I still like Avira

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

Yesterday I wrote about how I had stumbled upon a virus through Java in Firefox and how Avira didn’t quite stop all the infections.

I also mentioned I didn’t blame Avira because I felt that it was a new strain, and it looks like I was right.

Yesterday when I scanned the infected file it wasn’t reporting any issues.

Today I noticed a little update notice from Avira so for the heck of it I scanned the infected file again (kept it around to test with), and bam, detected!

detectedSo for the heck of it I popped it through my trusty online scanner, VirusTotal which will scan any file you upload against 41 antivirus engines.

The other day I got:

File iaStor.sys received on 2009.11.12 18:25:30 (UTC)
Current status: finished

Result: 1/41 (2.44%)

Reanalysing the file today I get:

File iaStor.sys received on 2009.11.15 00:09:41 (UTC)
Current status: finished

Result: 11/41 (26.83%)
So this was obviously a new strain and engines are finally starting to update!
Also, yay for Avira being one of the 11 detecting it now.  I picked Avira because of it’s high detection rates, so hopefully they will continue leading the sector. 🙂

Make Firefox More Secure, Disable Java

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

No, not Javascript.  Java.

Despite similar names, Javascript and Java are 2 entirely different things.

Java, or Java applets are programs that can be embedded in to websites.  They are generally poorly written, and hardly ever function right.  Most people will probably never even need java, and in fact the only website I can think of that I ever use it on is Facebook’s shitty multi-photo uploader which I use only a handful of times a year.

Why am I writing about this?  Because I had a Windows 7 machine that was fully updated, running an updated Firefox with Java (Java may have not been up to date),  and a fully updated Antivirus program.  By clicking one simple link, the machine was infected through the Java run time in Firefox.  Despite clicking “Deny” on the Java question, the app still managed to run itself.  It looked like it caused some type of crash in the Java run time and allowed itself to execute code.  The virus then proceeded to attempt to hijack the browser and insert other malicious code in to the system.  Avira Antivirus was able to block most of these attempts, but it did miss something.  I have a feeling that this was a new strain of the virus, so I’m not going to place too much blame on Avira here.  After all was said and done I ran the infected file through an online scanner, and only 1 of 41 virus engines detected it.  Yikes!

Before shutting down the system I had ran FULL scans with Malwarebytes and Avira, both came back clean.  I rebooted the system and that is when it happened.  7 load screen… blue screen…. reboot.  Over and over.  Safe mode was of no use, other methods of recovery didn’t work, the bluescreen yielded no useful information.  It wouldn’t even point me to the file causing the crash (which would of helped me tremendously).  To make a long story short (I put probably 4 hours in to fixing this bluescreen), the virus had attempted to insert code in to my iaStor.sys driver.  This is an Intel Storage driver, vital to system operation.  I believe that because this was a Windows 7 machine, it was unable to successfully hijack this file (the virus was probably written to hijack XP machines).  I found the lone infected file by pulling the drive out of the laptop and using a separate computer running Nod32 to scan the entire drive,  and replaced the infected file with a good copy I had in my archives.  The really strange thing about it was the good file and infected file were the same exact size, but the infected file no longer had the Intel signature and had a different MD5 hash then the good file.  The virus obviously tried to re-write some part of my storage driver… who knows what though.

Nod32 identified it as Olmarik.pv which from what I can tell is a pretty new strain.

To bring this story back to it’s point, a fully updated system, running Firefox still caught an infection thanks to shitty ass Java.  So, do yourself a favor out there RIGHT NOW.  Disable Java.

Tools -> Options -> Content

Un-check Enable Java:

disablejava

The nice part about this is that if you do end up on a site that you TRUST and need to enable it, you can simple check the box again and reload the page and it will work.  You don’t have to restart your browser.  Just be sure to disable it again after you’re done to keep your browser safe!

I have made this change on all of my machines and I strongly encourage you to as well!

Philips DVD-R Yellows, Goes Bad

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

Today at work I needed some data off a DVD-R from about 3 years ago.  I shuffled through my stack of discs and located the one I needed.  Upon first glance I could tell it was aging because while other discs were still nice and silver, this once-silver disc was very very yellowed and gold-looking.  I didn’t think much of it until we tried to read the disc.

Nothing, nadda, zip, zero, zilch.  We tried 3 different machines and none of them would read the aged disc.

I’m a bit disappointed in Philips’ quality here.  This disc was only around 3 years old, and in my opinion was way too new to have gone bad already!  What a let-down from the Philips brand name.  I can’t say I have bought any of their discs since then, and I’m glad.  I’ll be sure to avoid their media products from now on.  I have other memorex discs from approximately the same era, and they were still perfectly fine.

Below is a picture showing the bad Philips DVD on the right next to a nice good silver disc on the left.

bad-dvd

Luckily the data on the disc was unimportant and archived else where, but never the less there is an important lesson to be learned here.

Never use recordable disc media for archival purposes.  This disc was not mistreated, and was not left out in the sunlight.  It was stored in a stack of ~15 other discs.  Recordable media is a great way to transport or play your files, but it should never be used for archiving or backups.  Besides, with how filthy dirt cheap hard drives are, there is no good reason not to use hard drives as your backup medium.

Windows 7 Crippling, On The Big Screen

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

windows7sins_(3)_270x390

A few weeks ago I wrote about how Microsoft was artificially crippling “lesser” versions of Windows.

Blocking you from running software you have a right to use, simply because you didn’t buy their more expensive version.

Well, it looks like the Free Software Foundation is launching an attack against Microsoft, pointing out just that…

“Microsoft is up to their usual tricks again — only this time, they’re also inserting artificial restrictions into the operating system itself. While not the first time they’ve done this, this is the first release of Windows that can magically remove limitations instantly upon purchasing a more expensive version from Microsoft.”

