Free Republic

Yahoo search to 'battle spyware' SearchScan is a free tool embedded into search Yahoo is introducing new technology to its search engine which will warn users if they are about to click on a website that hosts viruses, spyware and spam. SearchScan uses security firm McAfee's SiteAdvisor technology to warn users about "potentially risky sites". The service, which is switched on by default, produces an on-screen alert. "Our goal is to protect users by allowing them to make a more informed decision about the sites they visit," said Yahoo's Priyank Garg. Rival firm Google introduced similar technology in 2006....

How can I remove system integrity scan wizard from my system? Since yesterday, this keeps popping up. I have run my Professional AVG AV software as well as Adaware and this is the one thing that I am unable to get rid of. Is there a free online program that will remove this? Thanks!!

Over the past three days, Yahoo has been exposing visitors to banner ads that try to trick them into installing malware, and there's no indication anyone at the company is even aware of the problem. According to Microsoft MVP Sandi Hardmeier's "Spyware Sucks" blog, the ads are displayed across a wide swath of the web portal's sprawling empire, including Yahoo Mail, Yahoo Groups and Yahoo Astrology. Hardmeier first sounded the alarm on Saturday, and yet on Monday, Yahoo continued to run the rogue ads, she reported. El Reg emailed three different Yahoo PR reps but never did get a response.

Researches have unearthed what they say is the biggest botnet ever. It comprises over 400,000 infected machines, more than twice the size of Storm, which was previously believed to be the largest zombie network. Machines from at least 50 Fortune 500 companies have been observed to be running the malicious software that's at the heart of "Kraken," the botnet that security firm Damballa has been tracking for the last few weeks. So far, only about 20 percent of the anti-virus products out there are detecting the malware. Just as a con artist might throw off detectives by changing his hair...

The sheer volume and complexity of computer viruses being released on the Internet today has the anti-virus industry on the defensive, experts say, underscoring the need for consumers to avoid relying on anti-virus software alone to keep their home computers safe and secure.

From iPods to navigation systems, some of today's hottest gadgets are landing on store shelves with some unwanted extras from the factory -- pre-installed viruses that steal passwords, open doors for hackers and make computers spew spam. ADVERTISEMENT Computer users have been warned for years about virus threats from downloading Internet porn and opening suspicious e-mail attachments. Now they run the risk of picking up a digital infection just by plugging a new gizmo into their PCs. Recent cases reviewed by The Associated Press include some of the most widely used tech devices: Apple iPods, digital picture frames sold by...

Hackers launch massive IFrame attack Gregg Keizer March 13, 2008 (Computerworld) Hackers using a new scam continue to subvert hundreds of thousands of Web pages with IFrame redirects that send unwary users to malware-spewing sites, researchers said today. The attacks, which began about a week ago, show no signs of slowing, said Dancho Danchev in a posting to his blog yesterday. "The group is continuing to expand the campaign," said the Bulgarian researcher. "These are the high-profile sites targeted by the same group within the past 48 hours, with the number of locally cached and IFrame-injected pages within their search...

I've been searching for a free download version of adware/spyware removal. The sites I find says free but after turning a couple of pages on the site, dollar signs are always at the end of the article.Is there a truly FREE download, no bait and switch?

HANOVER (03/04/2008)- A rootkit uncovered in the wild in December is proving to be a real headache to detect, according to Finnish security company F-Secure.Dubbed "Mebroot," the rootkit infects the master boot record (MBR), the first sector of a PC's hard drive that the computer looks to before loading the operating system. Since it loads before anything else, Mebroot is nearly invisible to security software."You can't execute any earlier than that," said Mikko Hypponen F-Secure's chief research officer A rootkit is a malicious program that hides deep in a computer's operating system and can be difficult to remove. Since December,...

(This has become increasingly irritating. Why do I need three or four things running to do ONE job!) Unfortunately, eweek doesn't want anyone a FR to read them! The link to the above titled article is here.The resulting Slashdot discussion is here.

The battle against the botnet hordes By Chris Vallance Reporter, BBC iPM Few owners of hijacked PCs know their machine has been attacked On 11th February a US teenager who used the online nickname of "Sobe" pleaded guilty to delinquency charges resulting from his surreptitious installation of adware on hundreds of thousands of computers. The computers "Sobe" used had been hi-jacked and co-opted into a network of computers called a "botnet". Botnets are networks of computers which have been subverted by malicious code so they fall under the control of cyber criminals. Typically owners of machines forming a botnet...

