Free Republic

There is this older Toshiba laptop running Windows XP. It loads but I can not log in. It says it is loading the settings but then it logs off, the desktop never loads. I tried safemode but AVG is hard to use in safe mode. There may be a virus but why would it do this? I think AVG may have quarantined a file the computer actually needs or something. Does anyone have a clue?

SISZYD32.exe has possibly killed my FR computer. Yesterday it hit suddenly despite the anti-virus and other utilities I run to protect against such stuff. The victim computer is one I only use for FR and the sites it cites. That is the only clue I have to offer as to where it came from. I run several computers off a network and my FR computer is the only victim. This is the worst I have ever encountered and a search for it shows that it is very dangerous and it showed up only about a week ago (AFAICT). From years...

Bastard mooslems infected Islam in Action, a blog by Christopher Logan, with malware, forcing Blogger to shut it down. The muzzies also took over Christopher’s other site, christopherlogan.org, and it now re-directs to some fetid B.S. site about “Islam is peace.” Being charitable, as those who follow the religion of blowing people to pieces typically are, the bastards also killed his computer with their malware.

Who do I remove this @#$&&%^, Security Tool, a very nasty malware. Thanks

Microsoft has reportedly begun investigating a potentially nasty denial of service vulnerability affecting Windows 7. A security bug in windows 7 and Windows 2008R2 makes it possible to lock up affected systems. The crash would happen without a Blue Screen of Death or other visible indication that anything was amiss. The system freeze can be triggered remotely by sending malformed packets to targeted systems - specifically a NetBIOS (Network Basic Input/Output System) header that specifies an incoming SMB packet is either four bytes smaller or larger than it actually is. Server Message Block (SMB) is a network protocol used to...

HardOCP Linked*****************************Nov. 10, 1983: Computer ‘Virus’ Is Born. Tech Gone Bad 1983: Fred Cohen, a University of Southern California graduate student, gives a prescient peek at the digital future when he demonstrates a computer virus during a security seminar at Lehigh University in Pennsylvania. A quarter-century later, computer viruses have become a pandemic for which there’s no inoculation.

Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography. Heinous pictures and videos can be deposited on computers by viruses — the malicious programs better known for swiping your credit card numbers. In this twist, it's your reputation that's stolen. Pedophiles can exploit virus-infected PCs to remotely store and view their stash without fear they'll get caught. Pranksters or someone trying to frame you can tap viruses to make it appear that you surf illegal Web sites. Whatever the motivation, you get child porn on...

2009 AntiVirus Software Review Product Comparisons***************************Chart at the website:*********************************** Why Buy Antivirus Software? An unprotected computer is a vulnerable computer, plain and simple. Every year there are hundreds of viruses, Trojans, worms and other malware, released into cyberspace designed to harm your computer. Most people don't realize that malware is everywhere and avoiding a malicious computer invader is very difficult. And usually, you won't even know you've become a victim.Malware is an umbrella term for all malicious software. The most common are viruses and spyware. There are many different types of viruses floating through the Internet. Consider yourself lucky if...

Cisco boffins infiltrate a botnet to find out about online crime By posing as a rogue programmer, Cisco researchers gained a unique insight into the world of botnets and their owners Poor education, a criminal record and a dislike of authority can all turn programmers bad. That's the finding of Cisco researchers who posed as botmasters to enter the world of online crime. "I wanna do what I wanna do, whenever I want," one botmaster told the researchers. By posing online as a rogue programmer, the researchers got him to reveal how he spams thousands of instant messenger users with...

The number of Web sites hosting malicious software, either intentionally or unwittingly, is rising rapidly, according to statistics to be released on Tuesday from Dasient. More than 640,000 Web sites and about 5.8 million pages are infected with malware, according to Dasient, which was founded by former Googlers to offer services to help Web sites stay malware-free and off blacklists. That figure for infected pages is nearly double what Microsoft estimated in a report in April. Meanwhile, the Google blacklist of malware infected sites has more than doubled in the last year, registering as many as 40,000 new sites in...

