Tech Geek and More
Technology Explained for All
ALERT: New Rogueware–This one can detect which browser your using and customize the fake alert to the browser you are using
Sep 2nd
In a never ending effort to inform the visitors to TGM, here is another ALERT concerning a new version of Rogueware (Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven)) that can actually figure out what web browser you are using and then customize the fake message to look like a standard message for the browser you are using. As always the reason these types of attacks work is because of the social engineering aspect, most people don’t know any better, they assume that if the message pops up on their pc the “it must be true”. Unfortunately the messages that you will see as a result of the Rogueware are nothing more than a trick to get control of your pc.
The following article (Written by Daniel Radu of the Microsoft Malware Protection Center) comes from the Microsoft TechNet Blog (LINK) http://blogs.technet.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie.aspx (http://blogs NULL.technet NULL.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie NULL.aspx) . You should pay close attention to what the fake alert can look at in each of the browsers (At the bottom of the message you get “Upgrade to a reliable solution”).
**************************************************************************************************************************************
Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie
A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven). We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation.
Let us say from the beginning that the guys behind this rogue like to copy big-time. They start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome, or Firefox. This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue, relying on the user’s trust of his day-to-day browser.
The similarity between the fake warning pages is so accurate that it can trick even highly trained eyes.
In the Firefox page, for example, you can see it’s not the real warning page because they misspelled ‘out’ and wrote ‘Get me our of here’.
Chrome
Internet Explorer
But for all three browsers, a common indication that you are not looking at the actual browser warning is the offer of some sort of an “update” or “solution”. All the “updates” point to a copy of MSIL/Zeven that promises to provide “a new approach to windows detection”. Internet Explorer, Firefox, and Chrome do not offer such a solution when a website is blocked.
When installed, the product looks very genuine: it allows you to scan files, tells you when you’re behind on doing your updates, and enables you to tweak your security and privacy settings. These features are usually available in various legitimate antivirus solutions. However, the features don’t work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs).
Of course once it scans your computer it’s bound to claim it found something scary (malicious), as shown below:
As usual with rogue scanners, although it “found” malicious files, it claims it cannot delete them unless you update. That implies that you need to pay for the full version, which has the ability to download updates. However, these files are totally bogus; no such files exist in the user’s computer.
If you decide to buy the product, this rogue opens an HTML window enabled with ‘Safe Browsing Mode’ and high strength encryption to “help” and ”protect” you while completing your purchase. Of course these features are totally worthless and don’t actually do anything in the way of securing your credit card details.
The main page of the rogue antivirus program itself looks awfully close to the Microsoft Security Essentials webpage – more copying from the bad guys. The people behind it have even copied the awards received by Microsoft Security Essentials and link to the Microsoft Malware Protection Center - pretty sneaky of them.
This is a screenshot of the rogue’s main webpage:
And, by way of contrast, this is a screenshot of the genuine Microsoft Security Essentials (http://www NULL.microsoft NULL.com/security_essentials/) page:
It seems that these guys want to profit on the good reputation and success of Microsoft Security Essentials in order to make money – but we remind our customers that Microsoft Security Essentials can be downloaded at no cost. And it really does protect your computer from malware!
We detect both the downloader of the rogue and the rogue itself as Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven).
Until our next encounter: browse safely!
Daniel Radu
MMPC Dublin
Droid: Bing app for Android–Free app released today from Microsoft
Aug 31st
Microsoft today released their new bing app for the droid (LINK: http://www.bing.com/community/blogs/search/archive/2010/08/30/bing-for-mobile-comes-to-your-verizon-android.aspx (http://www NULL.bing NULL.com/community/blogs/search/archive/2010/08/30/bing-for-mobile-comes-to-your-verizon-android NULL.aspx) ). Officially the app is for Verizon phones (US), however, there are many “reports” of the app loading and running with no issues on other non-Verizon phones (Unofficially, I’m an EVO owner and I like the app a lot, that should tell you).
The following items from the bing blog posting -
Are you a visual person? Try the image search feature that has endless scrolling results (Tip: this also works for any search result). Then easily swipe through image previews and click straight through to the image host site.
Voice search is also great when it comes to your local business listings. Give it a try, even something complex, hold the phone to your ear and speak, or press the mic button—it’s that simple.
The Android app also has a pretty smooth mapping feature. First, Bing will automatically find your current location. You can then easily discover new places by category such as restaurants, banks, theaters and you can choose whether you want walking or driving directions. Swipe through each step of your directions, and check out how fast the map pans and zooms. For times when you only have one hand free and can’t pinch, there is the handy zoom-out button.