Ok, Daughter's laptop with an up to date anti-virus program and firewall has gotten infected with a worm called worm.win32.netsky. Can't find a removal program for this bugger and the scans haven't found or removed it. She was going to various School District web sites to apply for a teaching job when it happened It loaded on it's own new desktop icons, and diabled remove program from the task bar along with Ctl-Alt-Del. Anyone out there got ideas?

Digital photo frames containing malware have been found, heads up! http://isc.sans.org/diary.html?storyid=3807 http://isc.sans.org/diary.html?storyid=3787

An insidious computer virus recently discovered on digital photo frames has been identified as a powerful new Trojan Horse from China that collects passwords for online games - and its designers might have larger targets in mind. "It is a nasty worm that has a great deal of intelligence," said Brian Grayek, who heads product development at Computer Associates, a security vendor that analyzed the Trojan Horse. The virus, which Computer Associates calls Mocmex, recognizes and blocks antivirus protection from more than 100 security vendors, as well as the security and firewall built into Microsoft Windows. It downloads files from...

** EXCERPT ** Cybercriminals may have weighed risk and reward and figured that the first isn't worth the second if they try to exploit the 2008 U.S. presidential campaign, a security researcher at Symantec Corp. said Friday. At least for now. "We've now seen just two instances of spam using political candidates to spread malicious code," said Oliver Friedrichs, director of Symantec's security response team and a writer on electoral cybercrime. "I think [hackers] are still a little skittish. The high visibility of the federal elections makes them cautious about stepping into it." Earlier this week, researchers at both Symantec...

Security Warning 2008: Top 11 Malware Threats To Watch Out For Here's a heads-up on the evolving security threats we can expect to see in the coming year, including emerging menaces such as badvertising, adsploits, anti-social networking, lieware, and whaling By Thomas Claburn InformationWeek February 7, 2008 01:18 PM By the end of 2008, McAfee Avert Labs predicts it will have identified some 550,000 malicious programs, a 54% increase from 2007. With all the new malware emerging, we can expect new terminology to describe these constantly morphing threats. Here, then, is our only slightly tongue-in-check attempt to predict some of...

According to a press release issued earlier this month by Finjan, a security research firm, compromised Web servers are infecting thousands of visitors daily with malware that turns their Windows machines into unwitting bots to do the bidding of an as yet unidentified criminal organization. Security firms ScanSafe and SecureWorks have since added their own takes on the situation, though with varying estimates on the number of sites affected. All reports thus far say the compromised servers are running Linux and Apache. According to an article on ServerTune.com, the exploit involves a rootkit installed on the compromised server that replaces...

The security firm Finjan says it has discovered a major new type of malware that has infected more than 10,000 Web sites in December alone. Deemed "random js toolkit," it is a Trojan that infects end users' PCs and sends data from the infected machine to the "master" hacker. It can be used to steal passwords, documents and other sensitive information. The malware dynamically creates and changes JavaScript code every time it is accessed, Finjan said. Thus, traditional anti-malware programs can't identify it. Finjan CTO Yuval Ben-Itzhak said in a release, "Signaturing a dynamic script is not effective. Signaturing the...

A small minority of users - as few as one in 20 - is running fully-patched Windows PCs. Just five per cent of newly-registered users of an online security inspection service Secunia came out with a clean bill of health, while more than 40 per cent have at least 11 insecure applications installed. The data is based on scans of 20,009 computers whose users recently installed Secunia's freely available software inspection tool. Secunia claims a total user base of more than 200,000 users for its free Secunia PSI tool. A survey of a different sample set of Secunia PSI recently...

If you've signed up to receive e-mails from Sears, and then clicked on to join the retailer's "My SHC Community," it's likely you've been providing more information to more people than you thought. Even more troubling, it turns out that you're not just sharing information with Sears, but also with a company called comScore, which tracks and aggregates Internet browsing habits. Installing the software from Sears results in the installation of software called VoiceFive, which provides data to comScore. It's essentially spyware. comScore is the company behind the (disputed) numbers that indicated more people were stealing Radiohead's latest album than...