In the dark world of the cybercriminal economy, computer viruses battle not just against anti-virus security software, but even other strains of malware for control of infected PCs, security researchers said. A strain of Trojan malware identified as Bredo contains code that disables the Zeus/Zbot Trojan and moves files to prevent Zeus from reinstalling itself on reboot, according to security researchers from Sophos. Malware authors have previously targeted other malware as a way to keep PCs under their control and not controlled by a rival bot herder. The cybercriminals use networks of infected PCs - called botnets - to distribute...

This appears to be something brand new, and it gets past AVG antivirus. I have antivirus and am pretty careful, and can't remember the last time I picked up anything that messed up my computer like this nasty thing. It takes over when you boot up, and won't let you go into task manager or anything. I got rid of it by going into safe mode (press f8 during boot) and looking at the properties of the shortcut on the desktop. It pointed to the executable file C:\Documents and Settings\All Users\Application Data\24180116\24180116.exe. I deleted this executable file and removed the...

Attack forces user to purchase phony antivirus package to free computer

Just when I thought we weren’t going to see any spam campaigns related to the recent announcement of United States President Barack Obama being awarded the Nobel Peace Prize, I was proven wrong. Spammers rarely disappoint when a juicy news story hits. It’s like attracting flies to honey. This spam campaign calls into question whether or not Barack Obama deserved to win the Nobel Prize and that significant fallout is being felt around the country as a result. The email then requests that the user click or copy/paste a link into their browser which will direct them to a website...

Sponsored search results lead to malware By Susan Bradley The ads served by Bing and Google along with your search results are linking more and more often to sites trying to infect your machine. Neither Bing nor Google effectively prescreens these bogus advertisers, so it's up to us to detect and avoid them. You may recently have used either Google or Microsoft's new Bing search engine to find the popular Malwarebytes Anti-Malware utility. If so, chances are good that the sponsored ads alongside your search results contained links to the very malware that the security tool is designed to remove....

Security researchers at Symantec have uncovered what they suspect may be the first Mac OS X botnet launching denial-of service attacks. As revealed in a recent edition of Virus Bulletin, the researchers claim to have found two malware types which use different tricks to grab control of infected Mac OS X machines. The two malware bundles are called OSX.Iservice and OSX.Iservice.B, and appear to be spread within pirated copies of iWork 09 and Photoshop CS4, distributed on the popular P2P torrent network.  We've talked about these before but now these infected machines are springing into action. Seems the malware maker...

Black hat hackers have created a new strain of Trojan that rewrites online bank statements to disguise fraud. Victims of the URLZone Trojan would only realise their bank account has been looted after they check their balance with a bank branch or via an ATM. Cybercriminals distribute the malware by booby-trapping websites (many of them legitimate) using the LuckySpoilt toolkit. Malicious pdf files or JavaScripts are used to push the URLZone Trojan onto the vulnerable Windows boxes of visiting surfers. The malware features a keystroke logger that captures bank login credentials and takes screenshots of activities on bank accounts, each...

what is the current listing status for orlytaitzesq.com? Site is listed as suspicious - visiting this web site may harm your computer. Part of this site was listed for suspicious activity 3 time(s) over the past 90 days. What happened when Google visited this site? Of the 269 pages we tested on the site over the past 90 days, 33 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-09-30, and the last time suspicious content was found on this site was on 2009-09-30. Malicious software includes 37...

Cyber criminals have created a highly sophisticated Trojan virus that steals online banking log-in details from infected computers. The Clampi virus, which is spreading rapidly across hundreds of thousands of computers in Britain and the United States, infects computers when users visit websites that host a malicious code. Once on the computer, the virus sits unnoticed until the user logs on to bank, credit card or other financial websites. It then captures log-in and password information and sends it to a server run by the attackers. They can then tell the compromised computer to send money to accounts that they...

Here’s a front page story the New York Times (NYT) would rather not be running: The paper is warning readers to be aware of bogus ads running on its Web site. The paper says “some readers” have seen unauthorized pop-up ads promoting antivirus software on NYTimes.com, and warns visitors who see the ad not to click on it but to restart their browsers instead. While the Times doesn’t spell this out, it has likely had its site hijacked by a “malware” scammer who is trying to trick visitors into installing pernicious software onto their hard drives.

