We'll make this a quick update: go patch your Adobe Reader / Adobe Acrobat. Now.
In fact, don't even bother reading the rest of this 'til you've updated.
Here's where to get the latest versions:
OK, so if you're still reading, you must've patched your Acrobat / Reader.
If not, you're in, "big, big trouble," as Mom would say.
The Register gives the scoop on the Adobe critical update, saying,
We haven't yet seen the exploit ourselves yet, so we don't know if the latest antivirus software updates protect against it, but (again thanks to The Register) we do know,Version 9.4.6 of the programs fix two memory-corruption bugs that Adobe says are 'being actively exploited in limited, targeted attacks in the wild' against machines running Windows.
"The same bugs are present in Mac and Unix versions of the applications, but there are no reports of machines running them being exploited.
"The bugs are also present in Reader X for Windows, but a security sandbox, which Adobe added last year to minimize the damage that results from code flaws, prevents the attacks from working.
...researchers from antivirus provider Symantec [maker of Norton Antivirus]warned that email-born attacks exploiting the flaw to install the Backdoor.Sykipot were detected as early as November 1.
So, if Symantec has been aware of this for more than six weeks, chances are good their software--and that of the other top antivirus software makers--is already protecting against these exploits.
With that in mind anytime I hear that attacks are being exploited in the wild, it means two things: update the affected software and double check that my antivirus software is updated.
Mike wrote in today asking a question on a lot of people's minds:
I was surfing the web, I use Firefox, when suddenly my antivirus software started going totally nuts.
"I got a warning that it had blocked something from infecting my system, and I thought everything was fine, but a few second later, my system ground to a halt and my desktop disappeared.
"A few seconds after that, the desktop reappeared and everything seemed to be back to normal.
"Right after that I got a pop-up from something that looked like antivirus software, but I knew it wasn't saying my PC was infected.
"The thing is, I know what my antivirus software looks like, and this thing doesn't look anything like it.
"The d##### thing has taken over my system, and they claim unless I pay for a registered version of their so-called "software", it appears I'm screwed.
"What a bunch of a#######.
"So, I've tried doing a manual scan with my current antivirus. It says everything is fine. It's not. The definitions were just updated right before it happened, so I thought everything would be fine.
"I called the company looking for help, and they want to charge me to get rid of the thing. Didn't I already pay for antivirus protection?"
"I don't know who I'm more pissed off at. The jerks who wrote this thing or the antivirus company for trying to stick it to me."
"Now, I'm out looking for an answer, and I came across your site.
"Any tips or ideas on how I can get rid of this thing?
I shot a reply back to Mike immediately with this answer,
Sorry to hear about your virus fiasco. What a pain.
Especially since you thought you were covered. Good news and bad news.
First the bad news: as you've found out, not all antivirus software is created equal.
And unfortunately even the best software sometimes has something slip through. It's cat-and-mouse between the good guys and the bad guys every day, and the things like you got are what most of the companies consider their biggest challenge: preventing rogue / fake antivirus software.
Now for the good news: there are a couple of great free rescue tools out there that are ideal for a situation like the one you have on your hands.
The three I like the most are the ones from VIPRE, BitDefender, and Kaspersky.
Here are links for their free rescue CDs:
|Effective Rescue CDs for Virus Removal|
|Info Page||Download Page|
|VIPRE Rescue CD Information||Download VIPRE Rescue CD (.exe)|
|BitDefender Rescue CD Information||Download BitDefender Rescue CD (.iso)1|
|Kaspersky Rescue CD Information||Download Kaspersky Rescue CD (.iso)|
To use any of them, you need access to another clean PC with a CD-ROM burner or the ability to boot from a USB thumbdrive.
I'll skip the steps to make a CD or USB version since it's a little different for each, and it's covered in detail at their respective sites linked above.
They're all pretty easy to use, but since each of them work a little differently, you'll want to read up a bit on the one you're going to use before you get started.
Any of these rescue CDs should be able to easily detect and remove the virus. If not, write us back, and we'll go into the next steps. Either way, let me know how it goes. Good luck with it.
1The BitDefender Rescue CD file is called "bitdefender-rescue-cd.iso." I didn't link to it directly so if other options appear on their site, you can see what they are.
Got a call today from Steve who asked,
Here are my answers and the rest of our call... (His questions are in italics. My answers are indented.)There's an offer for VIPRE antivirus I've been seeing on TV lately for a hundred bucks. It's for a "lifetime" license for 10 PCs. Is this the same thing that you reviewed on your site?
Yep. It's functionally the same thing.
