Malware protection

Malicious Software, malware protection - is your computer covered ?

There are so many free products available ! Why leave malware protection to chance ?

Microsoft security essentials is a free download that offers first class malware protection for your computer. It's quick to download, easy to install and runs silently in the background. It is very efficient in the computer resources that it uses, yet offers excellent malware protection. Nowadays, malware protection is not something that you can leave to chance, especially if you download anything from the internet.

Genuine Windows and Security Essentials malware protection

To be able to download and install MSE's malware protection software, you have to be using a genuine version of Windows on your computer. If you are running a non-genuine version of Windows, you will not be able to download and install the software. Nowadays, there are far too many threats to be using the internet without some sort of malware protection for your computer, running without it is definitely not recommended.

Don't give up on malware protection because of non-genuine Windows

I have helped many people who, having installed a genuine version of Windows, experience a problem with their computer, send it to a repairer who, re-installs Windows using a non-genuine copy. It's ironic, but they still have their old, genuine copy, but can't download and install MSE's malware protection on to the non-genuine version.

Skype sound problems

Skype account hacked

Free UK vpn

Wireless routers

Ask a question about malware protection

Malware protection

It's not going to be easy in the limited space of this column, but this week, I am going to explain to you, exactly how easy it is for your computer to become infected with a malware virus and what happens when it is infected.

Malware (short for "Malicious Software") is a piece of code that infiltrates your computer usually, without your knowledge or, consent, that has been developed and is distributed with the intention of causing harm to your system/data or, for the purpose of using your computer system to carry out certain nefarious activities.

Last weekend saw the discovery of one of the biggest malware attacks from a single source. Industry experts aren't quite sure when the attack first started, but speculate that it could have been as far back as January 2010.

What is certain is that Network Solutions (one of the biggest domain name and website hosting companies) has acknowledged responsibility for the attack and has taken steps to stop further propagation.

No one quite knows how, but one of Network Solution's web widgets (a portable piece of executable code) that is automatically served up to newly registered web sites (parked domains and domains under construction), was infected with malicious code (malware). The web widget has been installed on a minimum of 500,000 domains, but could have been installed on as many as 5 million domains in the last 8 months.

The worrying thing, is that at some point or, another, in the last 8 months, we have all clicked a link that took us to a website that is "Under Construction" or, to a "Parked" domain (a registered website with no content). Well, if you have, and it was one that included Network Solution's malware infected web widget, that's all that you needed to do to

Malware protection

Malware protection - "Get Safe Online Week" in the UK (15th-19th November)

I have written many times about the problem of malicious software. At the moment, there are numerous rogue anti-virus/spyware scams infecting computers. Making sure that your computer is covered with adequate malware protection is now more important than it ever was.

This week, a document released to mark the beginning of the official "Get Safe Online Week" in the UK (15th-19th November), reports that 25% of internet users have already fallen foul of one of the malware protection schemes and has been tricked into downloading and paying for fake anti-virus software.

The schemes rake in millions for the criminal gangs that run them. They target you and your computer in various ways. They may attach their malicious software to a well known film and offer it for free download from a web site. They may even advertise their web site in the paid-for search results in Google and other popular search engines and (unsuspecting) web sites. Sometimes, merely visiting one of their web sites without adequate malware protection is all that you have to do for your computer to become infected in a drive-by attack.

The document further reports the comments of Sharon Lemon, the deputy director of cyber crime in the serious and organised crime agency (SOCA) who says: "This is big business. In recent cases, we have seen gangs employing 300-400 people to run their operations and using call centre-scale set-ups to target victims en masse."

The ultimate intention of the gangs is to trick you into downloading their malware protection software onto your computer which then tells you that your computer is infected and offers you a solution in the form of a paid-for download to clean the infection.

Some of the pop-up messages and warnings that are used in the various scams, are very cleverly and purposefully designed to look like Window's messages which in the eyes of a typical user, further adds to the credibility of the scam.

