Monthly Archives: May 2010

False Malware Positive? Or Not? How Do You Decide?

imageYou’ve run your primary anti-malware application, and up pops a notice advising you that you have an infection. But since you’re an aware computer user, you launch both your secondary malware scanners in sequence and – surprise! According to your secondary scanners you are not infected.

But, you’re aware that anti-malware programs that rely on a definition database to identify malware files, can often be behind the curve in recognizing the newest threats.

So, decision time. Do you then trust your primary anti-malware application and attempt removal, or instead, do you trust the results produced by your secondary scanners, and leave well enough alone?

In reality, you’re not really limited to just these two choices. There is another option open to you.

If you’re worried about a specific file, here’s an interesting twist on free Online scanners– you can have any specific computer file (files are restricted to a maximum of 10 megabytes), scanned for nasties by thirty five plus diverse online scanners, all in one go, through VirusTotal.

To take advantage of this service, simply upload a file, that you’re uncertain of, to Virus Total, or as an alternative submit your suspicious file to Virus Total by email. What could be simpler?

image

The following graphics indicate just how efficient this free service is.

Received Files/Infected Files (Last 24 Hours) May 28, 2010:

This image shows the number of files that have been detected as infected (red) among the total number of files received within the last 24 hours (clean ones marked in blue).

Received Files / Infected Files (Last 24 Hours)

Top 10 Infected Files (Last 24 Hours), May 28, 2010:

This image shows the list of the most-uploaded infected files received within the last 24 hours.

Top 10 of Infected Files

Quick facts:

Free, independent service

Use of multiple antivirus engines

Real-time automatic updates of virus signatures

Detailed results from each antivirus engine

Real time global statistics

Keep in mind, this service is not a substitute for an appropriate local defense system, including a firewall (either software or hardware), and a sound and effective anti-malware application.

Upload your suspicious file/s to: Virus Total

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Advertisements

15 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Freeware, Malware Reports, Online Malware Scanners, Utilities, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Download ZoneAlarm Free Firewall 2010 – Windows 7 Compatible

image ZoneAlarm Free was the first Firewall I ever installed to a personal system, and that was back in the dark ages of 1996. It wasn’t until 2009 that I was reluctantly forced to move away from the world’s most popular free Firewall, since Windows 7 was not yet supported.

Happily, Windows 7  is now supported, and I’ve jumped at the chance to reinstall my absolute all time favorite free Firewall.

Here’s why:

In my 14 years of experience with ZoneAlarm Free, never once has it let me down.

It’s the least intrusive free Firewall that I’m aware of – Firewalls that demand attention every 5 minutes drive me crazy!

It provides strong inbound intrusion detection, coupled with strong outbound protection. Outbound protection is an absolute “must have” today, since the botnet threat continues to escalate. ZoneAlarm will prohibit botnet connections.

ZoneAlarm’s “stealth mode” keeps my computer invisible on the Internet. If I can’t be seen by cybercriminals, my risk exposure is reduced substantially.

ZoneAlarm Free continuously monitors Internet activity through its True Vector Internet Monitor, and notifies me with an alert if it detects an unsafe, or disallowed activity.

On the reinstall it installed easily, set up quickly, and has not caused any conflicts with my machine – despite my sometimes esoteric running requirements.

The default settings are well thought out, and provide excellent protection for less experience users particularly – and despite the hype put out by media, most computer user can be classified as having limited system experience.

Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Fast facts:

DefenseNet – Leverages real-time threat data from community of millions of users to detect and block the latest attacks.

Inbound Firewall Protection – Stops hackers and other intrusions by making your PC invisible online.

Outbound Firewall Protection – Blocks spyware, botnets, and other malware from sending your personal data out to the Internet.

Quiet and Automatic – Runs in the background, un-noticed and out of the way, with rare alerts.

Anti-phishing and Site Check – Toolbar blocks fraudulent websites including those that trick you into entering personal data.

Identity Guard – Provides credit scores and recovery services to secure your identity online and offline.

Works with all Antivirus – Compatible with antivirus software, such as AVG and Norton Antivirus.

