Archive for October, 2006

HOSTS File Update [10-30-06]

The HOSTS file was updated today … [:)] Shameless plug: got another mention this weekend from the Kim Komando Show (I always see a spike in traffic when she does …)Even a dedicated page: Block malicious programs … thanks Kim!

Improved "Certificate Error" in IE7

I thought I'd show the new "Certificate Error" in action on one of the known culprits ( I was checking up on … this is from one of these "Rogue/Suspect" sites selling scam products. When you attempt to order this product IE7 throws up an error warning the user [screenshot1] then if you continue the Address […]

Interesting list of deactivated Domains

While preparing for the next HOSTS update I've found an interesting list of deactivated domains. (Win32/TrojanDownloader.Agent.AIB)Status: Parked and deactivated (no valid DNS) (Trojan.Jupillites)Status: Domain Registration ExpiredNotice the other related domain names that prey on good name of well respected security productsdrwebupd(dot)com – this is not Dr.Web Anti-viruslavasoftupdate(dot)com – this is not Lavasoft Antispywareoutpostsupport(dot)com […]

IFrame Exploits

Following up on "Halloween sites tricking users with malware" it appears to me the sites mentioned have been hacked and a IFrame has been injected, that if activated infects the visitor with several nasties. I would advise disabling that option in IE – it is the single most exploited setting!Internet Options | Security tab | […]

Another fake codec site

Got a tip today about another fake codec site: keycodec(dot)com The download is another in the TrojanDownloader.Win32.Zlob family, but the scary part is the "Terms of Use" SOFTWARE INSTALLATION: Components bundled with our software may report to Licensor and/or its affiliates the installation status of certain marketing offers, such as toolbars, and also generalized installation […]