malware posts

Filed under: Security, Utilities, Windows, Microsoft, Freeware, Windows x64

Microsoft Security Essentials rated best free antivirus for Windows

by Lee Mathews Oct 31st 2009

Thousands of downloads. Countless positive reviews on software blogs around the Internet. It's been quite a ride so far for Microsoft Security Essentials.

In AV Comparative's most recent report on malware removal, MSE was the only free antivirus rated Advanced+. That ranking placed it alongside big names like Norton, Kaspersky, and F-Secure. Security Essentials also beat out technician favorite ESET, which managed only an Advanced rating.

It's also worth noting that only three antivirus apps - Norton 2010, eScan, and Security Essentials - scored marks of good or better in removal of malware and removal of leftovers. So not only has MSE beaten free competitors like AVG (version 8.5 tested, not 9.0), Avira, and Avast, it also posted test scores equal to or better than a dozen antivirus programs you'd have to pay for.

Well done, Microsoft!

[via Ars Technica]

Tags: antivirus, malware, Microsoft Security Essentials, MicrosoftSecurityEssentials, morro, mse, trojan, virus

Filed under: Internet, Security, News

Web-based malware attacks growing at an astonishing rate

by Lee Mathews Oct 28th 2009

Dasient, the web security firm founded by ex-Google staffers that launched in June of this year, have published a blog post which shows just how dangerous a place the web is becoming.

If you do any computer service - either as a job or a favor to friends and family - you've no doubt seen the end result of these attacks. Fake antivirus applications continue to be the biggest source of business at my day job. That's all thanks to a web that has been slow to adapt to the presence of these threats.

According to the data Dasient has gathered to date, they estimate the number of compromised web sites to be about 640,000. Netcraft puts the total number of sites on the Internet at around 240 million - so compromised sites only amount to .26% of the whole. Still, those 640,000 sites are serving as many many as 5.8 million infected pages says Dasient, up sharply from the 3 million pages earlier this year reported by Microsoft.

Tags: dasient, drive-by, driveby, exploit, iframe, infection, javascript, malware, trojan, virus

Filed under: Security, Windows, Freeware, Beta, Windows x64

Panda Cloud AV beta 3 boasts faster scans, inches closer to RTM

by Lee Mathews Oct 27th 2009

When our list of six free antivirus apps for Windows 7 went live over the weekend, Panda's Cloud AV made the list. While it boasted the best detection rates of any of the available options, it's still in beta testing - so I can't really recommend it for use by the average user just yet.

Panda's plugging away though, and a full release could well be just around the corner. Beta 3 has just been made available for download and it fixes a number of bugs and performance issues. The latest release also boasts improved scanning performance (the biggest knock against previous versions) and lower resource utilization.

In addition to updating the app itself, Panda is also hard at work on a new web site. Sign up for a CloudAV account, and you'll have access to forums as well as "other free services which [Panda is] still building." I'll be talking with Panda Security CEO Juan Santana and Senior Research Advisor Pedro Bustamante next week to learn more about their plans.

An account is now required to use the app, but as Pedro informed one leery commenter "It's just a unique identifier that is tied to the Tech Support Forums to be able to provide better support. You can use a throw-away mailbox to activate it[...]"

Panda Cloud Antivirus beta 3 is available for download now at Cloudantivirus.com. If you're using it - or tried it out and switched - share your thoughts in the comments!

Tags: cloud antivirus, cloud av, CloudAntivirus, CloudAv, malware, panda, trojan, virus

Filed under: Linux, Open Source

How good is WINE at running Windows software on Linux? Good enough to get infected

by Lee Mathews Oct 27th 2009

WINE. It's not an emulator, but it is a pretty decent way to run many Windows programs under Linux.

What's that you say? Why yes, malware and scareware do count as programs. So, do they run under WINE, too?

The answer is a resounding yes!

Linux user Filip Sufitchi was killing time on Facebook when he stumbled across a malicious link on someone's wall. The link used a series of redirects to dump users at a site that pushes rogue antivirus software. Ignoring Firefox's repeated warnings (in the name of science, of course), Filip clicked onward until he wound up on the nefarious site.

Filip was rewarded with an incredibly annoying bogus app that didn't care what platform it was installed on. Win Police Pro set up shop and began "scanning" his WINE C: drive for "viruses," and WINE neatly transformed the Windows system tray alerts to Gnome notifications. The infection was also able to attach itself to the WINE registry.

