Yet Another Cleaner, Yet Another Stealer

Recently, we discovered that a relatively popular “anti-malware” product known as “Yet Another Cleaner” or YAC for short, has been claiming to be an affiliate of Malwarebytes in addition to using a lot of our detection names as their own. We looked deeper into their operation and found some pretty amazing and ugly things.

https://blog.malwarebytes.org/fraud-scam/2015/03/yet-another-cleaner-yet-another-stealer/

Android phones.. why bother?

My better half has a Samsung GT-S7560M, Android version 4.04.

It can’t be upgraded, it is incapable of accepting most of the available games around these days, and is really only good for a contacts list and basic calling. I have an aging flip phone which is every bit as useful.

Neither the Samsung or the aging LG will ever be better than they were three months after initial purchase, but to replace either would cost $$$.

Google haven’t supported 4.04 for ever in real terms and now Google Chrome loses support. If this was Microsoft, there would be wall to wall lawsuits.

If there is another phone purchase in this household, it will be a Windows phone. Nuts to Google and Android..

Smile

How to Hide a Specific File or Folder from Quick access in Windows 10

The Quick access page is the shortest route to files you’ve been working on and folders you often use. These are your frequent folders and recent files.

Recent items is a list of the files that you have used or opened recently. These items are displayed as “Recent files” in Quick access, and under “Recent” in jump lists for icons on the taskbar.

Frequent places is a list of folders, websites, etc… that you have opened recently. These items are displayed as “Frequent folders” in Quick access, “Frequent places” under File in File Explorer, and under “Frequent” in jump lists on the taskbar.

When you hide a file or folder from Quick access, the file or folder will no longer show in all recent and frequent locations in Windows 10 until you stop hiding them.

This tutorial will show you how to hide a specific file or folder from the Quick access page to no longer show in all frequent and recent locations for your user account in Windows 10.

Read more…

ASP.NET Web Forms Extensibility: Control Builders

One of the most often ignored extensibility point in Web Forms is the Control Builder. Control Builders are subclasses of ControlBuilder (or other more specialized, such as FileLevelPageControlBuilder, for pages, or FileLevelMasterPageControlBuilder, for master pages) that can be specified per class. It controls some aspects of a control instance:

It also allows overriding a couple of things:

  • The parameters specified in the markup (Init);
  • What to do when the control builder is added to a parent control builder (OnAppendToParentBuilder);
  • Modify the code that will be generated in the code-behind class that is produced by ASP.NET or the code that will be used to instantiate the control (ProcessGeneratedCode);
  • Change the tag’s inner textual content (SetTagInnerText);
  • Etc.

This is a powerful mechanism, which has even been used to allow generic control classes. We apply a control builder through a ControlBuilderAttribute (for regular controls) or FileLevelControlBuilderAttribute for pages, master pages or user controls.

I won’t go into many details, but instead I will focus on the Init and ProcessGeneratedCode methods.

Init let’s us do things such as:

public override void Init(TemplateParser parser, ControlBuilder parentBuilder, Type type, String tagName, String id, IDictionary attribs)

{

    if (type == typeof(SomeBaseControl)

    {

        //replace the control's type for another one

        type = typeof(SomeDerivedControl);

 

        //convert an hypothetical Text property value to upper case

        attribs["Text"] = (attribs["Text"] as String).ToUpper();

    }

 

    base.Init(parser, parentBuilder, type, tagName, id, attribs);

}

And ProcessGeneratedCode, messing with the generated page class:

public override void ProcessGeneratedCode(CodeCompileUnit codeCompileUnit, CodeTypeDeclaration baseType, CodeTypeDeclaration derivedType, CodeMemberMethod buildMethod, CodeMemberMethod dataBindingMethod)

{

    //add some interface to the generated page class

    derivedType.BaseTypes.Add(typeof(ISomeInterface));

 

    //add a property implementation to the generated page class

    var prop = new CodeMemberProperty();

    prop.Attributes = MemberAttributes.Public;

    prop.Name = "SomeProperty";

    prop.Type = new CodeTypeReference(typeof(String));    

    prop.GetStatements.Add(new CodeMethodReturnStatement(new CodePrimitiveExpression("Hello, World, from a generated property!")));

    

    derivedType.Members.Add(prop);

 

    base.ProcessGeneratedCode(codeCompileUnit, baseType, derivedType, buildMethod, dataBindingMethod);

}

But also something MUCH more fun! Imagine you are using an IoC container – I will use Unity, but you can use whatever you want. We might have something like this in Application_Start (or whatever method spawned from it);

var unity = new UnityContainer();

unity.RegisterInstance<MyControl>(new MyControl { Text = "Bla bla" });

ServiceLocator.SetLocatorProvider(() => new UnityServiceLocator(unity));

Notice I am using the Common Service Locator to abstract the IoC container and to make the code independent of it. Here, I am assigning a static instance to the MyControl type, in essence, a singleton.