I don't have 10 computers, I have 2. They're pretty new, so I'm planning to have them for a while, but I'll be honest, I'm asking myself what's the catch?
No catch. It's great software. It's the same software we review on our site. It's just the pricing and licensing that may not be be right for everyone.
The software on TV comes on a USB thumbdrive. You use it to install the software onto your system.
You buy it. You wait. It gets delivered.
You install it. You sock the USB drive away someplace safe. You're done.
That's about it, 'til you need to re-install it or put it onto another PC in your house. Better hope you've still got the USB key!
OK, that much makes sense.
How 'bout me though, since I've only got the two computers? Can I get it for less?
With the TV deal, no, through our site, yes.
With our site you're actually buying it straight from the manufacturer, GFI, so you only pay for the licenses you need. It's not a pre-packaged "made for TV" type deal.
I get it. I see on the order page there are three options, 1 PC, 2 PCs, or 3-10. I need the 2 PC option.
Exactly. With our coupons, it'll cost you less than what you'd pay for the TV deal, and you can also upgrade to VIPRE Internet Security, which you can't do with the TV deal?
I was just about to ask you about that. What's this VIPRE Internet Security I'm reading about on the site? What's that have in it?
It's exactly the same software as VIPRE Antivirus and the same thing that's on TV, but with a couple of important extra features. They're worth the price of admission.
The two biggies: a built-in software firewall and web browser filter. If you're not familiar with a firewall, it forms a virtual "moat" around your PC; the web browser filter stops you from accessing malicious web sites. It's pretty cool to see it work.
So if the version on TV comes on a USB thumbdrive, how does this version come?
It's downloaded. About 30 seconds after you order online, you'll get an email from GFI with a link and your license key.
You install it right from the link they send. From the time you order 'til the time you're installing software is less than five minutes.
If you want, you can get a CD shipped to you for about $9.
OK, so tell me about this lifetime license thing. How does that work?
It's great for people with newer PCs.
If you're going to have your computers for more than a couple of years, the Lifetime License is a good option. You buy the software once. As long as you own those PCs, you'll have antivirus software for it.
What if I get another computer? Can I transfer it?
Nope. No transfers.
GFI is reasonable about hardware failures and whatnot. Have a disk crash or something like that, that's fine. You can move it onto the new disk. You just can't move it onto a whole new computer. I'm sure there are exceptions to this, but generally not.
OK. Wow. Thanks. You've been great. I'm looking at the two PC lifetime license of VIPRE Internet Security. I really appreciate you taking the time.
My pleasure. Drop us a note or give us a call back if you have other questions we can help with.
This weekend we heard from Judy, office manager for a small doctor's office, who wrote in asking,
"I'm on your mailing list, so I get your coupon deals when they come out. I saw one recently where almost everything was on sale. I didn't need a deal then, but I need one now (haha) and I don't know what to get. I'm office manager for a doctor's office.
"There are three physicians in the practice and a couple of nurses and lab techs, a billing person, plus me. About 9 people full-time.
"As if I don't have enough to do already (hahah), they asked me to research and upgrade the antivirus software we have now since ours that came on the computers when I bought them is about to expire.
"It was probably pretty dumb, but I didn't know any better and got all the computers at Best Buy since there's one really close to our office. At least it was easy.
"Wow. Sorry for so much detail. I'm totally dreading doing all this research. I'm so not a 'tech person.'
"Thanks for the help!!!
"P.S. I've got a small budget. Anything I don't spend on antivirus software I get to use to upgrade my tired printer, so I need cheap and good.
Here's my reply:
We've gotten a lot of good questions the past few days; this is a great one. Thanks.
For starters, forget about going to a store like Best Buy--or even Office Max--to renew your antivirus software. The retail stores sell home versions of the antivirus software. What you need is business or enterprise antivirus software.
(I can already hear some readers grumbling about my answer, but just keep reading, everything will be clear in a second.)
Fundamentally, home and enterprise antivirus software are exactly the same. They prevent, detect, and removes viruses (and other malware.) Fine.
The big difference is with business antivirus software you get centralized management, which you don't with home antivirus software1.
Here's the deal: when you're managing the antivirus software now, you have to walk from one computer to the next, asking the users if you can interrupt them and use their PC for a few minutes. Bleh. It's a pain in the neck.
With business antivirus software, you do everything from one place: your PC.
From your own desktop you can remotely manage the antivirus software on every PC on your network.
Got a malware issue popping up on one of the lab techs PCs? You won't have to wait for them to tell you about it--you'll see it in the central management console on your computer.
The next biggest thing about business antivirus software is some manufacturers offer different support options for businesses than they do the average home user.
