Sunday 12 September 2010

BUGCODE_USB_DRIVER

Seems like VMWare 5.5, iTunes and my new iPhone don't not mix. When I plugin in the iPhone I get the following blue screen:



The only work-around I could find to this problem was to install iTunes directly on the host machine :(

Friday 30 April 2010

Desktop Security 2010 Scareware

Stumbled upon another rogue security application called Desktop Security 2010. It has been around for some time now. What's new about this one is that it adds a new column to the Windows Task Manager falsely claiming that some of my files are infect:

Wednesday 7 April 2010

Your Protection Scareware

Stumbled upon a new scareware application called "Your Protection" today:



FreeFixer v0.55 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2010-04-07 14:20

Registry Startups (5 whitelisted)

HKCU\..\Run, Your Protection = "C:\Program Files\Your Protection\urpprot.exe" -noscan

Friday 5 February 2010

SafePcAv Scareware

Ran into another scareware application today. It detects malware on a clean machine:


FreeFixer v0.53 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2010-02-05 16:13

Processes (21 whitelisted)
C:\Program Files\FreeFixer\freefixer.exe
C:\Program Files\SafePcAv Software\SafePcAv\SafePcAv.exe

End of FreeFixer log


Sunday 31 January 2010

"Antimalware Defender" Scareware Disguised as a Windows Critical Security Update

Antimalware Defender is another scareware application. It pops up dialog boxes falsely claiming it is part of a Windows Critical Update:





Antimalware Defender reports lots of malware on a clean system:



You can use FreeFixer to remove AntiMalware Defender. I've pasted a FreeFixer log below which will help you identify the malware items:

FreeFixer v0.53 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2010-01-31 15:04


Browser Helper Objects

{fa217b17-bd53-4441-bc32-3de578a2826a}, {fa217b17-bd53-4441-bc32-3de578a2826a}, C:\WINDOWS\system32\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi

Registry Startups (4 whitelisted)

HKLM\..\Run, fa217b17-bd53-4445-bc32-3de578a2826a_6 = "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi", start minimized

HKCU\..\Run, fa217b17-bd53-4445-bc32-3de578a2826a_6 = "C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\roger\Application Data\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi", start minimized

Processes (23 whitelisted)

C:\Program Files\FreeFixer\freefixer.exe

Explorer.exe Modules (109 whitelisted)

C:\WINDOWS\system32\MSVCR71.dll

Rundll Modules (71 whitelisted)

C:\DOCUME~1\roger\LOCALS~1\Temp\wrk90.tmp

Recently created/modified files

2 minutes, c:\Documents and Settings\roger\Local Settings\Temp\wrk90.tmp

2 minutes, c:\Program Files\Antimalware Defender\Antimalware Defender.dll

2 minutes, c:\Documents and Settings\roger\Local Settings\Application Data\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi

2 minutes, c:\Documents and Settings\roger\Application Data\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi

2 minutes, c:\Documents and Settings\All Users\Application Data\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi

2 minutes, c:\WINDOWS\system32\fa217b17-bd53-4445-bc32-3de578a2826a_6.avi

2 minutes, c:\Documents and Settings\roger\Local Settings\Temporary Internet Files\Content.IE5\6CSRVCZ7\s[2].bin


Did this help you remove AntiMalware Defender?

Saturday 30 January 2010

MyPcSecure Scareware

MyPcSecure claims to detect malware on a clean system:



It's located in C:\Program Files\MyPcSecure Software\MyPcSecure\MyPcSecure.exe

Wednesday 27 January 2010

How to set up Magic Mouse on Windows


Do you want to use Apple's Magic Mouse on Windows? No problem, just follow these step-by-step instructions. I've tested this on Windows XP. Right-click, left-click and vertical scroll are working just fine:

1. Open up the Windows Control Panel. (classic mode):

2. Double click on Bluetooth Devices:



3. In the Devices tab, click Add.



4. Check "My device is set up and ready to be found".

5. Power on your magic mouse with the on/off switch under the mouse. If it is already powered on, power it off and on again.

6. Click Next.

7. After a while, Windows will find the Magic Mouse.

8. Select "Apple Wireless Mouse" and click Next



9. Select "Use the passkey found in the documentation". Type in 0000 as the passkey and click Next:



10 Click Finish:



11. Click OK:



12. Now you should be able to move the mouse pointer, use left- and right-click. To get the vertical scroll working you need to install the Magic Mouse Windows drivers. These are made available by the great people over at uneasysilence.com. There's a 32-bit and and 64-bit version.

13. Done.

Did this help you get your Magic Mouse working on Windows?

Tuesday 12 January 2010

SysDefenders Scareware

Here's another faked anti-virus program. Claims to detects lots of malware on a clean system:




FreeFixer v0.51 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2010-01-12 07:29


Registry Startups (4 whitelisted)
HKCU\..\Run, 8ytzu5al.exe = C:\WINDOWS\system32\8ytzu5al.exe

Processes (21 whitelisted)
C:\Program Files\FreeFixer.0.51\freefixer.exe
C:\DOCUME~1\roger\LOCALS~1\Temp\8ytzu5al.exe
C:\Program Files\SysDefenders Software\SysDefenders\SysDefenders.exe

End of FreeFixer log

Monday 11 January 2010

Tweets, Google Search Results and Speech Ballons

This was news to me. Tweets now appear in Google's search results, in a speech balloon:

Friday 1 January 2010

Antivirus PC 2009

Antivirus PC 2009 is yet another faked antivirus program. It claims to detect malware on a clean system: