Home     Remote Support     About Us     Services     Contact Us     Links     FAQ     News Letter     Fun Stuff     Blog     Live WebCam & Chat      
Geek Tech IT Blog:
 
August 10

Talking about DROID 2 Pre-Sale Starts 8/11, Officially On-sale 8/12 | Droid Life: A Droid Community Blog

If you are loooking for a new awesome phone, check this one out.  The best part is the are offering a R2-D2 version. 

Quote

DROID 2 Pre-Sale Starts 8/11, Officially On-sale 8/12 | Droid Life: A Droid Community Blog


7:27 AM GMT  |  Read comments(0)

August 05

PayPal Brings Their Android App Up To Speed With Their iPhone App
 
 
 

No matter how big your company is, maintaining platform parity — that is, keeping all of your apps functionally identical across multiple smartphone platforms — is tough work. Even Facebook can’t seem to get their Android app quite up to par with their iPhone app.

Later today, PayPal will be introducing version 2.0 of their Android App, which seems to be aimed at bringing it up to speed with its iPhone counterpart.

Now, PayPal has had an Android app for about a year and a half. That app has always supported the most crucial feature: sending money. It wasn’t exactly pretty, but it got the job done.

Along with a visual overhaul which makes it a more-or-less one to one match with the iPhone version, today’s update brings over a handful of tools:

  • Bump support: Remember Bump? It’s an app that lets two users swap contact info by fist-bumping their smartphones together. Back in late 2009, Bump opened up their API to allow third-party iPhone developers to swap just about whatever they wanted between bumpers, and PayPal was one of the first to hop on that train. Bump’s API has since been ported to Android, and now the Android app offers up support.
  • Split the Check: You and your friends just ate your way through 200 bucks worth of Sushi, and the restaurant only takes one credit card per table. Oops! PayPal’s Split The Check feature lets you tally up everyone’s total, and then send out a payback request from anyone who didn’t have the cash.

Expect PayPal to be dumping a considerable amount of effort into mobile in the coming months — according to the company, they’ve handled twice as much money over mobile in the first six months of 2010 as they did in all of 2009.

PayPal image
Website: paypal.com
Location: San Jose, California, United States
Founded: December 1, 1998
Acquired: July 8, 2002 by eBay for $1.5B in Stock

PayPal is an online payments and money transfer service that allows you to send money via email, phone, text message or Skype. They offer products to both individuals and businesses alike, including online vendors, auction sites and… Learn More

Information provided by CrunchBase


1:26 PM GMT  |  Read comments(0)

200,000 Devices Activated Daily?

So Google is reporting that 200,000, that’s right two hundred thousand new Android based handset are activated every day.  Every day, not a week or a month, every day. 

I just got a Motorola DroidX and I gotta say I love it and it is a great smartphone, but that is a lot of phones being activated daily.  Granted there seems to be a new phone for Android announced daily on every carrier imaginable.  So I guess 200k phones being activated should not be a surprise but I sure was…

For the full story you can got to Endgaget or PC World or any other Android or Tech blog…



11:55 AM GMT  |  Read comments(0)

April 01

ConFlicker Removal
This is from the Symantec wesite and relates to their products but can be applied to any antivus program. If you need help go to the contact us page and send me an email...
 
Discovered: March 6, 2009
Updated: March 11, 2009 4:12:59 PM
Also Known As: Mal/Conficker-B [Sophos], Worm:W32/Downadup.DY [F-Secure], Trojan-Downloader.Win32.Kido.a [Kaspersky]
Type: Trojan, Worm
Infection Length: 88,576 bytes
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000

Removal using the W32.Downadup Removal Tool
Symantec Security Response has developed a removal tool to clean the infections of W32.Downadup. Use this removal tool first, as it is the easiest way to remove this threat.

Manual Removal:
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

  1. Disable System Restore (Windows Me/XP).
  2. Update the virus definitions.
  3. Find and stop the service.
  4. Run a full system scan.
  5. Delete any values added to the registry.

For specific details on each of these steps, read the following instructions.

1. To disable System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.

Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.

Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.

For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:

Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, reenable System Restore by following the instructions in the aforementioned documents.

For additional information, and an alternative to disabling Windows Me System Restore, see the Microsoft Knowledge Base article: Antivirus Tools Cannot Clean Infected Files in the _Restore Folder (Article ID: Q263455).

2. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
  • Running LiveUpdate, which is the easiest way to obtain virus definitions.

    If you use Norton AntiVirus 2006, Symantec AntiVirus Corporate Edition 10.0, or newer products, LiveUpdate definitions are updated daily. These products include newer technology.

    If you use Norton AntiVirus 2005, Symantec AntiVirus Corporate Edition 9.0, or earlier products, LiveUpdate definitions are updated weekly. The exception is major outbreaks, when definitions are updated more often.


  • Downloading the definitions using the Intelligent Updater: The Intelligent Updater virus definitions are posted daily. You should download the definitions from the Symantec Security Response Web site and manually install them.

Note: W32.Downadup.C may block access to Symantec Web sites and network addresses, which may result in failure to obtain the most recent virus definitions. Follow these steps to remove the block:

  1. Click Start > Run or hit Windows Key + R.
  2. Type cmd, and then click OK.
  3. Type net stop dnscache and press Enter.
  4. Type exit and press Enter.

The latest Intelligent Updater virus definitions can be obtained here: Intelligent Updater virus definitions. For detailed instructions read the document: How to update virus definition files using the Intelligent Updater.