Now, we can change our control builder so as to have the control build method return this instance:

public override void ProcessGeneratedCode(CodeCompileUnit codeCompileUnit, CodeTypeDeclaration baseType, CodeTypeDeclaration derivedType, CodeMemberMethod buildMethod, CodeMemberMethod dataBindingMethod)

{

    //return ServiceLocator.Current.GetInstance(typeof(MyControl));

    var type = Type.GetType((buildMethod.Statements[0] as CodeVariableDeclarationStatement).Type.BaseType);

    var currentProperty = new CodePropertyReferenceExpression(new CodeTypeReferenceExpression(typeof (ServiceLocator)), "Current");

    var getInstance = new CodeMethodInvokeExpression(currentProperty, "GetInstance", new CodeTypeOfExpression(type));

    var @cast = new CodeCastExpression(type, getInstance);

    var @return = new CodeMethodReturnStatement(@cast);

 

    buildMethod.Statements.Clear();

    buildMethod.Statements.Add(@return);

 

    base.ProcessGeneratedCode(codeCompileUnit, baseType, derivedType, buildMethod, dataBindingMethod);

}

In case you didn’t notice, what this does is, every time the MyControl control is instantiated in a page, for every request, ASP.NET will always return the same instance!

Now, I am not saying that you SHOULD do this, but only that you CAN do this! Winking smile

Take care out there…

SpywareBlaster Database Update – March 2, 2015

10 Internet Explorer
0 Restricted Sites
0 Firefox

17163 items in database

http://www.brightfort.com/downloads.html

Updated to Swift and iOS8 – Unleash Your Inner App Developer Part 8: Code Writing First Steps

http://www.iphonelife.com/blog/31369/unleash-your-inner-app-developer-object-oriented-programming

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Swift Programming 101: Creating Self-Registering Swift UI Controls

What’s the best way to create controls that respond to notifications without interfering with existing messaging mechanisms? In this article I demonstrate a Notification Proxy class that helps you add functionality to existing iOS UI controls using a practical example: Adding placeholder text to the text view control.

http://www.iphonelife.com/blog/31369/swift-programming-101-creating-self-registering-swift-ui-controls

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Removal instructions for Local Temperature

What is Local Temperature?

The Malwarebytes research team has determined that Local Temperature is adware. These adware applications display advertisements not originating from the sites you are browsing.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F165560-removal-instructions-for-local-temperature%2F

How to Enable or Disable New Tray Clock and Calendar Experience in Windows 10

When you click/tap on the clock system icon on the taskbar in Windows 10, a clock and calendar dialog will open.

Windows 10 Technical Preview 9926 includes a new clock experience, but has not been enabled by Microsoft yet.

The default (old) clock is the same as in previous Windows that displays a basic calendar and up to three clocks. This would be one clock for the local time, and up to two additional clocks for different time zones.

The new clock has a modern design that uses larger characters and spacing to make using with touch easier. It doesn’t display additional clocks for now. However, you can click/tap on “Additional clocks” to open to World Clock in the Alarms apps for the local clock and up to two additional clocks for different time zones.

This tutorial will show you how to enable or disable the new tray clock and calendar experience for all users in Windows 10.

Read more…

Windows 10 updater..

In build 9926, there is no provision to access Windows Update via Control Panel. All you get is a section in ‘Settings’ which allows for ‘automatic update’ or ‘notify before installing’

Supposing that there is a hardware device driver in there that constantly produces a blue screen and a reboot. How are you supposed to stop the update? The simple answer is that you can’t..

.. UNLESS you take steps to bring back the ‘classic’ Windows Update to Control Panel.

