Posts tagged as:

online

The Best Antivirus Software in 2011, According to PC Magazine

The Best Antivirus Software in 2011

Best Antivirus Software, 2011

Antivirus vendors have included “2011″ in their product names since the summer of 2010. Now that the year 2011 has actually arrived it’s time for a new look at the whole collection. Several of the latest additions attempt to crank up protection by running two different antivirus engines, and some actually succeed. This batch also brings a new Editors’ Choice for free antivirus and a new shared Editors’ Choice for commercial antivirus.

As always, when I say “antivirus” I mean a utility that protects against all kinds of malicious software, not just viruses. Trojans, spyware, rootkits, keyloggers, adware, scareware – a proper antivirus must handle all of these.

Standalone or Suite?
Many of this year’s products blur the line between standalone antivirus and security suite. In the past the presence of a personal firewall has been one defining suite element; not any more. There’s a fully-functional firewall inside Panda Antivirus Pro 2011. eScan Anti-Virus 11 and McAfee AntiVirus Plus 2011 also offer firewall protection. Norton AntiVirus 2011 doesn’t include a complete firewall, but its intrusion prevention feature is more effective against exploits than most full-blown suites.

Spam filtering is another component typically found in a suite. The spam filter built into BullGuard Antivirus 10 is reasonably accurate and unusually helpful at setup time. eScan also offers a spam filter, but it’s not something you’d want to inflict on your Inbox.

StopSign Internet Security 1.0 includes an optional firewall with spam filtering built in. None of the independent labs have tested it, though, and its performance in my own malware blocking and removal tests was so poor that I didn’t bother evaluating those optional features.

BitDefender Antivirus Pro 2011 offers full remote management of other BitDefender installations across the network. McAfee can monitor other installations remotely and fix problems. Panda and Norton can at least let you know when another installation has problems, though they won’t fix those problems remotely.

BitDefender includes a very effective phishing prevention tool, as does G Data AntiVirus 2011. The LinkScanner component in AVG Anti-Virus Free 2011 also works to block phishing sites, as does McAfee’s SiteAdvisor. AVG and Norton both scan the links on your Facebook pages to protect you from Facebook scams and viruses. BitDefender and Kaspersky Anti-Virus 2011 both check your system for security vulnerabilities, though BitDefender takes the concept a bit farther.

Outpost Antivirus Pro 7.0 and BitDefender can block transmission of user-defined private data, a feature usually found only in suites. Ad-Aware Pro Internet Security 9.0, AVG, Kaspersky, and McAfee will tune system performance and wipe out traces of computer and Internet use. Sometimes it’s hard to remember that the product is “only” an antivirus, not a full suite.

The true standalone antivirus isn’t dead, however. For example, F-Secure Anti-Virus 2011 sticks to the business of virus protection without any sign of morphing into a mini-suite.

Twin-Engine Trend
Several late-season additions aim to double your protection by using two antivirus engines, with varying degrees of success. G Data’s dual scan doesn’t take much longer than the average single-engine product, and it includes powerful phishing protection. However, it doesn’t thoroughly clean up the threats it detects, and a failed cleanup effectively killed one test system. TrustPort Antivirus 2011 ran a bit slower than G Data and failed significantly in my testing. After its alleged removal some threats were still running. In the malware blocking test a few threats that it claimed to block managed to install and launch anyway.

Double Anti-Spy Professional v2 turned in the best performance of the twin-engine antivirus tools. It scans first with one engine, then with the other, and it also requires two separate updates. It’s noticeably slow, but effective enough that it’s worth waiting for.

Adjustable Interfaces, Built-in Support
Some users want to hear about every little security event, but most prefer a product that just does the job, without making a fuss. Ad-Aware Pro appeals to both with a choice of simple or advanced mode. BitDefender goes even further. Not only can its users choose basic, intermediate or expert view, they can build a personal collection of their most-used tools.

Webroot AntiVirus with Spy Sweeper 2011 totally focuses on keeping everything as simple as possible. It updates automatically, scans while the system is idle, and interacts with the user through a completely redesigned interface. All the detail a tech-savvy user might want is available, but hidden when not needed.

The user interface for Trend Micro Titanium Antivirus + 2011 discards the standard landscape-orientation window for a skinny vertical panel that takes up minimal space. McAfee, too, has switched to a vertical interface.

Norton reserves a panel across the bottom of its main window for interaction and communication with other security components. Initially the panel shows an interactive world map of security activity, but it can also connect with Norton Safe Web for Facebook or with your Norton Online Backup account.

