Spybot Search & Destroy Weekly Update – April 01, 2015

2015-04-01

Adware
++ Ad.RebateInformer ++ Ad.Shopperz + Crawler.Toolbar + Firseria
Malware
+ OneInstaller
PUPS
+ Ero.Pchd + OutBrowse ++ PU.OnlineVault
Trojan
+ Win32.Downloader.HicrazykA + Win32.Palevo
Total: 2605329 fingerprints in 816197 rules for 7430 products

http://www.safer-networking.org/about/updates/

Como tocar videos en SharePoint Foundation 2013

Hoy me tuve que enfrentar a un escenario muy simple como para ser verdad. Desplegar videos en la página principal de la Intranet en un ambiente SharePoint Foundation 2013. Uno pensaría que esa funcionalidad está disponible, sin embargo al ser SharePoint Foundation 2013 no se encuentra disponible. Lo primero que pudiésemos pensar como alternativa de solución es verificar si hay algunas aplicaciones en la tienda de SharePoint disponibles para lograr nuestro objetivo. Sin embargo, después de instalar dos aplicaciones que eran gratis simplemente no funcionaron, a pesar de que si estaban activadas o programadas para ser instaladas en SharePoint Foundation 2013. Las aplicaciones fueron:

  • vSlider Video Carousel
  • Envision IT Video Player

Después de mis intentos fallidos, decidí buscar alguna solución usando el Content Editor Web Part para que basado en JavaScript y código HTML5 pudiésemos lograr nuestro objetivo. Bueno, pues encontré este enlace donde se muestra una especie de tutorial que permite lograr lo antes mencionado. Está muy bien escrito y funciona a la primera si lo segues al pie de la letra, es por eso que merece ser compartido.

HTML5 video player in SharePoint 2010 and SharePoint 2013 (on-premises) por Viorel Iftode

Wajam and WNetEnhance Removal Guide

Wajam, also known as WNetEnhance, is adware that displays advertisements on social and shopping sites that you visit. When installed, Wajam will configure your browser to use a Proxy server that allows it to inject ads into various sites that you visit. These ads are inserted into the header of a site and are labeled Wajam Ads. The ads will be for products that are in the same category as to what you are viewing or searching for on the site.

http://www.bleepingcomputer.com/virus-removal/remove-wajam-ads-wnetenhance

Priceless Adware Removal Guide

Priceless is an adware program that injects advertisements and deals when browsing shopping sites. While browsing shopping sites, such as Ebay or Amazon, Priceless will inject advertisements that offer deals or lists other sites where you can purchase the same item. These advertisements will be labeled Powered by Priceless or Best Deals Powered by Priceless and will be placed on the web site in an intrusive manner, which makes it difficult to read the content or navigate the affected site.

http://www.bleepingcomputer.com/virus-removal/remove-priceless-adware

MVPS HOSTS File Update March 31-2015

The MVPS HOSTS file was recently updated [March 31-2015]

http://winhelp2002.mvps.org/hosts.htm

Download: hosts.zip (136 kb)

http://winhelp2002.mvps.org/hosts.zip

How To: Download and Extract the HOSTS file

http://winhelp2002.mvps.org/hosts2.htm

HOSTS File – Frequently Asked Questions

http://winhelp2002.mvps.org/hostsfaq.htm

Note: the “text” version (512 kb) makes a great resource for determining possible unwanted connections …

http://winhelp2002.mvps.org/hosts.txt

Get notified when the MVPS HOSTS file is updated

http://winhelp2002.mvps.org/updates.htm

If you find the MVPS HOSTS file useful … please consider a donation …

http://winhelp2002.mvps.org/hosts.htm#donation

Gracias Microsoft y Comunidad SharePoint

MVP por 11 años ya, pero siempre se siente como la primera vez. Gracias a Microsoft por el reconocimiento este año. Gracias también a mis colegas y la comunidad de SharePoint por ser tan buena onda. Me siento orgulloso y feliz por estar un año más, especialmente cuando la nueva versión de nuestro producto favorito viene en camino.

