It seems as though the entire world is abuzz with talk of Windows 7 being released today. Everywhere you look online, someone is discussing it. They talk about how fast it is, how cool some of the features are. However, you only really read about the security side of the new operating system if you look on the various tech sites. It’s as though the general population has forgotten about that important component… or have they simply written Microsoft off when it comes to security?

Read the rest of this entry »

The most popular forum in our message boards is Virus, Spyware and Trojan Removal. After we’ve helped someone remove one or more infection from their system, the most popular question is, “How can I keep it from happening again”?

One of our experts has authored a post, Preventing Malware and Safe Computing. It’s a wealth of knowledge, and people are often referred to it.

Today, I came across Diane Wilson’s comment at Ed Bott’s blog. I like it. Concise, no-nonsense advice. I  agree with most everything. It mostly mirrors my philosophy, and current configuration:

1. Stay behind a router. NAS is a great filter for many attacks.
2. Use a firewall. Windows firewall works well enough.
3. Keep your OS up to date, not just in updates, but in versions. I’m already running Win 7 RC as my primary system at home, and I’ll be on Win 7 for good as soon as it goes RTM. Remember (or learn) that security must be pro-active, and that Vista and Win7 took huge steps in this direction. Address space randomization. Array and string range-checking to limit buffer overruns. And more.
4. UAC. Live with it. It’s your friend.
5. 64-bit. Required driver signing is your friend.
6. IE protected mode.
7. Data Execution Protection, turned on for everything. No exceptions.
8. Windows Defender.
9. Oh, one more thing. Anti-virus software.

I think the first suggestion contains a typo. It refers to a NAS, or Network Attached Storage. While they have become inexpensive, and easy to configure. They offer limited security protection. However, they can help protect your data. Most likely she meant NAT, or Network Address Translation. NAT hides your system’s IP address behind another IP (the router’s). Another advantage to a wireless router is that almost all of them now contain a hardware firewall.

Read the rest of this entry »

If you’ve ever tried to lookup the location of an IP address, check the status of DNS propagation, or wanted to check the health of your DNS or mail server,  you’re probably familiar with DNSstuff.com. It used to be an incredibly useful site – when it was free. While DNSstuff.com does still offer a selection of free tools, full access has now reached $79/year! While no free site offers every tool available on dnsstuff.com, here are 10 free sites that offer a good selection of alternatives.

Read the rest of this entry »

Is there a Windows Update icon in the system tray by your clock that you’ve been ignoring? You know, the one that says, “New updates ready to install”. This would be a good time to stop ignoring it, and make sure your system is fully updated. At a very minimum, install the update appropriate to your version of Windows identified in this Microsoft Security Bulletin. All versions of Windows are affected, from Windows 2000 right through Windows Vista Service Pack 1 (even the Windows 7 beta).

Why the alarm and concern? There are widespread reports of malware infections (Conficker.B or Downadup) that exploit a recently discovered vulnerability in the Windows Server service (SVCHOST.EXE). You can become infected by simply the act of being connected to a network, the internet, or sharing a removable drive. No action required. Scary stuff.

Read the rest of this entry »

Change can be a great thing. We’ve all heard fascinating tales of people who shed half their weight.  But change can also be treacherous and destructive. A peek into history books would reveal us tales of great empires falling apart, leaving nothing but dust behind. Doubtless however, change is powerful.

Symantec’s history over the last few years seems to match the second definition. The huge security company, which just a few years ago has been the biggest and doubtless the most influencing security software developer around, witnessed a steep downfall in sales. The security giant, whose products were once installed in almost every new computer, was taunted by the Revolution of the Internet. Faster download speeds made it easier to find alternatives – some of which were free; so did online reviews and comparisons, which were available to everyone: not only in geeky computer magazines.

Read the rest of this entry »

The forums are still available at a new domain: http://www.spywareinfoforum.com

Looking for spywareinfo.com and getting a GoDaddy parking page? Or, looking for the forums at forums.spywareinfo.com and getting a 404 error? You’re not alone. Try the new domain name, and you’ll find the old forum we’ve come to respect and admire. Why the change? Mike Healan the founder of the site has not been heard from in many months, and the spywareinfo.com name appears to have expired. However, the good people running the spyware removal forums didn’t want to let such a valuable resource die, so they planned ahead and registered a new name, spywareinfoforum.com. The change was actually made a couple of months ago, so most search engine results should point to the new domain. However, there are thousands of links from other sites to spywareinfo.com, and who knows how many bookmarks.

Read the rest of this entry »

CastleCops.com has long hosted a number of databases essential for malware removal. These databases consist of information on components of wanted / potentially unwanted programs. They are especially useful when looking up suspicious entries in HijackThis logs. However, CastleCops has suffered from DDoS attacks and slow performance. Recently, its founder accepted a job with Microsoft, and the site has been unavailable for many days at a time. It’s future is uncertain.

Enter Systemlookup.com, a new home for these community contributed databases, hosted by Javacool. Javacool is the author of SpywareBlaster and other helpful tools. Systemlookup.com has an attractive, clean design, is very fast, and advertising free. While it’s still a work in progress, and new features are planned, it’s very useful.

Read the rest of this entry »

With the completion of our recent Home Data Backup Series, I found that many of the alternatives had the same downfall. They still relied on the user having to physically take the chosen backup media to a safe place for storage. While this could be as simple as taking a drive to a fireproof safe in the same office, it still took an extra step that really did not have to be necessary. It also limited access to the data. To combat this, I decided to “customize” my NewerTech miniStack NAS to make it fireproof. Throughout this article I’ll affectionately refer to this project as “The Tank”.

I have to start with a disclaimer. This unit has not been tested in an actual fire and this article will make no claims as to the amount of fire and heat this creation can stand. During the course of this article I am going to break the warranty on a few pieces of equipment. Follow these directions at your own risk. The author of this article and GeeksToGo.com assume no liability for those who choose to follow these directions.

Read the rest of this entry »

The first thing that comes to mind upon hearing the word spam, for most people, is an email advertising certain enhancements to the male body, not the cheap pork brand – which is actually the source of the word. This is not surprising: in 2006, 40% of all e-mails sent – 12 billion per day – were classified as spam emails, and that figure continues to grow constantly as spam vendors evolve and develop their spamming practices.

Many people have had their personal email boxes completely flooded with spam emails – but just how massive is this phenomenon is in real life, for a real person? What websites send the most spam? How do your actions influence the amount of spam sent? Finding answers to these is just the purpose of the recent McAfee research, the results of which have been posted last June. McAfee took spam surveys on a whole new level. 50 volunteers from around the world have been given a computer and email accounts and participated in this research, creatively named Spammed Persistently All Month (SPAM). They have been asked to submit their email addresses to as many websites as possible, including ‘get rich quick’ plans, ‘work from home’ websites, ad clicking websites, and free giveaways: iPods, vacations, etc., and similar.

Read the rest of this entry »

Many Yahoo Mail users report been getting a Google search results page that continuously pops up when trying to check their Yahoomail. The page title contains http://ad.yieldmanager.com/st?..

Since the first result on the search page is often for a topic in the malware removal forum of this site, some people even think we’re somehow responsible. While we’re not yet sure why these users are being redirected, we can tell you how to fix it.

• Download Trend Micro’s HijackThis
• Close your browser and Install HijackThis
• Open HijackThis, Select Do a system scan only button
• In the results, find this line:

O2 – BHO: Browser Address Error Redirector – {CA6319C0-31B7-401E-A518-A07C3DB8F777} – c:\windows\system32\BAE.dll

• Tick the checkbox next to that line, and select the Fix Checked button (DO NOT select any other lines without assistance).
• Restart your browser and navigate to Yahoomail. You should now be able to access it.

UPDATE: Thanks to Chris’ comment, it seems a number of people may be having this problem after Spybot Search & Destroy modifies their hosts file after using the “immunize” feature. Since editing your hosts file can be tricky for some, here’s an easy method to restore your hosts file:

Please download HostsXpert

1. Unzip HostsXpert.zip
2. Double click on HostsXpert.exe
3. Then click on “Restore Original Hosts” to restore your Hosts file to its default condition.
4. Click on Make Hosts Read Only to secure it against further changes.
5. Close program when complete.

If you have any questions, or need further assistance, please read our malware cleaning guide.