MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
January
Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
2008
Months
JanFeb Mar
Apr May Jun
Jul Aug Sep
Oct Nov Dec


Tue, Jan 08, 2008 4:16 pm

Removing Windows Messenger 4.7

I used the Windows Update function in Internet Explorer on a Windows XP system to check for patches for a laptop. Including optional hardware and software patches, there were 63 available. I chose to download and install them all. Windows Messenger 4.7 was among those available; I hadn't paid attention to the fact it was among those to be installed. It was the first one installed. I saw a Windows Firewall notice pop up asking me whether I wanted to continue to block Windows Messenger. I did, but the system gave me a Blue Screen of Death (BSOD) when I attempted to block it.

When the system rebooted, Windows Messenger 4.7 opened. I didn't want the software on this laptop anyway. So I opened the Control Panel (Click on Start, select Settings, then Control Panel). Under Add or Remove Programs in the Control Panel, I chose Add/Remove Windows Components. Windows Messenger was unchecked and had a size of 0.0 MB listed, so I couldn.t uninstall it that way. I was able to remove it using the steps below, however:

  1. Close Messenger if it is running. If you see an icon for it at the lower-right hand corner of your screen, right-click on it and choose Exit.
  2. Click on the Start button.
  3. Select Run.
  4. In the Open field of the window that appears, copy and paste RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove
  5. When you see the confirmation prompt below, choose "Yes" after closing any of the referenced programs, if they are open.

    To remove Messenger, you must first exit from it: Click the Messenger icon in the taskbar, then Exit. Please also close all other programs that display your contact list (for example, Internet Explorer, Outlook, Outlook Express, MSN Explorer). Make sure to close programs for all users signed in to this computer. Do you want to continue?

You will see a notice appear stating Windows Messenger has been removed when the uninstall process completes.

If you don't want to remove Windows Messenger 4.7, but just want to stop it from running automatically when you login to a system, instead of following the procedure above, open Windows Messenger and take the following steps:

  1. Click on Tools.
  2. Select Options.
  3. Click on the Preferences tab.
  4. Uncheck "Run this program when Windows starts".
  5. Click on OK.

References:

  1. How to remove Windows Messenger 4.7 permanently
    By Darrell Norton
    Posted: March 10, 2004
    Darrell Norton's Blog
  2. How do I get rid of Messenger 4.7?
    By Leo Notenbom
    Posted: May 28, 2004
    Ask Leo! Tech Questions? Get Answers!

[/network/chat] permanent link

Tue, Jan 08, 2008 12:18 pm

AntiVirus Reconnaissance

In analyzing the backend code associated with the Pushdo Trojan downloader, security guru Joe Stewart found that the malware being distributed would log the hard drive serial number on a victim's computer. He speculates that perhaps the malware is checking the hard drive serial number in order to check whether it is running on a Virtual Machine (VM). If the malware logs the same serial number for what would otherwise appear to be separate machines, then it is likely that it is running on a VM. Since antivirus companies use VM's to analyze malware in controlled environments, the knowledge that the malware is running on a VM might be of interest to the malware developer or distributor for that reason.

Some malware attempts to kill or disable antivirus software processes. Pushdo does not. It merely reports back to its controlling server on which antivirus software it has detected on the victim's sysetm. Pushdo compares all of the processes running on the sysetm with its own list of antivirus and personal firewall process names and then provides a report to its controller listing the ones it has found.

In checking the Pushdo controller server, Stewart found malware samples with rootkit characteristics, which allow malware to hide from antivirus and antispyware software, and also evidence of a spam botnet.

References:

  1. Inside a Modern Malware Distribution System
    By Ryan Naraine
    December 21, 2007
    eWeek.com

[/security/malware] permanent link

Tue, Jan 08, 2008 9:50 am

Internet Usage Statistics

If you want to see statistics on Internet usage for various parts of the world, check Internet Usage World Status - Internet and Population Statistics, a "website featuring up to date world Internet Usage, Population Statistics and Internet Market Research Data, for over 233 individual countries and world regions."

[/network/Internet] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo