DAMN TROJAN » admin

Remove Sagipsul, AKA Superjuan For Free

admin — Tue, 13 Jan 2009 20:42:47 +0000

Damn Trojan is disappointed to present Sagipsul — AKA “Superjuan”. As well launches annoying popup ads on your computer, Sagipsul may secretly download harmful files and run a ton of pop-up ads, slowing down your computer.

If this sounds exciting, by all means keep Sagipsul, Superjuan or whatever it wants to call itself on your computer. Everyone else can,

“Warning – you are infected by this site!” popup

admin — Tue, 23 Dec 2008 07:26:54 +0000

“Warning – you are infected by this site!” popup is a false security alert from fake antispyware Total Secure 2009. This “Warning – you are infected by this site!” popup reads:

“Warning – you are infected by this site! Please, read our suggestions!
You can learn more about harmful web content and protect your computer at Total Secure 2009.
Just download Total Secure 2009 Now and Protect your Business forever!
Suggestions:
Make backup of important files and documents!
Read more about Total Secure 2009
Return to the previous page and pick another result.
Try another search to find what you’re looking for.
If nothing will help you – reinstall windows or e-mail Total Secure 2009 team.
Or you can continue to visit this site at your own risk.”

Or you can waste fifty bucks on Total Secure 2009.
Keep reading ““Warning – you are infected by this site!” popup“

Switch Your Default Mail Client from Outlook

admin — Fri, 21 Nov 2008 23:50:46 +0000

Your Windows-based PC probably launches Microsoft’s Outlook mail as a default, whenever you clicky click a link for email online.

But you don’t dig Outlook.

Let’s edit your registry and change your default mail app to whatever the hell you like better.

How to Switch Your Default Mail Client from Outlook (Registry Tweak Instructions)

For registry tweak “Switch Your Default Mail Client from Outlook,” here’s what you need to do. Before I go into specific registry edits you’ll make, here’s an overview of how to tweak your registry.

Backup your system — all the important junk — before editing your registry. Disclaimer: if you eff up your registry, you can ruin your whole computer. And as much as I like taking credit for things, if that happens, it’s on you. Sorry, I don’t want to end up on Judge Judy.
Done with the backup? Great. Go ahead and open up your registry with the Registry Editor (REGEDIT.exe). With the Registry Editor you can see and edit data within the your PC’s registry. The best way to launch the Registry Editor is to click the “Start” menu button, select “Run,” and type “regedit” in the “Open” box.
On the left-hand side of the Registry Editor you’ll see a tree of folders, and on the right side you’ll see the contents – or the “values” – of the folder you’ve selected.
Like with Internet Explorer, when you want to open up a branch of your registry’s folder tree and see its structure, just double-click the folder or click the plus sign (+) once. Want to see the contents of a key/folder? Click the key and the values’ll list in the right-hand side of the window.
To add a value or key, right-click the “Edit” menu, and pick “New.” To rename almost any key or value, just right-click the registry key and select “Rename,” or click the registry key twice. You can delete a registry key or value by selecting it and pressing “Delete.”

Got it? Below are the particulars you need for the registry tweak “Switch Your Default Mail Client from Outlook”.

Under system key [HKEY_CLASSES_ROOT\mailto\shell\open\command], find or create a new String value named (Default). Set it to launch the mail application of your choice.

That simple.

Control Your Network Connections

admin — Fri, 21 Nov 2008 23:20:44 +0000

You can use this registry tweak to control access to your system’s networks, including remote access servers (RAN), local area networks (LAN), and other network connections.

Let’s get your PC more secure and control your network connections.

How to Control Your Network Connections (Registry Tweak Instructions)

For registry tweak “Control Your Network Connections,” here’s what you need to do. Before I go into specific registry edits you’ll make, here’s an overview of how to tweak your registry.

