Thursday, November 25, 2010

Fifth of Facebook Users Exposed To Malware

Security software manufacturer BitDefender today released some statistics gleaned from Safego, a Facebook application that it offers to users of the social-network to keep an eye on their vulnerability to malware. The big finding: 20 percent of Facebook users are exposed to malicious posts in their "news feeds" of friends' activity, generally defined as posts that, when clicked on, result in "the user's account being hijacked and in malware being automatically posted on the walls of the respective user's friends."

The numbers were derived from Safego's analysis of news feed items viewed by the 14,000 Facebook users who have installed the app. Considering Facebook has 500 million users around the world, that's a small sample, but it's also a sample of users who, by virtue of installing the app in the first place, indicate that they're relatively security-minded. The "average" Facebook user may well be even more likely to see malicious posts, in theory.

Over 60 percent of attacks come from notifications from malicious third-party applications on Facebook's developer platform, the study found. Within that, the most popular subset of "attack apps" (21.5 percent of total kinds of malware) were those that claim to perform a function that Facebook normally prohibits, like seeing who has viewed your profile and who has "unfriended" you. 15.4 percent lure in users with bonus items for Facebook games like free items in FarmVille; 11.2 percent offer bonus (yet bogus) Facebook features like free backgrounds and "dislike buttons," 7.1 percent promise new versions of well-known gaming titles like World of Warcraft; 5.4 percent claim to give away free cell phones; and 1.3 percent claim to offer a way to watch movies for free online.

Beyond "app attacks," BitDefender found that an additional 16 percent of malware viewed on Facebook entices users to watch some kind of shocking video, like this one that claims to depict an anaconda coughing up a hippo, and that an additional 5 percent of attacks can be connected to viruses like Koobface.
And this isn't all the malware that gets flung across the social network: The BitDefender app only analyzed what's visible in users' news feeds. Private Facebook messages, which were just upgraded and expanded to include many different points of entry last week, are also vulnerable to attack.

Facebook says that it monitors activity routinely and keeps abreast of security concerns as quickly and expediently as possible, but as with anything else on the Web, dealing with malware is always a game of defense.

Read more:

Tuesday, November 23, 2010

Antivirus Action Rogue Antispyware Program

Antivirus Action is a rogue antispyware program, a clone of Security Suite program which has been actively infecting computer systems a while ago. It uses exactly the same methods and has the same goals as the latter program.

The application uses system exploits in order to enter the system. The exploitable program then installs a Trojan virus which finally downloads and installs Antivirus Action to the infected computer.
The program is started as soon as the workstation is rebooted. The same repeats every time you log in to Windows. It loads a fake scanner and simulates performing system scan. After a while, the program generates a list of infections and asks you to purchase a full version of Antivirus Action in order to get rid of detected infections.

Later, the program starts generating fake alerts that warn about spyware infections that have been detected on the system. The messages state that your system is at risk and recommend activating your antivirus software in order to protect your computer against viruses and other security threats.

When you attempt to visit some Internet website, it will also cause more security notifications. Instead of opening the site you request for you will see a message claiming that visiting this website may harm your computer.

If you are one of those experiencing this kind of problems on your system, it is clears that your system has been infected. However, the main reason is not some spyware infections that the program claims to detect. The main infection is Antivirus Action itself.

Please remove Antivirus Action once you notice its activity.

Saturday, November 13, 2010

Obama Wants To Speed Up Internet Privacy Laws

The Obama administration desires higher Internet privacy protection and is on the lookout for new legal guidelines and a new authorities to assist in that effort.

Citing folks conversant in the situation, the Journal says the White House had asked the Commerce Department to create a report with recommendations on enacting new legal guidelines regarding Web privacy. Presently in draft kind, the ultimate report is because of come out in a few weeks.

A special activity drive headed by Cameron Kerry, brother of Massachusetts Sen. John Kerry, has also been shaped to assist flip these recommendations into precise policy. A brand new federal position could be created to enforce that policy.

Though the government has usually steered away from any kind of regulation of on-line companies, the White House now appears to prepared to maneuver over considerations that online industries might not be able to regulate themselves. The renewed effort follows last week's announcement from the European Union that it is also searching for tougher legal guidelines to manage how personal information is used on the Internet.

Given the present political local weather in Washington, though, enacting and enforcing legal guidelines over Internet privacy could also be a challenge. While enough Republicans would doubtless help the effort, many might shrink back from giving the government too much regulatory management over the online industry.

Naturally, Web-based companies themselves are cautious of any new legal guidelines that would limit their capability to do business as usual. According to the Journal, the Interactive Promoting Bureau (IAB), which represents online advertisers, already feels the industry is doing sufficient to ensure privacy.

