Posts tagged as:

Microsoft

The Best Antivirus Software in 2011, According to PC Magazine

The Best Antivirus Software in 2011

Best Antivirus Software, 2011

Antivirus vendors have included “2011″ in their product names since the summer of 2010. Now that the year 2011 has actually arrived it’s time for a new look at the whole collection. Several of the latest additions attempt to crank up protection by running two different antivirus engines, and some actually succeed. This batch also brings a new Editors’ Choice for free antivirus and a new shared Editors’ Choice for commercial antivirus.

As always, when I say “antivirus” I mean a utility that protects against all kinds of malicious software, not just viruses. Trojans, spyware, rootkits, keyloggers, adware, scareware – a proper antivirus must handle all of these.

Standalone or Suite?
Many of this year’s products blur the line between standalone antivirus and security suite. In the past the presence of a personal firewall has been one defining suite element; not any more. There’s a fully-functional firewall inside Panda Antivirus Pro 2011. eScan Anti-Virus 11 and McAfee AntiVirus Plus 2011 also offer firewall protection. Norton AntiVirus 2011 doesn’t include a complete firewall, but its intrusion prevention feature is more effective against exploits than most full-blown suites.

Spam filtering is another component typically found in a suite. The spam filter built into BullGuard Antivirus 10 is reasonably accurate and unusually helpful at setup time. eScan also offers a spam filter, but it’s not something you’d want to inflict on your Inbox.

StopSign Internet Security 1.0 includes an optional firewall with spam filtering built in. None of the independent labs have tested it, though, and its performance in my own malware blocking and removal tests was so poor that I didn’t bother evaluating those optional features.

BitDefender Antivirus Pro 2011 offers full remote management of other BitDefender installations across the network. McAfee can monitor other installations remotely and fix problems. Panda and Norton can at least let you know when another installation has problems, though they won’t fix those problems remotely.

BitDefender includes a very effective phishing prevention tool, as does G Data AntiVirus 2011. The LinkScanner component in AVG Anti-Virus Free 2011 also works to block phishing sites, as does McAfee’s SiteAdvisor. AVG and Norton both scan the links on your Facebook pages to protect you from Facebook scams and viruses. BitDefender and Kaspersky Anti-Virus 2011 both check your system for security vulnerabilities, though BitDefender takes the concept a bit farther.

Outpost Antivirus Pro 7.0 and BitDefender can block transmission of user-defined private data, a feature usually found only in suites. Ad-Aware Pro Internet Security 9.0, AVG, Kaspersky, and McAfee will tune system performance and wipe out traces of computer and Internet use. Sometimes it’s hard to remember that the product is “only” an antivirus, not a full suite.

The true standalone antivirus isn’t dead, however. For example, F-Secure Anti-Virus 2011 sticks to the business of virus protection without any sign of morphing into a mini-suite.

Twin-Engine Trend
Several late-season additions aim to double your protection by using two antivirus engines, with varying degrees of success. G Data’s dual scan doesn’t take much longer than the average single-engine product, and it includes powerful phishing protection. However, it doesn’t thoroughly clean up the threats it detects, and a failed cleanup effectively killed one test system. TrustPort Antivirus 2011 ran a bit slower than G Data and failed significantly in my testing. After its alleged removal some threats were still running. In the malware blocking test a few threats that it claimed to block managed to install and launch anyway.

Double Anti-Spy Professional v2 turned in the best performance of the twin-engine antivirus tools. It scans first with one engine, then with the other, and it also requires two separate updates. It’s noticeably slow, but effective enough that it’s worth waiting for.

Adjustable Interfaces, Built-in Support
Some users want to hear about every little security event, but most prefer a product that just does the job, without making a fuss. Ad-Aware Pro appeals to both with a choice of simple or advanced mode. BitDefender goes even further. Not only can its users choose basic, intermediate or expert view, they can build a personal collection of their most-used tools.

Webroot AntiVirus with Spy Sweeper 2011 totally focuses on keeping everything as simple as possible. It updates automatically, scans while the system is idle, and interacts with the user through a completely redesigned interface. All the detail a tech-savvy user might want is available, but hidden when not needed.

The user interface for Trend Micro Titanium Antivirus + 2011 discards the standard landscape-orientation window for a skinny vertical panel that takes up minimal space. McAfee, too, has switched to a vertical interface.

Norton reserves a panel across the bottom of its main window for interaction and communication with other security components. Initially the panel shows an interactive world map of security activity, but it can also connect with Norton Safe Web for Facebook or with your Norton Online Backup account.

