First of all, I should probably clarify what I mean by Pump and Dump (also known as P-n-D) or Hype and Dump Manipulation, as the government calls it. It’s the process of creating fake hype or buzz around a particular stock in an effort to generate interest in prospective buyers. This can be done in a number of ways, one of which is becoming quite popular lately in the form of spam.

This P-n-D technique isn’t a new phenomenon on the Web, but in the past year, this scam has really come into its own. According to Sophos security company, the percentage of P-n-D spam e-mail has jumped from less than one percent of all spam being sent out in 2005 to a whopping 15 percent in 2006 (no word on 2007 yet).

The P-n-D scams usually involve sending out e-mails. You know, as I stated earlier, “pump” up the stock by urging buyers to make a move on some incredible stock offer before it’s too late. The scam usually employs some sort of information that looks credible, stating things like impending development or an invention of some revolutionary new product or procedure. The scam really tries to get the reader to make a move on the stock as fast as possible, in order to jump the profit of the individual shares up for existing owners as well. Once the entity responsible for the scam hits their goal price per stock, they sell, reaping the fraudulence earnings for their own and leaving behind a wake of confusion and financial destruction.

It is almost impossible to determine exactly who is behind any particular P-n-D scam, not to mention locating where the attack may be originating from. It may be the owners of the fledgling company, some affiliate of the company or simply an attacker who decided to choose the company for some particular reason. The P-n-D e-mails are sent out to millions of warehouse e-mail addresses, while the attacker sits and watches the stock. If the price per share hits a projected goal, they sell their shares right away.

There are some things you may want to keep an eye out for. For example, I have posted a list of known domains in which these types of attacks have originated before:

    * Trader's Daily Report
    * Smart Money Equities
    * Tip Top Equities
    * Capital-gains.net
    * Horizontal-spread.com
    * FuturesBuzz.com
    * DeepDiscountFutures.com
    * Trade10.com
    * HedgeCo.net
    * OTCPicks.com
    * 1stOptionsBroker.co.uk
    * AnotherWinningTrade.com
    * MaximumuASP.com
    * FXstreet.com
    * www.sjrb.ca (this one had no name)

Another key to spotting a P-n-D e-mail is seeing the same message coming from different addresses and with different subject lines. Other sure tell signs are things like gibberish or misspelled words in the beginning or end of the e-mail, which are known tactics of spammers to elude e-mail filters. All of this, in addition to, of course, the overwhelmingly good information/news in the body of the e-mail, is meant to entice the reader into quickly purchasing shares of the stock.

If you do find some P-n-D e-mails in your Inbox, the best thing to do is delete them. It’s that simple to stay clear of the whole mess. If you find yourself playing in the Microcap stock market, I suggest finding reliable sources in which to get your information from. Think of it as a different type of phishing scam where the number one rule in protecting yourself is never give account information out in response to an e-mail, regardless of who it is from. The same applies here. Don’t make any sort of stock purchase based off of some random e-mail, no matter who it claims to be from. That’s all it takes. Simply resist your curiosity, because it may get you in trouble. Also, remember, if it sounds too good to be true, it probably is.

If you do receive one of the P-n-D e-mails, you can notify the:

Securities Exchange Commission (SEC): http://www.sec.gov/

Federal Trade Commission: http://www.ftc.gov/

This happens, because the other programs that use the shared file will continue to look for the missing .dll. This usually happens during the startup process, causing them to crash and you just end up with a lot of useless frustration. Reinstalling a program usually rectifies this problem, but this can also be avoided by just reinstalling the one .dll file that has gone missing. Today, I will briefly discuss how you can reinstall any missing .dll files. Let's go!

Step one is to get ahold of the file that has gone missing. There are a lot of resources online where you can download the .dll files you need to install. Some of the popular ones are http://www.dll-files.com,   http://www.dlldump.com and http://www.dlldll.com. These Web sites maintain a comprehensive database of useful .dll files that users can download in times of a PC crisis.

Now, once you download the .dll files, you'll need to uncompress that in the C:\WINDOWS\system32 folder. (You can get there by going to My Computer, C: drive and so on). Next, click the Start button and go to Run or you can press the Windows key + R. Either way, the Run box should pop up. Now, say you want to install a .dll file named "run32.dll." In that case, type in “regsvr32 run32.dll” and press Enter. You can follow that same example for any .dll file you need to find.

So, it's essentially “regsvr32" with the name of the .dll file inserted in. If the file has been installed properly, you will see a box telling you that everything has gone well.

