Archive for April, 2009

A suspected letter from a scammer to Software Critics

April 29, 2009 | By | 1 Reply More

Reading time: 4 – 6 minutes

In relation to my post “Beware of Swine Flu Domain Names“, I have mentioned that F-secure has compiled a list of these newly registered “swine flu” domains which include noswineflu.com which happens to be mentioned as well in news websites and other blogs.

I’ve also mentioned that,

“Black Hat SEO practices could be used behind unhealthy means of getting on top of search engine results as well as taking advantage of people and the current situation by selling fake drugs and all other sorts of evil cyber tactics” which can also be a possibility.

The post only mentioned noswineflu.com as a website which happens to sell a PDF file (an ebook) entitled “Swine Flu Survival Guide” for $19.95.

It has never said nor accused that the website sells fake drugs and is a black hat SEO. It only states the presence of lurking opportunists taking advantage of the Swine Flue scare.

In fact, I’ve listed the websites and blogs that have mentioned noswineflu.com in their articles.

FoxNews.com

Internet Scammers Ride Swine Flu’s Coattails…Another directs you to a Web site, noswineflu.com, which offers to sell you a “Swine Flu Survival Guide” for $19.95 — credit cards and PayPal accepted.

F-Secure has screenshots of the webpage of noswineflu.com.

Timesonline

Cybercriminals exploit swine flu fears with spam emails…Researchers at the security software maker F-Secure warned that one site, noswineflu.com, tries to con readers into buying a PDF called “Swine Flu Survival Guide” for $19.95.

The Washington Post

Scammers, Spammers Embrace Swine Flu News…F-Secure on its blog notes that at least one of the sites – noswineflu.com – tries to spoof readers into purchasing a PDF called “Swine Flu Survival Guide” for $19.95.

ShawnsTechSpot

Internet Scammers Taking Advantage Of Swine Flu Fears…Another email directs you to a web site, www.noswineflu.com, which offers to sell you a “Swine Flu Survival Guide” for $19.95. Please be warned that this is a scam and you will not get any type of guide. All you are doing is supporting the scammers.

The suspected letter sent to Software Critics is over the top and rather derogatory to this blog. See attached letter below:

A suspected letter from noswineflu dot com to Software Critics

A suspected letter from noswineflu dot com to Software Critics

If this is a genuine letter, then, I would like to hear the side of the website owner about this issue. I would even volunteer myself to be the instrument to tell everyone that the site noswineflu.com is legitimate when proven.

Again, Software Critics firmly believes that every consumer has the right to a free, accessible, and accurate information. And that no one should be deceived and manipulated with false advertisements and unproven claims.

Software Critics advocates truth and justice and holds accountable to its readers.

Beware of Swine Flu Domain Names

April 29, 2009 | By | 4 Replies More

Reading time: 2 – 3 minutes

While the Swine Flu outbreak (read Swine Flu Virus 101 for more information) has been all over the news worldwide, just in time before the news blew the center stage, it has been quite alarming as well in the internet world of domain name registration wherein most domain names with “swineflu” on it had been taken massively. In fact, F-secure has compiled a list of these newly registered “swine flu” domains.

Currently, there has been no detected spam site yet but watchful eyes are already on to these lurking opportunists taking advantage of the situation. Black Hat SEO practices could be used behind unhealthy means of getting on top of search engine results as well as taking advantage of people and the current situation by selling fake drugs and all other sorts of evil cyber tactics.

One proof of this came into public as F-Secure declares that there was this website, noswineflu.com (see homepage screenshot below including check out page.)

Swine Flu Guide

Swine Flu Guide

Swine Flu Survival Guide Checkout

Swine Flu Survival Guide Checkout

which happens to sell a PDF file (an ebook) entitled “Swine Flu Survival Guide” for $19.95. Why buy this ebook when you can have this information for free from the Centers for Disease Control and Prevention (CDC)?

Beware, be in the know and help spread the word!

Why is DFX Audio Enhancement for Winamp a bad buy?

April 27, 2009 | By | 6 Replies More

Reading time: 2 – 3 minutes

There has been many Winamp users all over the world and somehow at least a tiny of portion of this population have never used a plugin ever. I don’t have any statistics to show but I certainly think that it could go into millions. Just like what this plugin known as DFX (DFX 9.1 being the current version) which openly brags on its homepage that this audio enhancement plugin has accumulated over 24 million downloads and still counting. I wonder if all those millions are in deed using the software until now or it’s just a figure to show the number of downloads but doesn’t necessarily mean that all 24million are using the plugin.

