If Malware Could Speak – What a Tale it Would Tell!

If malware could speak, you could have an illuminating conversation with one, or more, of the scourges that infest the Internet.

You might be surprised at what could be learned from such an imaginary conversation. It might go something like this -

I might be malware, but in most cases I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

Take my good buddy LOP, for example, he’s been away for awhile, but he recently came back from vacation and he’s now infecting unsuspecting computer users’ machines with renewed vigor.

He will accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that he likes to piggyback on. There are many more than that of course.

The people he works for (some might call them cyber-crooks – well, actually everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like LOP.

LOP is a pretty neat piece of malware (his employers are pretty smart fellows), since he’s been designed, amongst other things, to display ads from a range of advertisers through pop-up windows, banner ads and so on.

Oh, and he’ll automatically switch your Internet Explorer home page to his own search engine. One he particularly likes is www.mp3search.com. When searches are made with this engine, the results that you see will be advertising pages that LOP chooses to display.

(Sample misdirected search)

Just in case you decide that LOP is no longer welcome on your computer (that happens all the time), he will connect, every so often, to a web page from which new malware files will be downloaded  making it much more difficult to delete all of the active malicious files on your system.

I should tell you that LOP is extremely hard to get rid of, and just in case you try,you’ll have to deal with over 200+ changes to your Registry Keys. And in case that’s not enough bad news, you should know that LOP will invite lots of his other malware friends over, so that they can party on your system.

But LOP has even more tricks up his sleeve. He can  monitor your system’s processes, and can even play with your security applications making them ineffective.

Since he’s a sporty fellow, once he’s done that, he’ll launch a keylogger to capture your key strokes and just for fun, he’ll go on to scan your email address book so that he can bug your friends. Hmm, maybe they’ll become your ex friends.

LOP is definitely a hard worker (which is why his employers like him so much), so in his spare time he’s going to look around your operating system for vulnerabilities. You see, he knows that like most people, you probably haven’t installed the latest operating system updates, nor have you updated your security applications, like you’re supposed to.

Even if you have taken care of these critical areas, it’s almost certain you haven’t updated your installed productivity applications, and LOP knows just how vulnerable these applications can be.

So think carefully before you offer LOP, or any of his malware friends, that invitation. Once invited in, LOP will settle in for a long, long visit.

Thanks for the chat, but I have to get going. There are lots of unaware Internet users’ waiting to invite me into their computers. I know that many Internet users’ are kind of “click crazy”; so why should LOP be the only one to have some fun!

Oh, by the way, unless you paid attention to what I said, I’ll probably drop by your machine soon.

You have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

I’m a Pop-up Download and I Gotcha!

Being unaware can cause havoc on your computer.

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – in many cases, an unknown application.

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

Apparently, there are now some legitimate application developers who are using this “pop-up download” method to distribute, or advertise their product. Just last night, I had an advertising popup appear on my screen from PC Tools ThreatFire, something that has not happened in the 2 years I have been using this application. Needless to say I was shocked, offended and extremely annoyed.

For more information on how to prevent popups from occurring at the Browser level, checkout “How to block ads (updated), ” at Tech – for Everyone.

Additional steps you can take to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

• When surfing the web – Stop. Think. Click
• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on your computer.
• Install a personal firewall on your computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
• Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

The Enemy is at the Gate – Common Sense Tips for Internet and System Security

So what can you add to your computer’s Firewall, Security Applications, and Browser security add-ons to ensure you have the best protection available while you’re surfing the web?

Well, how about something that’s free, and readily available. Something called “Common Sense”.

Common sense: sound and prudent judgment based on a simple perception of the situation or facts. Merriam-Webster’s Online Dictionary

Common Sense Tip #1 – Given the virtual epidemic of malware currently circulating on the Internet, don’t run, or install programs, of unknown origin.

