Windows 7 Forums - Security Zone http://windows7forums.com/ Security Forums. The security of your home computer, corporate network, or datacenter cannot afford to be taken down by viruses, malware, and trojans. Use this forum for discussion of IT security problems, solutions, and threats. en Tue, 21 May 2013 20:35:01 GMT vBulletin 1440 http://dna.windows7forums.com/images/misc/rss.png Windows 7 Forums - Security Zone http://windows7forums.com/ Virus? cve-2012-1889 http://windows7forums.com/security-zone/91491-virus-cve-2012-1889-a.html Thu, 16 May 2013 16:22:57 GMT I have found "cve-2012-1889" in the Control Panel in Programs. Looks like it may be a bad guy. Is it, what does it do, and how do I get rid of it? ]]> Security Zone thewolfe http://windows7forums.com/security-zone/91491-virus-cve-2012-1889-a.html Google Account http://windows7forums.com/security-zone/91474-google-account.html Wed, 15 May 2013 23:28:16 GMT I just got an email apparently from from Google, saying that someone had tried to use an application of some kind to access my account, and that they... I just got an email apparently from from Google, saying that someone had tried to use an application of some kind to access my account, and that they had stopped it. They gave the IP address and a location in Morocco of where the attempt came from, and advised if it were not me, to click a link to change my password.

Knowing that things such as this are sometimes a ploy to obtain data, I decided not to. Also, I got to thinking about what might be accessed even if they did succeed, and I couldn't think of anything that is there that would matter if it were compromised,

Why would someone try to hack that account anyway ]]> Security Zone seekermeister http://windows7forums.com/security-zone/91474-google-account.html Vulnerability in Internet Explorer 8 http://windows7forums.com/security-zone/91215-vulnerability-internet-explorer-8-a.html Mon, 06 May 2013 11:05:41 GMT If your still using IE8 then it really is time you upgraded. If for some reason that's not possible right now then Microsofts latest security blog concerns you:

Quote:
General Information

Executive Summary

Microsoft is investigating public reports of a vulnerability in Internet Explorer 8. Microsoft is aware of attacks that attempt to exploit this vulnerability.
Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Explorer 10 are not affected by the vulnerability.
This is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. In addition, we are actively working with partners to monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability.
Microsoft continues to encourage customers to follow the guidance in the Microsoft Safety & Security Center of enabling a firewall, applying all software updates, and installing antimalware software.
Mitigating Factors:

  • By default, Internet Explorer on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode that is known as Enhanced Security Configuration. This mode mitigates this vulnerability.
  • By default, all supported versions of Microsoft Outlook, Microsoft Outlook Express, and Windows Mail open HTML email messages in the Restricted sites zone. The Restricted sites zone, which disables script and ActiveX controls, helps reduce the risk of an attacker being able to use this vulnerability to execute malicious code. If a user clicks a link in an email message, the user could still be vulnerable to exploitation of this vulnerability through the web-based attack scenario.
  • An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
  • In a web-based attack scenario, an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these websites. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes users to the attacker's website.

Recommendation. Please see the Suggested Actions section of this advisory for more information.
Reference:

Microsoft Security Advisory (2847140): Vulnerability in Internet Explorer Could Allow Remote Code Execution ]]> Security Zone kemical http://windows7forums.com/security-zone/91215-vulnerability-internet-explorer-8-a.html FBI scam http://windows7forums.com/security-zone/91206-fbi-scam.html Sun, 05 May 2013 21:22:11 GMT My wife has gotten the FBI scam virus and I'm trying to get rid of it. Just to not to waste time..

I cannot enter safe mode.
I cannot get the windows enter screen.

Sorry but I've been to a hundred different sites and they all pretty much say the same thing. When I try to go into safe mode it starts to load but then after a few seconds the computer restarts by itself. If I hit the windows key and R the input window flashes too quickly to do anything.

Any thoughts? ]]> Security Zone jcupach http://windows7forums.com/security-zone/91206-fbi-scam.html Windows Firewall Not Starting tried everything Help! http://windows7forums.com/security-zone/91188-windows-firewall-not-starting-tried-everything-help.html Sat, 04 May 2013 15:16:41 GMT Iv tried everything to get my firewall started I believe the problem started when my Anti virus free trail expired so I was without an Anti virus for... Iv tried everything to get my firewall started I believe the problem started when my Anti virus free trail expired so I was without an Anti virus for a few days. Anyway I now have Avast anti virus installed and Spybot but when I check my firewall, windows update and windows security center they were all disabled and when I try and start them I get an error message screenshots below:

ImageShack® - Online Photo and Video Hosting
ImageShack® - Online Photo and Video Hosting
ImageShack® - Online Photo and Video Hosting

Here is what I have tried so far to fix it.