DFX 9.1 Audio Enhancement plugin caused Winamp 5.552 to crash

DFX 9.1 Audio Enhancement plugin caused Winamp 5.552 to crash

To give you a brief background of the DFX 9 Audio Enhancement plugin for Winamp, this software can also be used on several other multimedia players such as Windows Media Player, Real Player, DivX Player, J. River Media Center, Musicmatch Jukebox and Yahoo! Music Jukebox. The features it boosts includes 3D surround sound and stereo ambience, dynamic audio boost, headphones optimization, customizable audio presets, serves as Winamp orgler, and includes customizable skins among others.

Focusing on my experience using this plugin with Winamp 5.552, which was not all very satisfying, when I open Winamp 5.552, DFX 9 also opens up but soon enough before Winamp even completes loading, it causes Winamp to crash. I’ve tried opening Winamp many times and even I tried reinstalling Winamp 5.552 and DFX 9,  but it’s futile. And this brought me into thinking, how could I even try this software if this can’t even do well on first use? This is a useless piece of crap! I’ve followed the installation instructions carefully but it really doesn’t work. Is it because I’m using a trial version? Well, I suppose trial versions are supposed to work perfectly so potential buyers will be convinced to buy the product. The fact is, this one failed extensively to satisfy.

Have you encountered the same problem as mine? Got any solution? Have you met similar errors on other multimedia players? Share it then through the comments section.

How “Microsoft Fix it” Resolves Inability To Open User Accounts Item in Control Panel on Windows XP

April 25, 2009 | By | Reply More

Reading time: 4 – 6 minutes

At some point during my daily routinary PC usage habit, I have had once a problem accessing the User Accounts on my Windows XP-based computer. Even though I was the administrator and I was the one who setup the login password, it just amazed me how it happen. Although, I have tried so many times by all means just to access the User Accounts in Control Panel (in which I’ve also tried going through System Properties, clicked on Advanced, went to User Profiles and press on Settings) but it just didn’t work.

I’ve been to so many forums but what I got are half-baked pointless unhelpful answers pretending to be geeks. (just because they mentioned tweaking procedures to go through the msconfig> run> etc. process doesn’t necessarily make them geeks unless they truly resolved the issue)

As I have always mentioned, I don’t like complicted procedures as much as anybody does. And if these complicated steps aren’t going to help  in any way, why not do the easier and sure fire way? Makes sense, right?

Now, here’s the solution. There are only two ways to resolve this:

First, If you are unable to open User Accounts item in Windows XP Control Panel, the first thing you’ll get is this error message:

“Wrong number of arguments or invalid property assignment”

Solution:

Use the regsvr32 command to register the .dll files. To do this, follow these steps:

Click Start, click Run, type cmd, and then click OK.

At the command prompt, type the following commands, press ENTER after each command, and then click OK when a message says that the registration is successful:

Regsvr32 jscript.dll

Regsvr32 nusrmgr.cpl

Regsvr32 /i mshtml.dll

Regsvr32 themeui.dll

Regsvr32 Vbscript.dll

If the above solution does not work in anyway, don’t settle and make your life miserable. There’s always a solution to every problem. What is it then?

Second option is to download Microsoft Fix it which you can download from Microsoft Help and Support. Once downloaded, click Run in the File Download dialog box, and follow the steps in the wizard.

Simple right? Why am I saying this? I’ve learned from experience and nobody teaches well than first hand experience compared to by the book summons and explanations and pointless rants that some blogs do.

Obviously, the latter option worked for me although I’ve also tried the former. I just downloaded Microsoft Fix it and it made wonders.

Why would Microsoft think of putting this automatic fix solution if this is such a crap?(like some blogs say) They(Microsoft) didn’t build this autofix for nothing if it doesn’t serve its purpose. I won’t put up this blog either if this doesn’t serve its use. I’m not advocating Microsoft in any way. I was just stating a fact. They have their lapses too like anybody else.

If you don’t want to download Microsft Fix it, fine. If you don’t want to run the tweaks, it’s okay as well.

What’s the use of System Restore anyway? You can just restore the system to it’s state at some point back in time when you had access to your Windows XP User Accounts.

