The Computer Repair Podcast – 007 – Malware Works
1 Comment 
In this episode of The Computer Repair Podcast;
Malware Works.
Subscribe to this Show
Help Support the show Click Here to find out how.
Download Episode: Click here
Ben’s Monolog
Computer Backup (Didn’t backup pirated movies)
Other Podcasters you should check out
Computer Repair Related News
Windows 7 SP1 RTM in Q1 2011
For those of you out there who Service packs, you will be happy to know that Microsoft has already confirmed “Officially” that the first service pack for Windows 7 will only be made available to customers worldwide in the first half of 2011.
Also according to Microsoft, the Windows 7 Minimum System Requirements involve: “1 GHz or faster 32-bit (x86) or 64-bit (x64) processor; 1 GB of RAM (32-bit) / 2 GB RAM (64-bit); 16 GB available disk space (32-bit) / 20 GB (64-bit); DirectX 9 graphics processor with WDDM 1.0 or higher driver; DVD-compatible drive and Internet access.”
——
Dell Browser
Dell recently-acquired KACE Networks and has just released a new Web browser called “Secure Browser”. You might be asking why? well its essentially a sandboxed version of Firefox 3.6, with Flash and Reader plug-ins… Yes I’m not kidding its a blowed version of FireFox! Check out the link in the show notes for further stuff on the DELL browser
Note: Dell’s Secure Browser really is Firefox, with a secure wrapper. You have to uninstall the current version of Firefox to get it to work. from the looks of it, it is designed to be installed as the default browser on a new/old/home built/crappy/junk computer.
——
Adobe Show Off Protected Mode for Reader
Adobe have announced that Reader will run in a sandbox called Protected Mode l. It is based on Microsoft’s Practical Windows Sandboxing that is similar to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode. This is good news as it will drastically reduce the attacks and vulnerabilities that Adobe Reader users have been fed up with for years. Now Adobe needs to work on the security problems with Flash
——
Dell Server Motherboard Malware
Dell’s PowerEdge R410 replacement motherboards some how contains malware with in the firmware.
The issue is not present on new servers and does not impact non-Windows based servers (IE Linux/Unix). Dell is sending snail mail (yeah I know its but its Dell) and also calling affected customers. If you want more info on this problem the link is in the show notes.
——
Just in time a new DNS Service (ROLLING EYES!)
Well I have to say you cant all we need now is for Apple and Microsoft to start getting in the the DNS biz. This time Sunbelt Software the guys who make VIPRE Antivirus have now come up with a new DNS service called ClearCloud. that does about the same thing as… well the rest of them.
If you want to try it out the Ip addresses are 74.118.212.1 and 74.118.212.2.
I have a question I want to put out to the computer repair podcast community, is there a way to tunnel thru multiple DNS services? It might be a cool thing to do.
Let me know @ feedback@qetuo.me
Software Updates
Shardana Antivirus Rescue Disk Utility (SARDU) 1.0.7.3d
- Alot of things have been updated check website for details.
Microsoft Security Essentials 2 Beta – You will need a Live ID to sign in
- A new scanning engine.
- Better defense against network-based threats.
- Internet Explorer integration for blocking web-based threats.
- Improved integration with the Windows firewall.
If you want to download MSE 2 Beta with out going thru Microsoft, ghacks.net has download links and screen shots.
- Hardware-accelerated AES
- Now it is possible to configure TrueCrypt container on a USB flash drive to mount the drive automatically whenever you insert the USB flash drive into the USB port.
- Partition/device-hosted volumes can now be created on drives that use a sector size of 4096, 2048, or 1024 bytes (Windows, Linux).
- Favorite Volumes Organizer this means that now you can organize your mounted device upon logon to system as read only or removable medium
- And a lot more stuff I have no clue about so check out the link in the show notes
- Improved overall speeds
- Better behavior on Windows 7
- Faster scanning in both Quick and Complete Scan modes (varies on each system)
- Additional TDSS Detection/Removal (Stealth Rootkit/Removal Technology)
- Heuristic Engine speed increases
- Last update on the way to the 5.0 pre-release – MAJOR update! Many user requested features including super fast scanning and more!
- 3.6.7 Fixed several security issues and several stability issues.
- 3.6.8 Fixed a single stability issue affecting some pages containing plugins.
- The release notes list stability and security fixes, as well as several fixes to the user interface.