Built-in and automated support features grace many of these tools. BitDefender includes a search box for help topics right on its main screen; a built-in tool will gather system information and contact an agent for chat-based support. Norton’s one-click support system gathers diagnostics and offers relevant FAQs or chat-based support. Kaspersky’s built-in support tool can send diagnostic reports to the company and process purpose-built scripts to fix specific problems. Panda’s PSCAN lets remote analysts request samples and push fixes without requiring full chat-type interaction. BullGuard offers built-in access to e-mail and live chat support with a message center to manage your support interactions. eScan links to live chat and online help.

[click to continue…]

{ Comments on this entry are closed }

Spread Firefox Co-Founder Slams Tech Giants for Stealth Plug-Ins

Spread Firefox's Asa Dotzler

Spread Firefox's Asa Dotzler

Asa Dotzler, co-founder of the Spread Firefox project, is more than a little miffed at Apple, Google, Microsoft, and RockMelt for installing plug-ins into Firefox without first asking for permission from Web surfers.

Dotzler made the stealth plug-in discovery when he installed software like Apple iTunes, Google Chrome, and Windows Live Photo Gallery.

“When I installed iTunes, in order to manage my music collection and sync to my iPod, why did Apple think it was OK to add the iTunes Application Detector plug-in to my Firefox web browser without asking me?” he asked in a blog post.

“Why did Microsoft think it was OK to sneak their Windows Live Photo Gallery or Office Live Plug-in for Firefox into my browser (presumably) when I installed Microsoft Office? What makes Google think it’s reasonable behavior for them to slip a Google Update plug-in into Firefox when I installed Google Earth or Google Chrome (not sure which one caused this) without asking me first?” he asked.

Firefox stealth plug-in and extension security issues

Microsoft, Google and Apple install plug-ins without user's permission

Dotzler compared the companies to those that manufacture malware, as a secondary software installation occurred without user permission.

“These additional pieces of software installed without my consent may not be malicious but the means by which they were installed was sneaky, underhanded, and wrong.”

The Firefox advocate had some strong advice for the offending companies. “Microsoft, stop being evil. Apple, stop being evil. Google, stop being evil. And you upstarts like RockMelt, don’t follow in those evil footsteps.”

RockMelt, Microsoft, and Apple did not immediately respond to a request for comment. A Google representative said the Firefox browser plug-in is simply Google Update, which automatically pushes software updates to Google products. The representative stated that Google utilizes this method as a non-intrusive way to deliver updates, and that it doesn’t constantly run, eating up CPU resources.

Update: A Microsoft spokesperson replied to our inquiry with the following statement: “We use web/open standards where possible. To reach as many customers as possible with our web experiences, we use HTML/JS/CSS and try to avoid plug-ins. Office Web Apps are a great example of this. Sometimes we need plug-ins to enable key features. For example, Silverlight improves animations in PPT web app, Office 2010 plug-in lets people switch from web editing to Office 2010 on the desktop to do video editing etc.”

Dotzler’s blog post was first reported by The Register.

{ Comments on this entry are closed }

Google and Mozilla Fix Browser Flaws

Google and Mozilla Fix Browser Flaws

Google and Mozilla Fix Browser Flaws

Google and Mozilla have released new versions of their browsers, plugging plenty of security holes along the way.

Hundreds of bugs have been fixed in the Google Chrome update, after the company said it would be releasing a “new stable version” of the browser every six weeks.

So far Google has followed through with its promise and introduced the patches along with a new HTML5 parser and file API, among other features.

“Also, if you choose to block sites from setting any data in your browser’s content settings for cookies, you can now use a new dialog for managing blocked cookies in bulk,” noted Jeff Chang, product manager for Google Chrome, in a blog.

Google recently launched a security advice page offering some tips on how users can protect themselves from hackers.

Mozilla, meanwhile, has made Firefox versions 3.6.11 and 3.5.14 available for download, patching nine vulnerabilities along the way.

Five of the flaws were ranked as critical, meaning they could be exploited “to run attacker code and install software, requiring no user interaction beyond normal browsing,” Mozilla explained.

“As always, we recommend that users keep up to date with the latest stability and support versions of Firefox, and encourage all our users to upgrade to the very latest version, Firefox 3.6.11,” advised Firefox release manager Christian Legnitto.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

New Windows XP Flaw Leaves PCs Exposed

New Windows XP Faw Leaves PCs Exposed

A British security researcher has discovered a new zero-day vulnerability that exploits a soft spot in XP’s Help and Support Centre to take over PCs.

A new zero-day flaw has been found in Windows XP that could allow cyber criminals to take control of users’ PCs.

The bug takes advantage of a security gap in XP’s Help and Support Centre, which leaves the remote assistance tool vulnerable to being taken over by attackers, who would then be able to execute tasks on infected PCs.