Internet users’ continue to be bombarded with rogue security software which has reached epidemic proportions. There seems to be no end to the release of new rogue security software threats. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

Download applications, particularly free programs, only from verifiably safe sites (sites that guarantee malware free downloads), such as Download.com, MajorGeeks, Softpedia, and the like.

There are many more safe download sites available, but be sure you investigate the site thoroughly before you download anything. Googling the site, while not always entirely reliable, is a good place to start. A recommendation from friends as to a site’s safety is often a more appropriate choice.

Common Sense Tip #2 – Don’t open emails that come from untrusted sources. It’s been estimated that 96% of emails are spam. While not all spam is unsafe, common sense dictates that you treat it as if it is.

Much of the spam emails I’ve seen lately are crafted around spicy, scandalous, and salacious stories. This is generally a dead giveaway that you are dealing with a risky email.

Here’s a recent email from my inbox – “Who to blame in world crisis?‎ – Ivanka Trump sunbathing pics http://www.000000.com”. Common sense tells me there is a major disconnect between the heading of this email (Who to blame in world crisis?) and sunbathing pics of Ivanka Trump. There is no doubt that this is a dodgy email. By the way her name is Ivana, not Ivanka.

Common Sense Tip #3 – Don’t run files that you receive via email without making sure of their origin. If the link has been sent to you in a forwarded email from a friend, be particularly cautious. Forwarded emails are notorious for containing dangerous elements, and links.

Common Sense Tip #4 – Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

Common Sense Tip #5 – If you do not use a web based email service then be sure your anti-virus software scans all incoming e-mail and attachments.

Common Sense Tip #6 – Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you are unsure if your software based protection is up to the task then checkout the following recommended free downloads that will help you manage and protect your computer system.

These applications have been well tested over the years for reliability and functionality, and all have developed a strong, loyal following.

AVG Anti-Virus Free Edition

AVG Anti-Virus Free 8.0 now incorporates protection against spyware through a new combined anti-virus and anti-spyware engine as well as a “safe-searching component” which has been incorporated into the new AVG Internet Security Toolbar. This program scans files on access, on demand, and on schedule and scans email incoming and outgoing. For those on Vista, you’re in luck, it’s Vista-ready

Spyware Doctor Starter Edition

Spyware Doctor Starter Edition from PC Tools is an excellent choice, as a secondary line of defense. This free version of the award winning program, with its easy to use interface, is used by millions of people worldwide to protect their computers; it’s reported there are a million+ additional downloads every week. Be aware however, there is no real-time protection offered with this version and this is the reason I recommend this application as a secondary scanner only.

Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats. If anything, I find it perhaps a little overly aggressive. On the other hand, better this than the alternative.

Comodo Firewall Pro

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 10 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

HiJackFree

If you are an experienced/advanced computer user and you’re looking for a program to strengthen your anti-malware resources, then HiJackFree is one that’s worth taking a look at. This free application, from EMSI Software, offers a potent layer of additional protection to add to your major anti-malware programs. The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware. It doesn’t offer live protection but instead, it examines your system, determines if it’s been infected, and then allows you to eradicate the malware.

Ad-Aware

Ad-Aware Free is good free spyware and adware remover. It does a good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version; real-time protection is not included.

ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. Highly recommend this one!

Web of Trust (WOT)

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SnoopFree Privacy Shield

SnoopFree Privacy Shield is a powerful application that guards your keyboard, screen and open windows from all spy software. I have been using this application for quite some time, and I have been amazed at the number of programs that have requested access to my keyboard and screen. In particular, programs that I am in the process of installing. If you’re serious about privacy, this is a must have addition to your security toolbox.

Pop-up Downloads – They Get You Coming and Going

Being unaware can cause havoc on your computer.

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – an unknown application.

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval. Apparently, there are some legitimate application developers who are using this “pop-up download” method to distribute their product.

I find it galling that more so called Internet security analysts have not taken a harder line on this deceptive marketing technique. Is it any wonder the economy is in the tank, when for 20+ years the economy has been based on fraud, and deceptive and illegal practices? When are we going to learn to speak out against this type of nonsense?