If you have encountered the same ordeal but was able to rectify the problem in a completely different way other than the ones mentioned on this post, feel free to share it with everyone through the comments section.

Note:

The solution discussed above applies to:

  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition

Cause: Unregistered .dll files like the ones mentioned above. These .dll files can be deregistered due to scraping done by registry cleaners. (The effect of scraped registry entries can cause significant changes to the Windows registry that is why it is recommended not to overuse or at least use registry cleaners with caution.)

Fixing Parser Message Value Creation Failed at Line 472 or 521 When Clicking Add or Remove Programs in Windows XP

April 24, 2009 | By | 4 Replies More

Reading time: 2 – 3 minutes

In this tip, I am going to teach you how to fix the error “parser message value creation failed at line 472 or 521” in a very easy way. First, let me give you a hint how this error happens.

Whenever the default Windows XP Theme in Display Properties is changed or altered in someway, access to the Add or Remove programs are blocked since the XP Theme normally utilizes the default.

Other than that, using a different theme for Windows slows down PC performance because of disk space consumption since Windows is not optimized for appearance. As discussed in my previous post entitled Highly effective ways to optimize PC speed made simple,” I have emphasized the importance of optimizing the appearance settings in Windows in order to achieve boosted PC speed as it free up RAM thereby reducing the effects in the graphical user interface.

Going back to the importance of resolving this “parser message value creation failed at line” 472 or 521 error when accessing Add or Remove Programs, this actually solves the issue of trying to remove unwanted software or trying to add software drivers. If this issue remains unresolved, chances are, you as a user would have to go through the delicate process of removing the program yourself from the registry. Delicate because any wrong move or incorrect deletion of entries in the Windows registry can cause severe damages to your PC or it can cause some application within the system to malfunction. The worst could even require you to reinstall your operating system.

Having said this, whenever you encounter this error when trying to access Add or Remove Programs(On Windows XP OS), all you have to do is follow this guidelines:

For Service Pack 1

The Parser Message would be: Value creation failed at line 472

For Service Pack 2

The Parser Message would be: Value creation failed at line 521

(As discussed, this behavior is generally the result of a Theme problem)

To resolve this issue:

1. Open Control Panel.

2. Open the Display applet.

3. Select the Themes tab.

4. In the Theme drop-down box, select Windows XP.

5. Press Apply and OK.

That’s it, everything should be fine and you can now access the Add or Remove Programs option in Windows XP.

Troubleshooting MSN Explorer mailhost errors

April 23, 2009 | By | Reply More

Reading time: 2 – 3 minutes

If you are familiar with the Microsoft MSN Explorer program, you might have encountered mailhost file errors before but for those of you who aren’t, then this resource would be certainly worth note taking. Just to give you a brief background, MSN Explorer is a web browser that works similarly to Microsoft’s Internet Explorer, except that MSN Explorer integrates several features of MSN and Windows Live, such as Windows Live Hotmail and Windows Live Messenger. 

The most common error that a user would encounter is the inablity to retrieve and view emails, If Windows is unable to open files with the File Extension MailHost(.mailhost), that simply means you may not have the appropriate program installed or, you may have registry errors.

When dynamic link library files(.dll files) used for MSN are de-registered,that leads to the problem. A relatively known cause of this error is when a registry cleaning program incorrectly flags or removes dynamic link library files associated with the program from the registry. 

Only the re-registration of the lost .dll file can resolve File Extension MailHost errors which can be done by simply following a convenient process. To resolve the problem with the .MAILHOST file extension you can try this solution which has been confirmed by MSN to work: Click on the Start and then Run items. In the dialog box type:

regsvr32 c:progra~1msnmsncorefilesmailui.dll

afterwards, click on OK or press the Enter key(use cut/paste to be certain you’ve got it right). In case it wraps in your display, this is all one line with a space between the regsvr32 and pathname. This reregisters the mailui.dll file and fixes the error. If you are signed into MSN, sign out and then sign back in and everything should work fine. If, for some reason it doesn’t, repeat the first step and contact MSN support. A suggested reading can be found on http://www.fileextensionmailhost.com in case you need further reference.

Are textbooks just a thing of the past?

April 23, 2009 | By | Reply More

Reading time: 2 – 3 minutes

We all know from an academic point of view that nobody learns without a textbook. Although a student needs a teacher, the student cannot perform well without the guidance of a textbook to where the teacher bases the lesson before a class.