I for one am glad to see this.  This mentality over at Microsoft of “we wrote your OS, so we control everything on your computer” needs to stop.  Unfortunately Microsoft has done this shit since the early days of Windows… they always want to control what you can and can’t do on your own machine and it seems like a constant fight with Microsoft and Windows just to be able to do what you want on your machine.

They’re pushing Linux based software of course, and I wouldn’t be opposed to switching to such a platform if it weren’t for one major issue, which is gaming.  A lot of my home PC use is gaming, of which almost none of the modern games run on Linux platforms.

Maybe in time Linux will mature enough and get a large enough market share that developers will pay more attention to it.  If this would happen we could finally switch off of Microsoft and their bullshit strangle hold on our machines.

Why is Windows 7 Media Player So Ugly?

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

I’ve been using Windows 7 for a few weeks now, and it’s alright I guess.  It would’ve more appropriately been named Windows Vista SE (Second Edition) though.  It does not feel like a new OS.  It feels like Vista SE.

While a lot of changes are good, there are some changes that just make me go “WTF?”

One such WTF change is the new Windows Media Player.  It’s freaking BUTT UGLY in Windows 7.  I mean it looks like Microsoft just completely forgot to develop any kind of skin for it.  I am completely dumbfounded by this.

First, lets look at Windows Media Player in Vista…

pretty

Nice pretty transparencies, a nice defined playback window.

Now lets look at Windows Media Player in Windows 7…

Read More

Vista and 7: Easily Disable Ease of Access

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

Ease of Access on the login screen was always something I disabled on my Vista machines… and of course Windows 7 hasn’t added any built-in option to disable this useless and annoying feature, so I’m here to show you how.  As far as I know you can’t remove the button, but you can disable it.

I call it useless and annoying because it is… it allows people to mess with YOUR computer settings even when your machine is LOCKED!  The entire point of locking your machines is so people CAN’T mess with it.

All you need to do is replace 1 executable file it is:

c:\windows\system32\utilman.exe

This file is what controls the pop up when you click the Ease of Access button.

I have taken a replacement file from an older version of Ease of Access Disabler.  This was a useful utility in it’s earlier versions, but the new version throws a bunch of shit-ads on your screen for their site, and if there is something I really can’t stand, it’s ads on MY computer.

So here you go…

Read More

Windows 7 Home: Your very own crippled OS!

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

With Windows 7 RTM hitting official Microsoft channels, I figured I’d load up the final version of Windows 7 and check it out.  I’ve commented in the past about being completely unimpressed with 7 and for the most part, that is holding true, with some added hatred for the big-wigs over at Microsoft for arbitrarily deciding what I should be allowed to run on MY machine.

I upgraded from Vista Home Premium to 7 Home Premium.  The upgrade process itslef took around 3 hours, but it did go off with out a hitch.  I was happy for the most part, until I went to fire up one of my virtual machines in Virtual PC 2007.

This is when my joy turned to pure black hatred for 7 and all it represents.  It is a step backwards in technology.  It is Big Brother watching over your every single move tell you what you can an can not do.

Read More

Changing Antivirus Programs, so long NOD32

Attention: This content is 15 years old. Please keep its age in mind while reading as its contents may now be outdated or inaccurate.

For the last couple years I have relied on NOD32 to protect my systems from the nastiness of malware, viruses, and all the like.

For most of that time it was a good program.  It had it’s little hiccups along the way, but they always seemed to be resolved by Eset rather quickly.

That was until Vista Service Pack 2 came along and changed everything.

Don’t get on me about user error as I did everything in my power to ENSURE no issues.  I uninstalled my old NOD32 (version 4), downloaded the LATEST version/build direct from Eset’s site, installed SP2, then installed the new NOD32 I downloaded.

This is when things started to fall apart.  Ever since then I was plagued with system lockups and hangs ESPECIALLY at the login screen or going in to or coming out of standby or hibernation.  This wasn’t just happening on 1 machine either.  Both my [aging] Desktop and my [new-ish, 1 year old now] laptop were having CONSTANT issues.  I initially didn’t pin it down to NOD32.  I thought I was having some other issues until I jumped on to the Eset forums and found hundreds upon hundreds of other people having issues with their Vista SP2 machines.

I uninstalled NOD32 from both of my machines and they both became rock-solid.  My desktop went from locking up every 2-3 days to being up for 2 weeks straight.  My laptop has been in and out of standby/hibernation at least 2 dozen times without a single problem.  I checked as recent as last week and Eset has still not issued any newer versions of NOD32 to rectify the issues I and many many many other NOD32 users were having.

After nearly a month running with nothing, I decided it was time to hunker down and find something.  I began my trek to find an antivirus solution that didn’t suck so much balls.   I spent many hours combing over all kinds of performance benchmarks, detection ratings testing, and over all features I have now installed my new protection system…

avira

Avira AntiVir’s detection rates were among the top rankings, often times beating out NOD32’s detection rates… and get this… IT’S FREE!!!  Everyone loves free, right?

Does it play well with Vista SP2?  I have no idea as of right now.  Only time will be able to tell me that.

So far my initial impression is good.  It is definitely light weight.  It definitely has A LOT fewer options then something like NOD32.  It is very basic… but really complexity doesn’t always mean better.  It’s about the programs ability to detect and protect.   I may not put it to that thorough a test in that regard as I am usually very careful about what I’m doing and am not your average user that would be more careless, but I still think that everyone should have SOMETHING.  You never know when you might accidently hit a malicious web page or a site that has been hacked and infected and get hit with a Java-based worm or something.

I will write a follow up article about AntiVir after I’ve got some play-time in with it and see how it plays with my systems.

Until next time.