To summarize once again:
1.) Download the required .dll files that are missing.
2.) Extract it to the C:\WINDOWS\system32 folder.
3.) Execute the "regsrv32" command by using the Run dialogue box.

This is a nifty little trick that will save you from having to reinstall all your .dll sharing programs all over again. Go on and give it a try!

Adobe Flash and Photoshop get bonked again It's that time of the month when I ask you to head on over to Secunia Software Inspector for your regular checkup.  This free, Web-based service scans your PC and informs you about Windows and major third-party applications in need of critical patches that you don't have installed.

Adobe Flash needs an update for versions 9.0.45.0 and earlier; 8.0.34.0 and earlier; and 7.0.690 and earlier.  These patches are described in a new Adobe security bulletin, APSB07-12.

Adobe Photoshop CS2 and CS3 also need updates, as noted in another bulletin, APSB07-13.  Both bulletins were released this week on Microsoft's Patch Tuesday.  It looks like everybody is getting into the spirit of Reboot Wednesday.

Sun Java patches represent big headaches While Microsoft patching can drive one to insanity, Sun Java patching is just as annoying, if not more so.

The Register recently reported that Sun waited 11 days between releasing patches for an earlier version of the Sun Java Runtime.  This 11-day window placed users of Java Runtime 6 at risk from malware writers.

Once again, I urge you to scan your system this week using Secunia Software Inspector, which finds and reports to you about vulnerable versions of installed applications.

Intel microcode prevents blue screen of death On some (but not all) Intel-based workstations and servers this month, you may see KB 936357 offered up to you by Windows Update.  This is a preventive patch that updates certain Intel processors.  This includes the Intel Core 2 Duo mobile processor, the Quad desktop processor, and the Core 2 Extreme Processor.  For servers, affected CPUs include Intel's Xeon 3000, 3200, 5100 and 5200 series.  If you install patch 936357, you don't need the latest BIOS update from Intel.

A blue screen of death is a STOP error on the computer system.  Typically, one has to download debugging tools and use a memory dump to determine what the issue is, as described in a blog post last year by Microsoft's Peter Gallagher.  Patch 936357 is designed to prevent possible similar issues with the above-named chip sets.

Some July 10 patches reportedly fail on Vista Windows Secrets contributing editor Woody Leonhard has sighted comments in the Vista newsgroup claiming several of the Patch Tuesday fixes that were released on July 10 refuse to install on Vista.  He reports that complaints he's received seem to center on the following patches:

• Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB 933566)
• Update for Windows Mail Junk E-mail Filter [July 2007] (KB 905866)
• Update for Windows Vista (KB 935280)

I wonder if the people experiencing these failed installs have third-party firewall software loaded?  I'll write more when this becomes clearer.

Microsoft on Monday issued an apology for the tardy release of two add-ons to its Windows Vista operating system and promised to have the offerings available by summer's end.

When Microsoft released Vista in January, company executives touted a series of "Ultimate Extras" add-ons that would eventually be included in the operating system's Windows Vista Ultimate Edition.

Related StoryGartner: If you're buying a PC, it's not for Vista.
To date, the software giant has released four of those add-ons: a poker game known as Windows Hold'Em; the secure online key backup, which stores a backup copy of BitLocker recovery passwords and encrypting file system recovery certificates in a digital locker; the BitLocker drive preparation tool, which configures hard drives to use Vista's BitLocker drive encryption feature; and 16 language packs.

Microsoft has yet to release the 20 remaining language packs and a feature known as DreamScene, which allows users to select videos as Windows desktop backgrounds.

On Monday, Microsst issued a mea culpa."We want to let our Windows Vista Ultimate customers know that we are actively working to deliver the remaining extras that we identified in January," Barry Goffe, director of Windows Vista Ultimate, wrote in a blog post.

"We are continuing to work on these offerings," Goffe said. "We apologize for taking so long to provide a status update to customers."

Goffe promised to ship the language packs and DreamScene by the end of the summer but said they will not be released "until they meet the high quality bar required by our enthusiastic customers."

Microsoft on Feb. 14 released a preview version of DreamScene through Windows Update and said it was then in the "final testing phase" for the product. A month later, the company issued a content pack that included four video backgrounds for those who had installed the preview version.

Goffe also said that Microsoft would be releasing additional extras "over the next couple years" but did not provide additional details. 

