Thursday, May 29, 2008

Service Pack 3 Available On CD

For those who are not on a good Internet connection or one where you are limited in bandwidth, you can get Service Pack 3 on CD now. You can also download a disk image or stand alone installer, which you can use to take home or save for a re-install. Having SP 3 available will help if you do need to re-install, so you won' have to go online and expose yourself to the evils of the Internet. You can check it out on Microsoft TechNet.

Wednesday, May 28, 2008

Mac OS 10.5.3 for leopard, Security Update for Tiger

A few hours ago, Apple made the 10.5.3 update available on Software Update. There's lots of changes and fixes in this one. If you have 10.4 Tiger, you do get a nice set of security updates so you don't feel left out.  


The 10.5.3 update details can be found at Apple. The kbase article mentions inprovements or fixes for: Address Book, Automator, Airport, iCal, iChat, Mail, Parental Controls, Spaces, Time Machine and voice Over. I also noticed changes to Back to My Mac and Finder. 

For BTMM, there is now a red, green and yellow indicator for the service. I think it is just checking connectivity to the BTMM servers and successful login. I'm behind a crapy Linksys router that doesn't like to keep UPnP on, but I get a green light. So I can see the other mac, but connections still fail, as should since Universal Plug n Play isn't on. 

Finder now has a more accurate display of uploads to network drives, like iDisk. It used to sit on the closing file and would stay there until the file was finished uploading. That could be another 20 minutes or longer. Now it displays a rough estimate of the time remaining in the upload. 

If you have Tiger or haven't updated to 10.5.3, then you still want to use check updates for Security Update 2008-003. Updates include AFP Server, Apache, AppKit, CFNetwork, CoreFoundation, CoreGraphics, CoreTypes, Common Unix Printing System (CUPS), Flash Player Plug-in, iCal, LoginWindow, Mail, Wiki Server and  more. 

I installed 10.5.3 and had no problems. It was faster than the 10.5.2 update. So far, I'v only seen the usual people who seem to have trouble with every update complain. I see no reason to hold off of this set of updates.

Saturday, May 24, 2008

Spyware Doctor False Positive Flags Part of XP Service Pack 3

Apparantly, Spyware Doctor may be detecting Rundll32.exe as having Trojan-Spy.Pophot.WX. The latest update, 5.09900, should fix this. In any event, you should run Spyware Doctor's Smart Update t be safe.

Friday, May 23, 2008

MacWindows

Since moving to Mac from Windows, it's been quite refreshing not having to keep multiple security programs running and updated. Sure, I still have several Windows machines here and have used them, but not so much anymore. Now that I have VMWare Fusion on my iMac with a 2.8 GHz Core 2 Duo, 4 Gigs of RAM, and 24 inch screen, I can run them all. Now I need to get a 2nd display so I can run Windows Full screen side by side with OS X. I've got XP and Vista and can run them at the same time :) Though Aero won't work while I am running it in virtual machine. I can reboot to Vista using Bootcamp and Aero will pop on.

Anyways, with all the Windows going on, I'll need to keep up with the security stuff and will get back to updating here more. I haven't decided what changes there'll be, but I think a real template for this blog is past due. One thing to think about is what to display in updates. Most security programs these days have so many updates with similar names, that it's hard to pick out what it means. It used to be simple. A Look2Me here, a Vundo there and whatever the Zlob trojan was calling itself this week.

I'll see what i can come up with.

Spybot Search & Destroy May 21st

2008-05-21

Keylogger
+ KGBKeylogger ++ KGBKeylogger.REFOG ++ SmartPCKeylogger

Malware
++ AntiSpyCheck ++ BugDoctor + ConOpt.BHO (3) ++ DeusCleaner ++ DoctorCleaner ++ EliteProtector + ErrorDoctor + FakeAlert.cc ++ LiveAntispy ++ MalwareDestructor + MyNetProtector ++ PCSleek.FreeErrorCleaner + Smitfraud-C. ++ Spyburner ++ SpyKill + Trojan-Guarder + Vario.AntiVirus + Win32.BHO.je + Win32.Renos + WinSpyKiller + Worldsecurityonline.FakeAlert

PUPS
++ SpyPry

Security
+ Microsoft.Windows.AppFirewallBypass

Trojan
+ Smitfraud-C.MSVPS + Virtumonde.ddc ++ Win32.Agent.abd ++ Win32.Agent.ark ++ Win32.Agent.byc + Win32.AutoRun ++ Win32.Delf.bj ++ Win32.Friendown + Win32.PcClient.agu + Win32.Small.ih

Total: 609774 fingerprints in 159642 rules for 3951 products.

http://spybot.info/en/updatehistory/index.html

Spyware Doctor 5.09900

Spyware Doctor has been updated with new spyware definitions.