You may be able to get things like 24x7x365 support, priority phone queuing, and so on.
"Sounds great," you're saying, "Now how much does all this cost?! Think of my poor printer!"
No sweat... most antivirus software for businesses is comparable in price to their home/consumer versions. What's the catch? All the A/V companies require a minimum of five users for you to qualify for their business version.
With nine users in your office, you easily qualify for business antivirus software.
So, how do you get it?
Easy. Contact us. We're available by phone, too, (1-800-297-5134) which is usually faster and easier for something like this.
In a couple of minutes we'll figure out your needs and what's the best enterprise antivirus software for your office--and get you prices.
Oh, and in case you the thought crossed your mind, most antivirus software for business is almost as easy to setup as home software. There's usually a step or two more, but that's it.
And if you do get stuck, because it's enterprise-class software, you'll most likely be getting a different level of support than you're used to, so someone will help you with any snags you hit.
Chances are it'll go just fine though. You'll probably have more issues un-boxing and setting up that new printer you've been oogling. ;-)
1 BitDefender Antivirus and BitDefender Internet Security home versions also include central management for up to five PCs. It really makes things easier for a multi-PC home, but it's not intended for use in a business.
Here's my reply: (with a little extra added here for clarification)I'm 73 years old. My grand kids have been getting after me a lot lately. They want to me to put some of that antivirus software on my computer. I don't know a thing about this stuff. I don't understand why I even need it. I use my computer for email and reading the news.
Thanks for writing, Martha.
I'm glad to hear your grandkids have been after you to get antivirus software. They're wise beyond their years. :-)
The first question here is:
Since there are so many different ways a computer can get a virus, the question to ask to decide if you need antivirus software is:
The main risks of viruses are that they tend to be:
- personally invasive
- resource thieves
If you have nothing of value on your PC, there's no risk here other than the time and cost for a PC shop to restore your PC and get it back into a working state.
On the other hand, if you do have things of value (real or sentimental) on your PC, maybe photos, music, emails, or the like, what would be involved in restoring those files, assuming it's possible?
As for viruses being personally invasive, it means viruses can steal your files, your data, and under the right circumstances even your identity.
Ditto here. If there's nothing of value on your PC, the risks are the time and cost of repair. If you use your computer for things like online banking, doing your taxes, or medical-related stuff, what's the risk of this information falling into the wrong hands?
The last one, resource theft, means viruses can burrow their way onto your PC and can make your computer a part of a "botnet".
Botnets are often used for sending spam, so if your PC gets sucked into a virus botnet, it's pretty likely someone would start using it to send their spams, probably without you even knowing it.
Even if there's truly no risk of data loss or theft (which isn't really the case, but assuming it is), if your computer is in a botnet, it's definitely being used for malicious purposes, something most folks don't want.
As to how you get a virus, there are a lot of ways computers get viruses. These days, the bad guys are resorting to taking over legitimate websites and using clever tricks to confuse people--or their computers--to installing their viruses.
How you get a virus is actually less important than what would happen if you got one, which is the real question to ask yourself if you're trying to figure out if you need antivirus software.
Sheryl writes in to ask,
OK, so I'm not happy with the anti-virus software that came on my laptop, and it's nagging me all the time to "renew my subscription"--one I didn't even know I had.
"I'd love to get rid of it just because I'm fed up with their nagging me.
"I'm assuming it's possible to replace with a new anti-virus program, but I don't know how.
"Can you help?? Please??
Here's my reply:
Yes, it's possible. It's easy, and I'm glad to help.
STEP 1: PICK THE NEW SOFTWARE
For starters, you'll want to figure out what antivirus software (or Internet security suite) you're going to get to replace what's on there now with.
Doesn't make sense to rip the old one out 'til you know what's going in its place.
My suggestion would be to start with our antivirus software Buyer's Guide. (It's on the right side of every antivirus software review page of our site.)
STEP 2: UNINSTALL THE OLD SOFTWARE
We'll assume you've got the new software chosen, so next we'll get rid of the old software.
The easiest way to get rid of uninstall any (legitimate) program on Windows is to use the "Uninstall a program"1 link within the Windows Control Panel.
[Shown here: Accessing the "Uninstall a Program" link]
[Shown here: Find the program in the list. Click "Uninstall".]
STEP 3: INSTALL THE NEW SOFTWARE
"Duh... of course," some of you might be thinking, but here's the deal: in Step 1, your goal is to figure out what A/V software you're going to use NOT to install it then and there.
First we've got to get rid of your old antivirus software. In the mean time, we want the PC to go without security software for as little time as possible.