"We believe we are living up to consumer-privacy expectations and are very advanced in privacy protections and innovation," quoted the Journal of Mike Zaneis, senior vice chairman of the IAB.

The push for powerful Internet privacy laws is nothing new. Rep. Rick Boucher, a Democrat from Virginia, has been one of many main Congressional champions of such laws dating back to 1999. This previous May, Boucher unveiled a draft proposal searching for to clamp down on the gathering of online knowledge, however several privateness groups complained that the proposal wasn't tough enough.

One other invoice launched in July by Illinois Rep. Bobby Rush known as for a set of new rules administered by the Federal Trade Fee and fines towards any corporations that didn't observe those rules. However that invoice was seen as too weak by privateness advocates and too broad by the IAB and other industry groups.

The FTC has also been drafting its personal report due by the end of the 12 months with recommendations to Congress on regulating sure Internet business practices. Speaking at an occasion in Canada this past June, an FTC representative said that present Internet privateness legal guidelines aren't working and place an excessive amount of of a burden on the buyer to deal with the insurance policies of online businesses.


Saturday, October 30, 2010

Major security bug fixed in Firefox

Mozilla is advising fans of Firefox to update the stable version of the browser after it released a patch for a security bug marked "critical" today.

Available for Windows, Mac, and Linux, Firefox 3.6.12 patches a heap buffer overflow that could allow for remote code execution. Mozilla notes that the bug affects the current version 3.6 branch of Firefox, the legacy version 3.5 branch, and could potentially affect Thunderbird users who load Web pages in the RSS reader.

The bug has not been found in the upcoming version 4, currently in beta development and behind schedule. Firefox 4 beta 7 was originally due in the middle of September, then pushed back to the end of September because of a stability bug. Mozilla has since initiated a code freeze on the next generation of its browser but has yet to update the schedule because of multiple critical bugs. It's expected that Mozilla's updated JavaScript engine will land in the seventh beta. Called JaegerMonkey, it's currently available for testing in the Firefox nightlies.

Source: CNET

Tuesday, October 26, 2010

The New AVG Antivirus Free 2011 - Video

AVG Free might've flagged just a little in the past few years, but it's back with a shorter install, better usability, and faster scans. Take a video tour of AVG Anti-Virus Free 2011 and see what makes AVG one of the most respected names in Windows security.

Facebook Filed Lawsuit Case On Spammers

Facebook announced today that it has filed suit against two individuals and a company that it says are responsible for propagating deceptive spam offers across the massive social network, including some that encouraged members to spam their friends in turn.

"This week, in a U.S. federal court in San Jose, California, we filed three lawsuits alleging violations of our terms and applicable law by defendants attempting to trick people on Facebook into signing up for mobile subscriptions and sending spam to their friends," a blog entry posted by Facebook's security team explained. "In three separate complaints, we allege that Steven Richter, Jason Swan, and Max Bounty, Inc. used Facebook to offer enticing, but non-existent products and services."

The lawsuits, filed Tuesday, allege that Jason Swan of Long Island, N.Y., had been running "more than 27 fake profiles, 13 fake pages, and at least 7 applications as part of an affiliate marketing advertising scam"; that Richter, also of Long Island, had been running about 40 fake profiles and 43 fake pages; and that the Canada-based Max Bounty Inc. had been misappropriating Facebook's logo and using deceptive marketing in its hawking of free gift cards, iPads, and other goods to consumers. All three are charged with violations of the U.S. Computer Fraud and Abuse Act, the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), and other state and federal laws.

Almost exactly a year ago, Facebook was awarded $711 million in a court judgment against Sanford Wallace, the self-described "spam king" who had been accused of fraudulently obtaining access to Facebook accounts and then using them to run phishing scams. Among other things, Wallace is now permanently banned from Facebook.

In another judgment related to CAN-SPAM violations, this one in 2008, Facebook was awarded $873 million.

"Stay tuned as our push against spammers and scammers escalates over the next month, year and beyond," the post from Facebook today read. "We have other actions pending, and there will be more to come."

Security on Facebook has been a hot topic lately because of a controversial Wall Street Journal investigation that found many of Facebook's major application developers were violating the social network's terms of service by selling some user information to marketers. The report was assailed by many tech industry professionals who said that it made too much fuss about something that actually wasn't particularly surprising or alarming, but others have argued that the real problem is that Facebook didn't appear to be doing enough to police its advertisers and developers for terms of service infractions.