Built-in and automated support features grace many of these tools. BitDefender includes a search box for help topics right on its main screen; a built-in tool will gather system information and contact an agent for chat-based support. Norton’s one-click support system gathers diagnostics and offers relevant FAQs or chat-based support. Kaspersky’s built-in support tool can send diagnostic reports to the company and process purpose-built scripts to fix specific problems. Panda’s PSCAN lets remote analysts request samples and push fixes without requiring full chat-type interaction. BullGuard offers built-in access to e-mail and live chat support with a message center to manage your support interactions. eScan links to live chat and online help.

[click to continue…]

{ Comments on this entry are closed }

Top 10 Malware Threats reported by GFI Software for February

According to GFI Application, a trend observed since last summer continued, with lots of of the same types of Trojan horses continuing to dominate the threat landscape. GFI’s statistics revealed that Trojans made up three of the top 10 malware threats in February 2011. Topping the list, Trojans detected as Trojan.Win32.Generic!BT accounted for 22.97 percent of total detections, holding its spot as the number one threat.

GFI Application has announced the top 10 most prevalent malware threats for the month of February 2011 as detected by scans performed by its anti-malware solution, VIPRE Antivirus, & its antispyware gizmo, CounterSpy.

These Trojans are downloaders associated with rogue security programs known as Fake Antivirus application, sometimes known as “scareware”. One time they are on a use’s process, these programs perform a fake scan of a victim’s computer for malware then display false warnings that the machine is infected in an try to persuade victims to buy fake security application.

The top 10 results represent the number of times a specific malware infection was detected in the coursework of GFI’s VIPRE & CounterSpy scans that document back to GFI’s community of opt-in users. These threats are classified as moderate to extreme based on process of installation among other criteria established by GFI Labs.

Top 10 Detections for February 2011 as reported by GFI Software:

1
 Trojan.Win32.Generic!BT Trojan
22.97%
2
 Trojan-Spy.Win32.Zbot.gen Trojan
3.46%
3
 Trojan.Win32.Generic.pak!cobra Trojan
2.89%
4
 Zugo LTD (v) Adware
2.52%
5
 Fraudtool.Win32.Securityshield.ek!c (v) Trojan
2.00%
6
 Trojan.Win32.Generic!SB.0 Trojan
1.72%
7
 INF.Autorun (v) Trojan
1.66%
8
 Worm.Win32.Downad.Gen (v) Worm
1.48%
9
 Pinball Corporation (v) Adware
1.19%
10
 Exploit.PDF-JS.Gen (v) PDF exploit
0.83%

{ Comments on this entry are closed }

Google, Yahoo, And MySpace Ads May Infect Computers

Infected Search?

Infected Search?

Antivirus company Avast alleges that ads served by companies such as Google, Yahoo! and Fox, and published on websites such as the New York Times and TechCrunch, have included bad software that could infect your computer.

Users don’t even have to click the ads to be affected. Their browser gets infected just from loading the ads. CNet has the story.

The report allegs these companies’ ad platforms include exploits that allow malicious hackers to run a JavaScript exploit called JS:Prontexi.

Prontexi is a Trojan horse targeting Windows machines that looks for further vulnerabilities in software such as Adobe’s Reader and Acrobat, Java, QuickTime and Flash. It pops up fake antivirus warnings to trick you into installing further malware. The malware started spreading in late December. Since then, Avast has found it has infected more than 2.6 million computers. Almost 530,000 of those were from Yield Manager and more than 16,300 from DoubleClick.

The worst affected are Yahoo!’s Yield Manager, Fox Audience Network’s Firmserve.com and Google’s DoubleClick. Together, these networks serve over 50% of all internet ads. DoubleClick has been the least affected and Google has been the fastest at tackling the problem, according to CNet and Avast.

A Yahoo representative confirmed the report and said it was investigating the situation, but didn’t provide much information. “We have identified the creatives in question and are working to make sure they been deactivated in our system,” the company said in a statement.

“Yahoo is deeply committed to providing a high-quality experience for users, advertisers, and publishers. We expect our members to support and abide by our standards and guidelines around acceptable ad content and behavior,” the statement said. “On the rare occasion that an ad is served that is in conflict with our expectations and guidelines we take action to remove it as quickly as possible.”

A Google spokesman said the company had discovered malware in ads from DoubleClick on its own and halted them. “In this case, we stopped several of the ads in question on the same day, independent of this report,” he said.