Since figuring out what antivirus program is best for your needs takes more than a few seconds, you don't want to uninstall the old 'til you know what the new program is going to be.
1If you're using a versions of Windows prior to Vista, you'll find it in the "Add/Remove Programs" button in the Control Panel.
Another great question! And another one of our most frequently asked ones, too.Other than using a real virus, which seems crazy to me, is there a way for me to test to make sure my antivirus software is actually working?
Here's my reply:
Yes, there's actually a harmless little test virus called, "EICAR," that's designed to do just that.
As long as it's downloaded from the right place, it's completely benign. It's only purpose is to trigger an alert from your antivirus software. That's it.
The official site, and only safe place to download it, eicar.org, describes EICAR as a
...legitimate DOS program, [that] produces sensible results when run (it prints the message "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!").
We actually use EICAR ourselves when we take our screenshots of each antivirus program successfully detecting a virus.
(We don't use real viruses for our screenshots because we don't want overly curious visitors to, upon seeing real virus names, then go searching for those real viruses on the Internet to try for themselves.)
So, leave the real antivirus software testing to us, but use EICAR when you want to test that your A/V software is really working.
Got a question about antivirus software or PC security? Why not Ask the Experts?
Easily one of the most Frequently Asked Questions we get is,
What's the difference between antivirus software and an Internet security suite?
Right on the heels of that is the next one,
Is the upgrade worth it?
Each security software company puts their own spin on things, but generally it boils down to the addition of two critical features:
- firewall software
- malicious website filtering
Creates a virtual "moat" between your PC and the Internet (or the rest of a network if you're on an open wireless network somewhere like a coffee shop or the airport.)
Sure, some malware can beat a software firewall, but it's another layer of defense to help keep your PC safe.
The other benefit to the best firewalls: you can record (and block) traffic both going to your PC and traffic leaving from it, too.
What's the point?
You'd be surprised how many programs are installed on your PC that make connections all on their own to check for updates, etc. Viruses, worms, keyloggers, spambots, and other malware do this, too.
So, if you suspect a virus may've infected your PC and gotten past your antivirus software, a firewall can help you track down if and when it's making connection attempts from your PC back to a master server somewhere.
malicious website filtering
You're out reading some news and checking out your favorite sites. Maybe you're clicking around and visiting some sites you've never been to, maybe you just made a typo did "yuorbank" instead of "yourbank."
In either case, the bad guys are on the prowl and are:
- secretly taking over legitimate sites and installing their viruses onto them
- buying domain names that are typos of legitimate sites
- sending spams and phishing emails
Regardless of their method, the bad guys are out there, and malicious website filters (including anti-phishing ones), like a firewall, can give you one more layer of protection before the actual virus detection part of antivirus software has to come into play.
Is the upgrade it worth it?
In a lot of cases when it comes to technology, there's wiggle room in an answer. In this case though, the "Yes" is clearcut.
Sure, these two features will cost a few bucks more, usually about $10. The $10 is well spent though, since you're getting real benefit from it.
The $10 isn't just fluff on a fancier name; it's $10 on--at least--two different security technologies that you don't get with most basic antivirus protection.
And, they're two technologies that can make all the difference between your PC being compromised (and all the clean-up time, expense, and mess that goes along with it) and not.
Do you read reviews on other websites? Can you comment on your review technique vs. some other sites?
"Some sites appear to be more thorough in their reviews than others. I'm having a hard time deciding, given the very different ratings between your site and others I'm looking at.
"For example, you rate Vipre #1, another site puts it at #12 and a third site doesn't even mention it!
Grandma taught me when it comes to speaking about others, if you don't have something nice to say, you don't have anything to say.
Kidding aside, I can't speak too much about the testing methodology that the other sites use; I can tell you ours is better.
We have a repository of 500,000+ viruses, worms, trojans, rootkits, bootkits, keyloggers, spyware, adware, and every other type of malware under the sun. We test the software from soup to nuts and run it on: workstations/desktops, laptops, netbooks, and virtual machines.
Whereas a lot of other sites (not naming names, just stating fact) might test on one, or maybe two machines and/or may use a handful of viruses, we test with a huge sub-set of the 500,000 (and growing) sample set. Then, thanks to some special insight we get from our own email honeypots, we even test with fresh phishing and malicious websites when conducting the realtime part of our tests.
Beyond that, the biggest difference I can say between "us" and "them" is that our approach starts with a basic premise: break the software.
The virus writers are trying to, so why shouldn't we?
In contrast, the other sites aren't really ever doing that. Look closely at the some of the other reviews. When there aren't any "cons" is a list of "cons," someone is getting conned.