Sears and Kmart are places you might go when you need a new air conditioner filter or a lawnmower; they're not generally thought of as havens for spyware. But that's what the two stores have become, at least online, where their websites were found to be installing software to track users' every online move—all without their knowledge. Security researchers are now hammering Sears (the owner of both Sears.com and Kmart.com) for the move, despite Sears' claims that users were notified adequately beforehand. The story goes like this: late last year, Sears.com and Kmart.com began asking users if they wanted to...

Random JS Toolkit allows attackers to create threats that only attempt to victimize an individual computer in the same manner a single time to protect against discovery by anti-virus systems Web gateway filtering specialist Finjan is reporting a new toolkit that uses randomized JavaScript to stay hidden from virus crawlers and deliver its payload via compromised Web sites. Dubbed by Finjan's Malicious Code Research Center (MCRC) as the "Random JS Toolkit," the malware development package is allowing attackers to create threats that only attempt to victimize an individual computer in the same manner a single time to protect against discovery...

Security experts are warning about a stealthy Windows virus that steals login details for online bank accounts. In the last month, the malicious program has racked up about 5,000 victims - most of whom are in Europe. Many are falling victim via booby-trapped websites that use vulnerabilities in Microsoft's browser to install the attack code. Experts say the virus is dangerous because it buries itself deep inside Windows to avoid detection. Old tricks The malicious program is a type of virus known as a rootkit and it tries to overwrite part of a computer's hard drive called the Master Boot...

Your Apple iPhone could be infected with potentially malicious Trojan software because of a fake upgrade download, computer security officials with US-CERT warned Wednesday. "This Trojan claims to be a tool used to prepare the device for an upgrade to firmware version 1.1.3," the US-CERT advisory says. "When a user installs the Trojan, other application components are altered. If the Trojan is uninstalled, the affected applications may also be removed." The Trojan appears to be timed to exploit rumors that began in early December 2007 about new features in an upcoming iPhone firmware upgrade. Various online news sites and blogs...

Malicious JavaScript pushes Trojan Virus writers are exploiting morbid curiosity about the assassination of former Pakistani Prime Minister Benazir Bhutto's to spread malware. Surfers searching for video footage of the suicide attack that killed Bhutto and at least 21 others on Thursday are liable to find malware posing as video clips that attempts to trick users into running malign ActiveX controls. The malicious downloaded file is detected by Symantec as the Emcodec-Trojan.

I am not sure what has happened but I always have my AVG Anti-Virus running and it used to be in the task bar. Yesterday, something strange happened. When I noticed it was not there, and after the kids were finished on the computer, I restarted it and got this message: C\WindowsSystem32\vtsqr.exe Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item. I got into my AVG program and ran it and some 44 Trojan Horse Dropper, generic THT items were found in many programs such as Acrobat Reader, in...

For the last couple of months my computer has periodically been freezing up when not in use. It locks everything, even the clock. I've not added any new programs. I even have uninstalled Symantic and went with Avast/Spybot/Windows firewall. When it happens I can't even use ctrl/alt/del. (It's a Windows XP OS.) I have to manually shut down the computer and reboot. Any suggestions? Thanx.

Over a year after first coming to light, the cache engines of major search engines are still providing a safe hiding place for malicious code, a security company has revealed. The latest warning comes from security company Aladdin, which logged an attack against a university Web site which was eventually traced back to just such a 'poisoned cache.' The originating site had been taken offline, but the code from it was still able to spread by living on in the caches of a major search engine. To make matters worse, cached malicious code could circumvent URL filtering systems because they...

Hackers have newer methods to hack into your systems. They are smart enough to detect security loop holes in your PC and enter through open ports,unencrypted Wi-Fi connections,malicious websites or internet servers. It is better you check your PC periodically for invasions and protect your system to prevent pilfering and damage of data. Detecting security loopholes. Eliminating malicious programs. Tracking hackers .

Okay, a question for you techies out there. I just renewed my Norton Anti-virus system and the renewal for my SpySweeper is coming up as well. Is it necessary to have SpySweeper also? If Norton Anti-Virus is sufficient then it doesn't make sense to renew SpySweeper. Some have said they might even be interfering with each other. So to renew or not to renew SpySweeper? That is the question.