The program settings screen is definitely new user friendly, as the following graphic illustrates.

image

The graphic below illustrates  a security popup since a new application is seeking first time access to the Internet. Users have the opportunity to allow, disallow, and with a checkbox tick, have ZoneAlarm automatically remember the response.

image

The activity log can be particularly valuable for more experienced users.

image

If you are a casual computer user, ZoneAlarm Free is definitely worth considering as a new Firewall installation, or as a replacement for a current Firewall that is not meeting your expectations.

System Requirements: Windows 7 (32-bit/64-bit ), Vista, XP SP2 or SP3.

Download at: Download.com

Note: Test your existing Firewall at Steve Gibson’s site – ShieldsUP! If your current Firewall is not in stealth mode (this test will confirm it), and if it can’t be forced into stealth mode, then you should consider changing your Firewall application.

Note: If you are currently running Windows Firewall, then installation and setup is a breeze since you have the opportunity to turn off this Firewall. On the other hand, if you are running another Firewall, it’s important that you uninstall
this application (use the applications built-in uninstaller), before installing ZoneAlarm Free. I mention this as a precaution only, since it’s as likely that you won’t encounter any difficulties. But……..

If your current Firewall does not include a built-in uninstaller, then use Revo Uninstaller which will delete the application including the applicable Registry entries.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

10 Comments

Filed under Anti-Malware Tools, Don't Get Hacked, downloads, Free Anti-malware Software, Free Firewalls, Freeware, Interconnectivity, Internet Safety Tools, Online Safety, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Tech Thoughts Daily Net News – May 28, 2010

Freeware Files: Five Unexpected Automation Apps for Windows! – There are a ton of apps out there that you can use to automate something you do on your PC. I mean, that’s the central conceit of software development as a whole, correct? To somehow ease the time burden it takes one to do a particular task in what would otherwise be a manual, labor-intensive process?

Pentagon: Let Us Secure Your Network or Face Wild West Alone – Companies that operate critical infrastructures and do not voluntarily allow the federal government to install monitoring software on their networks to detect possible cyber attacks would face the “wild” internet on their own and place us all at risk…

6 things Microsoft needs to do before I’ll take Windows seriously – Security in the Windows world is, well, a joke. And I’m not just talking about XP. I’m talking Vista and yes, even Microsoft’s darling Windows 7. Basically put, in the hurricane of spyware, malware, adware, trojans, and viruses that is the World Wide Web, taking Windows out into that storm is like driving a convertible in the deluge with all the doors propped wide open and the top down. (submitted by Dar)

Tech Thoughts Daily Tech News 2

Microsoft Researchers Propose Privacy Sensor ‘Widget’ – Researchers from Microsoft have come up with a sensor widget concept that provides alerts and lets users control and monitor exactly what other users see from their webcams, microphones, and other live data streams.

Linux Mint 9: A Fresh Spin on Ubuntu – What’s the big deal about Linux Mint and why is it so popular among Linux users? It’s because that it includes a number of improvements and tweaks that aren’t set up out-of-the-box in the base Ubuntu distribution.

REVIEW: Emsisoft Anti-Malware 5.0 – In testing Emsisoft Anti-Malware is good at finding viruses but poor at cleaning them up; worse, it IDs too many legit apps as malware.

6 Privacy Fixes Facebook Must Make – Facebook is in trouble, but the solution isn’t particularly complicated. Here are a handful of ways Zuckerberg and Co. can get out of the headlines by letting users retake control of their privacy.

Microsoft warns on Windows 7 upgrade tool – Parallels, known for using virtualization to solve consumer problems, thought it had a surefire new use for its technology. There was only one problem: the way the product works runs afoul of Microsoft’s license rules, at least for most users.

Anti-Clickjacking Defenses ‘Busted’ In Top Websites – New research easily bypasses popular frame-busting technique.

Easy Online Backup – Backup that saves your files off-site is one cloud computing service everyone should consider. Here are a handful of our most recent online backup reviews.

The Foolproof method for remembering passwords? – Even if you develop a great lineup of passwords, that being ones you can actually remember, your success is fleeting. This is because you are always being instructed to regularly change your passwords. I’m beginning to wonder if passwords are worth the effort.

Seven antivirus solutions for Windows Mobile and Symbian – If you’re using a Windows Mobile or Symbian device, you’re no stranger to the risk of viruses or malware on your handset. Here are seven mobile antivirus solutions to consider.

