoft.com/en-us/secu···ms12-052

Microsoft Security Bulletin MS12-053
Vulnerability in Remote Desktop Could Allow Remote Code Execution (2723135)
»technet.microsoft.com/en-us/secu···ms12-053

Microsoft Security Bulletin MS12-054
Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594)
»technet.microsoft.com/en-us/secu···ms12-054

Microsoft Security Bulletin MS12-060
Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)
»technet.microsoft.com/en-us/secu···ms12-060

Microsoft Security Bulletin MS12-058
Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)
»technet.microsoft.com/en-us/secu···ms12-058

Important (4)

Microsoft Security Bulletin MS12-055
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2731847)
»technet.microsoft.com/en-us/secu···ms12-055

Microsoft Security Bulletin MS12-056
Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045)
»technet.microsoft.com/en-us/secu···ms12-056

Microsoft Security Bulletin MS12-057
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2731879)
»technet.microsoft.com/en-us/secu···ms12-057

Microsoft Security Bulletin MS12-059
Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2733918)
»technet.microsoft.com/en-us/secu···ms12-059

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website - visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA

Posted Tue, Aug 14 2012 13:01 by Don
Filed under:

Windows Safety Series Removal Guide

Windows Safety Series is a computer infection from the Rogue.FakeVimes family of rogue anti-spyware programs. This infection is considered a rogue due to its deliberate use of false scan results, the displaying of fake security alerts, and because it changes settings on your computer so that you are no longer able to run legitimate programs. This infection is spread via three methods. The first method is through the display of online advertisements that pretend to be an online anti-malware scanner. This scanner will state that your computer is infected and then prompt you to download and install the rogue. The second method is through Trojans that pretend to be software required to view an online video. The last method is hacked web sites that attempt to exploit vulnerabilities found on your computer to install the infection without your permission or knowledge.

http://www.bleepingcomputer.com/virus-removal/windows-safety-series-removal

Posted Tue, Aug 14 2012 10:47 by Don
Filed under:

Windows Secure Workstation Removal Guide

Windows Secure Workstation is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue because it displays fake security alerts and false scan results in order to trick you into purchasing the program. This particular variant is spread via three methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without your permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Secure Workstation in order to clean it. Finally, this infection is also spread through Trojans that pretend to be software required to view an online video.

http://www.bleepingcomputer.com/virus-removal/remove-windows-secure-workstation

Posted Mon, Aug 13 2012 9:06 by Don
Filed under:

Windows Anti-Malware Patch Removal Guide

Windows Anti-Malware Patch is a rogue anti-spyware program from the Rogue.FakeVimes family. This program is classified as a rogue as it displays false information in order to trick you into purchasing the program. This particular variant is spread via two methods. The first method is the use of hacked web sites that exploit visitor's vulnerable programs in order to install the rogue without their permission. The second method uses web sites that display fake online anti-malware scanners that pretend to scan your computer, state that it is infected, and then prompt you to download and install Windows Anti-Malware Patch in order to clean it.

http://www.bleepingcomputer.com/virus-removal/remove-windows-anti-malware-patch

Posted Sun, Aug 12 2012 6:07 by Don
Filed under:

Removal instructions for BitClean

What is BitClean?

The Malwarebytes research team has determined that BitClean is a fake anti-malware application. These so-called "rogues" use intentional false positives to convince users that their systems have been compromised. Then they try to sell you their software, claiming it will remove these threats. In extreme cases the false threats are actually the very trojans that advertise or even directly install the rogue. You are strongly advised to follow our removal instructions below.

http://forums.malwarebytes.org/index.php?showtopic=114040

Posted Sat, Aug 11 2012 13:34 by Don
Filed under:

SpywareBlaster Database Update - Aug 10, 2012

26 Internet Explorer
0 Restricted Sites
0 Firefox

15445 items in database

Posted Sat, Aug 11 2012 6:32 by Don
Filed under:

Prenotification Security Advisory for Adobe Reader and Acrobat

Summary

Adobe is planning to release security updates for Adobe Reader and Acrobat X (10.1.3) and earlier versions for Windows and Macintosh on Tuesday, August 14, 2012.

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.

(Note: This Security Advisory will be replaced with the Security Bulletin upon release of the updates on Tuesday, August 14, 2012.)

http://www.adobe.com/support/security/bulletins/apsb12-16.html

Posted Fri, Aug 10 2012 6:18 by Don
Filed under:

Microsoft Security Bulletin Advance Notification for August 2012

This is an advance notification of 9 security bulletins that Microsoft is intending to release on August 14, 2012.

5 with a Critical rating and 4 rated as Important

http://technet.microsoft.com/en-us/security/bulletin/ms12-aug

Posted Thu, Aug 9 2012 12:57 by Don
Filed under:

Windows Virtual Security Removal Guide

Windows Virtual Security is a rogue anti-spyware program from the Rogue.FakeVimes family of computer infections. This program tries to trick you into thinking that your computer is infected by displaying fake security alerts and fake scan results. When Windows Virtual Security is first installed it will also create hundreds of Windows Registry entries that does not allow you to launch your normal security programs or Windows utilities. When you attempt to run one of these programs, it will instead open Windows Virtual Security, which will state that the program is infected. It does this to make you think all of your programs are infected while at the same time not allowing you to use programs that may assist in the rogues removal.

http://www.bleepingcomputer.com/virus-removal/windows-virtual-security-removal

Posted Thu, Aug 9 2012 12:46 by Don
Filed under:
More Posts Next page »