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

• When surfing the web – Stop. Think. Click
• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on your computer.
• Install a personal firewall on your computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
• Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

Porn Surfing? – Free Software to Protect Your Computer

Why You Need Protection

Online pornography is enormously popular. So popular that the pornography industry has revenues larger than the revenues of the top technology companies combined.

That’s right, the combined revenues of Microsoft, Google, Amazon, eBay, Yahoo!, Apple, Netflix and EarthLink.

Three essential factors have impacted the popularity of Internet pornography:

• Easy Internet access
• The anonymity the Internet provides
• Cost effectiveness

Experienced computer users however, are generally aware that pornographic web sites are notorious for spyware, viruses, browser exploits, and phishing attacks, on insufficiently protected computers.

The credibility of this view is emphasized by Esa Suurio, CEO of Against Intuition Inc., the company that supports Web of Trust, {see Like Porno Sites? – They LOVE You!), on this site, who concluded following a recent survey “Visiting the red light district of the Internet makes the user vulnerable to spyware, viruses and leakage of confidential information which can cause significant damage.”

Pornography is what it is; I am not a member of the Morality Police, and I hold no religious or political views on the availability of pornography on the Internet; except of course, pornography which is clearly illegal, or morally reprehensible.

My main concern with pornographic Websites is focused instead, on the primary/secondary use that many of these sites are designed for – as a vehicle for the distribution of potentially harmful malware applications that can be surreptitiously dropped onto unwitting visitors computers.

The potential for damage to both computers and users is enormous, considering the confidential/financial data that can be stolen by keyloggers, tracking cookies, and other common forms of malware used by porn sites.

Unethical porno sites have a reputation for some, or all, of the following behavior:

Pop-up windows that are difficult, or impossible to close. Tip: Pressing the Control key and the W key simultaneously, will generally close pop-ups.

Browser hijacking.

Dropping spyware, viruses, Trojans, and rogue applications.

Requiring the installation of a plug-in or codec – a favorite method of malware insertion.

Be particularly cautious of so called “free three-day trial memberships”. These schemes are notorious for fraud and credit card scams. Just try to take advantage of a “free three-day trial memberships”, without providing credit card details.

Before surfing porn web sites:

Install the latest operating system updates, and patches, on your computer. This step is just common sense in all circumstances. Unpatched systems will be attacked!

Unethical porn sites can drop malicious code which will exploit vulnerabilities in your browser or operating system. Just visiting these sites can infect, or damage your system.

Ensure you are using the latest version of your Internet Browser – known security holes in older Browser versions will be exploited.

Consider switching your Browser – Experienced computer users tend to use FireFox as their principal Internet Browser, since the security add-ons which are available, offer substantial protection from exploits. No Browser however, is totally secure against exploits.

Turn off JavaScript in your Browser.

Install effective ant-malware solutions on your computer.

The following free anti-malware and system protection applications offer effective protection.

This list is not exhaustive. For more information and additional free anti-malware and system protection applications, read “The 35 Best Free Applications – Tried, Tested and Reliable!” on this site.

Firewall: Comodo Firewall Pro

The definitive free firewall in my view; Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet.

Internet Browser protection: Web of Trust (WOT)

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

(Click pic for larger)

In this Google search for “hot porno sites”, notice that WOT indicates that out of the 6 sites illustrated, 2 are dangerous, 2 should be viewed with caution, 1 is an unknown quantity, and only 1 is safe.

Anti-virus: Avira AntiVir PersonalEdition Classic

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira, I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program. I highly recommend this one.

Anti-spyware: Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats.

Adware remover: Ad-Aware

Many software reviewers consider Ad-Aware Free as the best free adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is real-time protection is not included.

Zero-day malware protection: ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior.

How much information can a web site collect about you?

In my experience, most people are shocked at the amount of information that a web site is capable of collecting from a simple visit.