{ Comments on this entry are closed }

How to Recognize a Fake Virus Warning

Watch out for fake anti-virus alerts

Scareware: FBI Warns That Those Pop-Up Security Warnings Pose a Threat to Your Computer

I have a friend in the real estate business who told me that he wanted to pick up his computer and hurl it through a window.

The cause of his frustration was an incessant series of pop up messages on his computer screen that warned he had a virus on his computer. He could not figure out how to make the pop ups go away and eventually his computer ceased working.

He presumed that the warnings were legitimate, but he later learned that he was the victim of “scareware.”

He didn’t know that the FBI put out a warning this month about the threat of pop up security warnings.

The FBI states that pop up messages claiming that you have a virus and you are in need of anti-virus software may, ironically, actually contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft.

The FBI states that those pop up messages contain “scareware”, fake or rogue anti-virus software that looks authentic, but they are not.

Scareware is sold to unsuspecting computer users who fear viruses on their computers. The scareware is either useless or contains damaging malware programs. The cyber criminals convince users that he or she has a virus that has infected their computer and then offers anti-virus software to remove it. The virus does not in fact exist until the user downloads the scareware
The term scareware describes software products that often generates a bombardment of pop up warning messages that makes using your computer difficult.

The message may display what appears to be a real-time, anti-virus scan of your hard drive. The scareware will show a list of reputable software icons; however, you can’t click a link to go to the real site to review or see recommendations. The FBI says that cyber criminals use botnets —collections of compromised computers — to push the software, and advertisements on websites deliver it. This is known as malicious advertising or “malvertising.”

Once the pop-up warning appears, it can’t easily be deleted by clicking on the “close” or “X” buttons. If you click the pop-up to purchase the software, a form to collect payment information for the bogus product launches. In some instances, the scareware installs malicious code onto your computer, whether you click the warning or not. This is more likely to happen if your computer has an account that has rights to install software.

The FBI says that downloading the software can result in viruses, malicious software called Trojans, and/or keyloggers— hardware that records passwords and sensitive data —being installed on your computer. This malicious software can cause severe damage and the inability to use your computer.

The Federal Trade Commission (FTC) notes that the scareware scam has many variations, but there are some telltale signs. For example:

  • You may get ads that promise to “delete viruses or spyware,” “protect privacy,” “improve computer function,” “remove harmful files,” or “clean your registry;”
  • you may get “alerts” about “malicious software” or “illegal pornography on your computer;”
  • you may be invited to download free software for a security scan or to improve your system;
  • you could get pop-ups that claim your security software is out-of-date and your computer is in immediate danger;
  • you may suddenly encounter an unfamiliar website that claims to have performed a security scan and prompts you to download new software.

The FTC reports that scareware schemes can be quite sophisticated. The cyber criminals purchase ad space on trusted, popular websites. Although the ads look legitimate and harmless to the website’s operator, they actually redirect unsuspecting visitors to a fraudulent website that performs a bogus security scan. The site then causes a barrage of urgent pop-up messages that pressure users into downloading worthless software.

Fake anti-virus example screenshots

Example screenshots of fake anti-virus alerts

The FTC suggest that if you’re faced with any of the warning signs of a scareware scam or suspect a problem, shut down your browser. Don’t click “No” or “Cancel,” or even the “x” at the top right corner of the screen. Some scareware is designed so that any of those buttons can activate the program. If you use Windows, press Ctrl + Alt + Delete to open your Task Manager, and click “End Task.” If you use a Mac, press Command + Option + Q + Esc to “Force Quit.”

Lastly, make it a practice not to click on any links within pop-ups.

The FBI recommends that you take precautions to ensure your operating systems are updated and your legitimate security software is current. If you receive these anti-virus pop-ups, close the browser or shut down your computer system. Run a full anti-virus scan whenever the computer is turned back on.

Call me today at 262-203-4459 and I will clean up, tune up and speed up your entire system so your computer can run like new again. Guaranteed.

{ Comments on this entry are closed }

Watch Out For Fake Virus Alerts

Watch out for fake virus alerts

Watch out for fake virus alerts

Rogue security software, also known as “scareware,” is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

How does rogue security software get on my computer?

Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the Web.

The “updates” or “alerts” in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.

Need affordable virus and malware removal? Call me at 262-203-4459.

Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.

What does rogue security software do?

Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.

Some rogue security software might also:

  • Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program).
  • Use social engineering to steal your personal information.
  • Install malware that can go undetected as it steals your data.
  • Launch pop-up windows with false or misleading alerts.
  • Slow your computer or corrupt files.
  • Disable Windows updates or disable updates to legitimate antivirus software.
  • Prevent you from visiting antivirus vendor Web sites.