Latest Database Version: 5.09900
Intelli-Signatures: 520,229

Spyware Doctor protects your computer in 3 ways. First, it has the On guard monitor which watches places spyware will change your computer settings. By alerting you, Spyware Doctor gives you the option to not allow unwanted programs on your computer. Second, Spyware Doctor has a feature called Immunize that completely blocks known spyware from even installing. Third, spyware Doctor has a large detection database that removes spyware that has gotten onto your computer. I have used Spyware Doctor in tests against SpyAxe and SpyFalcon. It completely removed the those two. A restart of the computer and resetting my wallpaper was the hardest part.

A free scan is available from the Spyware Doctor Homepage:
http://www.pctools.com/spyware-doctor/

New Intelli-Signatures:

5.09900 - Trojan.Delf.CDI


5.09890 - Trojan-PWS.QQTen, Trojan.PHP.Agent, RogueAntiSpyware.MalWarrior


5.09880 - Trojan-Downloader.WMA.Wimad, Trojan-Downloader.Small.FQO, Trojan-Downloader.Firu, Adware.Agent.BYY, Trojan-Downloader.Banload.MCC, Trojan.Agent.LRY, PSWTool.SAMInside, Trojan-Dropper.Agent.NHA

Extended Intelli-Signatures:

5.09900 - Trojan.Mebroot, Trojan.DNS_Changer, PWSTool.QQPass, Exploit.MSWord, Exploit.MSPpt, Exploit.MSExcel, Backdoor.PCclient, Backdoor.Hupigon.GEN, Backdoor.Graybird.GEN, Adware.NewWeb, Adware.ILookup_Begin2Search, Trojan.QQHook.A, Trojan.Riler, Trojan-PWS.Lineage


5.09890 - Worm.Mytob, Trojan-Spy.Zbot, Trojan-Spy.VB, Trojan-Spy.Qeds, Trojan-Spy.Lyndra, Trojan-Spy.Agent, Trojan-PWS.QQRob, Trojan-PWS.QQRob.U, Trojan-PWS.QQPass.UP, Trojan-PWS.QQPass.GE, Trojan-PWS.OnlineGames, Trojan-PWS.OnLineGames.GEN, Trojan.Zquest, Trojan.Startpage, Trojan.Downloader, Trojan.Agent.LPV, Trojan.Agent.EMB, Trojan.AdRotator, Spyware.SahAgent, Spyware.Known_Bad_Sites, Rootkit.Agent, Exploit.MSPpt, Exploit.JS.Agent, Backdoor.Hupigon, Backdoor.Hupigon.GEN, Backdoor.Graybird.GEN, Backdoor.Bifrose, Backdoor.Bifrose.ACI, Backdoor.Agent, Application.Perfect_Keylogger, Adware.Zeno_Search_Assistant, Adware.TTC, Adware.PodcastbarMini, Adware.OneStepSearch, Adware.MokeAd, Adware.Deskbar, Adware.Cinmus, Adware.Agent.BN, Adware.Adsponsor


5.09880 - Trojan.Virtumonde, Adware.Mokead, Trojan.DNS_Changer, Trojan-PWS.OnLineGames.GEN, Adware.Loadscc, Trojan.Agent.BOW, Trojan-Downloader.Zlob.GEN, Backdoor.Hupigon.GEN, Trojan-Spy.VB, Trojan-Spy.Banker.ALR, Trojan-Downloader.Agent.NVP, Backdoor.Hupigon , Application.HP-Compaq, Trojan-PWS.OnlineGames.HZJ, Worm.Mytob, Trojan-Spy.Pophot.WX, Trojan-Dropper.Agent.BPF

General Information:
Updates are posted 5 times per week on average.
Updates are installed by running Spyware Doctors' Smart Update feature.

Sitemeter