No person who has ever attended school doesn’t have a textbook? Am I right? Even a webmaster like me still consults textbooks whenever I needed some clarification. Although textbooks are quite a burden to carry especially if they are the more specialized one, it is still where everyone of us finds our roots and are able to spread our wings. 

While there have been many online electronic books(ebooks) with an increasing demand usually easily shared in scanned format in peer-to-peer networks, not everyone is used to this. Like most specialized books for college courses and professionals, a textbook is still the preference and mainly because of licensing constraints and copyright implications, writers and publishers still prefer the printed format. 

The origin of today’s highly technical world still depends on the presence of highly sophisticated printed materials that has made all we see today–possible. While the newspaper trails against the blogosphere’s presence as the primary source of headlines and local news, the textbook will surely remain to be part of us. 

In fact, a small but rather brave group of college students started out a company called “Valore”(from the word “valor”, which means having the strength of mind or spirit to encounter danger with firmness, now Valore.com) which offers an enormous selection of low priced books for sale online and offline fuelled with the values  of focus, dedication, bravery, and boldness. Strengthened by the belief that knowledge is power, these brave students started the company in an effort to help fellow students buy text books at lower prices and to offer more money back for books sold at the end of each semester. Over the years, the company grew large and thereby continues to become a great part of every student’s life.

If a software developer or  a software enthusiast and engineer like me would be compelled to talk about textbooks, that is because you and me wouldn’t be what we are today, if we never had embraced a textbook all ourlives.

The iPod and the search for inexpensive iPod dock sources

April 23, 2009 | By | Reply More

Reading time: 1 – 2 minutes

While Software Critics focuses on software-news, reviews, and  articles; being the Admin of this blog allows me to lighten up things a little bit and provide some attention to what is current and what I think provides value to its readers. I’ve come across to what is largely known and recognized brand of this decade which is the iPod. The iPod’s history can be traced back in October 23, 2001 when Apple, Inc. launched it as a portable media player.

Soon enough after its release in the market, derivatives of the product of note came out as well.  While Apple’s iTunes has been widely known to be the software used to transfer music files, open source alternatives came into the scene. More than anything else, capabilites of the different variations and models of the iPod made it extra special. Accessories had become the best part of it other than just having a great listening experience not to mention the increase in demand of highly functional iPod docks that provide extraordinary listening pleasure because the user need not to carry the device all the time. I’ve been looking for inexpensive but functional and rather stylish ipod docks for quite sometime and I’ve come to discover some few sites including thespeakercompany.com which showcases a wide selection of iPod docks.  While I’m sure not to be the first to reveal such source, I’m certain that your choice will be as good as mine.

How multimedia can help expand your reach and increase your audience

April 23, 2009 | By | Reply More

Reading time: 2 – 3 minutes

It is a fact that everyone of us has been struck in one way or the other by some powerful videos and multimedia presentations that it even changes our views. Am I right? Yes, I am too. If you think that the media has conquered the mainstream? I would say, yes. Look around you and see how multimedia has influenced all sources of information. TV of course is always, infomercials, the internet as well  has evolved largely because most websites right now utilizes the power of multimedia to convey and influence. The same thing for goes to the blogosphere wherein posts are not anymore contextual but also multimedia dominated. Now, what makes multimedia so powerful? The thing is, it say more than just the average text can convey. The attention span of people sometimes cannot absorb so much contextual information. And that is why multimedia comes to the rescue so that the message is conveyed in a much simpler, concise and direct manner. Having said this, multimedia is the key to solve information lapses.

Why is this good for business? Again, multimedia can compel, entertain and deliver more results compared to any other form of information gateway. Consider the infomercials? Can you appreciate pictures more than a video can? I don’t think so, unless the pictures are converted into a slide show rather than static ones.

Going on, more than the value of earning loads of revenue, there is so much that a video can tell like I hear it most of the time, “We all have our stories to tell.” While there are so many multimedia post production companies around, it is a must that you choose the best in the industry that would assist, guide and deliver the success and the results that you aim. Be it a Corporate video for training, to company messages, a TV Commercial to market your products, a Live Sporting Event to capture real-time sports drama or Entertainment for an aesthetic experience.

The power of a video lies on the craftsmanship on how it was made–from pre production brainstorming to post production creation. Once all the criteria are met, you can watch your goals being reached and your results become outstanding.