View the original article here

Sunday, October 24, 2010

Report: China hijacked U.S. Internet data

A Chinese state-run telecom provider was the source of the redirection of U.S. military and corporate data that occurred this past April, according to excerpts of a draft report sent to CNET by the U.S.-China Economic and Security Review Commission.

The current draft of the U.S.-China Economic and Security Review Commission's (USCC's) 2010 annual report, which is close to final but has not yet been officially approved, finds that malicious computer activity tied to China continues to persist following reports early this year of attacks against Google and other companies from within the country.

In several cases, Chinese telecommunications firms have disrupted or impacted U.S. Internet traffic, according to the excerpts.

On March 24, Web traffic from YouTube, Twitter, Facebook, and other popular sites was temporarily affected by China's own internal censorship system, sometimes known as the Great Firewall. Users in Chile and the United States trying to reach those sites were diverted to incorrect servers or encountered error messages indicating that the sites did not exist. The USCC report said it was as if users outside China were trying to access restricted sites from behind China's Great Firewall.

Then on April 8, a large number of routing paths to various Internet Protocol addresses were redirected through networks in China for 17 minutes. The USCC identified China's state-owned telecommunications firm China Telecom as the source of the "hijacking." This diversion of data would have given the operators of the servers on those networks the ability to read, delete, or edit e-mail and other information sent along those paths.

Read the rest of the article at CNET

Saturday, October 23, 2010

Security Expert Matthew Anderson Arrested For Spreading Viruses

Matthew Anderson, 33 years old, may very well be prisoned for distributing computer viruses. Matthew is a PC security expert from Scotland has admitted that he is member of international hackers.

His legal activities were found by Scotland Yard, which led an investigation into the viruses.

The gang, identified popularly recognized on-line because the m00p group. They're believed to be infecting computer systems using viruses, spywares connected to unsolicited industrial emails.

The Scotsman studies that Anderson composed and distributed thousands and thousands of spam messages with virus attachments earlier than distributing them.

The viruses ran within the background on an infected laptop and allowed Anderson to access private and commercial knowledge saved on them. He was additionally in a position to activate webcams, successfully spying on users of their houses and sometimes taking screengrabs.

The hacker additionally made copies of personal paperwork reminiscent of wills, medical studies, CVs, password lists and personal photographs.

Anderson, is set to be sentenced on 22 November.

Tuesday, October 19, 2010

Free Spyware Removal Video

In this video Mrizos shows a virtual PC that is infected by a a number spywares. He first log-ins to his VMWare PC in safe mode and from there installs malwarebytes.

Tuesday, October 5, 2010

Hackers Charged In Stealing $3M Using Zeus Trojan

The FBI and the U.S. Lawyer's workplace in southern New York announced that 37 folks accused of being part of a global crime ring that stole $3 million from financial institution accounts by infecting computers with the Zeus Trojan and different malware.

Between federal and state expenses, greater than 60 people complete are being charged in the operation, officials said.

Ten individuals have been arrested at present by federal and New York regulation enforcement officers and another 10 were previously arrested in the U.S. as a part of a coordinated take down, authorities said. Seventeen people are nonetheless being sought in the U.S. and overseas, officers said. The defendants named in the documents, unsealed by the courtroom at this time, had been all listed as being from Japanese Europe and face federal charges.

Individually, 10 individuals had been charged earlier at present in England for similar Zeus-associated crimes.

The Zeus Trojan was identified earlier this yr as a key issue within the building of a botnet that contaminated tens of hundreds of computers around the world.

The defendants charged in Manhattan federal court docket at present include alleged managers of the operation in addition to alleged money mules recruited to open financial institution accounts for laundering cash and a person accused of obtaining false overseas passports for mules.

The group allegedly recruited mules by putting adverts on Russian language Websites looking for students with J-1 visas, who may open financial institution accounts in the U.S.

One of the purported victims was identified as a municipal entity in Massachusetts. Among the alleged mules are accused of retrieving cash from breached brokerage accounts at eTrade and TD Ameritrade. Different defendants allegedly received stolen cash from wire transfers to bank accounts in Asia or by withdrawing cash from ATMs in New York, the documents indicate.

The investigation appears to have been triggered when New York police detectives went to a Bronx financial institution in February to analyze a suspicious $forty four,000 withdrawal, in response to a news release issued by the FBI, the U.S. Attorney's workplace, the New York Police Division, and different agencies.

The costs range from financial institution fraud and false use of passport to cash laundering and conspiracy to commit wire fraud. Most jail sentences range from 10 years to 30 years and fines from $250,000 to $1 million per

Learn more: CNET

Sunday, September 26, 2010

How can I keep my pc virus-free without slowing it?