BFE registry Fix
wscsvc registry Fix
MpsSvc registry Fix
WinDefend registry Fix

SFC /SCANNOW in command prompt

CHKDSK in command prompt

net start wscsvc in command prompt

Starting Windows Firewall Service manually in Services.msc
ImageShack® - Online Photo and Video Hosting

Running Virus scan

Running registry Fix on CCleaner ]]> Security Zone banj0chicken http://windows7forums.com/security-zone/91188-windows-firewall-not-starting-tried-everything-help.html Trogans/ Unwanted programs http://windows7forums.com/security-zone/91173-trogans-unwanted-programs.html Fri, 03 May 2013 05:35:20 GMT I have a pesky program that i am trying to get rid of...the entire trail. Slow PCFighter is the culprit. I should have known better than downloading... I have a pesky program that i am trying to get rid of...the entire trail. Slow PCFighter is the culprit. I should have known better than downloading this trogan horse. Have googled various sites to determine how to get rid of all these files. I have yet to come up with a solution. Any ideas out there...back when we were running Win 98 I learned how to get into the registry. Not sure how to do that, other than RegEdit. the registry today seems a bit foreign to me. Any ideas out there short of reinstalling Win7? Thank you in advance for your help. ]]> Security Zone billyc99 http://windows7forums.com/security-zone/91173-trogans-unwanted-programs.html Email Identification Data http://windows7forums.com/security-zone/90919-email-identification-data.html Fri, 19 Apr 2013 13:30:09 GMT I just received an email delivery failure notification from my ISP for a message that I sent a few days ago. It raised a couple of questions about... I just received an email delivery failure notification from my ISP for a message that I sent a few days ago. It raised a couple of questions about what personally identifiable information is normally sent to email recipients?

I do know that all email are traceable back to the sender, at least in most cases, but in this notice it prefaced my email address with my actual name and the received from lines actually gave the name of my computer ahead of the portion identifying the ISP's email identification.

I enabled all of the header lines in my email client and checked other emails that I received, and nothing like that was visible...at least not in any form that I understand.

I prefer to pick and choose who knows my actual name when sending an email, and I don't feel that anyone needs to know the name of my computer. Since I do not remember ever being asked the name of my computer when setting up my internet or email service, I must assume that it is being collected automatically.

What I want to know is whether this identification info is available to anyone that I send an email to, without going through channels to obtain it? ]]> Security Zone seekermeister http://windows7forums.com/security-zone/90919-email-identification-data.html Recovering From Exploit:Java/CVE-2013-1493 http://windows7forums.com/security-zone/90875-recovering-exploit-java-cve-2013-1493-a.html Tue, 16 Apr 2013 21:34:21 GMT We've recently been having problems with redirects when clicking the links of search results in our browsers (IE and Firefox). We tried a few different virus scans and nothing was able to find it. However, we did realize that Microsoft Security Essentials would not run when we clicked the executable.

So, with advice from these forums, we changed the name and it ran without issue. It immediately found "Exploit:Java/CVE-2013-1493". Now that we had a name, we were able to do some more research on it and realized it might be a good idea to disable Java in both browsers and only enable it when needed.

But, my questions to you is, what is "Exploit:Java/CVE-2013-1493" exactly? Is it a file? Or, just an exploit? What did Microsoft Security Essentials remove, exactly? Are there going to be other remnants of this scattered around the computer?

I'd really like to know more about how this works. It seems like any news articles out there just focus on the fact that it's a Java exploit, but I don't understand how it could cause redirects in my browser. ]]> Security Zone extion http://windows7forums.com/security-zone/90875-recovering-exploit-java-cve-2013-1493-a.html <![CDATA[Windows Defender + Trend Micro Titanium keep switching off/won't open]]> http://windows7forums.com/security-zone/90709-windows-defender-trend-micro-titanium-keep-switching-off-wont-open.html Tue, 09 Apr 2013 17:56:39 GMT I was wondering if someone could help me, I have Windows Defender and Trend Micro Titanium 2013 installed on my Windows 7 laptop and the past few... I was wondering if someone could help me, I have Windows Defender and Trend Micro Titanium 2013 installed on my Windows 7 laptop and the past few days, they keep switching off and I can't open the Trend Micro Titanium 2013 console at all, even after re-installing it and rebooting my laptop. Does anyone have any ideas as to they both these programs aren't working properly? Do I maybe have a virus which is causing this behaviour? ]]> Security Zone em1992 http://windows7forums.com/security-zone/90709-windows-defender-trend-micro-titanium-keep-switching-off-wont-open.html <![CDATA[[AntiVirus] Any good free antivirus??]]> http://windows7forums.com/security-zone/90590-any-good-free-antivirus.html Thu, 04 Apr 2013 10:31:35 GMT my laptop has a genuine Home Basic window it already had a McAfee Security center trial version... i want to install a new one which is absolutely... my laptop has a genuine Home Basic window it already had a McAfee Security center trial version... i want to install a new one which is absolutely free and fast and having good performance... can anyone please guide me and send me link of that antivirus? and should i instal Microsoft Security essential? ]]> Security Zone Hassan Ali shah http://windows7forums.com/security-zone/90590-any-good-free-antivirus.html