Rogue security software might also attempt to spoof the Microsoft security update process. Here’s an example of rogue security software that’s disguised as a Microsoft alert but that doesn’t come from Microsoft.

Example of a warning from a rogue security program known as AntivirusXP.

Example of a warning from a rogue security program known as AntivirusXP.

For more information about this threat, including analysis, prevention and recovery, see the Trojan:Win32/Antivirusxp entry in the Microsoft Malware Protection Center encyclopedia.

Here is the legitimate Microsoft Windows Security Center:

Screenshot of legitimate Microsoft Windows Security Center

Screenshot of legitimate Microsoft Windows Security Center

To help protect yourself from rogue security software:

  • Install a firewall and keep it turned on.
  • Use automatic updating to keep your operating system and software up to date.
  • Install antivirus and antispyware software such as Avast! Antivirus and keep it updated.
  • If your antivirus software does not include antispyware software, you should install a separate antispyware program such as Windows Defender and keep it updated. (Windows Defender is available as a free download for Windows XP and is included in Windows Vista.)
  • Use caution when you click links in e-mail or on social networking Web sites.
  • Use a standard user account instead of an administrator account.
  • Familiarize yourself with common phishing scams.

If you think you might have rogue security software on your computer:

Scan your computer. Use your antivirus software or do a free scan with Windows Live safety scanner. The safety scanner checks for and removes viruses, eliminates junk on your hard drive, and improves your PC’s performance.

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? Call me at 262-203-4459. Or you can contact me here.

{ Comments on this entry are closed }

Microsoft: Biggest Patch Tuesday Ever

Microsoft plans biggest Patch Tuesday ever

Microsoft plans biggest Patch Tuesday ever

Microsoft is due to issue its biggest ever Patch Tuesday, with 16 bulletins set to be addressed.

Microsoft has planned its biggest ever Patch Tuesday for October, with a total of 49 vulnerabilities set to be fixed. This is over three times the number of security holes fixed in last month’s Patch Tuesday.

Of the 16 bulletins, four have been rated critical, where the flaws could lead to remote code execution. These four affected all versions of Windows.

One of the critical vulnerabilities affects Internet Explorer versions 6, 7 and 8, whilst two of the flaws, classed as “important,” affected Microsoft Office – one for Word and one for Excel on all platforms.

This Patch Tuesday announcement also marked the first time Microsoft Word 2010 had been included in an advisory.

The vulnerabilities are due to be patched on 12 October.

{ Comments on this entry are closed }

Windows 7 Service Pack Leaked

Windows 7 Service Pack 1 Leaked

Windows 7 Service Pack 1 Leaked

I ts release date is a month away but the first combined service pack for Windows 7 and Windows Server 2008 R2 is available as a torrent.

The first service pack (SP1) for Microsoft’s Windows 7 and Windows Server 2008 R2 products has been leaked onto the internet.

The beta had only been released to testers for a matter of days before it emerged as a torrent. But downloaders run the risk of malware and infections if they chose to take this route.

The SP1 build number is 7601.16562.100603-1800.

Microsoft confirmed the release of SP1 earlier this month but warned users there would be no major changes to the operating system.

“SP1 will simply be the combination of updates already available through Windows Update and additional hot-fixes based on feedback by our customers and partners,” wrote Gavriella Schuster, general manager of Windows at Microsoft, on the Windows blog.

“In other words, customers can feel confident about deploying Windows 7 now!”

So far SP1 is only available in English, German, Japanese, French and Spanish and if you want the genuine article, the release date is set for the end of July.

Microsoft also confirmed last week it had sold 150 million licences of Windows 7 since its launch eight months ago – equating to seven copies sold every second.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

Ubuntu is More Secure Than Windows, According to Dell

Ubuntu is More Secure Than Windows, According to Dell

Ubuntu Safer Than Windows

C omputer maker Dell has been singing Ubuntu’s praises from the rooftops, saying its smaller user numbers meant it wasn’t a target for online scammers.

Dell, the world’s third biggest PC maker, has called into question Microsoft’s efforts to keep Windows users safe online by claiming Ubuntu offers more protection.

With Linux systems still struggling to gain public trust, particularly when it comes to online shopping, Dell has issued a statement of support for Ubuntu by revealing 10 reasons why PC users should opt for Canonical’s Linux instead of Windows when buying a new PC.

Number six in Dell’s list is the claim that “Ubuntu is safer than Microsoft Windows: The vast majority of viruses and spyware written by hackers are not designed to target and attack Linux.”

Among the other reasons mentioned are its fast boot-up speeds and elegant design, and that with Dell claiming Ubuntu is “social from the start”.

