"Security" software breaks Windows

It gets fun again - my life I mean; the rest of this blog post is dead serious, please make no mistake.

For years I have recommended NOT TO USE products from Webroot. I remember too many bad experiences with and infections on computers that were presumably "protected by Webroot".

In NBC's words:

An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world Monday after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed.

Similar events have occurred in the past; sadly they are much more common than we would like and the public hardly knows about it. Some well known companies in the "computer security" or "anti virus" business have had similar snafus. Here is a quote from a blog post at Bleepingcomputer.com:

... Such mishaps have been reported for years to include major anti-virus/security vendors such as Panda, avast, AVG, BitDefender, Kaspersky, Malwarebytes, McAfee and Symantec. In most cases when these issues occur, the anti-virus vendors and security tool developers take quick action to correct the problem and provide support to those users who have been affected.

To call such blunders a "mishap" is not a euphemism, IMHO it is outright glossing over or covering up a major blunder.

Things like this should not happen and they don't need to happen, they are major avoidable blunders. In every case we can only speculate about the "why" and I don't like to speculate.

What does all the above tell us? IMHO very simple:

Do not trust a single word in high gloss, pretty brochures.
Do not believe the words in computer related advertisements on TV.

What you find in high gloss publications is mostly marketing hype and likely not really trustworthy. And when certain "security" software seemingly out-of-the-blue suddenly is being hyped over the moon in TV advertisements it IMHO is time to run for the hills. It tells me that very likely a marketing campaign has to cover up some so called "mishap".

-----

So far I have used the acronym IMHO three times in this blog post. Generally there are always at least two ways to look at something, as we say around computers YMMV. If you have a different opinion - or maybe simply think I am a dumba.s then I ask you to please leave a comment, state your case or blow off steam below. 

Thank you in advance.

Top 10 Ways PUPs Sneak Onto Your Computer. And How To Avoid Them.

Disclaimer: I copied the title literally from this blog post.

And that is all I want to say here; this article is simply a MUST READ if you ever had PuPs installed or had to call me because everything got so slow or whatever problem you had.

95% or more of all computer problems I encounter nowadays are initially caused by a PuP! The authors of these PuPs have gotten very clever and constantly invent new tricks to dupe the unsuspecting computer user.

Only permanent vigilance, caution and attention to detail can ultimately somewhat protect us and our computers. 

Please note the use of the word "somewhat" in the previous paragraph! 

For the first time ever I will directly recommend a piece of commercial security software. 

If you want the IMHO best automatic protection against all kinds of malicious programs including PuPs then you will have to pay some money, currently just shy of $40 per year for a single computer. You find details about Emsisoft Anti-Malware here.

Another disclaimer: I am in no way at all associated with Emsisoft or any of their distributors or resellers!

If you don't want to pay that is fine, you just have to DIY (do it yourself). MSE or Defender in conjunction with Malwarebytes Free will do it just as well but you have to regularly do more yourself.

Whether you want to pay for Emsisoft Anti-Malware or not doesn't really matter, IMHO you simply HAVE TO READ this article.

 Stay safe.

AVG + Google Chrome = TROUBLE

Happy and healthy New Year to everybody!
... It's the first post in 2016 ...

The title describes the newest formula for disaster.

For years I have advised against using Google Chrome as your primary web browser.

For years I have advised against using AVG's free "security" programs.

Now this combination has become a wide open barn door for malicious software and/or viruses to take over your computer. You can read more about the details here.

If you use AVG I recommend to uninstall it and instead rely on Microsoft's Defender respectively Security Essentials in Windows 7. If you run into problems when you uninstall AVG you find AVG's special removal programs here. Take care to download the correct "bittedness" version for your version of Windows.

I you use Google Chrome I recommend to install Mozilla's Firefox browser; in Firefox you need to install two extensions or add-ons:

1. Adblock Plus and  
2. WOT (Web Of Trust)

After you install Firefox go to the Bookmarks manager (Bookmarks, Show All Bookmarks. Import and Backup, Import Data from Another Browser, select Google Chrome) and import bookmarks ONLY! When you have your bookmarks in Firefox please uninstall Google Chrome.