If you are interested in seeing just how much information your Internet Browser gives away about you and your computer system when you visit a web site, then checkout BrowserSpy.dk.

Fast At Last.com or Finally Fast.com – With this Software You’re Neither!

According to the web site, Fast At Last.com, is a feature site of Ascentive Software who also operate the Finally Fast.com site, which, as many computer users are aware, is heavily promoted worldwide on both radio and television.

Like its cousin, Finally Fast.com, the Fast At Last.com web site appears legitimate and professional, purportedly offering leading edge software tools to “speedup your PC”, “speedup your Internet connection”, and protect your computer from malware, amongst other promises.

It’s been said that “necessity is the mother of invention”, and I suppose that if a company, in this case, Ascentive Software, has developed a reputation for a less than frank presentation of its software’s effectiveness, then reinvention is necessary – and so we have Fast At Last.com; same company, same products, different name.

Notice that the add is the same in both cases, the web site address is not.

As I said in my review “Finally Fast.com – Fast Scam! Free Alternative Software” – while I won’t go so far as to call this company and its software applications useless, or suggest that the company is run by scam artists at best, or thieves at the worst, I will say this – don’t waste your time, or your money.

The following is a rundown of the products offered by this company. In addition you’ll find listed, free, well tested, and well known, alternative software application that will do the job with vastly improved functionality.

(You can click on any pic to get a larger view)

Their Product: SpeedScan Pro (described as malware/deceptive)

Free Alternative: Regseeker

The longer you use Windows, the more cluttered your registry can become, especially if you regularly install and uninstall software. Many applications, on being uninstalled, leave behind “orphan” registry entries. They don’t remove all traces of themselves; causing problems such as sluggish performance, system lockups, or a bloated registry that takes longer to load on startup. With the click of a button, Regseeker will scan your registry for these fragmented files, and safely remove them.

Their Product: PC Scan&Sweep (no independent reviews)

Free Alternative: CCleaner

CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it’s fast; normally taking less than a second to run.

Their Product: Spyware Striker Pro (described as malware)

Free Alternative: Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats.

For additional information on SpeedScan Pro, read TechPaul’s article “Have Your PC Running Like New – Not“.

For additional information on consumer complaints regarding Ascentive Software, check out The Pissed Consumer web site.

Tip of the day: For a great primer on how to remove malware read TechPaul’s  “How To Cure A Malware Infection – 3 Easy Methods“

The Best Defense Against Malware – YOU

Paranoia can make an individual suspicious and untrusting, and provoke thoughts in which other people can be seen to want to do him or her harm.

As a result, an untrusting individual changes his or her actions in response to a world that is perceived as personally threatening.

It is beyond dispute that the Internet now fits the criteria of a world that is not just perceived to be, but is in fact, personally threatening to uninformed or casual Internet users.

In a sense, it is unfortunate that you can’t buy paranoia at the local computer store, or that you can’t download it from the Internet.

If you knew malware delivery methods like I know malware delivery methods, well ……….

Despite the best efforts of antispyware, antivirus, and other Internet security products, you still face substantial risks while surfing the Internet. Malware (a genetic term for all sorts of nasties), evolves so rapidly today that staying ahead of the curve has proven to be all but impossible for security software developers.

While reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise your computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs) can be behind the curve in recognizing the newest threats.

So we all need to become infected with a mild case of paranoia when using the Internet. Being paranoid, suspicious, and untrusting while surfing the web, might not make you invulnerable to malware infections or worse, but it will certainly reduce the odds enormously.

The prime area where paranoia can play an important role in preventing you from becoming a victim of cyber criminals is in overcoming the instinctive human response to just “click” while surfing the Internet. That instinctive response poses one of the biggest risks to your online safety and security.

Curiosity, coupled with a conditioned response can often override self-discipline and common sense; so it’s not unusual for people to engage in some, or all (shudder), of the following unsafe surfing practices.

• Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.
• Clicking links in instant messaging (IM) that have no context or are composed of only general text.
• Downloading executable software from web sites without ensuring that the site is reputable.
• Using an unsecured USB stick on public computers, or other computers that are used by more than one person.
• Opening email attachments from unknown people.
• Opening email attachments without first scanning them for viruses.
• Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

So it’s time for you to develop a case of paranoia while surfing the Internet, and as a first step be actively aware of the following threats to your personal and computer security.

• Trojan horse programs
• Back door and remote administration programs
• Denial of service
• Being an intermediary for another attack
• Unprotected Window shares
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Hidden file extensions
• Chat clients
• Packet sniffing

Having developed this new sense of paranoia you will no doubt take the following actions to protect your computer system, your money and your identity:

• Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed test results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams
• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable Java, JavaScript, and ActiveX if possible
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on the computer
• Install a personal firewall on the computer
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
• Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you are unsure if you have adequate software based protection on your computer, then check out “The 35 Best Free Applications – Tried, Tested and Reliable!”, on this site, and download free security software that is appropriate for your personal circumstances.

Porn Surfing – Put a Software Condom on Your Computer!

OK, for the purists out there, maybe I should have used the word “prophylactic”, rather than condom. After all, the classical definition of a prophylactic is – a device that acts to defend against, or prevent something from occurring.

Online pornography is enormously popular. So popular that the pornography industry has revenues larger than the revenues of the top technology companies combined. That’s right, the combined revenues of Microsoft, Google, Amazon, eBay, Yahoo!, Apple, Netflix and EarthLink.

Three essential factors have impacted the popularity of Internet pornography:

Easy Internet access

The anonymity the Internet provides

Cost effectiveness

Experienced computer users however, are generally aware that pornographic web sites are notorious for spyware, viruses, browser exploits, and phishing attacks, on insufficiently protected computers.

The credibility of this view is emphasized by Esa Suurio, CEO of Against Intuition Inc., the company that supports Web of Trust, {see Like Porno Sites? – They LOVE You!), on this site, who concluded following a recent survey “Visiting the red light district of the Internet makes the user vulnerable to spyware, viruses and leakage of confidential information which can cause significant damage.”

Pornography is what it is, I am not a member of the Morality Police, and I hold no religious or political views on the availability of pornography on the Internet; except of course, pornography which is clearly illegal, or morally reprehensible.

My main concern with pornographic Websites is focused instead, on the primary/secondary use that many of these sites are designed for – as a vehicle for the distribution of potentially harmful malware applications that can be surreptitiously dropped onto unwitting visitors computers.

The potential for damage to both computers and users is enormous, considering the confidential/financial data that can be stolen by keyloggers, tracking cookies, and other common forms of malware used by porn sites.

Unethical porno sites have a reputation for some, or all, of the following behavior:

Pop-up windows that are difficult, or impossible to close – Tip: Pressing the Control key and the W key simultaneously, will generally close pop-ups.

Browser hijacking.

Dropping spyware, viruses, Trojans, and rogue applications.

Requiring the installation of a plug-in or codec – a favorite method of malware insertion.

Be particularly cautious of so called “free three-day trial memberships”. These schemes are notorious for fraud and credit card scams. Just try to take advantage of a “free three-day trial memberships”, without providing credit card details.

Before surfing porn web sites:

Install the latest operating system updates, and patches, on your computer. This step is just common sense in all circumstances. Unpatched systems will be attacked! Unethical porn sites can drop malicious code which will exploit vulnerabilities in your browser or operating system. Just visiting these sites can infect, or damage your system.

Ensure you are using the latest version of your Internet Browser – known security holes in older Browser versions will be exploited.

Consider switching your Browser – Experienced computer users tend to use FireFox as they’re principal Internet Browser, since the security add-ons which are available, offer substantial protection from exploits. No Browser however, is totally secure against exploits.

Turn off JavaScript in your Browser.