Backup your system — all the important junk — before editing your registry. Disclaimer: if you eff up your registry, you can ruin your whole computer. And as much as I like taking credit for things, if that happens, it’s on you. Sorry, I don’t want to end up on Judge Judy.
Done with the backup? Great. Go ahead and open up your registry with the Registry Editor (REGEDIT.exe). With the Registry Editor you can see and edit data within the your PC’s registry. The best way to launch the Registry Editor is to click the “Start” menu button, select “Run,” and type “regedit” in the “Open” box.
On the left-hand side of the Registry Editor you’ll see a tree of folders, and on the right side you’ll see the contents – or the “values” – of the folder you’ve selected.
Like with Internet Explorer, when you want to open up a branch of your registry’s folder tree and see its structure, just double-click the folder or click the plus sign (+) once. Want to see the contents of a key/folder? Click the key and the values’ll list in the right-hand side of the window.
To add a value or key, right-click the “Edit” menu, and pick “New.” To rename almost any key or value, just right-click the registry key and select “Rename,” or click the registry key twice. You can delete a registry key or value by selecting it and pressing “Delete.”

Got it? Below are the particulars you need for the registry tweak “Control Your Network Connections”.

Open your registry and find user key [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ Network Connections] .

All the network restrictions are listed and described below — you can thank me later. If you want to enable any of these network restrictions, create the registry value’s DWORD value (e.g., NC_AddRemoveComponents) and set it to “0“. You can always delete these DWORD values later, if you want to disable the network restriction.

NC_AddRemoveComponents restricts adding/removing components in your network
NC_AllowAdvancedTCPIPConfig restricts modifying TCPIPs’ advanced configuration
NC_AdvancedSettings restricts modifying your Advanced Settings
NC_ChangeBindState restricts modifying the bindings of protocols and services
NC_DeleteConnection blocks deleting RAS connections
NC_DeleteAllUserConnection blocks deleting public RAS connections
NC_DialupPrefs blocks modifying your dial-up preferences
NC_EnableAdminProhibits allows administrators access to Windows 2000
network connections
NC_LanConnect blocks disconnecting/connecting to a LAN
NC_LanChangeProperties blocks accessing a LAN connection’s component properties
NC_LanProperties blocks accessing a LAN connection’s properties
NC_NewConnectionWizard turns off the Network Connection wizard
NC_RasAllUserProperties blocks accessing a public RAS connection’s properties
NC_RasConnect blocks disconnecting/connecting to a RAS
NC_RasChangeProperties blocks accessing a RAS connection’s properties
NC_RasMyProperties blocks access to the properties of a private RAS connection
NC_RenameMyRasConnection disallows renaming private RAS connections
NC_RenameConnection disallows renaming connections
NC_RenameAllUserRasConnection disallows renaming public RAS connections
NC_RenameLanConnection disallows renaming LAN connections
NC_Statistics blocks access to an active connection’s status statistics

Got it? Your PC should be more secure now that you’re controlling network connections.

How to Remove Trojan-Downloader.Win32.Agent

admin — Sun, 12 Oct 2008 07:52:08 +0000

Ignore his bad sweater — this is a great video about how to remove Trojan-Downloader.Win32.Agent.

You can also print out instructions on how to remove Trojan-Downloader.Win32.Agent.Bq, a variant of this Zlob Trojan.

Another day, another damn Trojan.

How to Avoid Phishing Scams

admin — Sun, 12 Oct 2008 07:18:04 +0000

With the economy like it is, you’re likely to get more email scams: some dude in Nigeria wants to give you a billion bucks, and a credit card account you never knew you had is about to be closed.

!!!

Here’s a boring but informative video about how to avoid phishing scams.

Phishing Email Demo

If you want to get an apple from the teacher, watch this video, too. I fell asleep during the middle of it, though.

How Phishing Scams Work

(Or, “How to Fall Asleep in Three Minutes and 40 Seconds”)

Isass.exe

admin — Tue, 07 Oct 2008 20:30:13 +0000

Oh no, there was a “break-through attempt” on my computer. All I need to do to block this “break-through attempt” is purchase eKerberos. Maybe I’m old fashioned but I have trouble buying fake products whose name I can’t pronounce. The real break through will be when you remove Isass.exe. Spyware Doctor is a progam that will completely remove it for you.

“Question about Item — Respond Now” eBay Email

admin — Mon, 25 Aug 2008 00:27:21 +0000

I wasn’t aware I even was selling something on eBay, but apparently it’s being questioned.

!!!