While it's not the most positive endorsement of WINE around, it's still pretty impressive that an app like this was able to function without missing a beat (apart from a single error message).

Tags: malware, virus, wine

Filed under: Security, Microsoft, Freeware

How to make Microsoft Security Essentials check for updates more often

by Lee Mathews Oct 26th 2009

I've had plenty of good things to say about Microsoft Security Essentials to this point. On my own systems, it's been a good, lightweight layer of protection.

However, the folks over at H-Online have noted a bit of a problem. There are what H-Online refers to as "certain circumstances" under which Security Essentials seems to be forgetting to 1) update definitions and 2) notify users that their definitions may be as out of date as yet another Kanye West interruption joke.

By default, MSE only checks for updates once per day - when it's working, of course. Fortunately, making it check more often is a fairly simple task.

If you're comfortable editing your registry, read on after the break. If not, it might be best to wait for Microsoft to release a fix.

Tags: definitions, fail, free antivirus, FreeAntivirus, malware, seucirty-essentials, trojan, virus

Filed under: Security, Windows, Freeware

Six free antivirus programs made for your Windows 7 system

by Lee Mathews Oct 24th 2009

Yesterday, I showed you a pain-free way to get rid of excess software that comes bundled on new systems and replace it with high-quality free programs. Those of you who want a bit more choice than what Ninite offers will probably do your installs manually -- so let's take a look at some antivirus options for your Windows 7 system.

There are plenty of pay-for programs you probably already about, like Norton, McAfee, Kaspersky and Trend Micro. I'm going to focus on the free options -- of which there are many!

Hey, you just paid for an OS or a whole new computer -- why not save a few bucks if you can?

Tags: antivirus, avast, avg, avira, comodo, free, malware, MSE, security essentials, SecurityEssentials, trojan, virus

Filed under: Security, Utilities, Windows, Freeware

Remove Fake Antivirus cleans up Personal Antivirus, Antivirus 360, and other rogues

by Lee Mathews Oct 19th 2009

Rogue antivirus programs are extremely annoying. Yes, they keep me both busy and paid all week at my day job as a computer technician, but I'd love it if my customers could stay out of trouble for a little while.

If they can't, at least I've found a new tool that makes cleaning up after this kind of infection a bit easier. Remove Fake Antivirus is a free app that carries on in the fine tradition of programs like SmitFraudFix.

It's a no-nonsense app which requires very little interaction. Click the start button and then answer yes to the prompt you see above, and that's about it. Just sit back and watch RFA work. It can uproot many of the rogues I confront on a daily basis, including:

Personal Antivirus
Antivirus 2009 and 2010
Antivirus 360
MS Antispyware 2009
Malware Doctor
Antivirus BEST

...and several others. You can download Remove Fake Antivirus from Softpedia. It's on the developers site as well, but the AdSense blocks may be a bit misleading to some users - since they're pushing other antivirus apps.

[via Raymond.cc]

Tags: antivirus 360, Antivirus360, malware, personal antivirus, PersonalAntivirus, rogue, trojan

Filed under: Security, Windows, Microsoft, Freeware, Windows x64

Microsoft Security Essentials enjoys warm reception in first week

by Lee Mathews Oct 18th 2009

I'm a huge fan of Security Essentials (and Windows 7, and a number of other MS products, but I digress). It's quickly become my recommended free antivirus app of choice and protects all three of the laptops in my house. And I've got plenty of company.

The Microsoft Malware Protection Center blog has posted some interesting numbers. After its first week, Security Essentials has already been installed more than 1.5 million times. From the approximately 535,000 machines reporting statistics, MSE has logged over 4 million detections.

44% of MSE users are already running Windows 7 with XP following at 33% and the remaining 23% on Vista. The number of detections per OS is also interesting. 52% of the 4 million reported were found on Windows XP systems compared to only 32% on Vista.

Windows 7 users fared even better. Though they represent the largest group of MSE users, only 16% of detections came from systems running Microsoft's latest OS. The post also reports 1/3 of these machines are using the 64-bit version, which "is even more resistant to malware than 32-bit due to PatchGuard," states Microsoft's Joe Faulhaber.

Security Essentials is a free download, and is available directly from Microsoft.

Tags: antivirus, live-onecare, malware, morro, mse, security essentials, SecurityEssentials, trojan, virus, windows-defender

Filed under: Microsoft, Mozilla, Browsers, Op-Ed

Dear Microsoft, please keep your lousy mitts off my Firefox install

by Lee Mathews Oct 17th 2009

This isn't the first time Microsoft has taken liberties with Firefox users. There's that whole .Net thing that happened back in May of this year.