The scenario was basically this. Windows Update kept trying to install a Qualcomm update that my Toshiba Netbook didn’t seem to like, and I had no way of hiding the update. So, every time it tried to install it, the Netbook crashed out. Not good.

So, how to get over the problem. One way is to re-introduce the Windows Update function, and there are a couple of registry keys which do this.. see below..

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows UpdateUX

IsConvergedUpdateStackEnabled = 0

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsUpdateUXSettings

UxOption = 0

If you don’t like the idea of messing in registry, you can get the pre-built REG file form here and just run it.. http://goo.gl/cbkc2y

By the way, it is not just Qualcomm drivers which are failing. There is a whole host of users having problems with all sorts of hardware driver updates.

Another point is that it could mark the end of driver support for older hardware in Windows 10, and to this end I have ordered a newer dual band Wi-Fi adapter for the Toshiba, an Intel Link 5300 AGN 450mbps type. Currently, it has a Qualcomm AR9285 (150mbps), also known as an AR5B95-H adapter.

Unfortunately, Toshiba sometimes block hardware that they don’t supply as part of OEM builds, but you will get to here what happens next as soon as I get and try it..

Smile

Smile

How to Enable or Disable Aero Shake in Windows 10

Your screen(s) can get cluttered if you have a lot of opened app windows. Aero Shake lets you quickly minimize all opened windows except the current active window by shaking its title bar. Shaking the title bar again will restore all the minimized windows.

This tutorial will show you how to enable or disable Aero Shake for specific or all users in Windows 10.

Read more…

Crapware..

I did a test similar to this a while back. Mine wasn’t quite as cool as this one, maybe only one screenshot, and nothing like as much text, but lots of text is not my style.

The link takes you to the story about what happens if you go for freeware.. See here..

I am not going to say much here either. I just want to bring it to your attention.

Every time that I come up against download managers when looking for a simple utility, I turn back and look for something else or a site that allows the download of a utility without the crapware that download managers more often that not include.

Majorgeeks is one of my favourites because they don’t employ download managers. Of course, some cases like the YTD video downloader don’t need to include other stuff because in this case, it IS the damage.

Freeware can be ok as long as you are alert to the dangers and are not put off by greyed out buttons on download sites.

Be vigilant. Computers need vigilant users..

Smile

Windows: Sécurité avec Kaspersky endpoint Protection 10

Bonsoir tout le monde,

Vous ne pouvez laisser votre ordinateur sans anti-virus. Les éditeurs sont nombreux pour sécuriser votre investissement et notamment tous les fichiers que vous créez, les photos de famille et de vacances, les fichiers musicaux, vos films…

Pour cela, rien de plus facile !

Vous avez le choix entre les gratuits:

Les payants:

Le Centre de sécurité sous Windows http://windows.microsoft.com/fr-fr/windows-vista/using-windows-security-center

Comment détecter et supprimer un virus http://windows.microsoft.com/fr-fr/windows-8/how-find-remove-virus

image

Pourquoi choisir Kaspersky Lab ?
Kaspersky Lab est le plus important acteur privé de solutions de sécurité informatique dans le monde.

Kaspersky Lab est une des sociétés de solutions de sécurité informatique qui connaît la croissance la plus rapide à travers le monde. Elle figure en bonne place parmi les quatre premiers éditeurs mondiaux de logiciels de sécurité, et affiche une croissance sensible dans toutes les régions.

Et puis Kaspersky c’est 400.000.000 d’utilisateurs protégés depuis 17 ans !

Le Blog
Suivre Kaspersky sur Facebook
Outils de gestion des mots de passe

C’est également une foule de conseils pour aider à comprendre…

Bonne soirée.
Patrice.

How to Determine if Running 32-bit (x86) or 64-bit (x64) Windows 10

The terms 32-bit and 64-bit refer to the way a computer’s processor (also called a CPU), handles information. The benefits of using a 64-bit operating system are most apparent when you have a large amount of random access memory (RAM) installed on your computer, typically 4 GB of RAM or more. The 64-bit version of Windows handles large amounts of random access memory (RAM) more effectively than a 32-bit system. To run a 64-bit version of Windows, your computer must have a 64-bit-capable processor.

This tutorial will show you how to determine if you are running a 32-bit (x86) or 64-bit (x64) version of Windows 10 on your PC.

Read more…

PDFs keeping you folders locked from editing?