This is a question posted on Yahoo Answer by Farnaz Ahmad

I used many anti-virus soft,but none of these worked properly.I am facing some problems with explorer and file extension.In addition,those soft made pc slower.Is there any better solution without slowing the pc too much?


do disk clean up and defragmentation

disk clean up computer>hard drive c:> righ click properties>general tab> disk cleanup> tools tab> disk defrgmentation.

and use Ccleaner.

last solution: back up all data and do clean installation of your OS.

Make sure your computer is tuned up. Most anti-virus run pretty light now days, and use way less ram than other programs. For instance I'm using Norton Internet Security and it's using 10mb of ram. While firefox is using 140 mb or ram. The only time a anti-virus should slow down your computer is when it's scanning for virus. Which you should do when not using the computer.
Now it is true that some of the anti-virus programs will slow browsing some, because of real time web protection. But not a lot, if a page takes one second to load, with some anti-virus it may take a second and a quarter. One quarter of a second isn't bad really. Gone are the days when anti-virus programs used a lot of ram and slowed down a computer. Some still do, but overall most run light, Norton, Avira, Microsoft, Nod32.

Saturday, September 25, 2010

Download Free PC Tools Antivirus

With PC Tools AntiVirus Free, you are protected against basic cyber threats attempting to gain access to your PC. Don't risk going online without protection. Dangers include contracting malware or getting your identity stolen - download PC Tools software today for enhanced protection!

If your PC gets infected, viruses may attempt to spread to your friends, family and associates by accessing your email contacts and other PCs within your network. A computer virus may also create a backdoor that allows hackers to access files on your PC, launch attacks against other computers or websites, or send SPAM email.

Downloading PC Tools AntiVirus Free provides basic antivirus and antispyware protection, with Smart Updates to keep your PC safe, File Guard™ to provide real-time protection and Email Guard to protect your computer from viruses and spyware being sent over email. PC Tools AntiVirus Free was created by the makers of award-winning Spyware Doctor, a highly trusted product used by millions worldwide.

PC Tools AntiVirus' main features include the following:
  • IntelliGuard protection against computer viruses and related malware threats PC Tools AntiVirus detects and eradicates viruses and related malware threats that attempt to enter computer systems by means of file transfer through storage media, e-mail, the Internet and other network protocols. Protection is provided by means of on-demand system scanning or real-time (IntelliGuard) detection of threats.
  • Smart Updates to keep virus definitions and other feature enhancements up to date Smart Updates are released frequently, allowing you to protect your system against the latest virus and related malware threats, as well as improvements to PC Tools AntiVirus' functionality. By running Smart Update regularly, you can help keep your system free of new infections.
  • Customizable Scan Settings applicable to both PC Tools AntiVirus' on-demand file scan and real-time protection features Scan settings are easily configurable and apply both to the on-demand scans and IntelliGuard scans (detection in real-time through the IntelliGuard tool). These scan options allow you to customize a range of generic and global settings which affect the overall behavior of PC Tools AntiVirus.
  • Ability to quarantine and restore items that have been detected PC Tools AntiVirus allows you either to remove detected viruses and related malware from your system or to quarantine them into a contained area. The majority of infections that have been quarantined can be restored at a later time. You can customize PC Tools AntiVirus either to remove or to quarantine malware items fixed in a scan.
  • Logging of File Scans conducted by PC Tools AntiVirus All File Scans conducted by PC Tools AntiVirus can be logged, providing a record of when each scan was conducted; the infections that were identified; and when infections were disinfected, quarantined or removed.
  • Enhanced architecture providing enhanced infection removal capabilities for limited user accounts PC Tools AntiVirus' service-based architecture allows user accounts with limited permissions to scan all areas of the operating system to ensure thorough removal of viruses and other related malware threats.
Download PC Tools Antivirus Here

Thursday, September 23, 2010

8 Out Of 10 Web App Fails In Open Web Application Security Project

According to reports by Veracode, an application security company, more than half of software system are proned for security vulnerability.

Veracode viewed more than 2,900 systems over an 18-month period that were used by its cloud-based clients and discovered that 57 percent of all the applications were found to have unacceptable application security quality.

In a study only 2 out of 10 Web Applications are able to meet the OWASP (Open Web Application Security Project ) Top 10 requirement that is necessary to achieve PCI (payment card industry) compliance for use in financial and e-commerce sites, Veracode said.

The report ascertains that third-party code, which is growing in use in enterprises, is often insecure. Third-party suppliers failed to achieve acceptable security standards 81 percent of the time, the report said.

Meanwhile, cross-site scripting remains the most common of all application vulnerabilities, and .NET applications showed "abnormally high" numbers of flaws, Veracode said.