Seagate Technology LLC has shipped Maxtor disk drives that contain Trojan horses that upload data to a pair of Chinese Web sites, the Taiwanese government's security service warned this weekend. The Investigation Bureau, a part of the Ministry of Justice that's responsible for both internal security and foreign threats, said it suspected mainland China's authorities were responsible for planting the malware on the drives at the factory. "The bureau said that the method of attack was unusual, adding that it suspected Chinese authorities were involved," a story posted by the English-language Taipei Times reported Sunday. "Sensitive information may have already...

A thread yesterday talked about how the jihadis were going to attack websites of those who stood in the way of jihad. FR was mentioned. This morning, I'm starting to get a lot of "502" errors here. If I find the link from yesterday I'll post it below. Anyone else having this problem?

October 24, 2007: The most powerful Internet weapon on the planet is apparently dying the death of a thousand cuts. The weapon in question is the Storm botnet. This was the largest botnet ever seen, and it appeared to be acting like something out of a science fiction story. Last Summer, the Storm network was believed capable to shutting down any military or commercial site on the planet. Or, Storm could cripple hundreds of related sites temporarily. Worse, Storm could have done some major damage in ways that have not yet been experienced. There's never been anything quite like Storm,...

For a few hours late last week, visitors to the Bank of India Web site had their browsers covertly redirected to a site hosting malicious exploits. Increasingly, criminals, often without any technical experience, are defacing popular Web sites with code that allows them to direct your browser to download content without you even knowing. Finjan, a security company that's been on the cutting edge of detecting Web 2.0 malware, identifies 10 toolkits for sale on the Internet, up from earlier this year. If you are an online criminal these days, says Yuval Ben-Itzhak, CTO of Finjan, "you are buying a...

China is host to almost half of the world's malware-infected Web sites. According to a report released Monday by antivirus company Sophos, China--including Hong Kong--hosted 44.8 percent of the world's infected sites in August. The U.S. ranked a distant second, hosting 20.8 percent of sites that contain malicious code. The number of infected Web pages has also grown. Sophos said it detected an average of 5,000 new infected pages each day in the month of August. The company warned that simply staying clear of sites hosted in the top three countries of China, the U.S. and Russia is not an...

My out of state friend is lazy about computer protection, but he just bought a new laptop that has wi-fi (he may never use that). I sent him what I hope is an easy, minimal list of actions to take, until he can look deeper into the subject. I know that everyone has their own preferences for programs, and many of you computer guys have had to deal with indifferent friends and family. How do you guys keep it simple and free for them, keeping in mind that an imperfect defense that is implemented, is better than no defense at...

For many years, we've written some highly critical reports about Spyware vendors, some of whom would then e-mail us asking us to stop referring to their product as Spyware. Claria Corporation was perhaps the worst offender in this regard, threatening to sue anyone (AV Vendors or the press) who called their Gator spyware what it actually was. It has all been part of a massive attempt by the spyware industry to hoist some kind of pseudo-legitimacy on a sector that spent almost a decade trampling user rights and privacy. As part of this push, Zango (formerly 180Solutions) recently sued Kaspersky...

Trend Micro believes it could be a good possibility that a major attack is coming out of Russia. As always, keep those scanners up to date. Chenghuai Lu, a senior threat analyst at Trend Micro, has uncovered a site with several hundred malicious programs and traced the site's server to a Russian IP address. Among the harboured malware were examples of three Trojan families: Dropper.cko, Clicker.qu and Polycrypt.g. All three clans typically hijack Internet Explorer on compromised PCs and direct users to adult websites.

Last week, when I condemned the flood of crippled trial software, ads and offers that come loaded on new Windows Vista computers, readers reacted strongly. I received roughly 700 emails, all but a handful agreeing with me. The column was the most popular article that day on WSJ.com and was cited on numerous other Web sites. Clearly, many people are furious about these unwanted programs and icons, which are sometimes called craplets. Many would like to smite them without going through the laborious process of uninstalling them manually, one at a time. Some readers suggested strategies. The following are some...

Out of curiosity, has anyone with a Mac iBook been presented with this message, when powering up in a different location than where you normally connect to the internet: "None of your trusted internet connections can be found, would you like to join the internet connection jdnetwork?" I'm posting this message for a friend who clicked "Yes" to that prompt and immediately the following happened: The pointer/hourglass locked upThe whole screen frozeHe had to power down by removing/reinserting the batteryUpon trying to turn on the iBook, no (green) power light was present. Not sure what to do next. The computer...

