antimalware Archives

Home » antimalware

Lenovo is penitent, but its customers aren’t out of the woods yet

Dave Farquhar security March 9, 2015March 8, 2015antimalware, antivirus, Bing, lenovo, malware, spyware, Windows 10, windows 8

After having an incredibly bad week last month, Lenovo started saying the right things, and perhaps doing some of the right things too. But some laptops with the Superfish malware preinstalled on them are still in the supply chain, which means some people are unwittingly buying them.

This isn’t terribly surprising. But there are a couple of things you can do about it, and they’re things worth doing anyway.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

EMET protects against what your antivirus cannot–and it’s free

Dave Farquhar security July 1, 2013November 29, 2015antimalware, antivirus, Brian Krebs, firefox, hp, microsoft word, optimizing windows, randomization, vulnerability, windows 7, Windows XP

A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame.

Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by default. EMET is a wrapper that forces software to use these technologies, even if they weren’t designed from the get-go to use them. The idea, then, is that if a badly behaving data file tries to exploit a traditional vulnerability in one of these programs, EMET steps in and shuts it down. A real-world example would be if you visit a web page that’s playing a malicious Flash video, or that contains a malicious Acrobat PDF. The malicious data loads, starts to execute, and the minute it misbehaves, EMET slams the browser tab shut. You won’t know right away what happened, but your computer didn’t get infected, either. Read more

Dave Farquhar

dfarq.homeip.net

The ACLU has a point about smartphone security

Dave Farquhar Android, security April 19, 2013April 17, 2013android, antimalware, antivirus, apple, AT&T, cyanogenmod, cybersecurity, malware, samsung, sprint, verizon

The ACLU complained to the FTC that carriers aren’t patching vulnerable Android phones. They have a point.

Phones are profitable, and the carriers are trying to have it both ways. Read more

Dave Farquhar

dfarq.homeip.net

If you’re suddenly seeing obnoxious banner ads on Facebook…

Dave Farquhar security September 10, 2011antimalware, antivirus, Bit Defender, malware

It’s not Facebook, it’s you. You’ve got malware.

The malware is called Page Rage and Drop Down Deals. Head to this page to disable Page Rage, and this page to uncheck everything related to Drop Down Deals. And if you’re not infected, then no, I don’t suggest visiting either of those pages. Only go there if you’re having the issue.

Once you’ve visited those two sites with every web browser on your system, then scan the living daylights out of your computer with your antivirus/antimalware software. And install Bit Defender Safego to reduce the chances of something like this happening again.

And if you hear anyone talking about how great Page Rage or Drop Down Deals are… Well, ignore them. It’s just adware, 2011 edition.

Dave Farquhar

dfarq.homeip.net

Removing the Windows XP Repair scareware

Dave Farquhar security, Windows June 21, 2011antimalware, antivirus, Bit Defender, CA, firefox, firewall, malware, Microsoft Security Essentials, Open Office, oracle, Standalone System Sweeper, Windows XP

Windows XP Repair is a fake system optimization and repair tool. It takes over the computer almost completely, and it’s a pain to remove. Worse yet, there’s at least one version floating around right now that standard no antivirus/antimalware tool I threw at it recognized.

Here’s how I removed it for someone.

Dave Farquhar

dfarq.homeip.net

Unlocking the Malicious Software Removal Tool

Dave Farquhar security January 4, 2011September 7, 2016antimalware, antivirus, Click Next, malware, McAfee

When Microsoft’s monthly security patches come down, if you’ve ever clicked on the button to see what it’s installing, you may have noticed the Malicious Software Removal Tool.

If you’re wondering, it’s a rudimentary antimalware tool that removes selected vermin from your system. It doesn’t remove all known malware. And I don’t know exactly how Microsoft decides what to remove and when. But given the number of people who don’t run any kind of antimalware software, it probably seemed like a good idea when they rolled it out in 2005. And in the first 15 months they pushed the tool out with the monthly patches, it removed 16 million instances of malicious software. Not bad.

The tool has some power that you can unlock that normally isn’t exercised when you do your monthly updates.

Note: In a corporate environment, you may not get the Malicious Software Tool automatically if you’re managing Windows updates yourself. Microsoft has instructions for deploying it to your enterprise.

Dave Farquhar

dfarq.homeip.net