I'll let you be the judge of whether or not reviews like these sound (even remotely) unbiased.
Now, have a look at our VIPRE and VIPRE Internet Security review.
We come out guns blazing with the downsides to VIPRE, and it's our Editor's Choice! The thing is: It's not perfect, no software is. And, we're honest about that in our review of it just like we are in all of our reviews.
Aside from that, the next thing I question in some other sites testings is the small sample size of the malware they use in testing.
Then, how easy is it to get relative comparative data from other sources about two products side-by-side?
In contrast, we have several ways, not the least of which are these two:
As for VIPRE being our top pick this year, if you read our reviews, aside from excellent detection and removal, you'll see the shining star of VIPRE is their tech support.
I've personally been back and forth with another company for a week now just to get them to honor Black Friday special pricing for some customers. First their links don't work. When the links work, they have a U.K. based sale support phone number on those web pages. When that's fixed, the coupons don't work. Oh, and that phone number is just for sales support, it's not actual tech support!
Now, don't misunderstand me, I'm not saying experiences like this are representative of support from this other company, I'm not. I'm just saying that in our various calls, chats, and emails to GFI for support with VIPRE Antivirus and VIPRE Internet Security, our experience is consistently good, and we don't get the runaround.
And the same goes for the (large) group of antivirus software users who we regularly survey. We ask them about their experience with their antivirus software and the companies behind them. Their answers give us the real scoop on what's happening between customers and each of the companies, and we take this into account in our reviews.
The bottom line?
We give assessments and ratings with candor. We're honest. We look at the big picture. We get real-world feedback from consumers. And we actually test the crap out of the software with real viruses, real worms, real trojans, and so on.
We get a lot of questions to our "Ask the Experts" link. We answer 'em all.
Most times they're good questions. Some times they're great.
One such question came in today from Rich who asks,
Here's my reply:Which antivirus program and firewall can I use on a laptop with Windows 2000 Pro installed.
"The laptop hardware meets most programs requirements but most programs say XP or newer.
"My laptop works great as is and I would just like to have good antivirus and firewall protection.
This is definitely a tough question.
The problem is this: Windows 2000 (which was my favorite version of Windows) is SO far out-of-patch from Microsoft (it is almost 2012), even if you were to find antivirus software for it, which I quite doubt, the OS itself isn't being updated and thus can't be secured anymore.
If the underlying OS is insecure, all bets are off.
I say this with a background as former CTO of a publicly traded credit card processing company. These types of issues weren't just what-if scenarios there, but things I had to make policy about for my company and shareholders.
The bottom line: even back then I wouldn't have allowed someone to connect to my network with an OS that old, now you're taking about one that's, literally, 12 years old.
It just cannot be secured. Plain and simple.
Here's the next rub: the way the antivirus software "hooks" into the OS has changed even since XP. One malware researcher found the hooking method in XP could in some cases be circumvented and most any antivirus software bypassed. And this was with XP. Who knows what the story is with W2K.
Since Windows 2000, Microsoft has released:
- Windows XP
- Windows 2003 (servers)
- Windows Vista
- Windows 2008 (servers)
- Windows 7
So, as much as I'd love to recommend a product, I'd be doing you a disservice.
Here's why: the reason no antivirus company is making software for 2000 anymore is because if Microsoft isn't updating the underlying OS anymore, they A/V companies certainly aren't willing to put their necks on the line trying to defend what is, practically speaking, indefensible.
Further, most web browsers--the most common attack vector of viruses these days--are no longer supporting Windows 2000.
No matter where you look, the propeller heads have long decided to turn their backs on Win2K
Believe me, I'm a fan of old computer hardware (and I loved Windows 2000) and want to keep things running 'til the end of time, but we're talking about technology not a classic car. (My wife made me recycle more old PCs last year than I'm comfortable even admitting were in my house. I had hardware made in 1991 that still ran.)
In your case, if you're serious about keeping the data on that PC secure, you need to put it to pasture. It just cannot be secured.
My take: a trip to your local Best Buy, to NewEgg.com, or to Buy.com and look for a new lappy. These days, great machines can be had for a song.
And one final note I forgot to mention to Rich: Yes, you can definitely remove the antivirus software that comes pre-installed on a new computer.
It's seldom the best antivirus software for your needs and is often there just because the antivirus company and the computer maker struck a deal to put it there to begin with.
Chances are, they just paid the manufacturer more than the next guy for the privilege. They know a large percentage of people will assume if it's there it must be the best, and they end up renewing the antivirus software when the subscription runs out.