"A lot of work still needs to be done around the work of software security," Sam King, vice president of product marketing at Veracode, told CNET.

Also on Wednesday, WhiteHat Security released a report that found that the average Web site had nearly 13 serious vulnerabilities.

more on:

Tuesday, September 21, 2010

Remove My Security Shield

My Security Shield is another fake anti-virus application that infects the computer with several  advertisements that tells that the application is an antispyware program. The My Security Shield virus will show a fake scanning process and will display false infection results that advises the user to download the virus protection and install it. But the My Security Shield is the virus itself. If an advertisement is click, the virus will be automatically installed on the operation system and will create multiple infected files.

The malware will create the following:


While My Security Shield is running it will also display fake security warnings that are designed to make you think that your computer has a severe computer security problem. The text of some of the alerts you will see are:
Warning! Access conflict detected!
An unidentified program is trying to access system process address space.
Process Name: AllowedForm
Location: C:\Windows\...\notepad.exe

Warning! Identity theft attempt detected
Memory access problem
WindowsErrorForm has encountered a problem at address 0x1FC408.
We are sorry for the inconvenience.
If you see this error again, operational information can be irrevocably lost.

Warning! Virus detected
Threat Detected: Trojan-PSW.VBS.Half
Description: This is a VBScript-virus. It steals user's passwords.
All of these security alerts are not true and should be ignored.  My Security Shield aim at tricking the user of purchasing the anti virus.  If you have purchased it, we suggest that you call your credit card company and asked for refund.

To remove the My Security Shield

Friday, September 17, 2010

Shaquille O'Neal Accussed Of Hacking A PC

A man from Florida is accussing Shaquille O'Neal of trying to frame him by putting child pornography on his computer laptop.  The man is said to be a personal assistant of the NBA Superstar.

In papers filed in Florida state court docket in Miami, Shawn Darling claims O'Neal hacked his pc as part of a revenge plot after Darling exposed affairs O'Neal was supposedly having with a number of ladies, including rapper Alexis Miller, who goes by the stage name MaryJane, and model Dominica Westling.

Darling is suing O'Neal, who last month signed a $3 million deal to play for the Boston Celtics, for making "repeated attempts to frame Darling of amongst other things possession of child pornography," Darling states in court papers.

Darling also claims O'Neal, who has played previously for the Los Angeles Lakers, Miami Heat, Phoenix Suns, and Cleveland Cavaliers, caused him emotional distress.

"By sending e-mails and by making phone calls to his agents and others, O'Neal engaged in a scheme to place Darling in grave danger and to deprive him of property," Darling states.

"O'Neal knowingly obtained or used, or endeavored to obtain or to use, the property of Darling with the intent to, either temporarily or permanently deprive Darling of a right to his property and his communications, or a benefit from the property or appropriate the property to his own use or to the us [sic] of any person not entitles [sic] to the use of the property," Darling claims in the rambling, at times almost incoherent, 15-page complaint.

Darling is seeking unspecified damages and has asked the court to order a jury trial. O'Neal's agent, Perry Rogers, did not immediately respond to a request for comment.

Wednesday, September 15, 2010

New Chrome Security Fixes

Google updated the stable and beta builds of its Chrome browser on Tuesday, making a fix marked as essential to the Mac version and numerous repairs marked as excessive-precedence across all platforms. Chrome 6.0.472.59 for Home windows, Mac and Linux additionally repaired a Linux-particular memory-corruption bug.

At the time of writing, the critical Mac bug was still blocked from public view. This isn't unusual with bugs that can characterize severe safety risks. Judging by its public security logs, Google appears to be releasing particulars on mounted bugs no earlier than every week after the bug has been repaired.

Other security issues that had been addressed embody a number of high-degree bugs involving use-after-free in doc APIs, SVG types and nested SVG elements. Two high-degree reminiscence corruption bugs had been also mounted, one in the HTML 5 geolocation function, and another in language dealing with for Khmer. Finally, a small variety of customers who experienced browser crashes when blocking pop-ups ought to now see that fixed. The Chrome 6.0.472.59 changelog might be read at Google's Chrome updates blog.

Tuesday, September 14, 2010

Microsoft & Adobe Blocks Zero Day Attacks

Software giants Microsoft and Adobe Systems have introduced  launched Microsoft toolkit that can be utilized to block zero-day attacks focusing on a safety flaw in Adobe's Acrobat and Reader programs.

In an advisory printed on Friday, Microsoft detailed how its Enhanced Mitigation Expertise Toolkit could possibly be used to brief-circuit the threat. Adobe, which has not but launched a patch, up to date its original advisory to reflect the new information.