So a “Question about Item — Respond Now” eBay Email says. But I right-clicked the link to “Respond Now”, and the link doesn’t send me to eBay.com, but http://203.113.137.190/ icons/ small/ ps1.gif/ singin.ebay.com/ ws/ eBayISPP.dll/ SignIn/ index.html?MfcISAPICommand=SignInPowerSeller&si.

That’s strange.

Almost as strange as what will happen to your credit card if you log into this phishing site so that they can steal your personal and financial information.

Emails pretending to link to legit sites are popular ways to steal your account information, so they can steal your money.

Another damn day, another damn scam.

“Question about Item — Respond Now” eBay Email Is Ugly

http://203.113.137.190 is Uglier

“Question about Item — Respond Now” eBay Email Is Stupid

From: member@ebay.com
Subject: Question about Item — Respond Now
eBay sent this message to you from Stanley Muller (scoutman5) .
Your registered name is included to show this message originated from eBay. Learn more.
Question about Item — Respond Now

eBay sent this message on behalf of an eBay member via My Messages. Responses sent using email will not reach the eBay member.Use the Respond Now button below to respond to this message

Question from scoutman5

About This Member
scoutman5( 17)
Positive Feedback: 100%
Member Since: Apr-30-03
Location: ON, Canada
Registered On: www.ebay.ca

Hi,
Is the item still available for sale? Let me know because I’m online and I can pay you right now.

Thank you,
scoutman5

Respond to this question in My Messages.

Thank you for using eBay!

Marketplace Safety Tip
Always remember to complete your transactions on eBay – it`s the safer way to trade.

Is this message an offer to buy your item directly through email without winning the item on eBay? If so, please help make the eBay marketplace safer by reporting it to us. These “outside of eBay” transactions may be unsafe and are against eBay policy. Learn more about trading safely.

Is this email inappropriate? Does it violate eBay policy? Help protect the community by reporting it.

See our Privacy Policy and User Agreement if you have questions about eBay’s communication policies.
Copyright © 1995-2008 eBay, Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are registered trademarks or trademarks of eBay, Inc.
eBay is located at 2145 Hamilton Avenue, San Jose, CA 95125.

“Question about Item — Respond Now” eBay Email Might Be a Phishing Email

WTF is a Phishing Email?

Phishing emails are fake emails sent by people trying to steal your financial information or identity. Phishing is just what it sounds like: only instead of someone fishing for fish, phishers are going after human catches.

Some phishing emails are disguised as charities looking for a donation after a big natural disaster, other phishing emails will look like an e-card you need to retrieve, but most phishing emails pretend to be from a big bank concerned about your account.

Now, let’s talk about…

Why Phishing Emails Suck

Phishing emails, like “Question about Item — Respond Now” eBay Email, generally look authentic, but there are a few ways to realize they’re faker than a chest on a Playboy bunny.

Scare tactics: Most phishing emails will tell you that your financial account has been closed and you need to take immediate action to restore it. If you have reason to think an email like this is real, type your bank’s website address into your browser. Never click any of the links an email like this.
Fake hyperlinks: Phishing emails will show you a hyperlinked URL that, if you click it, sends you to a completely different website. It’s at this scam website–which may look pretty real except for the revealed URL–that phishers usually try to capture your login information.
Domain name forgery: Once you click this link and get taken to the phishing website, sometimes even then you can’t see the real URL of the site–it may be disguised with javascript to read like a trusted domain (for example, the phishers might use code to make your browser display www.trustedbank.co.uk, when you’re really visiting www.damnscam.co.uk/trustedbank-phishing.htm).
Images instead of text: Phishing emails sometimes use a graphic of text instead of actual words, so that they can bypass your spam detectors. Remember that pretty V1AGARA or C1ALIS picture you got recently?
Undisclosed recipients: The better phishing emails don’t make this mistake, but a lot of times phishing emails will spam a ton of people at once and leave the “To:” section reading “undisclosed recipients”–even though the email is supposed to address your account in particular.

Did “Question about Item — Respond Now” eBay Email use these moves to try to scam you?

“Google AdWords Account Suspension Notification” Email

admin — Sun, 24 Aug 2008 01:59:08 +0000

I wasn’t aware I even had a Google Adwords account, but apparently it’s about to be suspended.

!!!

