Malware – Page 7 – Paul's Tech Talk

Apple’s Immunity, Botnet sanctuary.

PaulDecember 3, 2008

But is Apple projecting a false sense of security just to save face? Many experts repeatedly warn that all operating systems are susceptible to viruses, and as the Mac becomes more popular OS X will inevitably become a bigger target for malicious attacks.

[via Pcworld]

Having said that I feel the notion that Apple is trying to keep there reputation as a virus free system. I can only hope that they stay that way. Which as much as I know, Apple will most like start to be the main source for botnets, because of the lack of security.

[ad#ad2-right]According to reports on this blog, people are worried Apple stance on it being the safest and having so much immunity to viruses. Apple in the past has stated they have mislead people with there firewall. Yet Apple takes down that suggestion of having an Anti-virus(Quietly).

[ad#digg-left]Everything I’ve seen suggest that virus writers and Malware writers will MOST likely start targeting the Mac OS X, they know Apple sense of security is Vulnerable to attack and they will exploit it more and more. So what does that mean for Apple, it just means that soon every hacker who has a botnet will want a piece of the Apple Pie and is right now.

[ad#ad2-left]As PC Trojans go, the programming features of RSPlug.E look fairly basic. PC malware is more highly evolved and usually cleverer. But a programmer – probably a Russian – with knowledge of OSX had taken time to create a Trojan that hits Macs instead of PCs, James pointed out.

[via Techworld]

Which looks like it has already begun. So what can Mac users do, get an Anti-virus and maybe Apple will have to start backing down from the Virus commercials and actually admit it. Sooner or later someone will have to challenge Apple to get them to start admitting to it.

Stop botnets in its tracks With a Firewall!

PaulNovember 30, 20083 Replies

According to PC World and I’ll quote:

According to FireEye chief scientist Stuart Staniford, detection rates are so poor that, on average, only around 40 percent of security software can detect binaries during the period of greatest infectivity and danger, namely the first few days after a particular variant starts being used by botnet builders.

[via PC World]

[ad#ad2-left]Now let’s talk about this, having been seeing recent surges of people getting infected. I’ve come to the conclusion that companies like AVG and other Anti-Virus companies are keeping up. Now true if all you have is an Anti-virus and nothing else that greatly increases your likely hood of getting a virus.

In a recent virus storm, We have people finding my site because of a Good Firewall. No if he didn’t have anything but Windows firewall then it would of gotten through and you would not of known about it. So let’s talk about how to prevent botnet attacks. This is relatively easy and if you follow some common rules. You to could be less likely to be infected. I will say this most people don’t do these common tips and they should do them.

[ad#digg-right]So what should you do to help prevent from getting a Virus or Malware. This is really simple, you want to find an Anti-virus Software that you like, and Firewall that you like also. You’ll also want to download the tools to better help you in case you do get infected. Some of these tools I recommend are Hijackthis, Spybot Search and Destroy, Hitman Pro, and Ad-aware 2007 Edition (FREE). Then Go buy a Sandisk USB memory Stick and put those on there for later use!! You will always want to keep a backup of those just in case you get infected.

[ad#ad2-right]Make sure you update Windows regularly. Having seen this time and time again, if you don’t keep windows updated then you lose the battle. If you have a system that needs updating, I suggest downloading the Clone to Autopatcher. This little program will download the files needed to update your system without having to be online. Although, you can have windows update automatically every month but that might not update the recommended updates only the ones that are hot. It doesn’t matter which way you prefer to update, as long as you do to update regularly, Like every 2nd Tuesday of the Month.

One last tip you should also keep your Firewall and Anti-virus updated. There is a little program that will do that, it’s call AppSnap. If you follow all these recommendations you will greatly reduce your chances of getting a virus on your system.

Spying on Spyware.ISpynow!!

PaulNovember 29, 2008

[ad#digg-right]This is another Virus that is going around and thought I’d tell you about it:

Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]

[ad#ad2-left]Now this one isn’t to hard to figure out what happened. You have to manually install it on your system to get infected. Symantec has a great way on uninstalling this annoyance. I also suggest checking out my other program list just in case you don’t want to buy Symantec Anti-Virus programs. Some other things to check out is:

Avg detected Trojan Horse Generic 12.htc? – This has a great article on how to use HiJackthis program and how to make sure you no longer have the virus.

Some Important programs to prevent yourself from having viruses and Malware!! — This article gives you some other programs to use other than Symantec. You have a wide variety of choices on Anti-virus programs and Firewall Choices. You also have some choices on Spyware removal programs.

This is just the beginning in getting your system clean. You have to keep all you programs up to date and one way I do that is with Appsnap. This little program keeps you programs up to date from Virus to Firewall. I hope this helps people prevent and control spyware.

Microsoft kills a fake antivirus tool from 994,061 computers!

PaulNovember 25, 2008

According to Arstechnica and I’ll quote:

[ad#ad2-left]Win32/FakeSecSen has gone by various names, including Micro Antivirus 2009, MS Antivirus, Spyware Preventer, Vista Antivirus 2008, Advanced Antivirus, System Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus, XPert Antivirus, Power Antivirus, and Ultra Antivirus 2009. Furthermore, it is skinnable, so each of these variants has a different GUI, although the basic functionality is the same: bother users with warnings of malware until they pay up.

The Microsoft Malware Protection Center recently released some data on how the removal tool performed this month: FakeSecSen was removed from 994,061 machines. That number isn’t the highest Microsoft has recorded before, and the number of removals depends on which malware Microsoft adds each month and how widespread it is.

[via Arstechnica]

This seemed to of happened this month with the usual Windows update. If you haven’t updated your system just yet you should. This troublesome fake virus seems to have been killed from several systems. This could effectively make it harder for these guys who ever designed this program to make money. I hope microsoft does even more virus removals in next month. If you still want to try to get rid of these viruses don’t forget to check out my tips on Virus removal.

How to disable autorun the easy way!!!

PaulNovember 21, 2008

I read a report from Cnet about USB devices spreading Virus and I will quote:

The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices,” said Gunter Ollmann, chief security strategist for IBM’s ISS security division. “They are today’s floppy drives.”

[ad#ad2-right]An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. The Mac has an equivalent function, according to Ollmann.

[Via Cnet]

In order to disable “autorun“, which in Vista is called Autoplay. In order to disable Autoplay from starting when you insert media into your computer here is how you do it:

You will need to be Logged in as Administrator before this can be done:

Next click start and type “Autoplay” without quotes. It will bring up a screen but all you have to worry about is this:

You will need to make sure there is no check mark for “Use AutoPlay for all media and Devices”. Click save and close.

[ad#ad2-left]Once that is done, you will have no more Autoruns from USB devices. If you want to disable Autorun in XP, I’d suggest reading some of these articles for XP.

Wikipedia – AutoRun

How to Disable Autorun

These are just a few and are really nice to articles but there are others out there that might be more to your liking. I suggest searching Google for them. I hope this helps you out!!!