Gracias

Thanks Microsoft & SharePoint Community

MVP for 11 years now, but always feel like the first time. Thanks to Microsoft for the MVP Award this year. Also thanks to my fellow colleagues and SharePoint community for their awesomeness. I am proud and happy to be around another year especially when new version of our favorite product is coming.

Thanks.

 

My new Logitech mouse ..

.. will displace the M600 which will soon be paired back with the Toshiba Netbook. I say soon but really mean anything up to 21 days because I have bought a replacement for the aging and broken MS Wireless 5000.online.

The new mouse:

It will be the Logitech Marathon M705 Laser mouse, c/w unifying receiver.

http://www.logitech.com/en-us/product/marathon-mouse-m705

Roughly the same size and profile of the MS 5000 desktop set mouse, it is severely designed for use in the right hand which is good for me and my hope is that the scroll wheel will not fail as the MS mouse scroll wheel has.

It means running two wireless receivers, one for the existing and still operational MS 5000 Comfort key board and the Unifying receiver for the new mouse, but I have eight spare USB ports, so no worries.

This will be the fourth Logitech mouse that I have bought since 2003. The original 2003 corded mouse is still going strong an a clients computer, the M187 is running on the Lenovo G780, the M600 which nobody likes will be for occasional use with the occasionally used Toshiba NB250, and the new M705 will take up duties on the hard-worked production desktop.

Ode to MS mice:

I like MS mice but for one issue. The soft rubber used on the greater majority of later model mice does not last too long. This and general scrolling issues have seen at least eight Microsoft mice come and go. There is still one which is ok, an MS mini-mouse which has a far more robust scroll wheel that is not used a great deal. That will stay for now.

Back to the future briefly:

The M705 comes with a Unifying transceiver which may prove useful should I decide to scrap the Microsoft keyboard and use the Logitech K800 illuminated board which also runs from a Unifying receiver..

How to Add or Remove Favorites in Spartan in Windows 10

Project Spartan is a new web browser added in Windows 10 Technical Preview build 10049. Project Spartan will be available across the Windows 10 device family. It is fast, compatible, and built for the modern Web.

You can keep track of the websites you visit frequently by storing them as favorites in Spartan.

This tutorial will show you how to add or remove websites as favorites in Spartan for your user account in Windows 10.

Read more…

How to Change Spartan Startup Page in Windows 10

Project Spartan is a new web browser added in Windows 10 Technical Preview build 10049. Project Spartan will be available across the Windows 10 device family. It is fast, compatible, and built for the modern Web.

The startup web page is the web page that Spartan will open by default at the startup of Spartan.

This tutorial will show you how to change the startup page of Spartan to what you like for your user account in Windows 10.

Read more…

MVP renewal

April 1st comes round again and its time for the MVP renewals. I received my renewal email this afternoon – I feel highly honoured that Microsoft have bestowed an MVP award for 8 straight years.

 

Thank you

Removal instructions for Web Bar

What is Web Bar?

The Malwarebytes research team has determined that Web Bar is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F166887-removal-instructions-for-web-bar%2F

Turning away from Micro$oft

Yesterday’s unexpected notice from Micro$oft that I am not being awarded MVP status this year has caused me to take stock of my situation.

Now that I’m no longer a paid shill of the Evil Empire, and they’ve taken away my free Compuserve account, I feel I can no longer use their products – mainly because I can no longer afford them if I can’t download them for free from MSDN and TechNet.

Security strengths – OR NOT!

Microsoft has been widely derided in the security community for many years, and despite having invented, expanded and documented several secure development processes, practices and tools, it seems they still can’t ship a copy of Flash with Internet Explorer that doesn’t contain rolling instances of buffer overflows.

Microsoft make a great deal out of their SDL tools – documentation and threat modeling guides – and yet they still haven’t produced a version that runs on Mac or Linux systems, unlike Mozilla who’s been able to create a multi-platform threat modeling tool, called Seasponge. Granted it only lets you draw rudimentary data-flow diagrams, and provides no assistance or analysis of its own, requiring you to think of and write up your own threats – but it’s better than nothing! Not better than a whiteboard, granted, but vastly better than nothing.