A security researcher has discovered a cluster of infected Linux servers that have been corralled into a special ops botnet of sorts and used to distribute malware to unwitting people browsing the web. Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis Sinegubko, an independent researcher based in Magnitogorsk, Russia, told The Register. But in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware. "What we see here is a long awaited...

A hacker has uncovered a previously unknown bug in Microsoft's Internet Information Services webserver that in some cases gives attackers complete control of vulnerable machines. Proof-of-concept code published Monday has been confirmed to give remote root access to servers running version 5 of IIS on Windows 2000 with Service Pack 4. And according to Nikolaos Rangos, the hacker who released the exploit, IIS6 is also vulnerable, even when a memory stack mechanism known as cookie protection is enabled. The vulnerability appears to be triggered only in limited circumstances, specifically when IIS is set to enable the file transfer protocol and...

Is security a sword of Damocles hanging over Linux, just waiting for its popularity to reach critical mass? That's one persistent argument in the Linux vs. Windows debates, but it's just wrong, according to those who know Linux well. For reasons both technological and behavioral, they say, Linux really is more secure. "If the anti-malware industry has anything to offer GNU/Linux," challenges blogger Robert Pogson, "let them step up."Among all the reasons geeks choose Linux, security is often near the top of the list.And no wonder -- personal preferences aside on all the other many relevant issues, there's plenty of...

On a day-to-day basis, we encounter far too many small businesses who have accepted viruses and other malware as an unavoidable part of their life. Their machines are constantly having problems, the anti-virus finds malware every week (assuming there is anti-virus), and they have lots of unexplainable "weird" little issues. Unfortunately, the given wisdom of the industry seems to focus on anti-virus, anti-spyware, content-scanning, and other for-pay services and products. However, common sense preventative maintenance is almost never suggested as a low-cost alternative. It doesn't have to be that way! REACTIVE VS. PREVENTATIVE The typical approaches encountered to combat malware...

Scientists at Sandia National Laboratories in Livermore, have run more than a million Linux kernels as virtual machines.The technique will allow them to effectively observe behaviour found in malicious botnets, or networks of infected machines that can operate on the scale of a million nodes. One of the researchers Ron Minnich, said they are often difficult to analyze since they are geographically spread all over the world. However using virtual machine and a Thunderbird supercomputing cluster for the demonstration, the team was able to run VMS at a similar scale as a botnet. This  allows cyber researchers to watch how...

SNIPPET: "An ongoing blackhat SEO (search engine optimization) campaign is actively hijacking a variety of U.S Federal Forms keywords in an attempt to serve the Personal Antivirus (Trojan.Win32.FakeXPA) scareware." SNIPPET: "Disruption of the campaign is in progress."

SNIPPET: "UPDATE: The Koobface gang is upgrading the command and control infrastructure in response to the positive ROI out of the takedown activities." SNIPPET: "Related posts: Dissecting Koobface Worm's Twitter Campaign Dissecting the Koobface Worm's December Campaign Dissecting the Latest Koobface Facebook Campaign The Koobface Gang Mixing Social Engineering Vectors"

A recently published attack exploiting newer versions of the Linux kernel is getting plenty of notice because it works even when security enhancements are running and the bug is virtually impossible to detect in source code reviews. The exploit code was released Friday by Brad Spengler of grsecurity, a developer of applications that enhance the security of the open-source OS. While it targets Linux versions that have yet to be adopted by most vendors, the bug has captured the attention of security researchers, who say it exposes overlooked weaknesses.Linux developers "tried to protect against it and what this exploit shows...

A new attack on the Mac OS X has been seen in the wild, as numbers of Mac malware grow. So you thought that Mac was safe from malware? It’s definitely time to think again. There might be nothing like the amount of malware there is for PCs, but the numbers are growing. The latest is known as Puper, a Trojan that disguises itself as a video program for the fictional MacCinema system on OS X. Researchers at McAfee Avert Labs have determined that the malware attack appears as a disk image, which then launches an installer application for the...