If you receive one of these e-mails in your Inbox, the subject will say something like "You've received a postcard from a family member" or something similar to that. There have also been some that say something about an e-card, a greeting or even one specifying a special holiday (like the Fourth of July, for example). The senders of this scam have also varied. These spam e-mails have come from Hallmark, Greetings123, eCards, GreetingCards.com and more.

If you open the e-mail, it will tell you that you've been sent a postcard and there will be a link you can click on to go and preview it. But, if you click on that link, you're putting yourself at risk for a potential virus or malware infestation. Once you click on the link, the scammers know your address is a real one and they can start sending you malicious material at any time. So, although these e-mails look tempting, don't click on that link! Be extra careful not to fall for this trick. Like I always say, if the e-mail looks suspicious, just delete it as fast as you can. It's better to be safe than sorry, don't you think?!

Find out about other clues that can help you spot e-mail messages that claim to be from Microsoft but aren't.
http://www.microsoft.com/protect/yourself/phishing/msemail.mspx

The skinny, according to this Cupertino alert:

CVE-2007-2295 — A memory corruption issue exists in QuickTime’s handling of H.264 movies. By enticing a user to access a maliciously crafted H.264 movie, an attacker can trigger the issue which may lead to an unexpected application termination or arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2392 — A memory corruption issue exists in QuickTime’s handling of movie files. By enticing a user to access a maliciously crafted movie file, an attacker can trigger the issue which may lead to an unexpected application termination or arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2296 — An integer overflow vulnerability exists in QuickTime’s handling of .m4v files. By enticing a user to access a maliciously crafted .m4v file, an attacker can trigger the issue which may lead to an unexpected application termination or arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2394 — An integer overflow vulnerability exists in QuickTime’s handling of SMIL files. By enticing a user to access a maliciously crafted SMIL file, an attacker can trigger the issue which may lead to an unexpected application termination or arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2)

CVE-2007-2397 — A design issue exists in QuickTime for Java, which may allow security checks to be disabled. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2393 — A design issue exists in QuickTime for Java. This may allow Java applets to bypass security checks in order to read and write process memory. By enticing a user to visit a web page
containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2396 — A design issue exists in QuickTime for Java. JDirect exposes interfaces that may allow loading arbitrary libraries and freeing arbitrary memory. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. (Available for: Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

CVE-2007-2402 — A design issue exists in QuickTime for Java, which may allow a malicious website to capture a client’s screen content. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to the disclosure of sensitive information. (Available for Mac OS X v10.3.9, Mac OS X v10.4.9 or later, Windows Vista, XP SP2).

Darrel Uselton, 40, of Katy, and his uncle, Jack Uselton, 69, of Houston, cheated investors out of about $4.6 million by infecting computers with bot viruses that forward spam e-mails to tout shares, the SEC said in a statement. Recipients who fell for the enticements drove up share prices while the men allegedly sold their holdings.

The SEC has frozen dozens of stocks this year as it seeks to rein in the use of spam e-mails that attempt to inflate stock prices. The current investigation began after an SEC lawyer received one of the Useltons' e-mails at work.

"The use of bots to spread investment spam at exponentially higher rates is making this type of fraud an even more virulent threat to ordinary investors," SEC Chairman Christopher Cox said in the statement.

The suit, announced today, "is intended to protect investors from fraud artists who would treat the investing public as their personal ATM," Cox said.

Find out about other clues that can help you spot e-mail messages that claim to be from Microsoft but aren't.
http://www.microsoft.com/protect/yourself/phishing/msemail.mspx

Trend Micro, more commonly referred to as Housecall, offers free virus scans and in most cases can fix damage down by a virus or worm that your computer may have contacted. The program works well.  The first time one uses the free program it is necessary to download a small program. Trend Micro walks you through the process.   Then the virus scans are quite simple for each return.  Go to http://housecall.antivirus.com/  then choose the link   "Scan without registering".  Follow the directions.

You should disable any anti virus program that you have running.  If you do not have a virus program I recommend that you use one of the programs offered above first and then download and install one of the free programs listed below or install any anti virus program you have purchased.
**************************************************************************************************
Free Anti Virus programs for download. 
Quite a few KCnet members use these programs and like them.
Be careful if you download a virus program and you already have one installed on your computer.  You need to at least disable the program already installed.