Adobe considers the flaw to be "vital" - it may let an attacker take management of any of the millions of computer systems operating what is far and away the most well-liked PDF viewing system.

Friday, September 10, 2010

Firefox Fixes Security Holes, Update Your Browsers

Mozilla launched two new versions of its browser on Tuesday, Firefox 3.6.9 and Firefox 3.5.12, to shut 10 critical security vulnerabilities in every and to assist Site operators block a threat known as clickjacking. Firefox 3.6.9 can be accessible from CNET for Windows, Mac, and Linux

Crucial vulnerabilities can let a remote attacker run arbitrary code on a computer. With Net browsers turning into each extra essential and more powerful, browser makers should always watch for new assault possibilities.

Firefox 3.6 additionally will get a new common strategy to cut down searching risks: assist for what's called the X-Body-Options HTTP response header. Website online developers can use this know-how to block browsers from exhibiting their Websites inside a body--basically a smaller window within the browser window. Placing a professional website inside a body on a malicious website is one approach for attacks referred to as clickjacking, during which the malicious website can capture keystrokes resembling usernames and passwords.

For the new variations of Firefox 3.5 and 3.6, 9 of the 10 important vulnerabilities are the same, but one drawback on 3.5 is minor on 3.6, and one 3.6 problem did not affect 3.5. In addition, a number of noncritical security vulnerabilities have been patched. Full particulars can be found on the security pages for 3.6.9 and 3.5.12.

Mozilla also is racing to release Firefox four this year. It released a fifth Firefox four beta on Tuesday, including assist for some hardware acceleration on Home windows, amongst other features.

Nevertheless, not all the Firefox 4 hopes are coming to fruition. In line with meeting notes published Tuesday, one other function slipped off the roadmap: a Firefox developer device referred to as the Inspector that might have made it simpler to find particulars about parts on Web pages.

It additionally appears doubtless Mozilla won't meet its Friday deadline for freezing the code base for the sixth beta--the final cutoff point for getting new features into Firefox 4. A week later, September 17, now appears more probably, in line with the assembly notes.

Also up to date Tuesday had been the secure and beta versions of Google's new Chrome 6 browser with the discharge of model 6.0.472.fifty five (Home windows | Mac | Linux). This update fixes problems with autofill, which may enter data akin to addresses and names into Internet kinds; the overwriting of the default search engine setting; and some points with Chrome's translation ability.

Learn more:

Wednesday, September 8, 2010

How to make the Full System Scan 6x faster in 10 days

During the last few weeks, we have been tweaking the avast! 5 engine; and while doing this, we found out that there were some hidden reserves with respect to its performance (namely, the duration of the on-demand scans).

One of the great new features of avast 5 is the persistent cache, a mechanism which allows us to skip rescanning of certain files. In particular, this applies to files which are on our internal whitelists, as well as files which are digitally signed by trusted publishers (we maintain a relatively short list of software publishers that we trust, and we consider any files produced and digitally signed by these publishers as safe).

Previously, we were using the crypto services provided by the operating system (called “wintrust”) to do the actual verification of the digital signatures. We knew this wasn’t ideal though – especially because we realized that in case the underlying system was somehow compromised, any such system API could already be redirected/hijacked by malware and so trusting it was not 100% bulletproof. For this reason, we have been working on our own implementation of the signature verifier. What seemed like an easy task in the beginning actually turned out to be a fairly large project with tens of thousands of lines of code, and many months of work.

The works on this were finished about a month ago, and after some additional reliability testing, we finally released it to the public as part of the April 19th definition update (last Monday). What’s interesting that this change brought us not only increased reliability (the reason why we decided to implement it in the first place), but also significant performance gain. On our test system (a Dell workstation with an Intel Core i7 CPU, 4GB RAM and Windows 7) the duration of the Full System Scan time suddenly went from 39:35 to 16:03 – meaning almost 2.5x speedup!

We haven’t really done a full analysis of what’s actually causing this, but our current hypothesis is that the performance gain is related to checking of the signature catalogs. It is possible that the Wintrust APIs reopen/reread the catalogs every time a file is checked, whereas our implementation only reads them once and keeps them cached in memory for the whole duration of the scan.

Now, this by itself raised a lot of interest in exploring if things could be improved even more. So we revisited the verification code once more, and found out that the code spends most of the time in a function that is responsible for the calculation of SHA-1 hashes. This is no surprise, as pretty much all signing certificates are currently based on the SHA-1 algorithm, and the actual hashing is the most expensive part of the verification process.

