picFUNNY.gif.exe Threat Level:

picFUNNY.gif.exe is a Trojan you can download from spam that links to a scam site. picFUNNY.gif.exe gets linked to from a fake Hallmark email, subject line “You’ve received A Hallmark E-Card!”

Sounds friendly, right?

Wrong.

Although, picFUNNY.gif.exe will allow a hacker to get very close and cozy with your PC — and likely all your personal and financial information.

Let me show you how to block picFUNNY.gif.exe.

Read more about picFUNNY.gif.exe »

AceBot Threat Level:

AceBot is a Trojan that disables your anti-virus software and infects your computer with more malware and spyware.

Unless identity theft and popups sound like a fun weekend to you, remove AceBot.

Read more about AceBot »

Pigeon AYBK Threat Level:

Pigeon AYBK is a backdoor Trojan that spies on you, logging every keystroke you type, and sending this info to a hacker. Pigeon AYBK nestles into your system using root kit techniques, and might try to connect to servers to download more malware onto your PC. Ultimately, Pigeon AYBK gives a hacker power to control your computer.

Unless you bought your computer hoping it’d become part of a hacker’s botnet, remove Pigeon AYBK.

Read more about Pigeon AYBK »

E-greetings.exe Threat Level:

E-greetings.exe is a Trojan you can download from spam that links to a scam site. E-greetings.exe gets linked to from a fake Postcards.com/Postcards.org email, subject line “You have received a card from a family member!”

Sounds friendly, right?

Wrong.

Although, E-greetings.exe will allow a hacker to get very close and cozy with your PC — and likely all your personal and financial information.

Let me show you how to block E-greetings.exe.

Read more about E-greetings.exe »

“eBay New Unpaid Item Message from hallummotors:” Email Threat Level:

“eBay New Unpaid Item Message from hallummotors:” Email is spam that links to a scam site, http://217.133.199.119 /icons /small /ps1.gif /signin.ebay.com /ws /ebayISPP.dll /SignIn /index.html? SignIn &co_partnerId=2 &pUserId=&siteid=0 &pageType= &pa1=&i1=&bshowgif= &UsingSSL= &ru=http%3A%2F%2Fwww.ebay.com &pp=&pa2=&errmsg=&runame= &ruparams=&ruproduct= &sid= &favoritenav= &confirm= &ebxPageType= &existingEmail= &isCheckout= &migrateVisitor=. “eBay New Unpaid Item Message from hallummotors:” Email’s site poses as an eBay page. Like other phishing pages, the goal of http://217.133.199.119 /icons /small /ps1.gif /signin.ebay.com /ws /ebayISPP.dll /SignIn /index.html? SignIn &co_partnerId=2 &pUserId=&siteid=0 &pageType= &pa1=&i1=&bshowgif= &UsingSSL= &ru=http%3A%2F%2Fwww.ebay.com &pp=&pa2=&errmsg=&runame= &ruparams=&ruproduct= &sid= &favoritenav= &confirm= &ebxPageType= &existingEmail= &isCheckout= &migrateVisitor= is to steal your login info, so hackers can steal your personal and financial information.

Bastards.

If you signed into the fake eBay page “eBay New Unpaid Item Message from hallummotors:” Email links to, alert your credit card carriers and banks.

And even if you didn’t click the link, let me show you how to block “eBay New Unpaid Item Message from hallummotors:” Email.

Read more about “eBay New Unpaid Item Message from hallummotors:” Email »

“You’ve received a question about your eBay item#683216999340″ Email Threat Level:

“You’ve received a question about your eBay item#683216999340″ Email is spam that links to a scam site, http://sign-in-member-cgi72.pochta.ru/ehayISAPIdllSignInruhttwwwehaycomtrksidm.asp. “You’ve received a question about your eBay item#683216999340″ Email’s site poses as an eBay page. Like other phishing pages, the goal of http://sign-in-member-cgi72.pochta.ru/ehayISAPIdllSignInruhttwwwehaycomtrksidm.asp is to steal your login info, so hackers can steal your personal and financial information..

Bastards.

If you signed into the fake eBay page “You’ve received a question about your eBay item#683216999340″ Email links to, alert your credit card carriers and banks.