Unbelievably, the report also tells us that the gangs are now targeting people by telephoning them and pretending to be from reputable IT companies, before talking their victims into downloading their malicious software.

Unfortunately for the victims, the scam doesn't end with the loss of the amount that they pay for the fake download, they find that their credit cards are then, used without the owners knowledge and in some cases, their bank accounts are emptied.

The way that some of these infections bury their files deep within Window's legitimate directory and file structure, makes them very difficult to get rid of and may need the attention of an expert to manually remove them. Sometimes, the only way to properly make sure that the infection is gone, is to delete the existing operating system, reformat the hard disk drive and re-install your operating system.

Some of the scams are so sophisticated that they disable your existing virus protection software and prevent you from visiting the web sites where a free remedy is available.

If you haven't got adequate malware protection and your system becomes infected with one of these malware scams, do not click on any of the links that take you to the very 'legitimate-looking' web sites of the scammers and definitely, do not use your credit card to pay for their solution.

If the malware has restricted your computer in some way, you may have to use another computer to search for and find a solution to the problem. A good place to start is the official web site of Get Safe Online - www.getsafeonline.org/. Supported by most of the major players in the industry, this web site provides information about malware protection for you, your PC and your business.

Non-genuine Windows and MSE's malware protection ? Re-install !

It may sound like a drastic step to take, but if you are using your computer regularly on the internet without malware protection, you run the risk of becoming infected and the cost and consequences of this happening far outweigh the cost of installing a genuine version of Windows and MSE's malware protection - it maybe your only option !

Using on-line scanning tools for malware protection

There are several good virus and malware protection web sites offering on-line scanning services. I could link to them from here, but it's far easier for you to Google "malware protection online scanners." You will find several good services in Google's first page search results and running a scan from any of these couldn't be simpler. I have written many other articles on this topic and you can link to some of them from this page.

Free internet connections

Windows Live problem

System restore

RSS feeds

infect your computer system. This type of attack is called a "drive-by" attack - you don't have to do anything or, click on anything to become infected!

Prior to its discovery, Virus Total (www.virustotal.com - a web site where you can analyze suspicious files and URLs and a service that I brought to you in a previous article), reports that only 21 out of the 42 main virus programs recognized the attack.

Hopefully, now that the problem has been discovered, whatever virus protection you are running, should have been automatically updated with definitions that will recognize the attack - albeit, after the event, but for you, it may already be too late!

So, what does lsass.exe (the malware) do, once it downloads itself on to your computer system?

First of all, it creates a new user profile for itself then, installs three new components into your "programfiles" directory before adding a new registry key to enable itself to auto start after a computer re-boot.

Any activity in Internet Explorer, Google Chrome, Mozilla Firefox and Opera Web browsers is monitored and any searches in Google, Ask, Yahoo!, AOL, and Bing, are automatically re-directed to another website where its own search results are displayed on searches for any of the following keywords:-

cialis, pharma, casino, finance, mortgage, insurance, gambling, health, hotel, travel, antivirus, antivir, pocker, poker, video, baby, bany, porn, golf, diet, vocations, design, graphic, football, footbal, estate, baseball, shop, books, gifts, money, spyware, credit, loans, loan, dating, ebay, myspace, virus, film, ipod, verizon, amazon, iphone, software, movie, mobile, bank, music, cars, craigslist, game, sport, medical, school, wallpaper, military, weather, twitter, fashion, spybot, trading, tramadol, yobt, flower, cigarettes, doctor, flights, airlines and comcast.

It also, searches for directories on your computer to do with any of the main Peer to Peer file sharing/downloading programs - "Winmx", "Tesla", "Limewire", Morpheus", "Emule", "Edonkey", "Bearshare", "Grokster", "ICQ" and "Kazaa". If it finds any of them, it duplicates into the directories and re-names itself with any of 86 'legitimate-looking" file names with the intention of tempting someone to download it from your computer across the Peer to Peer file sharing network - thereby, spreading itself further.

