Don's Home Technology Computers & Networks PC Reference Virus, Spyware and Security

Contents: Introduction | Malware Alerts | Free Virus protection Software| Paid Virus protection Software | Spyware | Hacker Protection | Safety Guidelines | Browser issues Secure E-mail | Types of Security/Encryption See also: Hoaxes, Fraud, & Scams (Spam)
Mac Malware

Malware Overview

'Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software.

Although I used to work in a consulting group on Internet security, that was 15 years ago and I don't claim to be an expert.
Here are a few things I know, but this is anything but a complete guide to security.
You will get paranoid if you believe everything you hear about the dangers.
"You can get infected by just opening a web page ".

Most web browsers Chrome, Firefox, Safari, include sandboxing, which isolates processes of the browser so a harmful website doesnŐt infect other parts of your machine. So if you loaded a website with malicious code, it would be contained within the webpage so it couldnŐt infect your files, webcam and microphone.

Hackers will target the most ubiquitous systems MS Windows and Outlook, so you need to be more careful with these.

Mac:
See macOS - Security - Apple
The Unix OS underlying Mac OS X is more secure than most.
The Mac operating system is Unix-based, and Unix offers a number of built-in security features.
The term virus is frequently used to mean any malware.
The UNIX kernel is memory resident and read-only, so it can't be infected.
The OS can only be changed by a process with root access and the Mac OS does not need root access to run.
If you are running a server (mail, web, ...) you may have to keep current on security patches to avoid a problem.
Current releases of Mac OS X use Gatekeeper, which only allows programs to run if theyŐre signed by an approved developer or if theyŐre from the Mac App Store.
Macs can get malware:
From Can Macs Get Viruses & Do Macs Need Antivirus Software? - Macworld UK Feb, 2019.
As of 1 February 2019 the most recent malware to be identified on the Mac is the CookieMiner malware which can steal passwords and login credentials from Chrome, obtain browser authentication cookies for cryptocurrency exchanges.
Some common Mac sources of malware:
The fake Adobe Flash Player popup. A message asking you to install software to read information on a web page.
However a Mac can carry a virus in a file or email that can be transferred to other systems.

Malicious URLs - Phishing
No security can protect you from fake URL's which look like a legitimate site, e.g. a bank. If you fall for it and give them information, there's nothing your operating system can do. See:
Malware - Wikipedia
Viruses, Spyware, and Malware: What's the Difference? | PCMag.com, 2011


Virus and Security Alerts


Virus Software

This is for Windows only. I don't have a page for mobile devices.
ProductTrustedReviews.com 2016 Consumer reports 2013
score AV test protection AV score Anti-virus Anti-spyware broswer protection Time (min) Enhanced
Firewall1
Malware 2 Score
Avira 4.5 6 17.5 y y y 44 2 3 56
BitDefender 4.5 5 17 y y n 30
AVG 4 5 y y y 60 2 4 59
Avast 4 5 16 y y y 5 3 3 57
Windows Defender (Microsoft Windows Security Essentials) 3 6 y y n 2 54

1. Firewall - Firewall shows how well the software and its firewall stopped rogue connections to and from the Internet. For products without a built-in firewall, the default Windows firewall was enabled.
2. Malware - Malware scan measures effectiveness scanning the PC on demand for malware, both online and offline.

As of June, 2011, Microsoft Security Essentials (MSE) is the most popular anti-virus worldwide, according to the latest reports. MSE 2 was found running on 10.66% of the 43,000 computers that were tested by OPSWAT worldwide. The free version of Avira Antivir Personal comes in second place with a share of 10.18%, while AVAST! Free Antivirus is third with 8.66%.

Symantic/Norton, McAfee
AntiVirus (free): Avira (got best reviews), Avast (also good), AVG (see below)

The free version Avast ran for 60 days then implied I had to pay for a $40 upgrade.
According to their web site you can actually register the free version (probably somewhere in the fine print of the "Your trial is over" message.)

Forum comments:
I've been running Avira Personal edition lately because many people recommended it because of the high detection rate. It beats Avast in that aspect. It is also less resource intensive but not a big difference.

