My 6-year-old computer is extremely slow and sometimes takes 20 minutes just to start up. The other day it caught a virus, which masqueraded as a firewall and installed itself onto my computer, changing the background to a picture that said I have spyware on my computer. I tried to open my virus-scan program (AOL) but it would not open. I have tried everything I can think of. I took out my hard drive so that it could not get to my files. Now, I have to use my son’s computer for emails. He is a big gamer so it’s really hard to get in the time to use it. Should I wait for Windows 7 to come out before getting a new computer?
If you're an active reader of Maximum PC, you may have seen us recommend SUPERAntiSpyware in the past, and with good reason. The spyware scanner does a good job of detecting and disinfecting nasty malware infections, and it's free (paid version also available).
As of Thursday, SUPERAntiSpyware has begun offering free online scans, a particularly handy option if a malware strain happens to be blocking your spyware proggies from running, as they're prone to do.
"Our new online scanner is a critically important tool for computer users and technicians," said Nick Skrepetos, founder of SUPERAntiSpyware.com. "The new breed of infections we are seeing simply block most, if not all, anti-spyware and anti-virus products from running. This leaves users and technicians in a desperate situation. We have answered the call with our stand alone online "Safe Scan" which will run when other products are blocked."
The online scanner doesn't run in a browser like many of the online antivirus scanners, and you'll still need to download a nearly 9MB file. But SUPERAntiSpyware says it does not install anything in your Start Menu or Program Files "and does NOT need to be uninstalled."
We gave Safe Scan a spin and it looked and felt just like the regular version of SUPERAntiSpyware. You can download updates, schedule scans, and choose between quick or complete rooting out of spyware.
If you want to kick the tires yourself, you can do so here.
The report (PDF) reveals that 95% of comments that appear on blogs, chat rooms and online forums fall into two broad categories: spam and malicious content. Cyber scoundrels now seem more focused on targeting Web 2.0 websites with user-generated content than ever before. Many of the most frequented internet properties are sites that tolerate user-generated content. And 61% of the top 100 sites either host malicious content or link to it, according to the report.
Spam and malicious content seem to go hand in hand, for Websense Security Labs found that 85.6 of spam mails in circulation during the first half of 2009 contained links to malicious sites.
New Research by Trend Micro suggests that some malware infections hang around for as long as two years in some circumstances. This new data refutes previous estimates that the infection limit was approximately six weeks. Their research consisted of the analysis of over 100 million compromised IPs where they found that four out of five machines remain infected for longer than a month.
They concluded that if machines were not disinfected quickly, that those infections would linger until the machines were disconnected altogether, speculating replacement as the eventual solution.
After further investigation into network botnets, Trend Micro was also able to pinpoint that the majority of identity-theft reports traced back to three agent strains: Koobface, Zeus/Zbot and Ilomo/Clampi. In particular, the hysterically named Koobface botnet updated its infrastructure to use proxies and relays making it nearly impossible to eradicate.
Australia’s Internet Industry Association (IIA) has released a new set of guidelines designed to limit the effect of malware infected computers. The non-mandatory code of conduct instructs ISPs to contact owners of infected PCs and provide advice to fix the problem. Failing that, the ISP may even cut service to the affected PC.
IIA spokesman, Stephen Conroy, points to a recent government program to get users to change their passwords as evidence that not enough is being done. "I think there's about two or three websites doing exactly the same thing and they all assume you've got to log on to the website. It's kind of like a web 1.0 style approach," said Conroy.
Many in government and industry welcome the proposed rules, but some worry about cost. Would ISPs actually be able to deal with the added costs of contacting users and walking them through a malware cleanup? Australian ISP iiNet said it would be happy to adhere to the new standards, if the process could be automated. So, would this policy help, or would droves of customers find themselves disconnected without explanation?
Judging by the comments last week, a handful of readers were appalled to find Mac ads here on Maximum PC, while others were amused. No matter how you felt about them, at least they weren't infecting your PC with malware.
"Some NYTimes.com readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software. We believe this was generated by an unauthorized advertisement and are working to prevent the problem from recurring. If you see such a warning, we suggest that you not click on it. Instead, quite and restart your Web browser."
These types of malicious re-directs are nothing new, but for the most part, they've been relegated to seedier sides of the web (porn and warez), and free software sites (screensavers, browser buddies). But apparently they're still a problem for major publishers too.
This was a big Windows Patch Tuesday. Microsoft released a total of five critical patches, addressing eight system vulnerabilities. The flaws patched today do not apply to the recently finished Windows 7. Symantec Security Response research manager, Ben Greenbaum, said the two most serious flaws involve the way Windows handles ASF and MP3 files.
"We've seen similar exploits in the past and all a user would have to do is visit a compromised Web site hosting one of these malicious files, which could be an MP3, WMA or WMV file, and they could become infected,” said Greenbaum.
Greenbaum also noted that Microsoft has left a zero-day vulnerability in Internet Information Services unpatched. Attacks based on the issue are already in the wild. Microsoft expects a patch for that to be pushed out next month.
One of the nastiest worms in recent history, the Conficker worm, which first surfaced in October 2008, manage to infect over 9 million PCs, shut down French and British military assets, and prompt a $250,000 reward from Microsoft for information leading to the arrest and conviction of the worm's creators.
Nearly a year later, the hefty reward remains uncollected while security experts continue to try and trace Conficker's origins and erase the threat. But it's still out there, as is the threat of another attack.
"It's using the best current practices and state of the art to communicate and to protect itself," Rodney Joffe, director of the Conficker Working Group, said of the worm. "We have not found the trick to take control back from the malware in any way."
After all this time, researchers are still left speculating what exactly Conficker was ultimately designed to do. It could as be simple as generating large amounts of spam, or it could record keystrokes and steal users' login information. On a larger and more frightening scale, researchers say its possible Conficker was designed by an intelligence agency or another country's military in order to monitor or disable an enemy's computers.
On the bright side, no one is sitting idly by waiting for Conficker to strike again. While security experts continue to work on ways to eradicate the worm, Conficker remains an open investigation with the FBI, who purportedly has a few leads.
According to IBM's semi-annual security report, hackers and other cyber miscreants are spending fas less time phishing as they shift their attention to other technologies to swipe your personal data.
"The decline in phishing and increases in other areas (such as banking Trojans) indicate that attackers may be moving their resources to other methods to obtain the gains that phishing once achieved," IBM said in its Internet Security Systems 2009 Mid-Year Trend & Risk Report.
Trojans, which include downloaders and info-stealers, are now the most commonly used tools of the trade accounting for 55 percent of the new malware seen, says the report. That's an increase of 9 percent over last year. The rise can partially be attributed the existence of "public-available toolkits" that malware distributors advertise as being easy to use.
It was found to have blocked 81% of live malware threats during the tests. The figure seems more imposing once you learn that the runner-up, Firefox 3, only managed to block 27% of malware threats. To boot, Microsoft’s browser also managed to block 83% of phishing URLs, with Firefox finishing second with 80%.
But Ars Technica has cast doubts over the veracity of the tests. The heavily lopsided nature of the results is not the only thing to blame for its skepticism. Amy Barzdukas, General Manager of Internet Explorer, told Ars Technica that the tests had been sponsored by Microsoft. Apparently, it ended up becoming the lone sponsor, as other companies didn’t respond to NSS Labs’ call for funding. Microsoft claims to have had no control over the results.
"We invited Google, Mozilla, Apple, Opera to participate, but they didn’t even bother to respond, except for Opera, which stated they “don’t really focus on malware," NSS Labs’ president, Rick Moy, told Ars Technica.