So what gives, Redmond? Why - especially after the fallout from the last incident - would you go and push a Windows Presentation Foundation plugin on my Firefox install? I didn't ask for it, and I don't really want it. Plenty of people consider software that installs in this kind of underhanded way to be malware.

Not to mention a security risk. You know, the same way you (Microsoft) consider Google's Chrome Frame to be a security risk for your own browser. I'll need someone to explain to me how MS figures the situation is different when the shoe is on the other foot.

I'll clear something up for you right now - and this goes for all software companies, not just Microsoft. I expect control over what gets installed on my system and what doesn't. Go ahead and offer me updates, add-ons, and plugins. But please, give me the choice to install.

Heck, I can choose to put off Windows updates forever if I want and some of those are pretty critical patches. So why should I not be given the choice to opt out of something as trifling as a WPF plugin for my non-IE browser?

Get your filthy hands off my browser, you damn, dirty ape!

Tags: firefox, malware, microsoft, plugin, unwanted-software, wpf

Filed under: Business, News

BSA loves irony, disproves link between piracy and malware

by Lee Mathews Oct 17th 2009

I know, sometimes it's hard to believe that the "BS" in BSA stands for business software when they publish reports like the one Wired shared with us this week. Entitled Software Piracy on the Internet: A Threat to Your Security, the BSA's latest tour de force is fine example of propaganda gone wrong.

Wired highlights this quote from the report: "Globally, there is a significant evidence to link software piracy with the frequency of malware attacks. While this correlation has not been measured with precision, the evidence from industry sources suggests that markets with high software piracy rates also have a tendency to experience high rates of malware infection...."

Not measured with precision? Adam and Jamie would call this thing busted on that point alone.

What the hell, fellas. In addition to your own admission that you weren't particularly careful in how you calculated your figures you obviously didn't look too closely at your charts.

Tags: bsa, fail, malware, piracy, report

Filed under: Security, Windows, Op-Ed

Lark Antispyware is free, but sometimes getting what you pay for is a bad thing

by Lee Mathews Oct 8th 2009

Don't get me wrong -- I'm all for free applications that help us keep our systems malware-free, provided that they actually work as advertised. Lark Antispyware...not so much.

When I see something new and potentially interesting show up on Softpedia, I'll download it to see if it's worth sharing. Most of the time an app is postable because it's useful. Sometimes it's postable because people should probably stay away. You can see where I'm going here.

If you looked at the screenshot above, a couple things probably struck you. It's riddled with false positives and the "trojans" seem to be randomly named. There's no "more information" button to offer any kind of clarification, and you certainly won't turn up any info on Google if you search for that alphanumeric jibberish.

As you can see, Lark is happy to try removing these "infections" for me, but I'm pretty sure I don't want it messing with msconfig, winload, isoburn, or my TeamViewer executables. I was also put off by the option of running a "Cunstom Scan" from the system tray icon.

Call me crazy, but I like my security-related apps to have a bit more polish than that.

Pro tip: stick with Malwarebytes for now --it's free, and it's awesome. If something better comes along, you'll read about it here.

Tags: malware, malwarebytes, spyware, trojan

Filed under: Security, Google, Yahoo!

Google and Yahoo banner ads delivering trojans

by Jay Hathaway Sep 28th 2009

Users who clicked on booby-trapped banner ads served by Google's DoubleClick and a Yahoo-owned service called Right Media ended up having their machines infected by a trojan, according to a report from The Register. The sneaky ads showed up on the Drudge Report, Lyrics.com, slacker.com and horoscope.com. Google says that publishers who use DoubleClick have to approve the banner ads that show up on their sites, implying that these four sites are at fault for the attack on their users.

The trojan itself was installed via an infected PDF file that opened and closed when a user clicked an ad. It's called Win32/Alureon, and it opens backdoor access to infected machines. This is serious business, and it's hardly the first time we've seen "malvertising," but who's to blame when it happens? Should site owners who buy ads have to scan them first, or should the big ad networks be responsible?

Tags: advertising, doubleclick, google, malware, security, trojan, yahoo

Filed under: Security, Windows, Commercial

Sunbelt offering a lifetime of Vipre antivirus for $99

by Lee Mathews Sep 25th 2009

Sunbelt's Vipre might not be as well known as Norton or McAfee, but it's definitely a solid choice in desktop malware and virus protection.