We’ve been suffering from an issue where PDF files will ‘hold’ the folder open and we can’t rename folders when we want to.  In googling up the problem, we aren’t alone.

This appears to be the fix at this time — mind you — we’ve seen this on any version of servers and any version of workstations so it doesn’t appear to be related to any particular SMB version.

Turn this off by going to ORGANIZE > FOLDER AND SEARCH OPTIONS >VIEW (tab) … and then tick “Always show icons, never thumbnails“. Click Apply/OK and you’re done.

 

 

Data Breach – Update on Anthem attacks

http://www.eweek.com/security/anthem-breach-evidence-points-to-china-security-researchers-say.html

http://www.threatconnect.com/news/the-anthem-hack-all-roads-lead-to-china/

Security researchers have traced the theft of customer data from health insurer Anthem’s data systems to a professor at a Chinese university with links to a defense contractor. A new open-source intelligence analysis of the breach of health insurer Anthem has reinforced theories that the data theft leads back to a Chinese espionage program, security firm ThreatConnect stated on Feb. 27. In the report, which is based on public sources or “open-source” intelligence, security researchers at ThreatConnect and other companies found technical evidence that linked the malware reportedly used in the Anthem attack to a Chinese espionage group and a professor at Southeast University, which works with a government contractor, Beijing Topsec Technology Co.

MVPS HOSTS File Update February 28-2015

The MVPS HOSTS file was recently updated [February 28-2015]

http://winhelp2002.mvps.org/hosts.htm

Download: hosts.zip (135 kb)

http://winhelp2002.mvps.org/hosts.zip

How To: Download and Extract the HOSTS file

http://winhelp2002.mvps.org/hosts2.htm

HOSTS File – Frequently Asked Questions

http://winhelp2002.mvps.org/hostsfaq.htm

Note: the “text” version (511 kb) makes a great resource for determining possible unwanted connections …

http://winhelp2002.mvps.org/hosts.txt

Get notified when the MVPS HOSTS file is updated

http://winhelp2002.mvps.org/updates.htm

If you find the MVPS HOSTS file useful … please consider a donation …

http://winhelp2002.mvps.org/hosts.htm#donation

Surface Pro, Pro 2 volume button stops working after installing Wacom 721-21 Driver

 

Microsoft customers with Surface Pro (original) and Surface Pro 2 have reported that the hardware button that controls the volume level on their tablet stops working after installing the latest Wacom Feel-It driver.

If you have a Surface Pro or Surface Pro 2 (not the Pro 3) and your volume button no longer works, and you’ve recently installed the 721.21 Wacom driver, this could be the cause of the problem. If you’ve upgraded over an older version of the Wacom driver, you can roll back the driver in device manager, reboot, and this should resolve the problem. If you didn’t install a previous Wacom driver, head over to http://us.wacom.com/en/support/legacy-drivers/ and install the 720-10 driver.

 

 

Select Tablet PC and download the 7.2.0-10 driver, restart, and you should be good to go.

wacom legacy

Removal instructions for BrowseFox

What is BrowseFox?

The Malwarebytes research team has determined that BrowseFox is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F165478-removal-instructions-for-browsefox%2F

Facebook – Bug Bounty Hunters paid $1.3 Million in 2014

Paying security researchers to privately identify areas of vulnerability helps strengthen security overtime and this is a good investment process for Facebook given its huge user base

http://facecrooks.com/Internet-Safety-Privacy/Facebook-Paid-Bug-Bounty-Hunters-1-3-Million-2014.html/

There’s no doubt that Facebook has a problem with malware, spam and cybercrime on its pages. However, it has gone to great lengths to combat these issues with its bug bounty program, which pays individual security researchers and experts who uncover problems with the site. And according to a recent report on the program from Facebook, it’s only getting bigger and better. Facebook has paid out $3 million to researchers around the world since the site started its bug bounty program in 2011. However, $1.3 million of that came in 2014 alone. That total was paid to 321 researchers in 123 countries for an average prize of $1,788. Overall, submissions increased by 16 percent from 2013 to 2014. India reported the most issues, followed by Egypt and the United States.  “Report volume is at its highest levels, and researchers are finding better bugs than ever before,” Facebook wrote in its post announcing the 2014 results. “We’ve already received more than 100 valid reports since the start of the new year.”

Recent Comments

Archives