PDF Files 101

April 21, 2009 | By | Reply More

Reading time: 2 – 2 minutes

Familiarity with the different file formats can save us a lot of time and effort in dealing with our day-to-day encounter online and offline. While most of us are familiar with Word documents with file extension ending in .doc, our knowledge should not be limited to it because as we move on to a more advanced pace, we will surely encounter more complicated files to an almost obscure file extensions.

While this post limits us to document file extensions, one of the most popular
we may encounter are those with file extension PDF and this type of file format is used for representing two-dimensional documents independent of any application software, hardware, or operating system.

In 1993, Adobe Systems created the PDF which stands for “Portable
Document Format”
and is denoted by a file extension PDF or .pdf suffix after a filename. PDF files are readable using Adobe Acrobat reader. While Adobe Acrobat reader can view this type of document, while most people find this program disk space unfriendly because of its size, it’s still the best reader there is today.

However, a light-weight alternative PDF reader is cited on my previous post entitled, “PDF reader smaller than Adobe?” PDF files are very distributable and handy. In fact, most white papers, manuals, and ebooks among others found online and is distributed by most companies globally are in this format which means it is the most recognized form of web document available. You may also visit http://www.ifileextensionpdf.com for a more detailed reading about PDF file extension.

Secure and Private Email System Made Possible by PrivacyHarbor

April 14, 2009 | By | 4 Replies More

Reading time: 2 – 2 minutes

The most important aspect of having an email, more than anything else, is privacy and security. Like any other type of mail, we certainly value its content as we wanted to have it secured and our privacy uncompromised.

Among the many email services you can find online, there’s only a few that really stands out and one of those is PrivacyHarbor. More than just a web application that provides Private Communication Networks to individuals and corporations, PrivacyHarbor boosts powerful organization and project management features. PrivacyHarbor.com offers secure and private emailing services that is dedicated to keep your messages off the hands of advertisers and prying eyes.

Unlike any other normal email that requires software and encryption keys, Privacy Harbor sets itself apart with high quality standards which makes sending a secure message as easy as sending a normal email. A message on Privacyharbor is first encrypted and saved via a server. The recipient then receives an invitation by regular email to view the private message and, with one click, the recipient is then taken to an encrypted web-page to view the message which makes PrivacyHarbor really optimized for security and privacy.

Among the many brilliant features of the service include secured message sending and access to anyone and anywhere, the ability to know when messages are read, large file attachment capability, and many other value-added services which makes it better than any other email providers around. Having said all these, there is just no reason not to get your free private email at PrivacyHarbor.com for a more rewarding email messaging experience.

PrivacyHarbor offers both free and paid email services on different package options. I only use the free one for personal purposes but for special requirements, I’d suggest that you contact them.

StalkDaily.com Worm infects Twitter overnight

April 14, 2009 | By | Reply More

Reading time: 2 – 2 minutes

Last Saturday, Twitter has reportedly been infected by a worm that hightened security concerns amongst users of the controversial micro-blogging platform. The Twitter worm is said to be anchored by a link going to the website www.stalkdaily.com and appeared as automatically generated tweets.

The worm exploited a cross site scripting or XSS vulnerability that changes the hyperlinks of infected profiles which are then spreadout by means of JavaScript.

Susceptiblity to the said worm is relatively high because once an account becomes infected, such accounts’ followers (avid followers, relatives, friends, co-workers, etc.) are most likely to click on the link thereby making the worm infection viral.

The scariest part is, what if this link or if something of similar nature happens in the future but through the URL shortening service (like TinyURL or Bit.ly), then all Twitter users will most likely be prone to malware threats and the worse part of it could be a future cellphone malware attack because  as we all know, Twitter is interoperable on cell phone and SMS messaging.

The founder of the said website, which goes by the name of Mikeyy (a.k.a. Michael Mooney), has admitted full responsibility of the worm which caused this untoward malware spread as confirmed by BNO News.

However, Twitter acted upon to remove the offending updates and block all holes that allowed the worm to spread. In addition, Twitter emphasized that no account information were compromised as part of the attack.