Off Topic (Sort of):

Are we living in the future now? – With multi-touch displays everywhere we look, and now flexible displays, are we truly living in the future?

What if we all got electric cars? – Right now there are a few thousand electric cars, Houseman said, but with the Nissan Leaf — which has a waiting list of 130,000 — the Chevy Volt and other new models coming, we could have several hundred thousand electric cars and hybrids by this time next year.

Web TV gadgets through the ages (images) – We take a look at where Internet-enabled television has been in the past few years.

Take a People-Free Photo in a Crowded Place – You’re at a popular location and you really would love a photo of the place without all the people in the way. Looks like you’re out of luck and you should just buy a postcard, right? Not with this clever trick.

Today’s Quote:

“What would I do if I had only six months to live? I’d type faster.”

–     Isaac Asimov

Today’s Free Downloads:

Giveaway of the Day – Cleanse Uninstaller Pro 6.5 – Cleanse Uninstaller Pro is the advanced uninstaller that finds and removes even the most stubborn software. Using the Auto Find uninstall software function all you have to do is drag and drop the program’s icon you want to uninstall onto Cleanse Uninstallers icon and Cleanse will Auto Find the program in the uninstall list and start the advanced uninstall process. (Offer expires 12 am PT).

Animals – Animals is a Windows 7 theme that wildlife lovers will appreciate. It includes a wallpaper slide show with ten high-quality animal photos (dolphins, leopards, a cute wolf cub, and so on) and replaces your boring Windows alert tones with animal calls that will really get your attention.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Internet Security Alerts, Tech Net News

Tweak Windows Vista and Win 7 to the Max with Free WinBubble

Put on your tweaking shoes! We’ve got another great free Windows Vista, and Windows 7 tweaking utility; one that’s pretty overwhelming in its scope.

WinBubble (where do the developers come up with these names?), gives you the power to tweak Vista and Windows 7, in all of these areas – system optimization, interface and desktop customization tweaks, security tweaks, including Internet Explorer tweaks, and it’s not finished yet. Believe it – there are even more tweaks to suit your fancy.

It seems interfaces are getting much easier to navigate these days, and WinBubble’s interface is no exception. It’s tabs, and check boxes layout, should be easy to follow even for less experienced users.

The following screen captures illustrate this tab and check box layout:

WinBubble 1

WinBubble 2

WinBubble 3

WinBubble 4

If you’re a Vista/Win 7 user, and an easy to use tweaker is what you’re looking for, then you’re going to love WinBubble.

Note: The major benefit in using this type of tweaking application is the ease with which you can make changes to your system, without the drudgery of having to go through menu after menu, or manually editing the Registry.

But, with any application that makes changes to your system, use caution, and be sure to have a verified backup, or current system restore point.

System requirements: Windows 7, Windows Vista.

Download at: Download.com

If you’re a Windows XP user then checkout Tweak UI which is designed for a Windows XP installation.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under downloads, Freeware, Software, System Tweaks, System Utilities, Windows 7, Windows Tips and Tools, Windows Vista

Tech Thoughts Daily Net News – May 27, 2010

Scientist Infects Himself With a Computer Virus – The University of Reading’s Dr. Mark Gasson has an unusual distinction: he’s the first human to become infected with a computer virus. After corrupting a small electronic chip with the malware, the British scientist inserted the device into his hand and was able to pass on the virus to external systems.

Tour Facebook’s new privacy settings (screenshots) – Once again, Facebook has changed its privacy settings. Like the last time this happened, Wednesday’s improvements are still a mixed bag, but a better one: they are generally easier to use but not as simple as they could be. There are a couple of curve balls thrown in, too. In this screenshot tour, we’ll show you what’s new–and what to watch out for.

Why Do We Trust Google More Than Facebook? – Google has a lot more data on us than Facebook, but there’s nary a fuss. I say Google is the new Microsoft and in many cases they are even worse.

Tech Thoughts Daily Tech News 2

Google Patches ‘High Risk’ Chrome Flaws – Google has pushed out another automatic Chrome browser update to fix multiple security issues that could expose users to hacker attacks. Google Chrome 5.0.375.55, available for Windows, Mac and Linux, addresses at least two “high risk” vulnerabilities and several security-related denial-of-service crashes.