But I don't really like Avira because:
-it displays an annoying popup every day.
-it's updating process is much slower than Avast.
-it does not have password protection like Avast does.
I like Avast, because it has much nicer UI than other two
_________________________________________

AVG - Is free and doen't make you look at adds when you restart.

AVG has a huge amount of false positivesm and Avast has a really weak trojan detection. While Avira may update slowly, it has the best detection among free antiviruses, an one of the best among all antiviruses. I use neither of them, I use Kaspersky, the best, But If I couldn't buy it, I'd sure tak Avira.
Don't install link scanner or toolbars with AVG (it will mess up Firefox)

Avira and Avast got similar results on overhead tests in 2008 at www.av-comparatives.org
McAfee was about the same and Semantic was better; AVG was worse.

filehippo.com/download_malwarebytes_anti_malware/ was recommended by HP for bogus driver update messages.

Mac OS X Viruses: How to Remove and Prevent the Mac Protector Malware - How-To Geek

Paid antiMalware

Ranked by a weighted average of Consumer Reports and TopTenReviews scores
Name Price CR 2013 Top10 PC Magazine
BitDefender $30.00 62 9.9 EC
Kaspersky $60.00 64 9.3 EC
BullGuard $18.00 70 8.4
Norton (Symantec) $40.00 61 9 EC
Avira $45.00 61 8.8
Trend Micro $35.00 61 8.6
G Data $30.00 66 7.8
AVG $54.00 63 8
ZoneAlarm $45.00 65
McAfee 1 $60.00 49 9.3 EC
Avast $35.00 59 8.1
Panda $35.00 51 8.8
Consumer Reports 2013
TopTenReviews
PC Magazine EC = Editors Choice
1. McAfee was downgraded at Consumer Reports in 2013 for:
- Requests using an alternative search provider
- Malware detection updates delayed
- Malware detection dependent on Internet connection
- User interface cumbersome
- Warns if mfr's own product is not active on other PCs on the network
- Lacks parental filter and spam filter

I had a lot of trouble installing the free version of Avira.
One web forum had the comment:
ok. avira antivirus is so ****** messed up and its getting me really mad. it always says something like"the feature control file cannot be loaded or something like that. so i reinstall it, and it works good for about a day, and then it does the same problem again! how can i fix this problem for good? pleassssssseeeeeeeeeee help!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...

What's the difference Virus, Worm, Malware, Spyware, ...

See:
Viruses, Spyware, and Malware: What's the Difference? | PCMag.com

AdWare/Privacy/SpyWare Sftwr

What is it:
Software that looks at what banner ads you look at or your web surfing habits in order to target you with specific pop-up ads.
Also included in this category are:
dialers - which will dial 900 numbers without your knowledge. They may even turn off the sound on your modem so you can't hear them.
Spyware represents a wide range of software ranging from the relatively harmless to the highly dangerous. It does not self replicate like worms or viruses but can be equally destructive if not more so.

In it's least malicious form spyware is used as a marketing tool to help organizations gain feedback from the operations of computer users. This might be something like gaining access to a computer's internet browser history. Organizations then use this information for commercial gain, using the recorded data to develop more effective advertising projects for example.

In it's least malicious form spyware is used as a marketing tool by looking at what banner ads you look at or your web surfing habits in order to target you with specific pop-up ads.

At its most destructive and dangerous, spyware can perform real-time tracking and recording from a remote location of all the keyboard presses made on an unsuspecting user's computer - including the recording of private and personal information such as usernames, passwords and bank account details. browser hijackers:

How you get it:
It could be included in filesharing or other software you download. They may have disclosures buried in those long licensing agreements almost no one reads. You can also get it by just visiting a web site if your security settings are low or by typing a domain name wrong which sends you to search engine you never heard of.

How to get rid of them:
In some cases you can go to Add/Remove Programs in the Windows Control Panel, but you usually have to run a program similar to virus programs to remove them. You may have to run several of these programs because some will find spyware that others will not.

