Best Free Virus Protection for Windows? Avast vs 9 other free antivirus programs compared.

Ever wonder if the free virus protection or free real-time protection of AVG, AntiVir, Avast, Panda Cloud and other free AV is enough? Do you think cloud-based protection will beat traditional antivirus solutions?

I think Symantec is wrong to say you can’t rely on free AV for protection.  Check out this comparison of the Top 10 Free Antivirus programs.

Next article that I hope to publish this month is a comparison of rootkit, rogue and trojan removal by free antivirus programs.

Anti-Piracy Enforcement and NGOs

From Microsoft Blog by Brad Smith, a Microsoft General Counsel/SVP

A story in yesterday’s New York Times reports on anti-piracy enforcement actions in Russia that have been used for more nefarious purposes than protecting intellectual property rights. 

As General Counsel for Microsoft, it was not the type of story that felt good to read.  It described instances in which authorities had used piracy charges concerning Microsoft software to confiscate computers and harass non-governmental organizations (NGOs) and others engaged in public advocacy.  It suggested that there had been cases when our own counsel at law firms had failed to help clear things up and had made matters worse instead.
Whatever the circumstances of the particular cases the New York Times described, we want to be clear that we unequivocally abhor any attempt to leverage intellectual property rights to stifle political advocacy or pursue improper personal gain.  We are moving swiftly to seek to remove any incentive or ability to engage in such behavior.

Some of our internal teams around the world were already looking at these issues, and they had turned to human rights advocates to ask for advice.  We pulled these internal teams together to assess the issues raised in the New York Times story, and yesterday morning we had our internal counsel in Moscow, Paris, and London on the phone with a number of our senior Legal and Corporate Affairs personnel from the Seattle area.

Our first step is clear-cut.  We must accept responsibility and assume accountability for our anti-piracy work, including the good and the bad.  At this point some of the specific facts are less clear than we would like.  We will retain an international law firm that has not been involved in the anti-piracy work to conduct an independent investigation, report on its conclusions, and advise us of new measures we should take.

http://blogs.technet.com/b/microsoft_blog/archive/2010/09/13/anti-piracy-enforcement-and-ngos.aspx

The above is in reference to "Russia Uses Microsoft to Suppress Dissent" article in http://www.nytimes.com/2010/09/12/world/europe/12raids.html?_r=4&pagewanted=1&partner=rss&emc=rss&adxnnlx=1284321640-2fx3e/0K0LQZyZ1yCoRWjg

The unofficial guide to installing iTunes 10 without bloatware

One of the most popular posts I wrote in 2008 was a set of step-by-step instructions to help you do what Apple doesn’t want you to do with iTunes for Windows (see Slimming down the bloated iTunes installer). Now that iTunes 10 has been released, it’s apparent that nothing has changed in Cupertino. Apple still gives its customers a monolithic iTunes setup program with absolutely no options to pick and choose based on your specific needs.

Why is that important? When you run the iTunes setup program, it unpacks six Windows Installer packages and a master setup program, which then installs nearly 300MB of program and support files, a kernel-mode CD/DVD-burning driver, multiple system services, and a bunch of browser plugins. It configures two “helper” programs to start automatically every time you start your PC, giving you no easy way to disable them. It installs a network service that many iTunes users don’t need and that has been associated with security and reliability issues.

And you wonder why I dislike iTunes with a passion that burns like the fire of a thousand suns?

That’s where this post comes in. It contains detailed, up-to-date instructions for cracking open that gigantic iTunes installer and installing just the pieces you want and need. I’ve also updated my advice for individual scenarios so that you can make intelligent choices instead of simply settling for Apple’s defaults.

To get started, you need a copy of the iTunes Windows installer, which comes in x86 and x64 versions and is available via this download page. You also need a third-party file extraction utility. WinZip and WinRAR work fine, but I recommend the free and extraordinarily versatile IZArc utility. Use the File, Open menu to extract files from iTunesSetup.exe (or, on x64 Windows machines, iTunes64Setup.exe). This screen shows the contents of the 64-bit iTunes 10 installer.

Continue reading with screenshots in http://www.zdnet.com/blog/bott/the-unofficial-guide-to-installing-itunes-10-without-bloatware/2390

Get a Free Cyber-Security Book from Microsoft: "Own Your Space–Keep Yourself and Your Stuff Safe Online" Digital Book for Teens

"Own Your Space–Keep Yourself and Your Stuff Safe Online" Digital Book for Teens

Parents and teens now have access to a free downloadable e-book from Microsoft called “Own Your Space,” which aims to instruct teens and other new internet users how to stay safe while online. Specifically, the book addresses common security threats like phishing scams as well as modern-day social issues like cyber-bullying and cyber-stalking.

http://on10.net/blogs/sarahintampa/Get-a-Free-Cyber-Security-Book-from-Microsoft/

Download from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=87583728-ef14-4703-a649-0fd34bd19d13&displayLang=en

"FAST PUBLISH" article: The Microsoft Silverlight add-on is listed as Not Verified in Microsoft Internet Explorer

You install Microsoft Silverlight in Internet Explorer 7 or later.  Next, you open the Manage Add-ons feature in Internet Explorer and view the Silverlight add-on information.  The publisher is listed as “(Not verified) Microsoft Corporation”.

This behavior occurs because while the installation package of Microsoft Silverlight is digitally signed, the add-on file npctrl.dll is not digitally signed. Internet Explorer checks the digital signature of the control’s binary file when it determines the publisher. If the signature is missing, the publisher information will be listed as “Not verified”.

This is a behavior by design.

