Bill Pytlovany released a new version of WinPatrol which includes a great new security feature. On increasingly frequent occasions we hear of “zero-day” or unpatched vulnerabilities affecting programs with ActiveX components. In fact, the majority of all browser plug-in vulnerabilities can be attributed to Active X. With WinPatrol 2008, you can monitor and control Active X components. Aside from the Microsoft plug-ins, popular programs including ActiveX are Adobe Flash, Apple Quicktime, RealPlayer and SunMicrosystems Java.

There are several options available for viewing the ActiveX controls on your computer with WinPatrol 2008 and they can easily be changed by toggling the check box combinations. The example below illustrates a selection of non-Microsoft ActiveX Controls used with IE.

(Click to Enlarge)

The combination of options for viewing ActiveX controls includes:

• List all ActiveX controls including those not used by Internet Explorer
• Only view ActiveX controls used by Internet Explorer
• Toggle non-Microsoft ActiveX controls on/off.

If there is an unpatched vulnerability, without any fancy tricks, merely select the appropriate ActiveX control with WinPatrol, click disable and “Yes” to the prompt:

(Click to Enlarge)

After the vulnerability has been patched, reverse the process to enable the ActiveX control.

WinPatrol will also monitor your system and let you know when new ActiveX components try to make their home on your system. If it’s not something you wanted WinPatrol will kill the new component before it can do any damage.

Get Scotty! Free - Install WinPatrol 2008

Get Scotty Plus! Upgrade to WinPatrol PLUS today

See WinPatrol 2008 introduced in its 10th year

Need help with WinPatrol? Visit the Security Cadets WinPatrol Support Forum.

Remember - “A day without laughter is a day wasted.”
May the wind sing to you and the sun rise in your heart…

Yet another lame attempt from the IE Defender crew. This time they’ve gone back to the old look which first kicked it all off with IE Defender.

IE AntiVirus

(Click for the original size - Please upload to your server if used)

These idiots, or your own choice of word, first started with IE Defender, tried their hands at comedy and then disputed the fact we classified it as a rogue. However since then, they have released:

• AntiSpy Pro
• Files Secure
• Malware Bell

That tells you a thousand words. So what is the URL for this latest rogue? It’s the following:

www(dot)ieantivirus(dot)com

Do not visit the above site unless you know what you are doing. Doing so without the knowledge and experience may result in malware being downloaded.

The obvious signs are there and Estdomains Inc are not far behind as the whois states.

There is a removal guide for you to follow should you not wish to seek step by step help from our experts;

How To Remove IE AntiVirus (removal instructions)

If you do wish to get hands on assistance, then navigate to our support forum for malware removal or chat about this here.

FYI. If you fancy keeping yourself updated with the latest Zlob and associated malware then bookmark this usefull blog;

Bharath’s Security Blog

We don’t tend to blog enough about all the details behind this type of malware when we blog about rogues. We like to simplify things in order to give a better understanding to those who may not directly understand what it’s all about.

We’ll certainly be adding the above blog to our links pages.

Link: http://bharath-m-narayan.blogspot.com/

It wasn’t going to take long before I would bring you yet another rogue application. Certainly nothing new when I include that the following is a clone of IE Defender and File Secure.

What it also tries to do is make sure several aspects of it’s website looks and feels like Microsoft. Their favicon is the same as Microsoft and the way they try and present the product in a similar case image is similar. Not at all surprising, but could become confusing and unknown for regular internet users.

Let’s take a look;-

Malware Bell

(Click for the original size - Please upload to your server if used)

Web site;-

www(dot)malwarebell(dot)com

And Estdomains Inc is it’s ICANN Registrar. Like we didn’t know! So, what are we doing about this? To put it simple, offering you help for free as these organisations try to take your money. We already have a free removal guide set up for this rogue and will, as always, be offering free assistance with our experts in the correct forum.

Get help of you have has the unfortunate chance to be infected with this. And if in doubt, ask in our forum.

Links;-

How to remove Malware Bell (removal instructions)

The title is making this teaser so big that you are almost expecting a result in my next blog post. The fact remains that this will take me sometime to research, however it will be awesome in it’s own right.

For now all I am going to add to this is: P2P sharing sites, and the like, better watch their backs as this Bruce Lee is coming for breakfast, lunch, dinner and a portion of supper!

Easter greetings to all WinPatrol users! Bill Pytlovany is offering a $10.00 discount to anyone who upgrades to WinPatrol Plus this Easter weekend.

What advantages are there to WinPatrol Plus?

• Complete access to the WinPatrol PLUS KnowledgebaseWithin WinPatrol, click the “PLUS Info…” button and connect to the WinPatrol online database for information on the program in question. Descriptions are in “plain speak” not “geek speak” and generally include links and program tips that might be useful. (Sample)

• Real-time Infiltration Detection (R.I.D.) R.I.D. was developed by BillP Studios to provide immediate detection of newly installed programs. This technology allows real-time detection without impacting system performance.

• Provide support for further development For a one-time subscription fee, provide support for the future of an exceptional software, compatible with all versions of Microsoft Windows software from Windows 95 through and including Windows Vista.

Take advantage of the special $10.00 Easter weekend discount today. Click the Ukrainian Easter Egg image below to go to the BillP Studios Order Center. Use the Coupon Code Pysanky when placing your order.

Note to PayPal customers: Please send an e-mail to BillP Studios at support@winpatrol.com and provide your license information to receive the $10 rebate.

Coupon Code: Pysanky

For assistance with WinPatrol, visit our WinPatrol Support Forum.

Remember - “A day without laughter is a day wasted.”
May the wind sing to you and the sun rise in your heart…

New day and a new rogue, Awola 6.0 Anti-Spyware.

And just in case you get the impression we only report the odd rogues, because there are only the odd rogues. Then you will be wrong as many rogues get created and go live months after initial work. This can then add to dozens of rogues being released daily. We’re focusing on the ones installed by malware which leads me onto the following:

Awola 6.0 Anti-Spyware

(Click to Enlarge for the exact size)

Website:

www(dot)awola(dot)com

There is not a great deal other to say other than it will be a pain to remove if you have got this via the malware it came with. If that is the case then get yourself to our automatic removal guide for this - How To Remove Awola 6.0 Anti-Spyware (removal instructions).

You can also chat about this in more detail if you wish in our forum - HERE.

Rember me blogging about SPYwareREMOVER? Well, now, after several weeks since that article, we have a someone posting replies about this in our forum.

Going by the tag: chris_2squared, just Google and you will get my drift!