News Items

Aug 09, 2006 10:40AM

Since last night there was a version of AIMFix up for download which will unintentionally quarantine Explorer.exe because of a typo in the definitions. This is fixed in the current version. If you ran into this problem, go into the aimfix_quarantine folder on the Desktop and copy the explorer.exe.bak file to C:\Windows\explorer.exe and the system will be back to normal.

If you're interested in the details, basically there was a registry key used by a virus that called itself "shell" and placed itself in the Run entries in the registry to launch a malicious executable. A typo caused this to be removed from the Winlogon startup key instead of only the Run key sets, thereby causing the quarantine of explorer. I fixed the typo and the new version has been tested to make sure that the problem is resolved.

Sorry for the inconvenience, I am working on a new test system for AIMFix to try and catch more of these issues before releases are made, but bear with me in the meantime.

-Jay

Jul 27, 2006 03:14PM

I just received a second report of a user's browser being shut down after attempting to type "virus", "scan", or visit jayloden.com...

Unforunately, there is not much that can be done from my position to help in cases like this, since users have no way of getting to my site in order to get help in the first place. The links I posted in a previous post are about the most I can do to help people be able to get AIMFix downloaded.

I'm calling on all computer geeks, knowledgeable friends, and support techs to help out here. If you know anyone who is infected with an IM virus, get them to http://jayloden.com/dodge.html so they can download AIMFix as help.exe to avoid triggering the shutdown of the browser.

The only way to beat this is by educating users, and since we wont have the power of Google or the Internet to do so, it'll have to be by word of mouth.

-Jay

Jul 26, 2006 07:53PM

It has come to my attention that some people are possibly unable to download AIMFix or seek virus help due to a piece of malware that shuts down the browser any time it detects certain words such as "virus" or "aimfix". Here's a description I received from an AIMFix user today:

I was unable to just download the file from your site becuase everytime i used the words "virus" or "aimfix" in the address bar or a search bar my browser would shut down. Eventually i downloaded the file from your website through a different computer and opened it through my jump drive.

Unfortunately there's not much I can do about this, since it will prevent people from even getting to my website at all. However, I have placed a new page at http://jayloden.com/dodge.html that contains only a link to http://jayloden.com/help.exe - help.exe is simply AIMFix under a different name to try and prevent the malware code from recognizing it as such. Hopefully this will help some of you out there at least get a copy of AIMFix downloaded.

If anyone has any updates or further information, particularly an analysis of the worm/virus code involved, or a copy of the infecting files, I'd be very grateful for it :)

-Jay

Jul 26, 2006 12:12PM

Just a quick note, I received this notice from Softpedia again today:

Your product "AIM Fix 1.6.719.08" has been tested by the Softpedia labs and found to be
completely clean of adware/spyware components.

We are impressed with the quality of your product and encourage you to keep
this high standards in the future.

To assure our visitors that "AIM Fix 1.6.719.08" is clean, we have granted it with the
"100% FREE" Softpedia award. Moreover, to let your users know about this
certification, you may display this award on your website, on software boxes
or inside your product.

More information about your product's certification and the award is available
on this page: http://www.softpedia.com/progClean/AIM-Fix-Clean-14740.html

Your product review page is located at:
http://www.softpedia.com/get/Antivirus/AIM-Fix.shtml

Please feel free to link to us using the URL above.
If you choose to link to the award page for your product, you may use the
award graphic or a text link such as: "100% FREE award granted by Softpedia"

Don't hesitate to contact us for more information.

Sincerely,
       The Softpedia Team

Always nice :)

-Jay 

Jul 10, 2006 07:14AM

I've finally gotten arouund to updating AIMFix to remove IM Names a little more completely than it has been. It should now remove the entire IM Names application folder and the running components. While I was at it, I retooled the BlockRemove code in AIMFix to be a little more complete and made some functionality updates to AIMFix to support the new features.

-Jay