Extract troubleshooting info from Windows XP BSOD error messages – When a Stop error occurs, the GUI is replaced by a DOS-like blue screen with a cryptic error message followed by a code number. This screen is affectionately referred to as the Blue Screen of Death, or BSOD for short. I’m going to show you how to analyze BSODs and extract the relevant troubleshooting information.

Amazing: Sony’s paper-thin ‘rollable’ flexible OLED display – A prototype Sony OLED display is flexible enough to roll around a No. 2 pencil. Don’t believe it? Watch this video.

A new syndrome for you: Social media remorse – We have all at one time said something we’ve regretted. This can be enough of a problem if you say it to a few people within hearing distance, but with social media tools at our disposal, a momentary slip of the tongue (or keyboard) can reach far more people. In other words, new technology is making it easy for people to embarrass themselves the world over.

Media Temple Web Hosting Suffers DDoS Attack – Media Temple, Web hosting provider for Adobe, ABC, Sony, NBC, Time, Volkswagen, and Starbucks, was hit with a sophisticated distributed denial-of-service (DDoS) attack.

Save 50 percent on Norton 360 today – This offer is good for today only and ends at 11:59 PDT Thursday, May 27, 2010.

Off Topic (Sort of):

Slow web one of UK’s biggest frustrations – Having a slow web connection is one the biggest daily annoyances faced by people in the UK, a study claims. More than 40 per cent of people consider not being able to get access to fast broadband services as being their biggest daily frustration, according to an O2 study.

BP gushes poetic – They’re at it again! New animation. (submitted by Dar)

The ingredients of success – Leaders often ask if there’s some kind of formula for success. In this blog John McKee provides a proven approach that he says can work for anyone.

Women more likely to snoop on spouse – More than 13 per cent of women spy on their husbands by checking their texts and emails, according to research. Suspicious and nosey British women are more likely to spy on their husbands by checking their phones, emails and internet history, researchers have found.

Study Claims Cognitive Functions Increased through Casual Gaming – Video games are good for you and can make you smarter! It is now a proven fact. Or at least one study seems to think so. A six-month-long study that focused on U.S. consumers age 50 and older shows a link between casual gaming and significant cognitive increase.

Today’s Quote:

“I can’t change the direction of the wind, but I can adjust my sails to always reach my destination.”

–    Jimmy Dean

Today’s Free Downloads:

Nitro PDF Reader Provides Advanced PDF Tools for Free – Want to create PDF files from plain documents, annotate and fill in existing PDFs, extract images, and leave notes for any PDF reader? Nitro PDF Reader does all that, and it’s a free download.

Spybot Search & Destroy – Though its name sounds like bad dialog from a 60’s sci-fi flick, Spybot Search & Destroy is a good program to have around for those trying times when you think someone is lurking behind the browser curtain tracking your every Web move. Fire it up and it’ll spot all sorts of tracking cookies and the like, then remove them if you choose to do so.

Password Hash – This excellent tool lets you use a single password at your end but achieve the safety of generating a unique and robust password at each site.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Internet Security Alerts, Tech Net News

Free Malwarebytes – Is it the Best Secondary Malware Scanner?

imageDepending on a single security applications to provide broad scale protection, is an absolute “non-starter”. A single security applications does not, and never has had the ability to do this, despite the commonly help belief to the contrary.

Part of the layered security  process (stacking security solutions, one on top of the other, to cover the gaps that exist in the protection capabilities of even the most sophisticated security applications), consists of supplementing the primary AV application with an on-demand malware application.

In other words, an AV application that does not start with Windows but instead, is available for manual scanning.

Actually, there’s no harm in installing more than one antimalware application to be used as a secondary scanner – doing so can be advantageous. However, be sure NOT to allow more than one primary application to autostart, in order to prevent potential conflicts.

Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since I have absolutely no faith that a single security application offers adequate protection.

The free version of this speed demon (it’s faster at scanning than any anti-malware program I’ve tested in the last 2 years), is used by millions of people worldwide to protect their computers.

It’s important to note that the real time protection module is disabled in the free version of Malwarebytes’ Anti-Malware. Actually, this is perfect for your purpose.

