antivirus Archives

The old days of viruses

Dave Farquhar security, Viruses March 8, 2012March 26, 2025antivirus, CIO, CISM, cissp, computer security, firewall, intel, John Dominik, journalism, Love Letter, malware, Missouri, public internet, spam, symantec, university of missouri, VBS

Blogging pioneer John Dominik, inspired by my Michelangelo memories, wrote about his memories of viruses later in the decade. So now I’ll take inspiration of him and share my memories of some of those viruses. I searched my archives, and at the time it was going on, I didn’t write a lot. I was tired and angry, as you can tell from the terse posts I did write.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Is that file safe?

Dave Farquhar security December 30, 2011antivirus, McAfee, symantec

So you’ve downloaded this great new piece of free software, but you’re not sure if it’s safe to install. Your antivirus software says it’s not infected, so you can assume it’s safe, right?

Not so fast. Nothing detects everything. Using multiple virus scanners dramatically decreases the chances of something getting through.

Dave Farquhar

dfarq.homeip.net

Appremover can remove stubborn antivirus software

Dave Farquhar security October 22, 2011November 22, 2016antivirus, McAfee, symantec

Antivirus software can be among the hardest software to uninstall, because its hooks dig so deeply into the operating system. I’ve seen it fail to uninstall for a variety of reasons. Sometimes it requires a password, which was entered by someone other than you and never written down. Or sometimes something gets corrupted, and the program’s uninstaller fails. If you need to remove stubborn antivirus software, there’s a solution.

Enter Appremover.

Dave Farquhar

dfarq.homeip.net

Two commands to fix Internet connectivity

Dave Farquhar Windows September 20, 2011August 21, 2016antivirus, command prompt, malware, Microsoft Security Essentials, vista, VPN, windows 7

I can think of two times someone has asked me to fix their computer when it has suddenly lost the ability to connect to the Internet. Assuming there’s nothing wrong with the modem or the network card, the problem usually comes down to something messing with either the TCP/IP stack or the Winsock. Security software frequently does this, as does malware. A few years ago, I briefly worked for an ISP that provided a security suite based on F-Secure, and that program was notorious for breaking the Winsock.

Here’s the simple fix.
Read more

Dave Farquhar

dfarq.homeip.net

Beware the Mebromi, my son: BIOS infections

Dave Farquhar security, Viruses September 16, 2011November 30, 2018antivirus, CIH, malware, MBR, symantec

Symantec has identified Mebromi. a piece of malware that not only infects the MBR, but also infects the Award BIOS. BIOS infections are very difficult to detect and eradicate.

By hooking into the BIOS, Mebromi can easily re-infect a system the next time you reboot. Which is exactly what it does. Read more

Dave Farquhar

dfarq.homeip.net

If you’re suddenly seeing obnoxious banner ads on Facebook…

Dave Farquhar security September 10, 2011antimalware, antivirus, Bit Defender, malware

It’s not Facebook, it’s you. You’ve got malware.

The malware is called Page Rage and Drop Down Deals. Head to this page to disable Page Rage, and this page to uncheck everything related to Drop Down Deals. And if you’re not infected, then no, I don’t suggest visiting either of those pages. Only go there if you’re having the issue.

Once you’ve visited those two sites with every web browser on your system, then scan the living daylights out of your computer with your antivirus/antimalware software. And install Bit Defender Safego to reduce the chances of something like this happening again.

And if you hear anyone talking about how great Page Rage or Drop Down Deals are… Well, ignore them. It’s just adware, 2011 edition.

Dave Farquhar

dfarq.homeip.net

How to view questionable PDFs safely

Dave Farquhar security August 18, 2011August 21, 2017Adobe Acrobat, Adobe Reader, antivirus, chrome, pdf files, spam, toolkits, Windows 10

I said Tuesday that it’s a bad idea to download and view PDF (Adobe Acrobat/Adobe Reader) documents from questionable sources, but I didn’t really elaborate on why, nor did I tell you how to view questionable PDFs safely.

The reason is that pretty much anybody with a little bit of determination and the ability to follow a recipe can plant a trap in a PDF file and use it to gain access to your computer. Adobe Reader is extremely prone to these kinds of attacks, and don’t think you’re safe if you don’t run Windows. There are toolkits that will inject traps that work on Macintoshes and Linux too.

Yes, your antivirus software should catch it. But most antivirus software doesn’t dig deeply enough into PDF files to find it.

Scared yet? You should be. You do have some options.
Read more

Dave Farquhar

dfarq.homeip.net

What I would do to fix Dr. A’s computer

Dave Farquhar Hardware, Software, Windows August 3, 2011antivirus, ccleaner, defragmenter, dell, Dell Inspiron, McAfee, Microsoft Security Essentials, pagedefrag, spyware, symantec, sysinternals, Western Digital, windows 7, Windows XP

I left my conversation with Dr. A nearly convinced he doesn’t really need a new computer. The local store is pitching him a new $700 Dell Inspiron with a 1 TB hard drive and 6 GB of RAM and a 17-inch screen. But he could upgrade to a 1 TB hard drive for less than $125. If he doesn’t want to switch to Windows 7, his current Windows XP Professional will only use 4 GB of RAM anyway. Upgrading to 4 GB of RAM will cost less than $40. And looking at the new system, I don’t know that its CPU is all that much more powerful than what he already has.

To me, the clincher was this. I asked myself the question whether, if I were offered a machine exactly like his for $200 or $300, would I buy it. And it was an easy answer. I would.

I haven’t done a thorough analysis of the machine, but I’ve seen enough to have an idea what it needs. Much of it will seem familiar, if you’ve been reading me a long time.
Read more

Dave Farquhar

dfarq.homeip.net

Don’t fall for the new Facebook stalker scam

Dave Farquhar security July 22, 2011antivirus, Bit Defender, firefox, spam

According to trusted antivirus vendor Sophos, there’s a rogue Facebook application, posing as an app that claims to reveal a way to see who’s been secretly viewing your profile.

It’s a scam. And it’s spreading rapidly. It posts messages on your wall and tries to get you to visit a spam site. Don’t fall for it, but if you already have, delete the fake messages it posts.

Here’s a real app I want you to install instead: Safego.
Read more

Dave Farquhar

dfarq.homeip.net

How to clean an MBR and recover drive partitions

Dave Farquhar security July 4, 2011July 17, 2017antivirus, apple, Apple Macintosh, Bit Defender, intel, macintosh, malware, Maxtor, MBR, Parted Magic, Standalone System Sweeper, unix, vista

Sometimes it’s necessary to recover drive partitions because you accidentally repartitioned a drive you didn’t mean to, or because your MBR got infected or otherwise trashed. Here’s how to recover them, for free.

Infecting MBRs with malware is popular with virus writers again. And I fully expect chaos to ensue, because that’s what happened the last time there was more than one virus floating around that infected MBRs. They quit doing it for a good reason.

So here’s how to clean up the mess when an MBR gets infected, or when multiple infections blitzes the MBR and the hard drive loses the ability to boot, just displaying a message like Missing Operating System or Operating System Not Found.

We’ll be using the Gparted Live CD. Many Linux live CDs have the proper tools, but GParted works well and it’s a small download. You can try to use another Linux live CD, and it will work fine, but the icons might not all be where I say they are.

Dave Farquhar

dfarq.homeip.net