The installation package of Microsoft Silverlight is digitally signed. This ensures the add-on is installed from an identified resource.  For more information, please see:
Internet Explorer add-ons: frequently asked questions
http://windows.microsoft.com/en-US/windows-vista/Internet-Explorer-add-ons-frequently-asked-questions

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice.

http://support.microsoft.com/kb/2406108

Veteran spam suit troll plaintiff calls it quits

The end may be near from an internet service provider that has brought more than 20 lawsuits seeking millions of dollars for alleged spam abuses.

Asis Internet Services abruptly abandoned its case against Subscriberbase citing a “negative judgment in an unrelated case that threatens to place Asis in either bankruptcy or corporate dissolution.” That suit, against defendant AzoogleAds.com, backfired when Asis was ordered to pay almost $807,000 for filing "groundless claims" that mired the companies in years of costly litigation.

Life hasn’t always been so tough for Asis, which is described as a four-employee ISP from Garberville, California, that spent about $3,000 per month to process about 200,000 junk mails per day. In early May, it won a whopping $2.6m judgment against a company that sent fewer than 25,000 spam messages to Asis subscribers.

Critics have cast Asis as little more than a spam lawsuit troll that opportunistically sought millions of dollars under the heavily punitive CAN-Spam Act, even when there was little proof the defendants had sent the messages.

http://www.theregister.co.uk/2010/09/14/asis_calls_it_quits/

Yet another "Skype Themed" malicious spam.

We are currently processing several thousand messages in yet another email spam campaign, this time related to Skype and all its goodness.

Unlike the other malicious campaigns we have seen recently, this one does not make use of an attachment, but instead provides the unsuspecting user with a URL to download add-ons for Skype, which are malicious.  The URLs themselves are fairly new: the domains being used are no more than a month old.  As a result of this they do not appear suspect, and with enticing and legitimate-enough names, a user could easily be misled into thinking these are for a good cause.

The structure of the email message looks very well composed, as it has all the necessary words to make it look legitimate as can be seen from the screenshot below.

The aim of this campaign is to lure users into divulging sensitive information such as credit card details, name etc as it provides the user with a payment page which masquerades as a url using ssl for secure payment as can be seen from the screen shots below.

http://community.websense.com/blogs/securitylabs/archive/2010/09/13/yet-another-quot-skype-themed-quot-malicious-spam.aspx

Also see:  No, you don’t need to pay to download Skype http://sunbeltblog.blogspot.com/2010/09/no-you-don-need-to-pay-to-download.html

Facebook burglary gang suspects arrested by police

Police in Nashua, New Hampshire, have arrested a group of men suspected of being part of a burglary ring that targeted Facebook users who had reported they were away from home.

According to local news reports, between $100,000 to $200,000 of stolen property has been recovered so far after 50 homes in the city were burgled during the month of August.

Investigators believe that careless homeowners attracted criminal attention after posting on social networks that they would not be home at certain times.

Police arrested Mario Rojas, Leonardo Barroso and Victor Rodriguez in connection with the burglaries, and anticipate making more arrests.

Some victims had posted updates on social networking sites like Facebook telling the world that they were going on vacation, helping criminals determining that no-one would be present in the home.

You can watch a video news report from WMUR TV about the arrests on YouTube.

http://www.sophos.com/blogs/gc/g/2010/09/13/facebook-burglary-gang-suspects-arrested-police/

Fake Western Union Spam leads to Malware

As Phishing emails continue to get sent out with subject lines containing financial transaction services like Western Union, PayPal or similar, we are so used to it that we mostly ignore those emails; they get marked as Spam or Phishing anyways by our email filters.

A Phishing email usually works like this: The potential victim receives an email which tells to follow a link inside the mail to review the banking account, the address or something else. These web sites are most of the times very good copies of the original web site. There the cyber criminals try to catch the login details and TAN codes of the victim for their own criminal purposes.

Today we saw something strange in such a Spam email which got sent out in masses. It has the subject line “The transfer is available to withdrawl. Western Union.”

The malware authors which spammed out this email attached a .jpg file to it, which is a file format for pictures. This pseudo JPG file is in fact a ZIP Archive.

This is a bit counterproductive for the cyber criminals as the recipient has to save the file attachment, rename it to .zip, has to open that archive and execute the malware from there. A guide explaining these steps is missing in the mail, though. Usually, “ease of use” has the highest priority for malware authors – this complicated task won’t lead to many victims for sure!

http://techblog.avira.com/2010/09/14/fake-western-union-spam-leads-to-malware/en/

Security firm warns of commercial, on-demand DDoS botnet

IMDDOS, which is mainly based in China, has grown to become one of the largest active botnets, Damballa says

The security firm Damballa is warning of a large and fast growing botnet created specifically to deliver distributed denial of service (DDoS) attacks on demand for anyone willing to pay for the service.

The IMDDOS botnet is operated out of China and has been growing at the rate of about 10,000 infected machines every day for the past several months, to become one the largest active botnets currently, Damballa says.

Gunter Ollman, vice president of research at Damballa, said that what makes IMDDOS significant is its openly commercial nature. The botnet’s operators have set up a public Web site potential attackers can use to subscribe for the DDoS service, and to launch attacks against targets.

The site offers various subscription plans and attack options, and provides tips on how the service can be used to launch effective DDoS attacks. It even provides customers with contact information for support and customer service.

Anyone with knowledge of Chinese can essentially subscribe to the service and use it to initiate DDoS attacks against targets of their choice, anywhere around the globe and with next to no effort, Ollman said.

Paid subscribers are provided with a unique alias and a secure access application which they download on to their systems. Users wishing to launch an attack use the application to log into a secure area on the Web site where they can list the hosts and servers they want to attack and submit their request.

http://www.computerworld.com/s/article/9185179/Security_firm_warns_of_commercial_on_demand_DDoS_botnet