3. To find and stop the service
  1. Click Start > Run.
  2. Type services.msc, and then click OK.
  3. Locate and select the service that was detected.
  4. Click Action > Properties.
  5. Click Stop.
  6. Change Startup Type to Manual.
  7. Click OK and close the Services window.
  8. Restart the computer.
4. To run a full system scan
  1. Start your Symantec antivirus program and make sure that it is configured to scan all the files.

    For Norton AntiVirus consumer products: Read the document: How to configure Norton AntiVirus to scan all files.

    For Symantec AntiVirus Enterprise products: Read the document: How to verify that a Symantec Corporate antivirus product is set to scan all files.


  2. Run a full system scan.
  3. If any files are detected, follow the instructions displayed by your antivirus program.
Important: If you are unable to start your Symantec antivirus product or the product reports that it cannot delete a detected file, you may need to stop the risk from running in order to remove it. To do this, run the scan in Safe mode. For instructions, read the document, How to start the computer in Safe Mode. Once you have restarted in Safe mode, run the scan again.


After the files are deleted, restart the computer in Normal mode and proceed with the next section.

Warning messages may be displayed when the computer is restarted, since the threat may not be fully removed at this point. You can ignore these messages and click OK. These messages will not appear when the computer is restarted after the removal instructions have been fully completed. The messages displayed may be similar to the following:

Title: [FILE PATH]
Message body: Windows cannot find [FILE NAME]. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.

5. To delete the value from the registry
Important: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified subkeys only. For instructions refer to the document: How to make a backup of the Windows registry.
  1. Click Start > Run.
  2. Type regedit
  3. Click OK.

    Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor. Security Response has developed a tool to resolve this problem. Download and run this tool, and then continue with the removal.

  4. Navigate to and delete the following registry subkeys:

    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 1]
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 1]


  5. Navigate to and delete the following registry entries:

    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[RANDOM CHARACTERS]" = "rundll32.exe "[RANDOM DLL FILE NAME]", [RANDOM PARAMETER STRING]"
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[RANDOM CHARACTERS]\"ImagePath" = "%System%\svchost.exe -k netsvcs"
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[RANDOM CHARACTERS]\Parameters\"ServiceDll" = "[PATH TO THE THREAT]"
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\[CLSID 2]\"[WORD 1][WORD 2]" = "[BINARY DATA]"


  6. Restore the following registry entries to their previous values, if required:

    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"Windows Defender"
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC}
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot

  7. Exit the Registry Editor.

    Note: If the risk creates or modifies registry subkeys or entries under HKEY_CURRENT_USER, it is possible that it created them for every user on the compromised computer. To ensure that all registry subkeys or entries are removed or restored, log on using each user account and check for any HKEY_CURRENT_USER items listed above.

Writeup By: Ka Chun Leung and Sean Kiernan



1:17 PM GMT  |  Read comments(0)

ConFlicker Downup Virus Protection Cleanup

The link below is a very detailed description of conficker/downup.  New variants are supposed to be released on April the 1st

 

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1.pdf

 

If you are using SEP, here are some best practices:

 - Make sure Auto Protect is set to load at “System Start” – This is in the Auto Protect options and will load SAV as a driver. This is the default setting.

- Make sure Auto Protect is set to scan “All Files” - This is in the Auto Protect options and will load SAV as a driver. This is the default setting.

- Make sure Auto Protect is set to scan files when “Accessed or Modified” - This is in the Auto Protect options and will load SAV as a driver. This is the default setting.

- Make sure Tamper Protection is set to block.

- Check folder exclusions list and make sure it is not too wide.

- Make sure virus definitions are up-to-date.

- Make sure IPS policy is on and that the relevant policies are set to block (4 policies see documents attached).

- Consider protecting with Application Control and protect system32 from modifications (System Lockdown/File write protect).

- Consider applying strict personal FW rules to block unnecessary  traffic.

What is it?

 

Conficker is a new class of worm that Symantec has been tracking since it showed up about 5 months ago.  In that time it has infected between 3 and 10 million systems worldwide by leveraging a vulnerability in Windows to compromise machines.  The third iteration of this worm, version “.C” appeared on March 6th, and we were the first vendor to identify it, understand what it is and how it works, and issue the signature to our customers to protect them.  With a successful infection, the virus authors pretty much gain complete control to download more malcode, steal data, use the machines in a bot network, and disable access to good sites from compromised machines, though as of today the only identified action of the worm is to infect as many machines as possible.  The worm spreads by accessing other systems on networks, and through USB sticks.  Our own security researchers identified that this worm is incredibly complex, very well designed, and is bringing renewed visibility around endpoint protection due to the buzz generated and threat presented.

 

Also of note is that Microsoft released a patch shortly after the vulnerability was identified, so the majority of infected systems are overseas where pirated copies of Windows are used in large numbers.  However we also know that patching remains a challenge for many of our customers who have a real challenge getting even critical Microsoft issued Windows security updates to all of their machines, across all of their networks.  This case provides a perfect illustration of the core Symantec vision – the unification of protection and management.  Our customers can instantly identify their systems that need to be patched, deliver the patches, update their SEP signatures, and then validate the currency of their risk posture with our compliance tools.

 

 

How do I fix it if my PC is impacted?

 

Full instructions for infection remove are included in the Symantec threat write-up here: http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-030614-5852-99&tabid=3

 

 

I hope this information is helpful.



1:09 PM GMT  |  Read comments(0)