Category: Viruses

Posted on

Fighting Conficker

I have mentioned several times that Conficker is considered the most dangerous virus to date.

The Atlantic Monthy magazine has a great article titled The Enemy Within on the history of Conficker and where we are now. It’s a fascinating read for both technical security buffs and non techies.

It starts:

The Enemy Within by Mark Bowden

When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …

Image credit: Alex Ostroy

Posted on

AntiVirus Bootable CD

Bootable CDs to the Rescue

Some viruses are so bad that they lock you out of your computer’s administrative controls. When that happens, consider using a bootable CD that can clean the hard drive of viruses. This often fixes things enough to let you get into Windows and make further repairs.

AVG Rescue CD

My favorite is the free AVG Rescue CD. It can be installed onto a CD or a USB stick if your computer allows booting from USB drives.

The AVG Rescue CD is a small version of AVG Anti-Virus that boots up using Linux. It does not load anything onto your hard drive so it is completely non-destructive. It offers you the option to download virus definition updates, which you should definitely do. This typically requires an ethernet cable connection to work.

Other Bootable CDs

There are many free bootable AntiVirus Resuce CD options that you can try. Let me know what your favorite bootable antivirus tool is.

Posted on

Windows “AntiSpyware” 2009

Gina Trapani wrote up a great article on the infamous Antispyware 2009 and how to get rid of it. This software pretends to be legitimate antivirus software, but is itself a virus. There are many variants of the software and I wrote about one of them called Antivirus XP 2008.

How to Remove XP AntiSpyware by Gina Trapani

It’s been a long time since I’ve had to deal with a malware-laden PC, but my long streak of luck ran out this weekend when a family friend–who describes himself as computer illiterate–called. “Every time I try to do anything on the computer,” he told me, “I get a message saying it’s infected, and I have to pay $69 to clean it, but I tried to do that and I couldn’t.” He couldn’t even navigate to the Mozilla site to download Firefox; Internet Explorer was completely hijacked.

Read the rest of How to Remove XP AntiSpyware

XP Antispyware 2009


Posted on

Don’t Use Internet Explorer

Internet ExplorerI used to tell people that the newest Internet Explorer 8 was safe enough. But recent events have changed my mind. The Chinese attacks on Google over Christmas were perpetrated using a vulnerability that exists in all versions of Internet Explorer. Microsoft still hasn’t fixed this.

Because of security concerns, both the German and French governments have officially recommended that people not use Internet Explorer. One could attribute this to the EU’s dislike of Microsoft, but Mircrosoft has a more fundamental problem.

Closed Source

Many people say that Internet Explorer isn’t as safe because it has the largest market share (over 60%). Hackers want to attack the largest market they can. But I think that the real problem is that Internet Explorer is written with closed source code.

Unlike the Gecko engine powering Firefox or the Webkit engine powering Chrome and Safari, Internet Explorer has its own broswer engine that is closed source. This means that people can not look at how it is written. While you might initially think that this makes Internet Explorer more protected, it’s actually the opposite. Open source code can be reviewed and improved by the entire development community. Once a problem is seen, any developer can suggest a solution. The response time of Firefox for fixing exploits is typically days compared to Internet Explorer taking weeks or months.

Other Browsers

The fastest browsers use Webkit as their engine. These include Google’s Chrome and Apple’s Safari browsers.

Mozilla Firefox is slower but remains the current leader among alternative browsers, largely due to its popular add-ons. Google is working on growing out its extensions to compete with Firefox add-ons.

Give one or more of these browsers a try.

Posted on

Microsoft Security Essentials

Microsoft officially released Microsoft Security Essentials (MSE) today. It is a free tool to protect your computer from malware, viruses, spyware, rootkits, and trojans. Unlike the previously released Microsoft Malicious Software Removal Tool (MSRT), MSE runs all the time and actively searches for threats.

Blurb from Microsoft:
Microsoft Security Essentials

Early tests show MSE to be very effective at catching threats. It updates itself automatically and without hassle.

It takes over all antivirus functions and is recommended to be run as the ONLY antivirus software on a computer. You should not run it alongside other popular software such as Norton Antivirus, McAfee, or AVG. Presumably this would cause the antivirus software to fight it out on your computer, hurting system resources and confusing one antivirus program, for example, when it finds a virus in the other antivirus’ quarantined vault.

I recommend this for all Windows computers: Windows XP, Vista, and 7.  The only exceptions are pirated versions of Windows since MSE requires Windows Genuine Advantage to run and make sure that your copy of Windows is legit.

MSE has a small footprint with low minimum requirements:

  • For Windows XP, a PC with a CPU clock speed of at least 500MHz and at least 1GB of RAM
  • For Windows Vista and Windows 7, a PC with a CPU with clock speed of at least 1.0GHz and at least 1GB of RAM
  • VGA (display): 800×600 or higher
  • Storage: 140MB of available hard-disk space
  • An Internet connection is required for installation and to download the latest virus and spyware definitions

MSE Quick Scan