Spyware, Adware & General System Alerts
Free Online Virus and Security Check by Symantec
tools for popular viruses -
Read About Expanded
Top Virus Fighting
Sites - McAfee/Network
Associates | Symantec
| Trend Micro
SBC announces a fix for
those downloading Windows XP Service Pack 2 (SP2).
Click here - this is a popup
IEPlugin slows your system
to a crawl and burdens your PC with unwanted ad's and BS. Here's
are a few links that describe it, and how to remove it:
Search your PC for these files
to see if you have it on your hard drive. systb.dll, winobject.dll,
wupdt.exe, winserv.exe, lycos.exe, bargains.exe, sidesearch1211.dll,
apuc.dll. you can cut and paste these into your search box.
Here's a Google search for you
to start your research - http://www.google.com/search?q=%22intelligent+explorer%22+ieplugin
Blaster Worm detection and removal by MikesHardware.com
If your system will still boot up, follow the instructions below:
1) Kill the program. Do a CTRL-ALT-DELETE and find
MSBlaster.exe in the list of running programs. Click it once
with your mouse and then click on "end process." If
unable to do so, restart your machine, and repeat the process.
2) To stop it from starting again requires a registry
change. Click Start then Run, type RegEdit,
hit enter. In left panel, navigate to HKEY_LOCAL_MACHINE / Software
/ Microsoft / Windows / CurrentVersion / Run. Locate and delete
windows auto update" = MSBLAST.EXE. Close the editor
3) Search your computer for copies of the file msblast.exe
and delete them. To do that, click on Start then Search then
Files or Folders.
4) Download the Symantec tool (it's my favorite)
and save it to your desktop or other convenient place that you
can remember. DON'T RUN IT YET! This tool will detect and remove
the critter for you. If you haven't already got it, get Symantec's
Norton Internet Security with Anti-Virus version 2003 to keep
these buggers at bay in the future.
5) Close any programs that are running.
6) If you are running Windows XP Home or Professional
you'll need to disable System Restore. To do that, right-click
on My Computer, and click on Properties. Click
on the System Restore tab and put a check mark in the
Turn Off System Restore on all drives checkbox, and click
7) Now run the FixBlast tool from Symantec...
If you see a message that the
tool was not able to remove one or more files, then you'll need
to run your computer in Safe Mode to complete this process. For
detailed instructions on running your computer in Safe Mode,
If you didn't see that above
message then go to Step 5.
8) Download and run the Microsoft
Blaster Patch. Once you're finished installing the patch,
you can reboot.
Your system is all clean and
safe now... but... hold on a second... you and I both know there
are other nasties out there. If you want to keep these types
of buggers from getting you again, then read on...
I found concerning the Blaster Worm:
Microsoft - What You Should Know About
the Blaster Worm
Worm on the move
echoes across the Net
<<Security Notice From
On August 11, 2003, Microsoft began investigating a report of
a worm, known as W32.Blaster.Worm, that exploits the vulnerability
addressed by Microsoft Security Bulletin MS03-026.
Microsoft originally released
this critical security bulletin and corresponding patch for Windows
operating systems on July 16, 2003. While you may not notice
the presence of the worm infection at all on your computer systems
or your customers' computer systems, typical symptoms may include
Windows XP and Windows Server 2003 systems rebooting every few
minutes without user input or Windows NT4 and Windows 2000 systems
If you or your customer applied
security patch MS03-026 prior to the discovery of the Blaster
worm, your system is secure from the vulnerability that W32.Blaster
is using. For the most current information on determining if
your systems are infected and how to recover from the infection,
please visit the following Web site and perform the prescribed
This site will be updated as more information regarding the W32.blaster
worm becomes available.
Our goal is to provide you with the information and tools you
need to help run your company safely and reliably. When we become
aware of these types of vulnerabilities, it is our goal to share
protection and remediation information with you as quickly as
is possible. In order to help protect your computing environment
from security vulnerabilities, we encourage you to use the Windows
Update service by going to http://go.microsoft.com/?linkid=220724
and also subscribe to Microsoft's security notification service
By using these two services you will automatically receive information
on the latest software updates and the latest security notifications,
thereby improving the likelihood that your computing environment
will be safe from the worms and viruses that occur.
New virus communicates by pictures
Antivirus companies warned of a new virus that communicates through
digital images, but security experts aren't sure how much of
a threat this latest evolutionary branch of malicious code poses.
Dubbed the first "JPEG infector" by security company
Network Associates, the W32/Perrun virus has two parts: infected
JPEG images that contain the virus's payload and a viral program
that extracts the code from the images and infects other JPEGs
on the system as they are opened. Because PCs have to be infected
by the extractor virus before any code hidden in image files
can affect them, the program is more a computer-science curiosity
than a threat.
Microsoft Security Bulletin MS02-029
Buffer in Remote Access Service Phonebook Could Lead to Code
Originally posted: June 12, 2002
Cut through the virus hype with Vmyths.com
Vmyths.com is filled with the latest information
on virus hoaxes, scares, and the real deal. The site stays unbiased
by refusing antivirus advertisements. This is security information
that no IT pro should be without.
Another Hoax... Jdbgmgr.exe...
This is a hoax that tries to
persuade you to delete a legitimate Windows file from your computer.
The file that the hoax refers to, Jdbgmgr.exe, is a Java Debugger
Manager. It is a Microsoft file that is installed when you install
NOTE: If you have already deleted
the Jdbgmgr.exe file, some Java applets may not run correctly.
This is not a critical system file. The file version may vary
with your operating system and version of Internet Explorer.
So visit this Microsoft site
to fix it http://www.microsoft.com/java/vm/dl_vm40.htm.
Here is a Symantec
link that better describes this hoax.
You can lookup information about
more hoaxs at these leading websites:
U.S. Dept. of Energy at http://ciac.llnl.gov/ciac/CIACHoaxes.html
Symantec hoax & virus encyclopedia at http://www.symantec.com/avcenter/vinfodb.html
Stiller Research at http://www.stiller.com/hoaxes.htm
If you have problems contact
MH for help [EMAIL].
A reminder to be careful ...
Why do my web pages have all those ugly yellow links on them?
Oh, you must have downloaded a program called KaZaa. While you
thought you're getting a cool MP3 sharing tool, they thought
that it'd be even cooler to mess with your browser and sell advertising
through your computer. The program comes with a little Trojan
friend called TopText that is also installed on your PC. Of course
you must have known this, cause you choose to install it, didn't
Read the full Story
BTW, AdAware is a great program,
it has found many spryware programs on my computers: http://www.lavasoftusa.com/downloads.html
This handy tip submitted
by Jeff Haas
Top Virus Fighting Sites
McAfee/Network Associates | Symantec
| Trend Micro
Computer Associates InnoculateIt
free personal, resident virus scanner (cleanup and protection)
Cleaner: Trojan Detection and Removal (cleanup)
to configure shared Windows folders for maximum network protection
Zone Labs Zone
Alarm personal firewall (protection)
Gibson Research Shield's
Up vulnerability scanner (protection)