August 2008

AVG: A .bin file is missing

Seems AVG Free is temporariliy update-free! Boffins are as we blog hard at work replacing what appears to be reported as one floundering file. So if you spotted the icon (below) recently do not panic. Give it a day or less and all will be right in Update Land. Remain calm.



If you're hot to update your AVG manually (and who amongst us isn't I ask?) then do this:

1. Make a new directory on your desktop called AVG.
2. Browse to http://www.grisoft.com/ww.download-update.
3. Download the file named AVI: 270.6.4 to the AVG directory.
4. Download the file named IAVI: / 1616 to the AVG directory.
5. Right-click on the AVG icon in your taskbar, left click Open AVG User Interface.
6. Select Tools, Update from directory...
7. Select the directory called AVG where you put the downloads, click OK.

AVG should update itself and report a success. All done.

OpenDNS Updater Triggering AV Alerts

If you use AVG Anti-virus you may have had it warn you that opendns updater.exe is infected with a trojan horse. This appears to be false. Update your AVG client and see if it continues to report an infection.

If the built in heuristic routines still report a problem you can stop AVG from complaining by:

1. Right-click on AVG icon located in taskbar and open the AVG User Interface
2. Choose Tools, Advanced Options
3. Highlight PUP Exceptions
4. Click add exception
5. Browse to the opendns updater.exe file, select it and click ok
6. Close AVG

If AVG has already quarantined your opendns updater.exe file:

1. Right-click on AVG icon located in taskbar and open the AVG User Interface
2. Choose History, Virus Vault
3. Highlight the entry containing opendns updater.exe
4. Click the Restore button, then click OK
5. Close AVG

Your system should now work - if the OpenDNS icon is complaining right click on the OpenDNS Updater icon in the taskbar:



Left click on Run Update, the result should be:



Also left click on Check Version, the result should be:



For assistance please click the Crossloop icon to the left at the bottom of the sidebar.

Facebook - MySpace Trojans

Both popular social networking sites, MySpace and FaceBook have both been attacked by an emailed virus that, should you download the plug-in as it suggests, sends large quantities of bogus emails. They contain trojans that Symantec has identified as gampass. This trojan is loooking for data on your system regarding gaming. Since this data may well include credit card numbers this is a problem. So, always be suspicious of any requirement for plugins above and beyond what you normally have installed. Keep your anti-virus software loaded and updated. Just because they are your friend on any social networking site does not mean they won't do something foolish that might well ensnare you. Remember, security is an ongoing process not a product.

DNS Poisoning

DNS servers the world over have been targeted by evil doers. Flaws in these servers could allow creeps to silently redirect your browser sessions to anywhere.

To check to see if your ISP is vulnerable go here.

If the results (above) are less then satisfactory do contact your ISP and complain bitterly.

You could also use DNS servers that are patched. I suggest OpenDNS.com - they even have a handy application that corrects your settings when your ISP's DHCP server changes your IP.

Here is a good synoposis from the blog Security Fix:

At issue is a basic design flaw in the domain name system. DNS is the communications standard that acts as a kind of telephone book for the Internet, translating human-friendly Web site names like example.com into numeric addresses that are easier for networking equipment to handle and route. When people type a Web site name into their Internet browser, the process of routing of that name to Internet address is generally handled through DNS servers managed by Internet service providers and corporations. But according to research released this month, most of those DNS servers are vulnerable to a security flaw that allows miscreants to silently alter the virtual road maps that those systems rely on to route traffic. As a result, a cyber criminal could trivially rewrite those records so that when customers of a vulnerable ISP or network provider try to visit a particular Web site, they are instead taken to a counterfeit site created by the bad guys.

Security begins at home. Never assume your ISP has a clue.