AVG Free
AVG Free Edition is the well-known anti-virus protection tool. AVG Free is available free-of-charge to home users for the life of the product! Rapid virus database updates are available for the lifetime of the product, thereby providing the high-level of detection capability that millions of users around the world trust to protect their computers. AVG Free is easy-to-use and will not slow your system down (low system resource requirements).
http://free.grisoft.com/freeweb.php/doc/2/lng/us/tpl/v5

Avast
Avast has been "anti virusing" for quite awhile.  The following info comes from their download page:   Avast! Home is now free of charge for HOME users for NON-COMMERCIAL use. You can find more info here.
http://www.avast.com/eng/down_home.html
Note: This product is free for home non-commercial use after registration!
HINTS:   Click on the English Version Link and download the installation file.  Then click on the installation file and follow the directions.  You will need to return to the download page and click on the link to get the registration key.   It will be sent to you in an email after you provide some registration information.  This will give you 14 months of coverage including any updates which can be set to auto download.  You can reregister for additional free coverage at the end of the 14 months.
You will want to browse around and choose from the many options available for operation.  This process will take some time and digging.

Another good free program is:
http://www.free-av.com/
This one installs a bit easier than Avast.

**************************************************************************************************
Free Spybot and Adware programs for download.

AVG Anti-Spyware Free is a free anti-spyware protection tool developed by GRISOFT for home use. We invite you to join the millions of satisfied customers worldwide who have downloaded the software and now enjoy the benefits of ewido anti-spyware Free.
What you get with anti-spyware Free
Easy to use
Daily database updates
Heuristics to detect unknown threats
Automatic Cleaning Engine
And most of all ... great customer satisfaction!
http://free.grisoft.com/freeweb.php/doc/20/lng/us/tpl/v5 

Spybot - Search & Destroy 1.4 - product description
Application to scan for spyware, adware, hijackers and other malicious software.
Choose one of the sites to download from.
http://www.safer-networking.org/en/mirrors/index.html

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.
http://www.lavasoftusa.com/software/adaware/

Windows Defender  is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.
http://www.microsoft.com/athome/security/spyware/software/default.mspx 
 

True Viruses and Warning Letters of Impending Doom.
Believe it or not, the amount of harm done by sending false computer virus alarms and letters of impending doom to your thousand closest friends can be just as damaging as the alleged virus (if it even exists!);  if you remember the story of the boy who cried wolf, you understand why.
If you think you've got the scoop on the latest new devastating virus or latest doom warning, check it out at the Web sites below before taking it on yourself to alert the world.  If the virus is as terrible as you think it is, odds are the virus fighters already know about it and -- good news here!  -- your anti virus software provider probably knows about it too and already has an update for it.
Sophos supplies this current information about actual hoaxes.  Look at them. Read about them.  If you are sent one of them, delete it.

Here are a few sites of many that can help you determine if an email is a hoax or real.

http://www.snopes.com/
http://vil.nai.com/VIL/hoaxes.asp
http://kumite.com/myths/
http://www.symantec.com/avcenter/hoax.html
http://www.scambusters.org/VirusHoaxes.html
http://www.sophos.com/virusinfo/hoaxes/
http://www.truthorfiction.com/
http://www.quatloos.com/

New implant may 'bring music to the deaf'

A simple change to the design of 'bionic ear' implants dramatically improves the quality of sound they provide, say researchers in the US who have tested a prototype on cats.

Around 100,000 people around the world have been fitted with conventional cochlear implants. These are built into the skull and tune into the signal produced by a wireless external microphone. The implant sits below the skin behind the ear and sends electrical signals to a set of electrodes coiled into the cochlea – the spiral organ in the ear that senses sound.
Read more:
http://www.newscientisttech.com/channel/tech/dn12046-new-implant-may-bring-music-to-the-deaf.html

Heart Health
Changing Lifestyles...
Turn Back the Clock on Your Heart
Have you eaten junk food most of your life, avoided fruit and smoked like a chimney? If you think it's too late to start living a heart healthy lifestyle -- even if you're 50 or 60 -- think again. A new study says it's never too late to save your heart. Find out more...
http://heart.health.ivillage.com/newsstories/itsnevertoolategethealthy.cfm?nlcid=hr

Introduction to Detecting Lies:
The following techniques to telling if someone is lying are often used by police, and security experts. This knowledge is also useful for managers, employers, and for anyone to use in everyday situations where telling the truth from a lie can help prevent you from being a victim of fraud/scams and other deceptions.

Warning: Sometimes Ignorance is bliss; after gaining this knowledge, you may be hurt when it is obvious that someone is lying to you.
Read about becoming a lie detector:
http://www.blifaloo.com/info/lies.php