The Mozilla Foundation has released security updates to fix multiple flaws that could result in system hijacking in its open-source Firefox browser, Thunderbird e-mail client and SeaMonkey Internet applications suite. The bugs, deemed critical, are detailed in Mozilla's Security Advisory 2007-12. They include multiple vulnerabilities in Mozilla's Layout Engine and in its JavaScript engine that can result in memory corruption and lead to system takeover or DoS (denial of service). The function of a layout engine is to handle content such as HTML, XML, image files and applets as well as formatting information including CSS (Cascading Style Sheets) and presentational...

A new variant of the Russian Trojan Gozi, armed with keylogging functionality, is making the rounds again. What makes this time different is that the Trojan can scramble itself to avoid detection by your anti-virus software. The Trojan is believed to have been spreading since April 17. Like the original, which was discovered earlier in 2007, the new version of Gozi steals data from encrypted SSL (Secure Sockets Layer) streams. The latest variant was uncovered May 7 by Don Jackson, a security researcher at SecureWorks in Atlanta. Comments Posted by Steve 3:15 PM (CDT)

A timeline: A Windows update icon shows up on the bottom of the computer screen to show that a new update is available. It is the patch so that hackers don't use Windows updates to piggy-back onto the computer. Try to download and install patch. The icon shows up repeatedly for several days, even though it states that it has been downloaded. A BBC article about malware using a trojan to piggy-back on Windows update is put on the BBC site. Mentions the patch. Download and install Avast anti-virus. Next day, put in registration key for Avast. Later, the Avast...

On Wednesday I went to Intel's launch of its latest Centrino chipset for notebooks. Everything, of course, is a lot faster, but what caught my eye was a new technology embedded in the chips which, although aimed squarely at business users, would be a god-send for consumers. Take a look: Intel® vPro™ processor technology. IT departments will be able to reliably manage both desktops and notebooks and deal with what plagues them most – security threats, cost of ownership, resource allocation, and asset management – and do so wirelessly. One of the key innovations designed in Intel Centrino Pro –...

Excerpts - ... 1. Make ISPs (and all organizations providing computer access to more than 100 people) responsible for filtering scan and attack traffic across their networks. ... 2. Make ISPs (and all organizations providing computer access to more than 100 people) responsible for knocking customer PCs off their network if they become bots. ... 3. Make end users liable if losses are incurred because of outdated security software. ... 4. Write some kind of law concerning efficient security software. ...

I received a few e-mails over the weekend from readers who took issue with advice I recently gave to a Web chat participant who asked what he should do to help an elderly friend who was having PC trouble. The questioner said the woman knew nothing about computers and that her Windows machine was besieged with pop-up advertisements. I probably get two or three variations on this question in the course of each Web chat, and I usually ignore them in favor of more targeted questions because of the difficulty in diagnosing what precisely may be ailing the questioner's computer....

My computer used to be really zippy. 1 1/4 gig Ram, fast processor, etc. But then I installed symantic and that slowed it somewhat. Then all the Windows updates. Now it's actually pretty slow, sometimes. Anyone else have this problem?

We’ve all been hearing a lot about secure applications recently, or more accurately about insecure applications; specifically those that are exploited in identity theft raids or that we can be “tricked” into running on our PCs.Insecure applications are such a problem that Microsoft has spent the last five years and many millions of dollars re-engineering its operating system and much of its other software in order to improve the situation [and can one ever really overcome the temptation to bolt-on security to a fundamentally insecure design, in pursuit of “backwards compatibility”, in such circumstances – Ed].Other software providers are doing...

NEW YORK, Jan. 7 (UPI) -- Computer code writers in Europe are the chief suspects in the creation of programs that turn other computers into zombie-like slaves for Internet crimes. Computer experts in Eastern Europe and elsewhere are likely behind the newest computer crime plaguing the Internet, which has turned innocent users into unwitting participants and left security experts stumped, The New York Times reported. By inserting small programs into others computers, electronic criminals can harness the collective power of multiple computers to commit more elaborate online crimes. "It's the perfect crime, both low-risk and high-profit," computer security researcher Gadi...

SAN FRANCISCO - A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday. EEye Digital Security, based in Aliso Viejo, Calif., said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday — seven months after eEye first discovered the flaw. Symantec released a patch to address the flaw in May, but it's up to its corporate customers to install it. Officials at the Cupertino, Calif.-based security software company said Friday it had so far received three reports of systems affected by the worm. "It is...