There are a bunch of other features we’d love to tell you about, like local listing reviews, ratings and news
Review – TGM Reviews the bing app
- The voice search didn’t work for me (not sure if its my American “accent” or the fact that I own an EVO). However the regular search gave me very good results.
- Surf from within the bing window is smooth, and the pinch, spread, and double tap adjust the page your surfing nice and smooth. (The TechGeekandMore.com site – Full not mobile version looks great)
- Movies playing near you feature (If you turn on location on your phone) was very accurate for the area I was in.
- Maps feature is clean, I just wish it included street view not just aerial maps.
- Local feature (which include Restaurant, Shopping, Nightlife, etc.)
- News feature is simple and broken down very cleanly.
- Directions feature was easy to use and the function was smooth during the 1 time I was able to test it this evening. Directions worked better than the Google Maps version I usually use.
**Overall – This is something that I consider a “MUST HAVE” for the droid.
UPDATE: After a couple of weeks away–Tech Geek and More is back.
Aug 30th
Hello Everyone, its been a few weeks since I have been able to stop by and post. Unfortunately due to changes at the “real” job there has been a lot of work and very little time to give to the TechGeekandMore effort. However, things seem to have finally calmed down, so now I think you will see many new posts for TGM coming over the next few days.
Thank you for visiting TGM and I hope find TGM a help in navigating technology.
Sincerely
Alex
Head of TechGeekandMore
TechNet Video: How Do I: Migration From Windows XP to Windows 7 (Level 200)
Aug 8th
From Microsoft:
TechNet Video: How Do I: Migration From Windows XP to Windows 7 (Level 200) (http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Link/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE)
(LINK) http://www.microsoftbroadcaster.com/en-us/Content/Link/11813?WT.z_cType=VI&WT.z_cSource=WWE (http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Link/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE) 
(http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Media/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE)
Find out what you need to know about the process of migrating your computers from Windows XP to Windows 7.
This video discusses:
- Backup considerations and options
- Preparing hard drives and partitions
- Capturing Windows XP data and settings with the Windows Easy Transfer Tool
- Installing Windows 7
- Restoring captured data and settings with the Windows Easy Transfer Tool
- Confirming settings
Android: TGM List of Preferred Android Apps – Free
Aug 7th
I’ve been enjoying my Sprint EVO phone since it’s release a few weeks ago. Coming from years of using Windows Mobile, learning Android has been “interesting” to say the least. In the Past few weeks I have found many apps that were nothing more than garbage, while at the same time finding many more that now I cant live without.
Since there are so many on my list, this post has gotten its own page. You have find the list of Preferred Android Apps here (LINK) http://www.techgeekandmore.com/android-tgm-list-of-preferred-android-apps-free/
This list will continue to grow over time…..in addition if you have an app that you use that is not on the TGM list let us know.
Software: Getting your Creative Labs Sound Blaster soundcard working with Windows Vista / 7
Aug 5th
Came across an interesting issue this week with one of my clients who has just upgraded to Windows 7 on his pc (x86/32 bit). His pc hardware included a Creative Labs SB200 sound card, which Windows 7 recognized but said was not compatible with the operating system. I know I could have easily gone out and bought a new sound card but I figured I would try a few things before going down that route. If you do a search for the driver on the Creative Labs site all you will find are drivers that list for Windows 2000 and XP. I tried downloading the XP file and then using Windows 7 compatibility mode to install it, but that didn’t work. So I kept looking and found a version of the Creative Labs Sound Driver on the Dell site – So I decided to try it and “boom”, there it was. Here are the steps I took
- Downloaded the Creative Labs Sound Blaster Audigy 2 (LINK) http://ftp.us.dell.com/audio/R80459.EXE (http://ftp NULL.us NULL.dell NULL.com/audio/R80459 NULL.EXE)
- Once Downloaded – Right click on the R80459.exe file –> Left Click on Properties. This will bring up the properties screen. On the properties screen put a check next to “Run this program in compatibility mode” (and select Windows XP SP3) and also select “Run this program as Administrator”.
3. Once you have done that select ok, then double click R80459.exe. During the install you will get prompted for the location you wish to save your file. I recommend just leaving the default location.
4. The install will now run and install your drivers. At the end of the install it will still appear that the install did NOT work. Reboot your pc. After the reboot you should have sound……..Enjoy
**The instructions list Windows 7 – However, should work exactly the same under Windows Vista.
(http://www