Unknown facts about DOT file extension

April 13, 2009 | By | Reply More

Reading time: 2 – 2 minutes

While file extensions come in so many different formats, one of the most widely used was the file extension DOT or “.dot” which corresponds to Microsoft Word files used mainly as template for creating Word Documents. Specifically, Microsoft Word 2003 indicates files with .dot extensions as a template while Microsoft Word 2007 version specifies the file extension pertaining to a template to have .dotx instead.  

A template being defined in the context of file format refers to those features commonly found on most software applications that uses a unique file format specifically designed for that particular application. If Microsoft Word (focusing on version 2003) uses the file extension DOT as its template for creating Word Documents, then how important is it?

On any computer running (pre-2007) Microsoft Word, there is a file called Normal.DOT. This is the background that a user can see whenever a new Word document is opened which normally consists of preset values on page format–left and right, top and bottom, fonts, font style, etc. Normal.DOT stores user-specific settings and is not designed to be shared by multiple users on a single computer or over a network unless a global template is created. 

If a user after creating a Word document opted to save it as a .dot file, then that is where the error comes in. Why? Because whatever changes made on the preset values will now then becomes the new or default template the next time a new Word document is opened which can result in badly formatted pages that anybody doesn’t want to happen. Make sure that whenever a Word document is to be saved, always choose .doc among the options on the drop-down box. 

Suggested reading can be found on http://www.fileextensiondot.org/ for a more detailed explanation.

How AVG Anti-Virus Software removed Conficker and saved my PC!

April 4, 2009 | By | 4 Replies More

Reading time: 4 – 6 minutes

Based on my previous post, “What is Conficker and how to avoid it from infecting your computer?”  I have mentioned that I experienced some vital signs similar Conficker or Downadup worm infection and what it can do to harm your PC and among these things are:

  • Automatic updates no longer working. (For Windows auto-updates)
  • Anti-virus software is no longer able to update itself.
  • Unable to access a variety of security sites, such as anti-virus software companies.
  • Random svchost.exe errors. (Of which I’ve seen on some folders within my PC)

Now, it has come to my knowledge after several scans and tests using AVG Anti-Virus Software and a stand-alone anti-virus scanner called “Stinger Conficker” (which was a product of McAfee and does a very slow scanning process yet wasn’t able to find detection), I came up with a conclusion that AVG Anti-Virus Software can fight Conficker worm and heal the infection easily. I’ve run the scan and left it running at the background on the system tray and when I checked the Virus scan results, I was surprised seeing that Downadup otherwise known as Conficker has in deed infected my PC!

downadup scanning ip addresses

downadup scanning ip addresses

AVG Anti-Virus removed Conficker or Downadup as scanned infection

AVG Anti-Virus removed Conficker or Downadup as scanned infection

These show that the above mentioned signs and those mentioned on the post, “What is Conficker and how to avoid it from infecting your computer?” are accurate and genuine. Software Critics commits itself to responsible and intellectual dissemination of information and are all based on real tests and user experience.

As the Admin of Software Critics, I am sharing to you this information because I believe that these could help since these are all backed up with screen shots taken from actual scan results. I’m not ashamed of admitting that my PC got infected otherwise this post would not be possibly shared to increase awareness.

Forget the blogs that mentions “these-and-that” kind of tutorials and say at the end, “do it at your own risk!” I’m a risk taker but I’d rather take the risk first than having the readers take the risk themselves because that is not taking responsibility of the information you are providing.

To strengthen the points of this post, I’ve made a video to show you exactly where the screen shots are taken from. All the information are laid down in simple ways and there’s no registry editing nor any tweaking is necessary. I don’t want complicated procedures as much as you do.

AVG Anti-Virus Software Free Edition is what I’ve used and it worked. Even if AVG Technologies would be able to read this post, how likely do you think they would give a paid license?

What is Conficker and how to avoid it from infecting your computer?

April 3, 2009 | By | 2 Replies More

Reading time: 5 – 8 minutes

The Conficker (also known as Downadup and Kido) infection is a worm that predominantly spreads via exploiting the MS08-067 Windows vulnerability(found in the RPC facilities) and has the ability to infect other computers via network sharing and through removable media. Microsoft has addressed the problem by releasing a patch to fix the Windows vulnerability though there are still many computers that do not have this patch installed. Hightened amount of legitimate concern remains under debate but if you are concerned, then let me walk you through the facts straight.