I have a rootkit trace that refuses to go away. Macafee can't delete it. Malwarebytes Antimalware claims to delete it but it's right there as soon as it closes. I find hundreds of references to it via Google but nobody says how to get rid of it and nobody even discusses what it does besides annoy you. My cd burning programs have been disabled so I can't make an alternative OS like BartPE. I can boot off the Windows CD and get into the Recovery console. I use DOS commands to delete the files but they come right back again....

Guy Kawasaki, a venture capitalist and avid Twitter user, inadvertently sent followers to a malware-infected site from an update posted to his account Tuesday. Mr. Kawasaki’s account, which has more than 130,000 followers, still shows the tweet, which purported to link to a sex tape involving “Gossip Girl” star Leighton Meester. The site, however, prompted visitors to download malicious software instead. The tweet appeared because his account is configured to show updates from NowPublic, a user-contributed news site, where, he said, a “story that shouldn’t have gotten into the feed” appeared. In subsequent tweets, he apologized and said that he’d...

A recent computer intrusion that forced the FBI to shut down its computer network and disrupted FBI operations was traced to an e-mail containing malicious code that originated in China, according to FBI officials. The forced shutdown of the network affected one significant FBI operation -- the May 20 arrest of homegrown terrorism suspects in New York, said officials who spoke on condition of anonymity because they were not authorized to discuss the matter. "The Chinese shut down our network," said one FBI official familiar with assessments of the attack.

One of the biggest US retailers has agreed to settle charges brought by federal authorities that it snuck privacy-stealing software from ComScore onto customers' machines. Sears Holding Corporation, owner of Sears, Roebuck and Co. and Kmart, has agreed to delete all the information harvested by the software, which pried into customers' most intimate web habits. The company also agreed to be more upfront about any information it may collect in the future. The agreement by Sears came in a settlement with the Federal Trade Commission in which the company didn't admit it violated any laws.

A sucker buys a new PC at the first signs of a slowdown. A savvy power user gives his aged PC a fighting chance for redemption. From tweaking your OS to compressing files to overclocking your videocard or CPU, there are plenty of ways to tune up a computer, and none require a trip to Bob’s House of New PCs. Follow along this step-by-step as we show you 21 of our favorite techniques for making a PC better, stronger, and faster — for free. These essential tweaks and tune-ups range from common-sense caretaking measures to practical adjustments that you'd be...

In a recent blog post, the Cyber Secure Institute claims that based on their previous studies into the average cost of such malware attacks, the economic loss due to the Conficker worm could be as high as $9.1 billion. Despite that their analysis also considered a much limited infection rate (200,000 infected hosts), they claim that the cost of the virus in this case is still around $200 million. The research excludes an important fact though - not only is Conficker still active and infecting, but also, according to the most recent infection rate estimate courtesy of the Conficker Working...

BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said. Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said. The worm started spreading late last year, infecting millions of computers and turning them into "slaves" that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet. Its unidentified creators started using those...

Researchers have discovered another feature of the Conficker worm that provides an additional clue about the intent of the creators--the worm installs malware that masquerades as antivirus software, Trend Micro said on Friday. The worm, which has infected millions of Windows-based computers on the Internet, is downloading a program called Spyware Protect 2009 and displaying warning messages saying that the computer is infected and offering to clean it up for $49.95, according to the Trend Micro blog.

As expected, the Conficker worm failed to cause the digital pandemonium that some may have feared. So, can we all just go back to playing on Facebook and watching the game now? Not really. Just because the worm failed to create much of a stir on the day it was set to activate, April 1, doesn't mean it won't wake up and act later. "The (malicious) hackers can tell their worm to do something any day of the year; they're just as likely to do it tomorrow or next Wednesday or in August," said Graham Cluley, a senior technology...

Even worm creators write buggy software. Once it infects a computer, the Conficker worm closes the hole in Windows that it used to get onto the system so no other malware can get in. This also makes it difficult for organizations to detect which computers have the legitimate Microsoft patch and which have the fake Conficker patch. However, Conficker's "patch" has a weakness that can be used to distinguish between patched computers and infected computers that look patched, according to the nonprofit Honeynet Project. Some of the researchers have released a proof-of-concept scanner that can be used to detect Conficker....

