TopChoiceReviews Blog

Microsoft has recently announced that it’s popular PC security and maintenance service, OneCare, will eventually be replaced with a commercial product currently known as “Morro”. Although they plan to stop selling OneCare in June of 2009, they will continue to provide customer support for it throughout the term of the license contract. Morro is supposed to use less system resources but remain just as effective as OneCare. Morro, however, will not include many of the maintenance utilities that OneCare has such as system backup and restore. Morro will be supported on Windows XP, Vista, and Windows 7.

A recent new browser security exploit has surfaced dubbed ‘clickjacking’. All operating systems including Windows, Mac operating systems, and Linux are all vulnerable as well as all browsers including Firefox, Internet Explorer, and Safari - basically any browser that supports Flash and iFrame. What’s worse, is that these exploits are coming from Flash ads from legitimate sites.

What does clickjacking do:

Once an infected ad has been loaded into your browser, your clipboard (where you copy and paste text) becomes overwritten with a URL. The exploit may also take over your browser and visit links without you knowing.

How to disable clickjacking:

Because this is an internal flaw within the way browsers work, there is currently there is no patch to remedy this. The only surefire way, is to disable flash. For Mozilla/Firefox, you can get an extension called Flashblock which disables Flash scripts. It will leave a placeholder where the Flash script was in which you can click and enable the script. For Internet Explorer, you will have to make changes to the Windows registry. You will find how to do this here.

There has been a recent outbreak in a scam which involves a codec called multycodecupgr.7.<20xxx>.exe. After installing this ‘codec’, your computer will become infected with a fake malware scanner which falsely identifies viruses on your computer in attempt to get you to buy a product called Antivirus 2008.

The website that it will bring you to to purchase the product is hxxp://www.s-av2008.com. Do not fall for this. It is a scam.

Bitdefender has recently released the latest version of it’s antivirus software - BitDefender Antivirus 2009. The following are some improvements / additions they have made:

1. They have improved upon their real time web, email, and IM traffic scanning.

2. They have improved their anti-phishing protection and it will now help to prevent personal information from leaving your computer through email, IM, and web.

3. They have added instant messaging encryption.

4. They have reduced system load and avoids user interaction during games.

5. They have created a ‘laptop mode’ which helps prolong battery life.

6. They have added a family network system which allows you to manage and configure Bitdefender on all computers on your network from a single computer.

7. The user interface has been updated to a cleaner more modern feel. See below:

Standard view:

`

Advanced view:

They have also added a ‘vulnerability’ module, which monitors for various Windows and browser updates. As with the other modules, you can control whether or not to enable it.

The update engine still receives virus definitions every hour and real-time scanning is still as unintrusive as the previous version. BitDefender remains our top choice in the antivirus category. If you want more information, check out our full review of BitDefender Antivirus 2009. To see BitDefender Antivirus 2009 compared with other antivirus software, check out our antivirus software comparison chart.

Phishing sites/scams are designed to trick you into thinking you are at a legitimate website hoping that you will enter your login information, credit card information, or other personal information. It’s difficult to detect these scams because they usually do a great job at impersonations. These phishing scams usually come in the form of an email. The email will look like it is from a legitimate source and saying something like the following:

[Subject: Paypal security department]

“Dear paypal user:

We have recently detected several attempts to log into your account from an unknown source. Please login to your Paypal account and confirm your security information.”

The email will also include a company logo, as well as several other elements that a real Paypal email would look like.

The link that you think is supposed to log you into your account actually grabs your login information and stores it for the scammer to do whatever they want with.

How to determine if it’s a scam / fake email:

Find the link they are trying to get you to click, without clicking on the link highlight over it, and look in the lower left hand corner of the email window. It should show a URL. If the URL does not begin with:

http://www.[domain].com

…where [domain] is the domain of company in which the email is about. So in this example, paypal is the domain - so the URL must begin with http://www.paypal.com. If it has anything else after the http://. IT IS A SCAM! Do not even click it.

Some email programs will not show the URL in the lower left of the window, so you can either take a chance and click the link, hoping that it’s not linking to a virus script or play it safe and install antivirus software. Most popular antivirus programs have anti-phishing capabilities built in to detect these sites for you and warn you in advance. If you want to see who we recommend for antivirus software, check out our antivirus software review site.

Be careful when you receive any email that talks about your account or recent security issues. Also, these scams usually imitate large, popular sites such as Paypal, Ebay, some large banks, etc… If you ever fall for one of these scams, and someone gets ahold of your account information, you could have some major headaches down the road.

Windows Vista promises to have enhanced security against internet related threats. One of the most talked about addition is UAC (User Access Control), which attempts to automatically sense potentially dangerous situations and temporarily suspends running programs and processes. UAC works by detecting and halting any malware that may be trying to install itself on the machine or run itself with administrative privileges. UAC will prompt/warn you when something attempts to install itself. Unfortunately this is not an end-all solution. Some viruses or malware have the ability to automatically click ‘OK’ or ‘Yes’ on these warnings allowing the virus to proceed with it’s self installation. Also, it may be difficult to determine whether or not the warning is coming from a legitimate source. And, finally, some people have been ‘conditioned’ to click ‘Yes’ or ‘OK’ to simply get rid of the annoying, invasive, warning window and get back to what they are doing. Some other built-in security features include Windows Defender and Windows Firewall. However, depend upon these features without third-party antivirus software at your own risk. Although these built-in features help to some degree, they are not foolproof, and in addition to the the reasons above, there are many reasons to use separate third-party antivirus software. Here are a few reasons why:

1. Email attachments - there are millions of virus infected emails currently in circulation and to the uneducated user, these emails appear completely legitimate and persuasive in getting you to open the attachment. A well written virus by a competent programmer will exploit the weaknesses an any operating system. If you are one of the unfortunate victims, prepare for some serious headaches.

2. P2P downloads - Peer to peer, and other file sharing programs, are some of the most common ways for computer viruses to spread. Viruses hidden in seemingly legitimate installation packages will make there way into your computer faster than you can say - “Woops”.

3. Browser related exploits - Vista’s new version of Internet Exploerer (IE 7) claims to have enhanced security features such as pre-enabled Active-X protection, and a Protected Mode. However, many users will undoubtedly disable these features in order to be able to run flash programs, or other embedded applications which require Active-X. And as for executing unknown ActiveX components - it’s been permitted before, and it will continue to be permitted.

Although Windows Vista is the most secure Windows operating system to date, there are still many ways for viruses to make their way through Vista’s defenses. We strongly recommend, especially if you use the internet frequently, that you install a reliable antivirus program. Antivirus software is designed specifically to solve all of the problems I’ve discussed and more. A good antivirus software will also regularly self update, protecting against the latest virus and malware threats. Let Vista focus on being an operating system and let your antivirus software focus on blocking and removing viruses. Surely you’ve heard the maxim ‘You’re better safe than sorry’. Well, it certainly applies here as well.

If you are interested in learning more about antivirus software such as features and prices, be sure to check out our antivirus software comparison chart and antivirus software reviews.

I am wondering what the purpose is for creating a computer virus. What would motivate someone to put the time and effort to write a program to cause headache or hardship for someone? There must be some very compelling reasons since there are so many thousands of viruses out there. Are some/many/all of these viruses created by anti virus software companies? I just can’t think of a reason why someone would do this Can someone offer some thoughts on this?