Active Directory is touted along with its ability to provide central management by Group Policy Objects simply isn’t able to scale nearly as well as the Open Source competition of Linux, which allows each desktop owner to manage their own security to a degree of granularity that allows for some fantastic incoherence (ahem, “innovation”) between neighbouring cubicles. This is, after all, the Year of Linux on the Desktop.

Unlike Windows, with its one standard for disk encryption, and its one standard for file encryption, Linux has any number to choose from, each with some great differences from all the others, and with the support of a thriving community to tell you their standard is the de-facto one, and why the others suck. You can spend almost as much bandwidth discussing which framework to use as you would save by not bothering to encrypt anything in the first place – which is, of course, what happens while you’re debating.

Something something OpenSSL.

Networking – notworking, more like!

IPv6 has been a part of Windows since Windows XP, and has been enabled by default for considerably longer. And yet so very few of Microsoft’s web properties are available with an IPv6 address, something I’ve bugged them about for the last several years. Okay, so www.microsoft.com, www.bing.com and ftp.microsoft.com all have recently-minted IPv6 addresses, but what about www.so.cl? Oh, OK.

Then there’s the Windows TCP SYN behaviour, where a SYN arriving at a busy socket was responded to by a RST, rather than the silence echoed by every other TCP stack, and which was covered up by Windows re-sending a SYN in response to a RST, where every other TCP stack reports a RST as a quick failure. I can’t tell you how many years I’ve begged Microsoft to change this behaviour. OK, so the last time I spoke to them on this issue, my son was eight, and now he’s driving, so perhaps they’ve worked some more on that since then. It is, after all, a vital issue to support correct connectivity.

It’s never a bag year any more

Finally, of course, the declining MVP swag quality has hit me hard, as I now have to buy my own laptop bag to replace the MVP ones that wore out and were never replaced, a result of Microsoft’s pandering to environmental interests by shipping a chunk of glass instead of a cool toy or bag each year.

My MVP toys were fun – a logo-stamped 1GB USB drive, a laser-pointer-pen-and-stylus which doesn’t work on capacitive touch screens, a digital photo frame – but never as much fun as those given to the MVPs in other Product Groups. The rumoured MVP compound in Florida available for weekend getaways always seemed to be booked.

No more Microsoft for me!

So, how do I get MacOS installed on this Surface Pro 3?

Having trouble getting MS support to give you a link to a HOTFIX work around

 

Here’s a trick if you are desperately trying to get your hands on a hotfix from Microsoft that requires you to contact support and are getting a run around. Do this at your own risk. Make sure you need the fix and have created a restore point if things go wrong. I won’t support you and Microsoft won’t support you.

 

You need to know the KB number of the hotfix you need. Find a hotfix (OK, I’ll do it for you) for a different item where the download is available without going through contacting support again. Like http://support.microsoft.com/en-us/kb/2955769 

 find one

Click the Hotfix Download Available button.

 

After selecting that link, an URL will appear in the address bar like https://support.microsoft.com/en-us/hotfix/kbhotfix?kbnum=2955769&kbln=en-us

Copy the URL in the address bar and paste into Notepad.

Replace the KB 2955769 number with the one you are having difficulty getting. So that you have a link like https://support.microsoft.com/en-us/hotfix/kbhotfix?kbnum=XXXXXXXX&kbln=en-us where XXXXXXXX is the KB number you are having trouble getting.

Now you can get your hotfix.

Again, I won’t support you and Microsoft won’t support you, but maybe you can fix your problem without multiple calls to support and incompetent poorly trained support agents.