What is the point of all this? The writer of the malware receives payment, in the form of advertising revenue, for generating traffic to the web sites that it displays in its 'hijacked' search results so, if you find that you are being 'mysteriously' diverted to alternative search results - its time to check out your PC!

Malware protection

A record number of updates from Microsoft (49 Window's faults were rectified)

With the main part of the "Zeus" Trojan gang arrested and facing prosecution for stealing million's from their victims bank accounts. Microsoft added a detection kit for the "Zeus" Trojan to their free Malicious Software Removal Tool for Windows

Amongst many other things, the tool now detects and remove the "Zeus" Trojan from infected machines making it more difficult for the criminal internet gangs to steal from their victims.

True, about half of computers that are infected with the Zeus Trojan are running with no virus or, malware protection or, running with out-of-date protection, but that still leaves at least half of infections credited to machines with active protection.

If you haven't got any virus or, malware protection on your computer or, have only recently installed or, updated your program and have been running without protection for any length of time, it's worth visiting Microsoft's web site and running an on-line scan of your computer.

If you try to do this and find that you cannot complete the process, alarm bells should be ringing because sophisticated malware infections such as Zeus have the ability to prevent your computer from being cleaned up.

Hopefully, your Window's computer is set to receive automatic updates and, on Tuesday this week, should have received a record number of updates from Microsoft (49 Window's faults were rectified in the update)

A number of the faults fixed errors which have been classified by Microsoft as 'critical' and a couple relate to problems in Internet Explorer so, if your computer is not set to receive updates automatically, it's worth manually updating your computer. Again, if you visit the Microsoft web site and try to update, but for some reason you can't update your version of Windows, alarm bells should be ringing and it's worth getting a 'professional' to have a look.

Malware protection experts have discovered another piece of malicious software that exploits what industry experts describe as "a weakness" in the way that the Firefox web browser handles your passwords.

When you enter a password into any account that you have on the internet (email, bank etc.) Firefox asks you whether you would like it to remember the password. This is a handy feature if you login into an account regularly and have a good, strong password that is difficult to remember because, if you agree to allow Firefox to remember your password, it removes the need for you to remember your password and type it in manually, every time you login to the account.

It also, removes the need for you to write your complicated password down onto a "stick-it" note and stick it onto the side of your computer screen where someone may see it and make a note! (Please tell me that nobody reading this actually does this)

Problem is, if your computer becomes infected with this piece of Malware, an important file within Firefox is modified so that you are no longer asked whether you would like the browser to remember your password. When you enter your login details into a secure site, they are automatically saved and uploaded to the attacker next time that you connect to the internet.

The same Malware program takes information from the Windows' registry (the protected storage area where passwords and other important details are stored) and uploads that information too! In a previous article, I recommended that internet users have a 'clean' computer, that

they use just for connecting to the internet to log into their important accounts and after doing what they need to do, disconnecting the computer from the internet. This computer shouldn't be used for any other internet activity. This protects the computer from becoming infected and greatly increases the users internet security. The time that this becomes a necessity as opposed to a luxury, is fast approaching!

Malware protection - browsing the internet without it

There are so many ways that attackers can fool you into doing something that will infect your computer with their malware. Nowadays, adequate malware protection is a must for anyone using the internet. The cost of putting things right after an attack far outweighs the cost of purchasing adequate malware protection in the first place.

Malware protection - how many different types ?

A piece of malware may be designed to do one thing, but then, it can be taken by someone else and modified to do something else. All malware is designed to do something or, another to your computer and usually, the main purpose is to part you with your money. It is for this reason that it has become the number one threat on the internet. Don't use the internet without malware protection !

Free internet connections

Windows Live problem

System restore

RSS feeds

skype account hacked

Skype and Paypal contact details

Minimizing your losses

Do Skype refund your losses ?

Safer online shopping