A spy network believed to have been controlled from China has hacked into classified documents on government and private computers in 103 countries, according to internet researchers. The spy system, dubbed GhostNet, is alleged to have compromised 1,295 machines at Nato and foreign ministries, embassies, banks and news organisations across the world, as well as computers used by the Dalai Lama and Tibetan exiles.

A cyberespionage network, known as GhostNet, possibly operating out of China, is making use of malicious websites and phishing emails to take control of hundreds of sensitive government machines across 103 countries, researchers revealed this weekend. A pair of Canadian researchers at the Munk Center for International Studies at the University of Toronto said GhostNet struck "high-value targets," such as foreign embassies and ministries, and even a NATO network. So far, some 1,300 computers have been infected by servers that trace back to China. The researchers, Ron Deibert and Rafal Rohozinski, released their 53-page report Sunday after 10 months of...

A China-based cyber spy network has hacked into government and private systems in 103 countries, including those of many Indian embassies and the Dalai Lama, an Internet research group said here Saturday. The Information Warfare Monitor (IWM), which carried out an extensive 10-month research on cyber spy activities emanating from China, said the hacked systems include the computers of Indian embassies and offices of the Dalai Lama.

Yet another embassy web site is falling victim into a malware attack serving Adobe exploits to its visitors. As of last Friday, the official web site of the Embassy of Portugal in India has been compromised (embportindia.co.in). Who's behind the attack? Interestingly, that's the very same group that compromised the Azerbaijanian Embassies in Pakistan and Hungary earlier this month. Assessing this campaign once again establishes a direct connection with the Rusian Business Network's pre-shutdown netblocks and static locations.

DroneBL DNS Blacklist service: We have come across a botnet worm spreading around called "psyb0t". It is notable because, according to my knowledge, it: is the first botnet worm to target routers and DSL modems contains shellcode for many mipsel devices is not targeting PCs or servers uses multiple strategies for exploitation, including bruteforce username and password combinations harvests usernames and passwords through deep packet inspection can scan for exploitable phpMyAdmin and MySQL servers

SNIPPET: "Oops, they keep doing it again and again. The web site of the Ethiopian Embassy in Washington D.C (ethiopianembassy.org) has been compromised and is currently iFrame-ed to point to a live exploits serving URL on behalf of Russian cybercriminals, naturally in a multitasking mode since the iFrame used to act as a redirector in several other malware campaigns. Despite that the iFrame domain (1tvv .com/index.php) is already "taken care of", details on the original campaign can still be provided."

The laptop in the house, which is currently the only computer in the house, has a bad virus/trojan/dropper that seems to have me beat. All clicks on Google are redirected to phony yellow pages. Most banner ads on normal sites are replaced with ads for a penis enlargement product (as if I need that). All communication with McAfee or attempts to download, update or reinstall McAfee fail. McAffe's instructions for disabling the virus by messing with IP address flushing do no good. I'm hesitant to completly start over on this computer. It's an HP OEM machine that didn't come with...

The very latest addition to the "Compromised International Embassies Series" are the Hungarian and Pakistani embassies of the Republic of Azerbaijan, which are currently iFramed with exploits-serving domains.

The Conficker worm will be active again on 1 April, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member "botnet" of zombie computers that can be controlled remotely by the worm's as yet unidentified authors. Since it first appeared in October 2008 it has apparently infected more than 15 million computers around the internet, though even that number is no more...

In the overwhelming see of the templatization of malware serving sites, (naked ) celebrities would always remain the default choice offered in the majority of bogus content generating tools taking advantage of the high-page rank of legitimate Web 2.0 services.

For the gist of it...... just scroll down to the compact step-by-step guide. But if you like to get some of the background and related explanations then just read on. The rumor of the bullet-proof Linux architectureThere is this rumor going around that Linux is virus free. It is said that the old-fashioned multi-user heritage of Linux (and other *nix OSs) prevents malware, since users are not normally running their programs in admin mode (as root user). We are reminded that execute bits are needed to run anything – contrary to Windows – and that execute bits aren't set on any...