New puppy in the family

RemiFullSizeRender

This is a image of my new baby, he’s called Remi.  He’s about another pound in size now from when this photo was taken :-)

 

MS15-010 and it’s impact on Essentials

essentials

http://blogs.technet.com/b/sbs/archive/2015/03/13/the-ms15-10-security-update-for-windows-server-2012-r2-essentials-and-the-client-restore-functionality.aspx

Just a heads up – it looks like the eta for this fix will be in the May time frame.

Until then bare metal restore still works, or you will need to uninstall those security updates noted.

Regierung fĂĽhrt Internetsteuer ein

Ein aktueller und nicht-öffentlicher Gesetzentwurf aus dem Verkehrsministerium sieht eine neue Internetsteuer vor. Besteuert werden sollen grundsätzlich alle Datenpakete. Im aktuellen Entwurf ist zu lesen, dass pro Paket in Abhängigkeit der Größe und der Anzahl der zu überwindenden Hops eine noch festzulegende Gebühr fällig wird. Ob es eine Sondersteuer für ausländische Pakete geben wird war zunächst unklar.

“Nahezu alles wird heute besteuert: Alkohol, Zigaretten, Kraftstoff, BĂĽcher, Hotels. Nur das Internet ist bislang steuerfreier Raum. Das wollen wir ändern” äuĂźerte sich ein Sprecher des Ministeriums zu dem Gesetzentwurf. “Wir rechnen mit 200-400 Millionen Euro pro Jahr”. Wie sich die Zahlen zusammensetzen wollte er nicht erläutern. “Der Entwurf ist noch nicht fertig. Klar ist aber, dass ein Teil der Einnahmen fĂĽr Internetprojekte der Regierung ausgegeben werden.” Denkbar seien demnach Investitionen in öffentliche WLAN Hotspots in Städten und an touristisch attraktiven Plätzen. “Wir planen, das Gesetz zum 1.5.2016 in Kraft treten zu lassen. Bis Ende 2015 sollen die Rahmenbedingungen und Parameter feststehen.”

Na, da bin ich ja mal gespannt, was das werden wird und wie die Details aussehen. Ich befĂĽrworte grundsätzlich freies WLAN unterwegs – alleine schon, weil ich das auf meinen weltweiten Reisen selber sehr zu schätzen gelernt habe. Die Frage ist natĂĽrlich, in wie weit öffentliche Hotspots zu Horchspots werden könnten.

Viele GrĂĽĂźe
Dieter


Dieter Rauscher
MVP Enterprise Security

How to remove MyBestOffersToday adware

MyBestOffersToday is a program that displays daily free offers and also displays advertisements directly on your desktop. It shows these offers and advertisements using multiple methods such as desktop pop-ups, the MyBestOffersToday widget, and by opening your browser and displaying them. When installed, MyBestOffersToday will be configured to run automatically and listen in the background with no indication that the program is running other than the randomly displayed advertisements.

While running MyBestOffersToday will randomly display advertisements throughout the day. The only advertisement, though, that is labeled as My Best Offers Today is their daily offer widget. This widget will display offers that change daily and pop-up in a little widget from your Windows taskbar.

http://www.bleepingcomputer.com/virus-removal/mybestofferstoday-removal-guide

VaultCrypt ransomware offers fake customer support

Ransomware has been the preferred tool of cyber criminals for making quick money. A new variant is in our midst known as VaultCrypt which is quite different from other encrypting malware in appearance and behavior. Unlike other ransomware that directly demand payment to unlock your encrypted data, VaultCrypt turns up the dishonesty levels even higher by pretending to direct you to customer support. This malware has been circulating in Russia since late February, but now, it is starting to spread to other parts of the world as well. Bleeping computer, with the help of members from the Emsisoft team have analysed this threat in detail.

http://blog.emsisoft.com/2015/03/29/vaultcrypt-ransomware-offers-fake-customer-support/

Mozilla Firefox Upgraded to v37.0: March 31, 2015

Firefox Notes

Version 37.0, first offered to Release channel users on March 31, 2015

Check out “What’s New” and “Known Issues” for this version of Firefox

https://www.mozilla.org/en-US/firefox/37.0/releasenotes/

Recent Comments

Archives