Ad-Aware, SpyBot Search & Destroy,
Mac MacScan Others: CWShredder, Bazooka Scanner and SpyBlaster
SpywareBlaster, Reviews at SpyChecker.com

Screensaver Spyware / Adware Issues and Advice

Cool Web Search (CWS) hijack of Internet Explorer (IE)
SpywareBlaster, Reviews at SpyChecker.com
Pop-up Stopper

Browser Protection

Tracking:
When running MacScan on my system (which I try to keep clean by not downloading suspicious files or applications) it found 6 Tracking Cookies:
A cookie a file on your computer containing information about a previous visit to a web site such as user preferences, shopping cart contents, etc. which is helpful when returning to a web site.
Tracking cookies may be used to track internet users' web browsing habits, such as logs of pages visited or ads clicked on.
Cookies found:

statse.webtrendslive.com
www.googleadservices.com see /www.google.com/privacy_ads.html
ad.yieldmanager.com
searchportal.information.com
ads.cnn.com
Safari has an option in preferences > security : Block cookies from third parties and advertisers.

Panopticlick - Looks at how unique you are based parameters browsers send to web servers.

Internet Hacker Protection

Windows Software
Security: Zone Alert/Alarm (Zone Labs)

Shields Up (Gibson) - grc.com - test security

Protect your PC at Microsoft
General

Institute of Standards and Technology PKI Program - (csrc.nscl.nist.gov/pki)

Misc
SAIC Whitepaper Wireless (In)Security for Health Care (www.himss.org/content/files/WirelessInsecurityV11.pdf)
A VPN will hid all your network communications.
Wireless Security WEP

Cool Web Search (CWS) hijack of Internet Explorer (IE)

Guidlines for avoiding Viruses, Spyware, Spam, ... - Safe Practices

  1. Keep your software up to date by applying security updates regularly. On Windows go to Tools > Windows Update in Internet Explorer.
  2. Run virus protection software. See Virus above.
  3. Run Spyware cleanup software. See Spyware above.
  4. Avoid downloading anything if you don't know what it is. Just clicking on a link in an email message may start a download which can install spyware or a virus.
  5. Just reading an email message in outlook can cause a problem if you haven't kept it updated with all the patches to fix security holes.
  6. Consider replacing Internet Explorer (IE) and Outlook which are vulnerable.
  7. Never give personal information such as birthdate, social security number, passwords in response to un-solicited e-mail.
    If you get a message that starts with "Dear valued xxx Member" where xxx may be AOL, Paypal, Visa ... be suspicious. If it contains a "click here" address that looks legit e.g. https://www.paypal.com hold your cursor over it and see if the same address appears in the status bar at the bottom of your browser. If you see something like 208.254.123.123 you will be connecting to some other system. See Anti-Phishing Working Group
  8. Don't reply (or "click here for details") to un-solicited messages when the link or address has a strange name or a long random string e.g. www.pmldfzy.info/?yZyXt123lK. A legitimate site will have a meaningful URL e.g. yahoo.com and file/directory name e.g. shopping. The long random string "yZyXt123lK" could be a serial number which identifies your e-mail address.
  9. NEVER purchase from a bulk unsolicited email (called "spam") you receive. At least 95% of these emails are scams. See fraud at the Online fraud, scams, hoaxes, email chain letters & Urban Myths/Legends page.
  10. Never send an email to anyone that says: "Send this to all your friends."
    Check out any "Interesting" email sent by a friend before forwarding it. Lookup the subject in one of the links at Online fraud, scams, hoaxes, email chain letters & Urban Myths/Legends to see if it is true.
  11. Be especially careful with passwords. For example, select passwords that are not words contained in any dictionary. Instead, use a combination of letters and numbers.
    See good passwords.
  12. Use common sense. If something seems too good to be true (e.g. Win XP for $50) it probably is.
See Also:
Passwords
Password Managers
January 2013 Oracle Java 7 Security Manager Bypass Vulnerability
Latest Security News | MalwareTips.com
Anti-Spyware Guide
Online fraud, scams, hoaxes, email chain letters & Urban Myths/Legends
Virus Info at NYPC.org
Naked Security | Computer Security . News . Opinion . Advice . Research | sophos.com
Screensaver Spyware / Adware Issues and Advice
Security: I Think We Can Win, by Bill Cheswick

last updated 23 May 2016