By embedding commands in web addresses, hackers could activate the remote assistance tool and issue commands to the PC in question over the internet. The flaw was discovered by British security researcher Tavis Ormandy, who reported it to Microsoft earlier this week.

“At least Microsoft Windows XP, and Windows Server 2003 are affected. The attack is enhanced against IE >= 8 and other major browsers if Windows Media Player is available, but an installation is still vulnerable without it,” Ormandy wrote on the Full Disclosure mailing list.

“Machines running versions of IE less than 8 are, as usual, in even more trouble. In general, choice of browser, mail client or whatever is not relevant, they are all equally vulnerable.”

Microsoft has confirmed it is investigating the matter, but criticised Ormandy for waiting just four days before making the full details of the flaw public, complete with a worker exploit and suggested workaround.

“Public disclosure of the details of this vulnerability and how to exploit it, without giving us time to resolve the issue for our potentially affected customers, makes broad attacks more likely and puts customers at risk,” said Mike Reavey, director of Microsoft’s Security Research Centre.

Need help with Windows XP Security? Have questions about computer cleanup and system optimization? You can call me at (262) 203-4459 or email me here.

He emphasised that Microsoft wasn’t aware of any working exploits, and confirmed that users of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 had nothing to worry about.

However, Ormandy countered that the risk was sufficient to make holding on to the information irresponsible. “Upon successful exploitation, a remote attacker is able to execute arbitrary commands with the privileges of the current user,” Ormandy wrote. “I’ve concluded that there’s a significant possibility that attackers have studied this component, and releasing this information rapidly is in the best interest of security.”

The vulnerability comes to light just days after a bumper set of Microsoft’s customary Patch Tuesday fixes was sent out, though there is no word yet as to whether it will force the firm to send out an out-of-cycle update.

Microsoft has promised to issue a security advisory on the matter as soon as possible.

In the meantime, Ormandy suggests deleting the HCP key entry within the HKEY_CLASSES_ROOT section of the Registry as a temporary workaround. However, Microsoft warns that doing so will break not only any links hackers may be using to manipulate systems, but also any legitimate help links using the hcp://protocol.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

Microsoft to Patch 34 Vulnerabilities on Tuesday, 3 Critical

Microsoft to Release Two Critical Patches

Microsoft Addressing 34 Vulnerabilitie

Next week’s Patch Tuesday will see 10 bulletins from Microsoft addressing 34 vulnerabilities.

Microsoft is set to tackle a huge number of vulnerabilities on next week’s Patch Tuesday.

The company revealed today it would address 34 security flaws through 10 separate bulletins, three of which are marked “critical.” The other seven are flagged up as “important.”

The critical vulnerabilities are known to affect all versions of Windows, as well as Internet Explorer, while the latter seven cover Windows and Office.

Although Microsoft has warned on its Security Response Centre blog that administrators need to be prepared as always for the patches, the wider security industry are warning users to be extra vigilant.

“The June release is a large update and will keep system administrators busy, even if they have migrated to Windows 7 already,” said Wolfgang Kandek, chief technology officer at Qualys, in a statement.

Alan Bentley, vice president of international at Lumension, added in a statement: “The impact will be felt enterprise-wide with bulletins covering a large portion of Microsoft’s range of operating systems and Windows and Office products.”

“It is strongly suggested that IT administrators plan ahead and prioritise this patch load as soon as possible.”

Last month’s Patch Tuesday only saw two bulletins released, but both were critical updates.


from » http://www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }

What is Fake AV?

What is Fake AV?

What is Fake AV?

Find out how criminals lure users to malicious sites and scare them into paying for fake threat removal tools.

What is Fake AV?

FakeAV, or Fake Anti-Virus, is one of the most frequently-encountered and persistent threats on the web. This malware, with over half a million variants, uses social engineering to lure users onto infected websites with a technique called blackhat Search Engine Optimization.


Once the FakeAV is downloaded onto the user’s computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats. The FakeAV will continue to send these annoying and intrusive alerts until a payment is made.

The great threat of FakeAV is the risk to victims’ personally identifiable information, which is extracted and exploited by the affiliate networks that publish this malware. [click to continue…]

{ Comments on this entry are closed }

Fake Anti Virus Prevention Tips

Avoid

Avoid Fake Anti-Virus Software Scams

Some simple tips to help you avoid fake anti-virus software scams

Fake Virus Scam Tactics

Fake virus alerts are usually generated by a Trojan — a program that takes control of your computer — after you open an email attachment, click on a pop-up advertisement or visit a particular website. (Adult sites are special favorites.)

If you run programs that provide file-sharing information — including LimeWire,FrostWire, and some instant messenger (IM) applications — your computer might be remotely accessed by scammers, hackers and identity thieves.