- To many things to list
- Disables older versions of some incompatible third-party plug-ins
- Addresses minor issues with dragging and dropping items
- Addresses a performance issue when first syncing to some devices with iTunes 9.2
- Addresses an issue upgrading to iOS 4 on an iPhone or iPod touch with encrypted back-ups
- Addresses other issues that improve stability and performance
Microsoft Sysinternals Products Updated
- TCPView v3.0, Autoruns v10.02, ProcDump v1.81, and Disk2vhd v1.61.
Tech Tip
New tech related tools I found
Repair Microsoft Security Essentials using MSE Restore Tool v1.0
SafeMSI
Re-Enable
Tech Talk
My Tech Talk for this show is about How Malware Works.
First we need to look at the technical aspect that spyware, trojan, and rootkit’s use, and some of the the attack vectors used by those types of malware
Malware’s intent that is always different, malware always has some type of fraud behind the purpose of distribution.
Here are examples of how malware works.
Trojan Horse
You download a cool calculator program and install it. The calculator works fine. In a few days you start to have problems with your computer and when you search on the internet you start to get annoying pop-ups. Then you start to get popups at random when you are not searching the internet. The malicious pop-up program was most likely hidden away inside the calculator program. The installation also may have implanted itself inside programs that already existed on your computer. This makes it difficult to remove.
Rootkit in e-mail attachment
Your friend sends you a funny video, when you double click on it you get a security warning, but you want to see it so you click OK ann bypass the warning. However nothing happened, so you think nothing of it.. and think it maybe a bad copy your friend sent you.
Later you talk to your friend however he says he didn’t send you a video. Oh well maybe it was another friend and you forget about the video. But something happened in the background when you clicked on the video, malware was installed. There is no way to know the intent behind it. You may not notice anything, your computer could be used as a bot net drone to attack web sites or other computers.
Spyware in “drive by download”
You click on a link in search results and immediately get pop-ups. You close the pages but get weird errors. You think nothing harmful could have come of it, you simply “drove by” the website. You didn’t install anything. However your computer had a software flaw due to not updating, and that let the website install spyware without your permission. You didn’t get a warning because it was a flaw in the programming of the web browser. You now have spyware resident on your system. What you type in web forms, login pages, chat and what sites you visit could all be sent to the hacker’s website.
And that is when you get a call from a customer stating something is wrong with there computer. 99.9% of the malware I have removed has had an effect on a computer. The reason is that writers arnt that good programers, if they where it would have an update future built right in, updating known bugs or flaws within the software. All software is buggy I my self have had software crash on me for no apparent reason, but the cause of it was a software or hardware conflict. Back in the day I was playing around with a backdoor program that I had placed on my next door neighbors computer (and yes he knew about it) , you see it used to a lot cost money to get remote software programs, so I looked into backdoor programs, the problem with this program I was using is it would BSOD windows every 10-15 min… Which is not good at all. Malware writers try to exploit flawed code to get in, and in doing so sometimes brake what ever program that has the flaw.
So with that I’m going to leave it there and on the next podcast I’ll talk about removing malware.
Your Feedback
Two Voice Mails
Steve (DoorToDoorGeek)
Hi Ben,
Thanks for the quality packed show. My favorite part is the software updates section also.Your research work preparing for the show is obvious. Your listeners understand putting a show together is time consuming, and since I have not been able to catch the live show lately, I am not too hung up on frequency.
Your content is the highest quality, keep up the good work.
BTW, I realize that you can find a medical research study to demonstrate anything you wish.
There are numerous recent studies that show drinking 3-4 cups of coffee a day reduces risk of
Parkinsons Disease, Type II Diabetes, Gall stones, Cardiovascular Disease and Colon Cancer.
So I must wonder, how serious is that caffeine addiction? Do you really wish to kick it?Sorry, I have not seen similar study results on cigarette smoking.
Thanks for the show,
Mark (MeClaudius)
Ben’s Note: Music that keeps me going when working on my show notes is by Ronald Jenkees, the best ever one man band that offers techno, rap, trance, electronic, and instrumental music
Next time on The Computer Repair Podcast. The Tech Talk is going to be a continuation of this weeks topic but about the purposes of malware.
So if you have any feedback or questions you can always send me an email at feedback@qetuo.me or call the feedback line @ +1 304-449-4335