When installed, Conficker/ Downadup will copy itself to your C:WindowsSystem32 folder as a random named DLL file. It may also copy itself to the %ProgramFiles%Internet Explorer or %ProgramFiles%Movie Maker folder. Then, it will create a Windows service that automatically loads this DLL via svchost.exe, which is a legitimate file, every time you turn on your computer. The infection as a result will then change a variety of Windows settings that will allow it to efficiently infect other computers over your network or the Internet.

Once the infection starts running, you will no longer be able to access a variety of sites such as Microsoft.com, AVG.com and many other anti-virus vendors. It does this so that you cannot download removal tools or update your anti-virus programs. (Which similarly happened to me a couple of days ago but was able to detect it as a Trojan) And likewise these website won’t allow you because they have also detected you being a security threat or malware.

Infection of this Conficker worm may perform any of the following actions in random order:

  • Stop and start System Restore in order to remove all your current System Restore points so that you cannot roll back to a previous date where your computer was working properly.
  • Check for Internet connectivity by attempting to connect to any of the following sites:

o aol.com
o cnn.com
o ebay.com
o msn.com
o myspace.com

  • Attempts to determine the infected computer’s IP address by visiting one of the following sites:

o http://www.getmyip.org
o http://getmyip.co.uk
o http://checkip.dyndns.org
o http://www.whatismyip.com/

  • Download other files to be used as necessary.
  • Scan the infected computer’s network for vulnerable computers and try to infect them.

Some symptoms that may hint that you are infected with this malware are as follows:

  • Anti-malware software stating you are infected with infections using the following names:

o Net-Worm.Win32.Kido
o W32/Conficker.worm.gen
o Worm.Conficker
o W32.Downadup
o W32/Downadup.AL
o W32/Confick-A
o Win32/Conficker.A
o Mal/Conficker
o Worm:Win32/Conficker.B
o Win32.Worm.Downadup.Gen

(this list is helpful to determine if you are infected or not, what happened to my computer a couple of days ago have shown some vital signs I’ve cited in the next three bullet points below but looking from here based on the
malware’s extention, I have discovered that it was not Conficker but “Win32.VB.fnk” which is a Trojan)

  • Automatic updates no longer working.
  • Anti-virus software is no longer able to update itself.
  • Unable to access a variety of security sites, such as anti-virus software companies.
  • Random svchost.exe errors.

“Prevention is better than cure.” What you need to know and do.

1. If you happen to have installed the patch ( through “Microsoft Security Bulletin MS08-067 Critical” update) before Conficker came out (late in December 2008) then you were protected and still are. If you haven’t, then you must install any of the latest or critical security update found on www.windowsupdate.com. Although Windows Vista is technically vulnerable, the exploit is almost impossible to execute so that makes Conficker basically an XP problem.

2. As mentioned earlier, Conficker spreads through network shares however, a good anti-malware can detect it at such an early stage.

3. While Conficker can spread through network shares, it makes weak passwords susceptible as the worm executes a “dictionary attack”. So if you find some executables on such drives, report it and better contact the network admin. Other than that, utilize strong or even complex password combination which include letters, numbers, and punctuations.

4. Conficker can spread itself through removable drives like USB drives so be vigilant. At least at this point, again, a good anti-malware program can help.

5. Conficker has a high profile as a malware does. While a good anti-malware software is not at all perfect though has high success rate, an updated anti-virus software is intangible.

6. The inability of Windows and anti-malware programs to update themselves is just part of Conficker worm infection. In oder to avoid this, keep track of these programs and your Windows more often to ensure that they do and never leave any update uninstalled.

7. Secure yourself of a free Conficker/Downadup Cleaning Tool like the one’s listed.

* McAfee Stinger

* ESet EConfickerRemover

* Symantec W32.Downadup Removal Tool

* F-Secure F-Downadup, FSMRT, more tools

* BitDefender single PC and network removal tools

* Kaspersky KKiller

* Trend Micro

(If you use any one of the tools above to remove Conficker, immediately install the MS08-067 patch afterwards.)

* BitDefender

* Symantec

downadup scanning ip addresses

Reference Links:

F-Secure Downadup information
Windows MS08-067 Patch
Worm:Win32/Conficker.B information from Microsoft
Conficker/Downadup Worm Dubbed ‘Epidemic’

Update:  13 April 2009

While there are many information online that provides valuable resource about Conficker, one of the method that is currently increasing attention today is through the use of the Conficker Eye Chart. However, it is still recommended to follow the tips mentioned on this post.