Sometimes, the Trojan creates “false positive” readings, making you think viruses and spyware have infected your computer, even though nothing has. In other cases, scam software actually implants malicious code into your computer, especially if you request a “free virus scan.”

In other words, some peddlers of fake anti-virus software actually design the viruses, spyware and malware that their software is supposed to detect.

Rogue Spyware: What to Look For

  • Rogue anti-virus/spyware programs often generate more “alerts” than the software made by reputable companies.
  • You may be bombarded with pop-ups, even when you’re not online.
  • High-pressure sales copy will try to convince you to buy RIGHT NOW!
  • If you’ve been infected, your computer may dramatically slow down.
  • Other signs of infection include: new desktop icons; new wallpaper, or having your default homepage redirected to another site.

(Mac users: if you run Windows using Boot Camp, Parallels or VMWare, these tips apply to you. However, at the time of this writing, Mac OSX does not have these problems.)

Fake Anti Virus Prevention Tips

1. Use Firefox or Google Chrome as your browser rather than Internet Explorer.

2. Keep your computer updated with the latest anti-virus and anti-spyware software, and be sure to use a good firewall.

3. Never open an email attachment unless you are POSITIVE about the source.

4. Do NOT click on any pop-up that advertises anti-virus or anti-spyware software, especially a program promising to provide every feature known to mankind. (Also remember: the fakes often mimic well-known brands such as Grisoft AVG, Norton and McAfee.)

5. If a virus alert appears on your screen, do NOT touch it. Don’t use your mouse to eliminate or scan for viruses, and DON’T use your mouse to close the window. Instead, hit control + alt + delete to view a list of programs currently running. Delete the “rogue” from the list of running programs, and call your computer maker’s phone or online tech support service to learn if you can safely use your computer.

6. Do not download freeware or shareware unless you know it’s from a reputable source. We use Download.com and VersionTracker.

Unfortunately, freeware and shareware programs often come bundled with spyware, adware or fake anti-virus programs.

7. Avoid questionable websites. Some sites may automatically download malicious software onto your computer.

8. Reset your current security settings to a higher level.

9. Although fake software may closely resemble the real thing, it’s rarely an exact match. Look for suspicious discrepancies.

10. Check out this list of rogue/fake anti-virus and anti-spyware products.

If your computer is infected by rogue software, stop work and contact your computer manufacturer’s tech-support hotline. Don’t keep using the computer. This may further damage your machine and provide identity thieves with more information about you.

Use of fake anti-virus, anti-spyware software is a fast-growing scam, especially as more people become aware of the dangers of spyware, adware and malware. By following the tips above, however, you’ll better protect yourself from becoming the next victim of scammers, identity thieves and hackers.

{ Comments on this entry are closed }

Twitter Botnet Creation Made Simple

Automated Twitter Attacks

Automated Twitter Attacks

A new tool designed to make botnet-based attacks over Twitter simpler has been created, according to a security expert.

Named the TwitterNet Builder, it can create botnets to carry out a variety of actions, including installation of software or a distributed denial-of-service attack, explained Sunbelt Software researcher Christopher Boyd, in a blog post.

Once the end-user is infected, the attacker can post commands telling the botnet what action they want it to take from a specified Twitter account.

Twitter has now been notified of the problem and is looking into it, Boyd noted.

“All in all, a very slick tool and no doubt script kiddies everywhere are salivating over the prospect of hitting a website with a DDoS from their mobile phones,” Boyd said.


Fortunately for Twitter users, there are drawbacks to the system. “This doesn’t work if the person controlling the bots attempts to hide their commands with a private Twitter page,” the security expert added.

Being public means that Twitter should be able to block anyone issuing such commands and it only takes a search on the micro-blogging service to identify those using the attack method.

Graham Cluley, senior technology consultant at Sophos, had seen Boyd’s blog and also pointed to the flaws of the botnet creator.

“If a botnet is reliant upon Twitter accounts to give it its commands then it’s relatively easy to cut off the head and disable accounts. The guys at Twitter are shutting down accounts all the time because of spam, or porn, or phishing, or faking identities,” he told IT PRO.

He did have a warning, however, about other threats on Twitter, such as spam and malicious links being placed on the service.

“We see lots of automated accounts being created with fake profiles which then lure you in with sexy pictures and sexy chat and then ultimately you are given a malicious link.”

He also pointed to the recent bug that let some users force others to follow them, which “could have been very nasty”.

“One wonders how many other flaws might there be on Twitter which we simply don’t know about at the moment,” Cluley added.

from ITPro » www.itpro.co.uk

Need help with virus and malware removal? Have questions about computer cleanup and system optimization? You can contact me here.

{ Comments on this entry are closed }