So the next logical step was to optimize our implementation of she SHA-1 algorithm. Interestingly enough, one of the engineers on the Intel performance team recently published a nice article describing the possibilities to speed up SHA-1 by means of the SSE2 instructions added in the Pentium 4 processor. Using these ideas, we were able to further optimize the code so that it ran about 30% faster (especially on the latest Core 2 and i7 CPUs).

While doing all these tests, we also noticed one strange thing: the Full System Scan ran pretty much the same time during the first and all subsequent runs. It was not supposed to be like this though – the persistent cache was supposed to let the 2nd and all subsequent scans run faster. Not so dramatically as the Quick Scan (as the Full System Scan is set up so that it does not trust the persistent cache by default), but still quite significantly as we weren’t supposed to be verifying the digital signatures of files during these repeated scans. So we reviewed the relevant code, and were quite surprised to find out that the verification task was indeed performed every time, not just in the first pass. Fixing this (in the yesterday’s engine update, April 24th), we were able to cut down the scan time on that reference machine down to mere 6 minutes 54 seconds – which translates to almost 6x speedup (with no effect on dection rates, of course)!

For us, this was a great exercise which showed the beauty of software engineering. Sometimes, if you try really hard, you can make a heck of a difference.

By the way, I encourage you to run a Full System Scan and report your findings here in the Comments section below. Of course, your mileage may vary (it all depends on your hardware configuration, but generally the higher-end hardware, the more significant speedups you should expect) but we expect that at least 2-3x speedup should be measurable on pretty much all systems. Also, please keep in mind that the first scan is supposed to take significantly longer so if you have never ran a Full System Scan yet, it’s good to run it twice and compare the results.

Tip: to make the Full System Scan even faster, configure it to actually take advantage of the persistent cache. To do this, open the Full System Scan details, click the Settings button and check the box “Speed up scanning by using the persistent cache” on the Performance page.

View the original article here

Tuesday, September 7, 2010

Get A Spyware Removal Software To Keep Privacy Guarded

Surfing the Internet has already been a routine for many of us. However, people take it for granted without realizing what is definitely going on. Everytime you log on to the world extensive net, you are risking your computer to quite a few viruses, adware, and adware programs. Many people don´t understand that over ninety percent of computer systems as we speak are contaminated with some type of virus or spyware. It is usually to late for individuals to do anything by the time they realize they have been contaminated by some malicious laptop disease. By then they have to go a computer repair place and shell out massive bucks to fix whatever problem could have occurred. There's a resolution to this downside nevertheless, and it is referred to as spyware and adware removal software.

There are several insecurities in your pc when you first buy it, and in the event you don´t do something about it, you might be permitting your self to be exposed to countless infections. By conserving your self exposed, you give access to multiple hackers who can flip your life into an entire nightmare. As soon as a hacker is into your computer, they can steal passwords, reconfigure your browser settings, record sensitive info like your credit card numbers and bank data, and so they can even use your computer to do unlawful issues to other computers. So why enable this to happen when all you actually must do is get spy ware removing software.

Adware and Spyware removing software program is a highly effective way to stop hackers from infiltrating your laptop and inflicting havoc in your life. Although it is virtually unattainable to eliminate all spyware on one´s pc, it is suggested that you simply nonetheless install it. There are a few things to search for when selecting the right spy ware elimination software. It should have constant updates to maintain you as most protected as possible. It should replace at the least once a month to keep up with the rapidly altering software out there today. The spyware and adware software program also needs to block all pop ups because countless infections are caused by this annoying occurrence. It should scan your laptop routinely on a set schedule, and it should have fixed background scanning to keep you as well protected as possible. If you happen to find a spyware removal software program that features all these options it is a good investment to buy it.

Your laptop is considered one of your most useful assets. You should utilize it for numerous issues comparable to paying your payments, checking your bank assertion, or just discovering vital information. Although many people take it for granted, logging on-line could be simply as dangerous as giving your purse or wallet to an unknown civilian. When connecting to the Internet, you're permitting numerous hackers to corrupt your computers system and you might be enabling these people to turn your life upside down. As an alternative of permitting this to happen, just by buying the fitting kind of adware removing software, you can get rid of this risk from eve occurring. Don´t let hackers and infections destroy your laptop and your day, get spyware elimination software and safely go online without any worries.

Monday, September 6, 2010

Best Free Spyware Removal Tools

Best Free Spyware Removal Tools

I have been specializing in Spyware Removal for a few years, and I can certainly say that both paid and free spyware removal tools have improved dramatically. I have removed spyware from countless computers, using only free tools! Now, I will share this information with you, so that you can save money too.

I am going to share the process that I use to remove spyware, and it works about 90% of the time. If this process does not work, backup your important information, do a zeros wipe on the complete hard drive, reformat your hard drive, and reinstall Windows.

