Now Playing

Despicable Me 2


Todays Trailer & Spoiler :

Despicable Me 2

Release: Since JULY 2013

Plot Summary

Get ready for a minion laughs in the funniest blockbuster hit of the year!

Vying for the title of “World’s Greatest Villain”, Gru (voiced by Steve Carell) – along with his hilarious crew of mischievous minions –

plots to pull off the craziest crime of the century: steal the moon!

But when Gru enlists the help of three little girls, they see something in him nobody else has ever seen: the perfect dad.

From executive producer Chris Meledandri (Horton Hears a Who, Ice Age), and featuring the voices of an all-star comedic cast, including Jason Segel, Russell Brand, Miranda Cosgrove and Julie Andrews, Despicable Me is “rousingly funny, heartfelt and imaginative".

Pete Hammond

OS9USER Newsroom Reporter's Profile

George Proulx Lynn Sorel Brian Palmer

Tap or Click To See Our Profile

Friday, December 28, 2007
There are 2 security alerts we are posting about today.

Installing a fake Codec , and Blogger's link to worm.

The 1st one is the malicious nature of “fake” video which requires the user to install a new codec, and in turn, infects them with a ZLOB Trojan.

Your "Sexy Santa" video left some goodies behind when you were watching it.

(Picture Credit) :
Security Pro News

Removing the Trojan is under investigation by our News Team.

The 2nd Alert is Blogger's are linking to a WORM !

One worm was identified as : Storm Worm ( a.k.a. NuWar - Trend Micro detects this as WORM_NUCRP.GEN)

They make this sound like all bloggers are broadcasting trojans.

They are not. Just do not install no new codec's or click on any "Happy New Year" links, and you will be okay (on ANY website).


The Storm Worm has changed the domain name (again) and the executable file name being used to spread yet again. In addition, the filename has changed to either happy-2008.exe or happynewyear.exe. The size is about 135KB to 139KB. Kaspersky detects it as Backdoor.Win32.Agent.dln or detects it as

Storm Worm began using a new domain:


If you do, or to one of several others with similar names, you'll be redirected to an HTTP request for an EXE file pushing a trojan horse program.

The domains are all registered with an unresponsive Russian registrar. Thirteen different name servers on different networks are listed in order to make it harder to bring the domain down even after 4 days of efforts.

Storm now has better hiding skills, no visible running processes, nastiness all hidden from the API. No more hanging out in the open, easily seen. It is a "Tough Hook".

Then, about 135KB of code is injected from the driver into services.exe process.

Worm collects e-mails from files with these extensions:

.adb, .asp, .cfg, .cgi, .dat, .dbx, .dhtm, .eml, .htm, .jsp, .lst, .mbx, .mdx, .mht, .mmf, .msg, .nch , .ods, .oft, .php, .pl, .sht, .shtm, .stm, .tbb, .txt, .uin , .wab, .wsh , .xls , .xml

The Spam routine will send e-mail to e-mail addresses containing one of these strings:

@foo, @messagelab, @microsoft, abuse, admin, anyone@, bsd, bugs@, cafee, certific, contract@, feste , free-av, f-secur, gold-certs@, google, help@, icrosoft, info@, kasp, linux, listserv, local, news, nobody@, noone@, noreply, ntivi, panda, pgp, postmaster@, rating@, root@, samples, sopho, spam, support, unix, update, winrar , winzip

PrevX lets you download Prevx CSI which will detect the hidden file clean.config, created by the malware under Windows System directory.

Scan your PC in under 2 minutes with Prevx CSI

Helios Lite was designed to be quick and portable, it does not require installation and can be run off a USB drive.

Also see rapier - First Responders Info Gathering Tool from Google Code.

I have some more information as well as Lynn, so watch for another update Part 2.

Please remove all reference's to "Happy New Year" from your site.

Also, if you have a "Sexy Santa Video" , get rid of that too, for you are giving your readers a Trojan !

Watch for Part II of "Blogger Plagued By Storm Worm".

I will be listing some software you can run shortly.

Please note : depending on your scanner, you will come up with different names for this worm. The biggest question I have is : "What information was sent out of your computer, and where did it go ?"

Read our startling report next :

Attack on Bloggers just the tip of the Iceburg Brace Yourself


4 Comments left so far ...

Blogger OS9USER Says ...…

Watch for updates as the develope. I will post all information here, and solutions on how to remove the trojans.


Blogger Lynn Sorel Says ...…

I have some news , turn on your messenger pleaz.

I will post my info soon.



Blogger OS9USER Says ...…

Go ahead and post...

I was infected but not by these worm's ... I have no idea where I got mine from, but it was in the last 2 days.

It had to be on a news site some place on the internet.

I'll post more on that later.

I need to research my worm & Google's NavBar still.

Thanks !


Blogger OS9USER Says ...…

News Update : It seems my source for NavBar is broadcasting a worm (From Blogger)was incorrect.

It was an angry user that was infected BY using the NavBar.

The problem is NOT Google, but Bloggers have linked to a deadly (and well hidden) worm by wishing everyone a happy new year, or showing a Sexy Santa Video causing their readers to download an execute this trojan worm.

The Domain has changed, and the filename has changed (again), so please becareful until Google pulls the plug on this operation in their Index. I suspect they will also issue a warning if you click on a link to that site.

I will post some software you can run shortly.

Sorry Google, I am trying to confirm all my news !


Post a Comment


How How 'Star Trek's Sulu' Is Waging War On Russia

You probably associate "Star Trek" star George Takei with funny Facebook posts and clever, well-informed commentary. Only lately has the former Sulu taken on a more serious role on the world stage ... Read More ...

Watch for Updates !
TV: Tonight's Picks

YouTube Video's

Box Office Movies

OS9USER Trending Stories

iTunes Song

iTunes Top Free

Best Android APP Award

OS9USER Editor's Choice :

Top Free App : TweetCaster for Twitter

Anyone who wants to use Twitter on a tablet should take a look at TweetCaster. It has an intuitive interface and a veritable feast of features including support for multiple accounts, a powerful search function, speech to text for tweets, filters, themes, widgets … the list goes on and on. It’s a solid and reliable app that manages to pack in a lot of functionality without overwhelming you. It’s better than the official Twitter app.

iTunes Top Free Movies

Play Station Game Review

OS9USER.Android APPS Review Corner

We Provide News
To 33 Country(s)
Around The World

Grab Our RSS News Feed
On Your Device

HomePage Updated Daily !

OS9USER News Room

Click Here &
Bookmark Us

Works on Iphone & Ipads !

Powered by Blogger

OS9USER News Room Copyright © 2006-2013 All Rights Reserved.