And even if you didn’t click the link, let me show you how to block “You’ve received a question about your eBay item#683216999340″ Email.

Read more about “You’ve received a question about your eBay item#683216999340″ Email »

“Hilton Sex Tape Shot at Hyatt” Email Threat Level:

“Hilton Sex Tape Shot at Hyatt” Email is circulating spam that links to a scam site, ColorCoverShop.com. “Hilton Sex Tape Shot at Hyatt” Email’s site poses as a news web page, and after it loads you’ll get a popup telling you’re missing a Video ActiveX object needed to watch the “Hilton Sex Tape Shot at Hyatt” Email video.

This Video ActiveX object error reads:

The page at http://colorcovershop.com says:
Video ActiveX Object Error
Your browser cannot play this video file.
Click ‘OK’ to download and install missing Video ActiveX Object.

If you click “CANCEL” — as you should — , you’ll get another popup:

The page at http://colorcovershop.com says:
Please install new version of Video ActiveX Object.

Funny enough, you don’t have many options besides downloading this Video ActiveX Object. And if you do download this “Video ActiveX Object,” you’ll download “codec_install.exe,” which is really a Trojan.

Which will really give a hacker access to your PC.

Which is really #*($*&@*%&^$!

Let me show you how to block “Hilton Sex Tape Shot at Hyatt” Email.

Read more about “Hilton Sex Tape Shot at Hyatt” Email »

“RE: ® Official Update 2008!” Email Threat Level:

“RE: ® Official Update 2008!” Email is circulating spam that links to a scam site, http://89.187.49.18/install.exe. That .exe extension tells you “RE: ® Official Update 2008!” Email links to a processes file, which means a program, which means –

Probably a Trojan.

“RE: ® Official Update 2008!” Email reads:

From: Microsoft XP (or Antivirus XP)
Subject: RE: ® Official Update 2008!
Free Update Windows XP,Vista
About this mailing:
You are receiving this e-mail because you subscribed to MSN Featured Offers. Microsoft respects your privacy. If you do not wish to receive this MSN Featured Offers e-mail, please click the “Unsubscribe” link below. This will not unsubscribe you from e-mail communications from third-party advertisers that may appear in MSN Feature Offers. This shall not constitute an offer by MSN. MSN shall not be responsible or liable for the advertisers’ content nor any of the goods or service advertised. Prices and item availability subject to change without notice.

©2008 Microsoft | Unsubscribe | More Newsletters | Privacy
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

Let me show you how to block “RE: ® Official Update 2008!” Email.

Read more about “RE: ® Official Update 2008!” Email »

“Flash player: Incorrect version” popup Threat Level:

“Flash player: Incorrect version” popup is a backdoor Trojan posing as a flash codec. You need to download “Flash player: Incorrect version” popup like you need more fake anti-spyware on your computer.

Which is fitting, because that’s what “Flash player: Incorrect version” popup does: if you download it, all the sudden you’ll find out now you “need” to download and/or buy scamware like Files Secure 2.2, VirusHeat, or VirusProtect Pro to remove threats that don’t really exist. “Flash player: Incorrect version” popup popups read:

“Flash player: Incorrect version
Your browser cannot display this site. You need to download new version flash player Object to play this video file.”

My advice if you get this “Flash player: Incorrect version” popup popup? Click CANCEL CANCEL CANCEL until your break your mouse.

Read more about “Flash player: Incorrect version” popup »

DVBN756512.zip Threat Level:

DVBN756512.zip is a Trojan attached to a scam email that pretends to be an invoice from Fedex.

This DVBN756512.zip email reads:

From: John Barker (tengyun@qbchina.com)
Subject: Tracking N 2894898381
Unfortunately we were not able to deliver postal package you sent on July the 25 in time
because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office.

Your FEDEX
www.fedex.com
Attachment: DVBN756512.zip 49.9 KB

If you open this DVBN756512.zip attachment, you’ll probably launch a Trojan that’ll give a hacker control over your computer.

I’m sure identity theft sounds like a fun weekend, but if you’d rather spend your weekend otherwise — church? Family? Strip club? — I can show you how to get rid of DVBN756512.zip for free.

Read more about DVBN756512.zip »