What best free spyware removal tools will I need?
I strongly suggest downloading these applications from a computer that has Internet access and loading them onto a flash drive, because spyware often cuts off Internet access or is smart enough to prevent access to the web pages you would need to visit in order to download these tools.

Combofix, Roguefix and Smitfraudfix
Malwarebytes Free (The paid version has an active scanner that makes sure you do not get infected again).
AVG Free (The paid version, AVG Internet Security, has an active spyware scanner, too).
Fix IE Utility

Let's Get Into the Spyware Removal Process
The spyware removal process is not a fixed set of steps. Spyware is very smart, but all spyware has weaknesses and I have laid the path of least resistance.

Personally I would try to download and run Malwarebytes first. If it works you are very fortunate, because most spyware programs will recognize Malwarebytes and prevent it from running. You can try renaming the programs and see if it works, otherwise stick to the steps and you should succeed. If you run into a snag, leave a comment, and I will help you

Always work in "Safe Mode with Networking" when removing viruses, spyware, rootkits, and trojans. Safe mode will prevent a lot of these programs from starting up. Working in this mode is also faster, because you have more of your computer resources to work with.

You can enter Safe Mode by tapping the F8 every two seconds after you turn you computer on. A menu with Safe Mode options will appear instead of the traditional Windows Logo/Loading Screen.
Log into your computer in "Safe Mode" and run CCleaner. This utility removes a lot of unnecessary files, which allows the other utilities you will be using to scan your computer faster, because the Temporary Internet Files, and etc. will be erased.
After running CCleaner, log into the infected computer in "Safe Mode" then run the Smitfraudfix utility. This utility is designed to remove "fake" anti-spyware applications that utilize Trojans to issue fake taskbar security alerts, or that change your background in order to scare you into purchasing the full commercial version of their software.
After running the Smitfraudfix, log into the infected computer in "Safe Mode" and run the Roguefix and LSPfix utilities.
After running the Smitfraudfix and Roguefix utilities, reboot the computer back into "Safe Mode" and run the Combofix utility. This utility will scan your computer for known malware, and try to clean the infections automatically.It is very comprehensive and can detect and remove most major spyware programs. This program takes about 30 minutes to run and reboots the computer several times during the process. Go ahead and find something else to do at this point because you will not be able to use your computer for other tasks while Combofix is running.
After the Combofix utility is finished, run Malwarebytes. This works similar to Combofix, but is able to detect and remove many more different spyware programs. It also has a straightforward tabbed interface. Malwarebytes often require a reboot after completion, so make sure you tell it to reboot after it is done removing spyware. Hopefully, you have a computer free of spyware at this point. You might still see parts of Windows broken or out of place, so we will use some healing utilities to bring your computer back to normal.
Run the Fix IE utility and the XPQuickFix utilities, which will fix a lot of background problems that spyware creates once they infect your computer.
I know you probably paid money for your Virus Protection, but your computer has been compromised so ditch it. Search Google using the keywords "Norton Removal Tool", "McAfee Removal Tool, etc," depending on the Anti-virus solution you have installed on your computer. Why remove these? Anti-Virus programs aren't any good once they have been compromised. But these two probably weren't good to begin with. Also you should experience a significant speed boost after switching to a more efficient and stable anti-virus program.
If you are broke, install AVG Free, if you have a few bucks get their comprehensive solution. I would also recommend supplementing your anti-virus program with a real-time spyware scanner, such as Malwarebytes, the paid version.

Keep your computer clean!

Again I recommend buying AVG Internet Security and Malwarebytes to completely protect against spyware, but if you go with the free Malwarebytes you will be fine. I would recommend opening Malwarebytes once a week and doing a scan to ensure the computer is clean.
Avoid pornographic sites, and freebie sites (you know free music, software, games, etc).
If you stumble upon a suspected shady web site that forces you to answer a YES or NO popup, or an OK CANCEL popup that you did not initiate, hold the Alt Key and press F4. This will terminate your browser without answering the question. If you click on an answer, 99% of the time you will give the site permission to download rogue software onto your computer regardless of the answer you choose.
Change browsers at once! Internet Explorer has many problems, and ActiveX is a huge window for computers to become infected with spyware. Switch to Opera, Mozilla Firefox, Apple Safari, or Google Chrome.

"Knowing a good computer guy is as valuable as knowing a good mechanic."

I specialize in removing viruses and spyware, and have done so for over 10 years. I can count my unsuccessful removals on one hand, and I service about 400 computers a year. Check me out at or read other articles I have written on spyware and virus removal at

Article Source: