There are quite a few antivirus software out there that do the job. Of all the software that is out there, I recommend Avast 2015. You can certainly use the Avast Free Antivirus, but I recommend Avast Premiere if you want extra protection. If you happen to get a virus or malware running on your computer, you can use Avast to scan your drive. If that doesn’t fix it, I also recommend that you install MalwareBytes and Ad-Aware software. These trifecta of antivirus software usually takes care of the job.
Security experts are bracing for the impact of Heartbleed. It’s going to be painful for both companies and users alike. No one knows for sure how much data was compromised. The list of potential sites affected is long and distinguished. Any site using OpenSSL is vulnerable. Some security experts are saying to wait before changing passwords until security admins have patched their servers. You don’t want to change passwords twice. Like it or not, we may be forced to change passwords sooner than we think.
An estimated 275,000 computers are infected by the DNSChanger malware. Users who have the five year old malware may lose their Internet connection on Monday, July 9. If access to the Internet is ok, the other scenario is, they could be redirected to another website.
So, how do you know if your computer is infected by the DNSChanger malware? There is an organization called DNS Changer Working Group (DCWG) which launched a new tool to check if your computer is infected or not.
Just go to http://www.dns-ok.us/ to check if your PC’s health.
If the box in the resulting website is green, your computer is ok. If the box is red, your computer is infected by DNSChanger. Now, it’s highly unlikely that my Ubuntu desktop contains the DNSChanger malware. Here’s the snapshot of my result.
If you have the malware, you can run any of these free tools to remove DNSChanger.
As reported yesterday, over 600,000 Macs are infected by a Flashback Trojan botnet. The good news is, Apple has patched Java. You can visit Apple’s Support website and download the latest update.
Just a little background on the Flashback Trojan botnet per ZDNet.
Flashback was initially discovered in September 2011 masquerading as a fake Adobe Flash Player installer. A month later, a variant that disables Mac OS X antivirus signatures updates was spotted in the wild.
In the past few months, Flashback has evolved to exploiting Java vulnerabilities. This means it doesn’t require any user intervention if Java has not been patched on your Mac: all you have to do is visit a malicious website, and the malware will be automatically downloaded and installed.
Another variant spotted last month asks for administrative privileges, but it does not require them. If you give it permission, it will install itself into the Applications folder where it will silently hook itself into Firefox and Safari, and launch whenever you open one of the two browsers.
If you don’t give it permission, it will install itself to the user accounts folder, where it can run in a more global manner, launching itself whenever any application is launched, but where it can also more easily detected.
As a precaution, you should probably update to the latest Java release from Apple’s website. Just choose the OS X version you are using. I have Lion or OS X 10.7.x. Download and run the package. The patch takes less than one minute to install. It’s a quick and easy fix.
I was working with a client on Friday to remove a nasty malware called Antivirus Live. This rogue and fake antivirus program disables the browser from accessing the internet. It prevent users from launching or installing applications. The virus hijacks the computer with popups telling the user the computer is infected with many viruses, although they are not really there. The fake antivirus program recommends that a user buy their antivirus program to remove the viruses.
A year ago, I posted an article documenting how to remove the Antivirus Pro virus. It’s similar to Antivirus Live, in that it fakes the user there are viruses on the computer and recommend users to buy their own solution. Battling Antivirus Live is a bit more involved because the tools and processes I use before were ineffective with Antivirus Live. I ran Malwarebytes but it did not detect any malware or viruses.
So, I searched the internet for Antivirus Live and came across this website. It recommends that you use SuperAntiSpyware, MalwareBytes and Microsoft Security Essentials to remove Antivirus Live virus. The SuperAntiSpyware program turned out to be the super star. It was able to remove Antivirus Live as well as a few more. In the end, it found 67 items, in which 2 were viruses, and the rest were tracking cookies. I was disappointed with MalwareBytes. I’m not convinced with Microsoft Security Essentials either, but I left it on the computer.
If you ever face the Antivirus Live virus, just follow the instructions here.
One thing I forgot to mention. I had to boot into Windows Safe Mode (Press F8 on boot up) to perform all the drive scans. Otherwise, it would be impossible to launch any program in normal Windows mode since the computer is hijacked.