Archive for October, 2006

HOSTS File Update [10-30-06]

The HOSTS file was updated today … [:)]http://www.mvps.org/winhelp2002/hosts.htmShameless plug: got another mention this weekend from the Kim Komando Show (I always see a spike in traffic when she does …)Even a dedicated page: Block malicious programs … thanks Kim!

Improved "Certificate Error" in IE7

I thought I'd show the new "Certificate Error" in action on one of the known culprits (msoftware.info) I was checking up on … this is from one of these "Rogue/Suspect" sites selling scam products.When you attempt to order this product IE7 throws up an error warning the user [screenshot1] then if you continue the Address Bar […]

Interesting list of deactivated Domains

While preparing for the next HOSTS update I've found an interesting list of deactivated domains.justcounter.com (Win32/TrojanDownloader.Agent.AIB)Status: Parked and deactivated (no valid DNS)jupitersatellites.biz (Trojan.Jupillites)Status: Domain Registration ExpiredNotice the other related domain names that prey on good name of well respected security productsdrwebupd(dot)com – this is not Dr.Web Anti-viruslavasoftupdate(dot)com – this is not Lavasoft Antispywareoutpostsupport(dot)com – this […]

IFrame Exploits

Following up on "Halloween sites tricking users with malware" it appears to me the sites mentioned have been hacked and a IFrame has been injected, that if activated infects the visitor with several nasties.I would advise disabling that option in IE – it is the single most exploited setting!Internet Options | Security tab | Custom […]

Another fake codec site

Got a tip today about another fake codec site: keycodec(dot)comThe download is another in the TrojanDownloader.Win32.Zlob family, but the scary part is the "Terms of Use"SOFTWARE INSTALLATION: Components bundled with our software may report to Licensor and/or its affiliates the installation status of certain marketing offers, such as toolbars, and also generalized installation information, such […]