Install effective ant-malware solutions on your computer. The following free anti-malware and system protection applications offer effective protection.

This list is not exhaustive. For more information and additional free anti-malware and system protection applications, read “The 35 Best Free Applications – Tried, Tested and Reliable!” on this site.

Firewall: Comodo Firewall Pro

The definitive free firewall in my view; Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet.

Internet Browser protection: Web of Trust (WOT)

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

(Click pic for larger) – In this Google seach for “hot porno sites”, notice that WOT indicates that out of the 6 sites illustrated, 2 are dangerous, 2 should be viewed with caution, 1 is an unknown quantity, and only 1 is safe.

Anti-virus: Avira AntiVir PersonalEdition Classic

This anti-virus program offers comprehensive protection with an easy to use interface. In the ten months I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program. I highly recommend this one.

Anti-spyware: Spyware Terminator

Having tested virtually all of the major anti-spyware applications over the past year or more, I’ve settled, for now, on Spyware Terminator primarily due to its strong real-time protection against spyware, adware, Trojans, key-loggers, home page hijackers and other malware threats. Spyware Terminator excels in strong active protection against know and unknown threats.

Adware remover: Ad-Aware 2008

Many software reviewers consider Ad-Aware 2008 Free as the best free adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is real-time protection is not included.

Zero-day malware protection: ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior.

How much information can a web site collect about you?

If you are interested in seeing just how much information your Internet Browser gives away about you and your computer system when you visit a web site, then checkout BrowserSpy.dk.

In my experience, most people are shocked at the amount of information that a web site is capable of collecting from a simple visit.

A Conversation with Adware – Secrets Revealed!

If you could have an imaginary conversation with LOP, just one of the millions of malware/adware strains currently circulating on the Internet, it might go something like this -

I might be adware, but I’m pretty polite; I won’t infect your computer unless you invite me in. But I can count on lots of you doing just that.

I’ll accept your invitation, to infect your system if, for example, you download and install either of two rogue Peer to Peer (P2P) applications currently making the rounds on the Internet. BitRoll-5.0.0.0, and Torrent101-4.5.0, are two programs that are used to exchange P2P files that I like to piggyback on.

Just so you know though, I’m pretty lazy so you won’t be able to actually download any files using these bogus applications.

My masters (some might call them cyber-crooks – actually, everyone calls them cyber-crooks), are experts at using false/rogue applications to install malicious code like me.

I’m a pretty neat piece of adware (my masters are pretty smart fellows), since I’ve been designed to display ads from a range of advertisers through pop-up windows, banner ads and so on. Oh, and I’ll automatically switch your Internet Explorer home page to my own search engine. One I particularly like is www.mp3search.com. When searches are made with this engine, the results that you get will be advertising pages that I choose to display.

(Sample misdirected search – click pic for larger)

Just in case you decide that I’m no longer welcome on your computer (that happens to me all the time), I’ll connect every so often to a web page from which I’ll download new files containing variants of myself which will make it difficult to delete all of my active malicious files on your system.

I should tell you that I’m extremely hard to get rid of, and just in case you try to get rid of me, I’ll make over 200+ changes to your Registry Keys. And in case that’s not enough to dissuade you from trying to kick me out, you should know that I have the ability to invite lots of my other adware friends over to party on your system.

I love to monitor your system’s processes, and I can even play with your security applications making them ineffective. Once I’ve done that, I can unleash my keylogger to capture your key strokes and just for fun, I might even scan your email address book so that I can bug your friends.

In my spare time I’m going to look around your operating system for vulnerabilities, because I’m pretty certain, that like many people, you haven’t installed the latest updates nor have you updated your security applications, like you’re supposed to.

Hey man, I’m here for a long, long visit, so think carefully before you offer me that invitation.

Have a good day now.

Elsewhere on this Blog you can read “The Best Free Spyware, Virus, and Browser Protection”, an article on free anti-malware programs, including anti-virus software, and you can download those that suit your needs.