So a “Google AdWords Account Suspension Notification” Email says. But I right-clicked the link to “Renew Now your Google Search Advertising services”, and the link doesn’t send me to Google.com, but http://adwordssources.com/ad-google-pages/Login.htm.

That’s strange.

Almost as strange as what will happen to your credit card if you log into this phishing site so that they can steal your personal and financial information.

Emails pretending to link to legit sites are popular ways to steal your account information, so they can steal your money.

Another damn day, another damn scam.

“Google AdWords Account Suspension Notification” Email Is Ugly

AdwordsSources.com/ad-google-pages/Login.htm Is Uglier

“Google AdWords Account Suspension Notification” Email Is Stupid

From: noreply-googlealerts@google.com
Subject: Google AdWords Account Suspension Notification
Renew Your Account Now !

Dear Advertiser,

This is your official notification from Google AdWords that the service(s) listed below will be deactivated and deleted if not renewed immediately.

As the Primary Contact, you must renew the service(s) listed below or it will be deactivated and deleted.

Renew Now your Google Search Advertising services.

SERVICE: Google Search Advertising
EXPIRATION: August, 25 2008

Thank you for using Google AdWords service.
We appreciate your business and the opportunity to serve you.

Google AdWords Service
Please remember to input your AdWords username and password correctly NOT your email and password.
Why renew my account?
Google AdWords helps you manage your search advertising campaign simply and efficiently. Renew now today to get connected with customers.
Top questions
How long will it take?
This should take you about 10-15 seconds.

What do I need?
You’ll need only your AdWords username and password.

© 2008 Google AdWords

“Google AdWords Account Suspension Notification” Email Might Be a Phishing Email

WTF is a Phishing Email?

Now, let’s talk about…

Why Phishing Emails Suck

Phishing emails, like “Google AdWords Account Suspension Notification” Email, generally look authentic, but there are a few ways to realize they’re faker than a chest on a Playboy bunny.

Scare tactics: Most phishing emails will tell you that your financial account has been closed and you need to take immediate action to restore it. If you have reason to think an email like this is real, type your bank’s website address into your browser. Never click any of the links an email like this.
Fake hyperlinks: Phishing emails will show you a hyperlinked URL that, if you click it, sends you to a completely different website. It’s at this scam website–which may look pretty real except for the revealed URL–that phishers usually try to capture your login information.
Domain name forgery: Once you click this link and get taken to the phishing website, sometimes even then you can’t see the real URL of the site–it may be disguised with javascript to read like a trusted domain (for example, the phishers might use code to make your browser display www.trustedbank.co.uk, when you’re really visiting www.damnscam.co.uk/trustedbank-phishing.htm).
Images instead of text: Phishing emails sometimes use a graphic of text instead of actual words, so that they can bypass your spam detectors. Remember that pretty V1AGARA or C1ALIS picture you got recently?
Undisclosed recipients: The better phishing emails don’t make this mistake, but a lot of times phishing emails will spam a ton of people at once and leave the “To:” section reading “undisclosed recipients”–even though the email is supposed to address your account in particular.

Did “Google AdWords Account Suspension Notification” Email use these moves to try to scam you?

Automatic Money-Maker For You. For You, I Give Good Deal

admin — Fri, 22 Aug 2008 23:04:11 +0000

Times are getting tough — global recession, anyone?

If you need some extra cash, for you, for you I give good deal.

Don’t say Kelly never did anything for you.

You’re goddamn welcome.

From: moneymaker08.info@gmail.com
Subject: I’ll Give You This Automatic Money-Maker Within 3 minutes!
Reply-To: jhalson.mail@gmail.com

Dear Fellow NetUser,

A World famous Internet Multimillionaire is going
to give you a complete fully-operational Website
that actually “Forces” money into your pocket.

He said exactly as stated below…

“I’ll Give You This Automatic Money-Maker Within
3 minutes! This is Fully-Guaranteed!”

If you want a $3,997 site for next to nothing, then
you must complete this Revolutionary Breakthrough
Technology that really “Forces” cash directly into
your pocket that is truly gauranteed.

Check this out now:

http://fexr.com/2n2r

Best Regards,

Jack Halson
moneymaker08.info@gmail.com

P.S Don’t want to receive more details about this offer?
Simply send a blank email to
and put ‘No More offer’ as your subject.