The Changing Faces of Rogue Security Programs

One of the most common forms of malware today is the Rogue Security Program, or simply "Rogue." These programs pop up on the user's computer, usually at the time of Windows startup, and claim to have found problems on that computer.

Early rogues represented themselves as anti-virus programs and typically displayed a list of threats allegedly found on this computer. In many cases they would appear to be running a scan, complete with a moving progress bar and a count of malware items detected.

It's Not Always Malware

Malware is the single most common problem faced today by computer users and IT support technicians. Whether it's a virus, worm, Trojan horse, rogue security program, rootkit, or whatever type of malicious software, these infections can be very difficult to find and remove.

Making the issue more complex is the wide variety of symptoms that may be exhibited by the malware. Some will pop up annoying messages; others will interfere with your connection to the Internet. Many will affect the performance of the computer, slowing it to a crawl.

Modern Musical Malware

A few years ago a new breed of virus emerged with an unusual payload. It would cause the infected computer to play music, without any action by the user. This virus was not particularly widespread, and was active for only a relatively short period of time.

Like so many past malware threats, this one has re-emerged in a far more sophisticated form. While the current variant is similar to its predecessor in some aspects, it is significantly different in the exact symptoms and the characteristics of the infection.

The Most Important Windows Update Ever?

On June 3 Microsoft pushed out an "out-of-band" update for every supported version of the Windows Operating System. The term "out-of-band" designates an update that is released on a date other than the normal monthly Windows Updates, which are scheduled to be distributed on the second Tuesday of each month. Another apt description of these updates would be "Emergency Updates."

DNSChanger malware -- hype or serious threat?

You and your clients have probably heard or read news stories in the past few weeks predicting the end of the Internet on July 9 of this year. Should you be concerned?

The answer, of course, is yes and no. The threat is real, although it only affects a small percentage of computer users. But for that infected population of computers, they will in fact lose their ability to connect to the Internet, starting on July 9 and continuing until their computer is cleared of the DNSChanger malware.

Old (MS-DOS) Commands Never Die

Most computer users today have never seen, or had occasion to use, the Command Prompt.  Originally known as the MS-DOS Prompt, this was our only way to communicate with the Operating System and the Directory and File structure before Microsoft Windows® converted us all to the Graphical User Interface.

Most IT Support technicians are at least aware of this arcane, text-based interface and use it on rare occasions.  But to effectively deal with today's sophisticated malware, the savvy tech must be intimately familiar with at least a dozen of these commands.

What if Regedit won't run?

When removing malware from an infected computer, the experienced IT support technician normally uses the Windows utility program Regedit to remove malicious entries from the Registry.  But what do you do if Regedit won't run?

Many viruses and rogue security programs will delete or corrupt regedit.exe or block your ability to run it.  They may use many techniques to produce this result.  This article will suggest various alternatives that should solve the problem.

Three New Malware Threats

As Calendar Year 2011 draws to a close, the malware creators are busier than ever. The number of new viruses, Trojans, and rogue security programs continues to increase at an exponential rate. The last two months of the year have seen more new malware samples than any previous two-month period in history.

Three of these recent entrants in the malware arena are particularly troubling, for two reasons: They are spreading quickly, and they are using sophisticated techniques to thwart attempts to detect and remove them.

Old Malware Never Dies

Even though we all know that new malware is being introduced every day, it's important to remember that all the old examples may still be a threat too. The only difference is that those old techniques and methods are continually refined to incorporate the sophistication of modern malware.

Just as early viruses were spread via infected floppy disks (remember those?), a common distribution method for today's malware is the ubiquitous USB thumb drive. The infamous Stuxnet worm has infected many computers that weren't even connected to the Internet, using the lowly thumb drive.

Dirty Tricks of the Malware Trade

As malware has grown more sophisticated in recent years, the challenge of removing it has grown more complex. Many of the tools and approaches that computer techs used in the past are no longer effective and may not even be available on an infected computer.

Here are some of the roadblocks you may face when dealing with the current generation of malware.