Now, thanks to the fine people at HSN who also bring you products like Tony Little fitness gear and Carol Alt's line of cosmetics you can score Vipre's protection until you're stone dead for a mere $99.90. Plus $6.95 shipping and handling, of course.

For added craziness, you can even cover the tab in three equal installments of $33.30.

Let's put this into perspective: a three-year sub for Norton Internet Security will run you $164.99. At that price, you'd be able to buy Vipre for this entire lifetime and 65% of any additional existence you luck into afterward. That's pretty sweet. A little new age, perhaps, but still an excellent deal.

[via Sunbelt Blog]

Tags: antimalware, antivirus, AV, budget, deal, lifetime, malware, norton, sunbelt, trojan, vipre

Filed under: Security, News, Microsoft

Forget Security Essentials - Microsoft attacks malware pimps with lawsuits

by Lee Mathews Sep 18th 2009

We all know Microsoft is working on the successor to OneCare -- Security Essentials is currently in beta testing and should be ready for public consumption any time now. It's a decent protection package, and should help protect users from things like nefarious fake antivirus apps and other "scareware."

But Microsoft has decided to go one better. After all, simply removing infections or blocking them isn't all that detrimental to the bottom feeders who are pushing the malicious apps. They've now launched a second wave of attacks using one of the deadliest weapons in the Redmond arsenal: lawyers.

Reuters reports that Microsoft has filed suit against several "malvertisers," low-lifes responsible for things like the recent pop-up scare on the New York Times website. The case targets several cheesily-named businesses including "Soft Solutions," "Direct Ad," "qiweroqw.com," "ITmeter Inc" and "ote2008.info."

Microsoft hopes to uncover the actual identities of those responsible. Regardless of your feelings for Microsoft, I think we can all agree that it would be nice for this lawsuit to hit the bad guys where it hurts - in their ill-gotten bank account balances.

Tags: fakeav, lawsuits, malware, microsoft

Filed under: Security, Social Software, web 2.0

Facebook removes Fan Check app after malware rumors

by Jay Hathaway Sep 15th 2009

Fan Check is a Facebook app that claims to tell you who's viewing your Facebook profile. Although it doesn't actually work, it's not a virus, as a widespread rumor would have you believe. The real malware problem comes from other applications that promise to remove the Facebook Fan Check virus, and users are falling for it after seeing the virus rumors reposted in friends' status messages. So, don't keep posting the warning about Facebook Fan Check being a virus, don't link to any sites that claim they'll fix it, and don't download or install anything from said sites yourself.

In the meantime, Facebook has removed Fan Check from the app directory. Visiting its URL just shows a note explaining that Facebook had an issue with the third-party developer and is investigating it. Although Fan Check is only "temporarily suspended," Mashable reported (before the app was shut down) that Facebook told them it had disabled some functionality it found questionable in Fan Check. Seeing who's viewing whose profiles has always been an internal feature for Facebook, and perhaps they object to an app that aims to make it publicly available.

Tags: facebook, fan check, FanCheck, malware, virus

Graveyard Shift - zombie-busting Time Waster

With Halloween fast approaching, it's a great time to get in some practice defending your territory against zombies. In Graveyard Shift, you take aim at zombies and other creepy-crawlies, blasting them into splatters of cartoony green guts. It's a casual first-person shooter, and it's very easy to get the hang of - use the mouse to aim, click to fire. Graveyard Shift has at least 15 levels, and it might even have some secret stages I haven't unlocked yet. They key to getting good at Graveyard Shift is learning to use ...

View more Time Wasters

Featured Galleries

Defective by Design, London: Protest Pictures

Download Squad at the Crunchies After-Party

Android First-look: Amazon.com MP3 Store

Flickr Pool

www.flickr.com

Download Squad bloggers (30 days)

#	Blogger	Posts	Cmts
1	Jay Hathaway	110	5
2	Lee Mathews	75	33
3	Sebastian Anthony	45	150
4	Brad Linder	36	8
5	Jason Clarke	32	0
6	Grant Robertson	8	11
7	Dolores Parker	7	2
8	Victor Agreda, Jr.	7	1
9	Nik Fletcher	4	0
10	Matt Heerema	3	3
11	Paul O'Brien	2	0
12	John Burke	1	0
13	Download Squad Staff	1	0

More Tech Coverage

Control Shift It's all about the experience
Somewhat Frank Perspectives on tech as it fuses in everyday life
Switched Gadgets, web news and commentary
Urlesque Exposing bits of the web

Download Squad