The company says anti-malware software is “unwarranted” on Ubuntu, but claims Windows’ on-board Defender and Security Essentials invariably need upgrading to get closer to the level of protection needed on Windows systems.

The argument Dell is using is a simple one: the popularity of Internet Explorer will always make it the number one target for security threats, while the massively smaller quality of Ubuntu users will largely be safe simply because because the numbers just aren’t there to make it worth their while.

Dell – whose PCs have been shipping with Ubuntu on-board since 2007 – insists the public had no reason to fear Linux just because it doesn’t look exactly like Windows.


from » http://www.itpro.co.uk

Need help with Ubuntu or other Linux Distrobutions?  Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

New Windows XP Flaw Leaves PCs Exposed

New Windows XP Faw Leaves PCs Exposed

A British security researcher has discovered a new zero-day vulnerability that exploits a soft spot in XP’s Help and Support Centre to take over PCs.

A new zero-day flaw has been found in Windows XP that could allow cyber criminals to take control of users’ PCs.

The bug takes advantage of a security gap in XP’s Help and Support Centre, which leaves the remote assistance tool vulnerable to being taken over by attackers, who would then be able to execute tasks on infected PCs.

By embedding commands in web addresses, hackers could activate the remote assistance tool and issue commands to the PC in question over the internet. The flaw was discovered by British security researcher Tavis Ormandy, who reported it to Microsoft earlier this week.

“At least Microsoft Windows XP, and Windows Server 2003 are affected. The attack is enhanced against IE >= 8 and other major browsers if Windows Media Player is available, but an installation is still vulnerable without it,” Ormandy wrote on the Full Disclosure mailing list.

“Machines running versions of IE less than 8 are, as usual, in even more trouble. In general, choice of browser, mail client or whatever is not relevant, they are all equally vulnerable.”

Microsoft has confirmed it is investigating the matter, but criticised Ormandy for waiting just four days before making the full details of the flaw public, complete with a worker exploit and suggested workaround.

“Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk,” said Mike Reavey, director of Microsoft’s Security Research Centre.

Need help with Windows XP Security? Have questions about computer cleanup and system optimization? You can call me at (262) 203-4459 or email me here.

He emphasised that Microsoft wasn’t aware of any working exploits, and confirmed that users of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 had nothing to worry about.

However, Ormandy countered that the risk was sufficient to make holding on to the information irresponsible. “Upon successful exploitation, a remote attacker is able to execute arbitrary commands with the privileges of the current user,” Ormandy wrote. “I’ve concluded that there’s a significant possibility that attackers have studied this component, and releasing this information rapidly is in the best interest of security.”

The vulnerability comes to light just days after a bumper set of Microsoft’s customary Patch Tuesday fixes was sent out, though there is no word yet as to whether it will force the firm to send out an out-of-cycle update.

Microsoft has promised to issue a security advisory on the matter as soon as possible.

In the meantime, Ormandy suggests deleting the HCP key entry within the HKEY_CLASSES_ROOT section of the Registry as a temporary workaround. However, Microsoft warns that doing so will break not only any links hackers may be using to manipulate systems, but also any legitimate help links using the hcp://protocol.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

Microsoft to Patch 34 Vulnerabilities on Tuesday, 3 Critical

Microsoft to Release Two Critical Patches

Microsoft Addressing 34 Vulnerabilitie

Next week’s Patch Tuesday will see 10 bulletins from Microsoft addressing 34 vulnerabilities.

Microsoft is set to tackle a huge number of vulnerabilities on next week’s Patch Tuesday.

The company revealed today it would address 34 security flaws through 10 separate bulletins, three of which are marked “critical.” The other seven are flagged up as “important.”

The critical vulnerabilities are known to affect all versions of Windows, as well as Internet Explorer, while the latter seven cover Windows and Office.

Although Microsoft has warned on its Security Response Centre blog that administrators need to be prepared as always for the patches, the wider security industry are warning users to be extra vigilant.

“The June release is a large update and will keep system administrators busy, even if they have migrated to Windows 7 already,” said Wolfgang Kandek, chief technology officer at Qualys, in a statement.

Alan Bentley, vice president of international at Lumension, added in a statement: “The impact will be felt enterprise-wide with bulletins covering a large portion of Microsoft’s range of operating systems and Windows and Office products.”

“It is strongly suggested that IT administrators plan ahead and prioritise this patch load as soon as possible.”

Last month’s Patch Tuesday only saw two bulletins released, but both were critical updates.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

← Previous Entries