Less critical, is the disabling of scheduled scanning, and scheduled updating in the free version. (Rodzilla, a very frequent reader, and an expert user, is adamant that the lack of auto updating is a critical flaw – we have agreed to disagree on this point).

Each day, as I manually update the definition database I’ve noticed that typically, the definition database has been updated 3/5 times in the previous 24 hours. Since study after study indicate that new malware is created at the rate of 20,000, or more, new versions every single day, it’s easy to see that Malwarebytes’ is being proactive to these conditions.

A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike as the following screen captures indicate.

image

image

Since real time protection is disabled, I do not recommend that you use this free version of Malwarebytes’ Anti-Malware as a stand alone primary security application, since it simply will not offer you adequate protection with this restriction. Instead, use it as I do, as an on-demand, secondary scanner.

Despite this real-time protection limitation in the free version, Malwarebytes’ Anti-Malware has an excellent reputation (shared by me), as a first class security application, for its ability to identify and remove adware, Trojans, key-loggers, home page hijackers, and other malware threats.

Fast facts:

Blazing speed on quick scanning

Full scans for all drives.

Daily database updates

Quarantine function

Additional utilities for manual malware removal

Multi-lingual support

Command line support for quick scanning

Context menu integration to scan files on demand

Systems Requirements: Windows 2000, XP, Vista, and Win 7 (32-bit and 64-bit).

Multi-lingual support: English, Albanian, Bulgarian, Catalan, Chinese Simplified, Chinese Traditional, Czech, Danish, Dutch, Finnish, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swedish, Turkish.

Download at: Malwarebytes.org

Two quick tips:

Malwarebytes should be run in normal user mode, not safe mode.

I normally run “Quick Scan” and not deep scan since Malwarebytes concentrates on folders where malware is targeted in this mode. In quick scan mode, a scan generally takes seven minutes, or less, on my system.

Another great free alternative:

The free version of SUPERAntiSpyware despite it’s lack of real-time protection deserves its reputation as a first class security application, and it’s definitely worth considering adding to your security toolbox as a secondary line of defense.

You can read the review, and find the download link in my article “Knockout Malware With SUPERAntiSpyware Free Edition”, on this site.

Update: Here’s some welcome input from regular reader Georg Lechner –

“Malwarebytes’, recent iteration 1.46 – New users may find it easier to use Advanced System Care (recent version is 3.6.0) to control the autostart behavior of Malwarebytes’, using the Startup Manager, to be found under Admin Tools.

SUPERAntiSpyware just released its recent iteration 4.38.0.1004 – This version is 32 AND 64 bit, but the previous version must be deinstalled manually before installing this one on 64 bit machines (WIN 7).”

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

40 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Free Anti-malware Software, Free Security Programs, Freeware, Malware Removal, Malwarebytes’ Anti-Malware, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Storm Botnet Bounces Back

“You can’t keep a good man down”, is an old expression that’s familiar to many of us. It seems we could coin a new expression along the same lines – “You can’t keep a bad botnet down”.

Just when you think you’ve knocked them down for good, cyber criminal enterprises seem to magically reappear, and that old familiar spamming botnet, Storm, has raised its ugly head once more.

In a previous article here, Symantec Rubs the 2010 Malware Crystal Ball, in November, 2009, Symantec projected that this reemergence was likely to occur, so Kudos to Symantec – you called this one.

image

(Graphic courtesy of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services).

According to Symantec’s MessageLabs Intelligence, they “first saw this new variant of the botnet start spamming on 30 April…. containing links to web pages hosting the well known Canadian Pharmacy site”.

image

(Graphic courtesy of Mathew Nisbet, Malware Data Analyst, Symantec Hosted Services).

Typically, the email are short and sweet –

Get all the medications you want online!
Disappointed with your bad performance in bed?
great offers to spice it up in bed..
need some help in the bed?
its time to spice up the bed
Safest and approved method of male enhancing have a easier time making her…
Have long strong night in BED!
Get your favorite rxmedications here!
Win from benefits of hidden secret of pornstars!

For more information on this reemerging threat checkout The Return of Storm, on Symantec’s site.

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under bots, cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Malware Advisories, MessageLabs, Online Safety, Symantec, Tech Net News, Windows Tips and Tools