That plus some applied common sense is all you need to be and stay safe on the Internet.

If you want to do more against eventual advertisement malware and so called PUPs then download THE FREE version from here. Install Malwarebytes only AFTER you read this article about how to install and use it correctly.

Stay safe!

Yahoo! - Helps to Distribute Malware

I have said it to countless customers and I say it again, publicly and absolutely clear:

If you see advertisements while browsing the internet
then your computer is not set up safely!

I have said it to countless customers and I say it again, publicly and absolutely clear:

Stay away from Yahoo!

And I mean Yahoo! everything; email, finance, sports, EVERYTHING that comes from Yahoo! 

Here is a literal quote from NetworkWorld.com (bolding and links added by yours truly):

Malwarebytes Labs recently uncovered a large malvertising attack on the Yahoo! advertising network that started on July 28. Malwarebytes estimates that up to 6.9 billion readers could have been affected, making it one of the largest malvertising attacks Malwarebytes Labs has seen recently.

Malvertising is defined as crafted advertisements that intentionally infect the computers of anyone who visits the site. A tiny piece of code hidden deep in the ad will reroute your computer to criminal servers without your knowledge, which then determines how exposed your computer is and decides which piece of malware to send you.

In the case of the Yahoo ad, victims are infected with ransomware via the Angler Exploit Kit, but it’s possible that anything from banking Trojans to additional advertising fraud is also being used in this attack.

Malwarebytes said that the infection included Yahoo's main site, as well as subgroups like News, Finance, Sports, Celebrity, and Games. The ads route users to a site on Microsoft Azure, which eventually leads to the Angler Exploit Kit.

But, according to a friend at Malwarebytes, when you are running Adblock Plus or any other ad blocker, then the ad never plays, so no payload is delivered to your PC. So the malware doesn't ever get to touch your PC. Even if you don't click on the ad, the fact is it loads and becomes saved in your browser cache, so it does get onto your PC without the blocker.

My customers do not need to worry about malvertising, they all have Adblock Plus installed. All others please listen up:

If you use ANYthing from Yahoo! and/or
if you see advertisements when web surfing
then your computer is UNSAFE!

Do yourself a favor, get your computer cleaned up and secured.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

For whatever reason the darned TOC (table of contents) feature that I got from Google does not work any longer, sorry.

How to Use Malwarebytes Anti-Malware

In my article 2014 Update On Malicious Programs I promised to write about how to correctly use Malwarebytes Anti-Malware (MBAM). Here it is.

Allow me to repeat the short installation instructions:

MBAM is a time proven product and available in a totally sufficient free version. You have to watch during the original install and when you install a program update. The last window of the installer looks like this:

Please pay attention to the marked entry; it's check box is preselected! That means the “trial version” will be activated and after the trial period ends you would have to pay for using the program.

You have to uncheck this check mark.

Eventually the program itself needs to be updated; the installer will run again and again you have to pay attention to this little detail to avoid the for-pay version!

And now to what the title promises.

After you start MBAM you see this window:

I recommend to always click on Update Now; this is where the cursor points in the screen shot. Let the program work until you see that the database has been updated:

Do you see the check mark by Database Version (see the cursor).

Then you click on the big green button labeled Scan Now.

The program window will show the progress:

When MBAM finishes scanning it may either show that no traces of malware were detected:

 

Or it shows this window listing encountered traces of malware (a real life example from a customer's computer):

The free version of MBAM does not allow to select different action(s). Experience has shown that the program's suggested action is appropriate.

My recommendation is to follow MBAM's suggested actions and to click on Apply Actions. When that action has finished you can close MBAM.

As usual I welcome suggestions and comments right here in the blog.

Click here for a categorized Table Of Contents.