Even well-guarded PCs may get infected
By
Dennis O'Reilly
There's a window of vulnerability between the appearance of new malware and the updating of anti-malware tools against the new threat; you may fall victim in that interim.
That's what happened to one Windows Secrets Lounge member, whose well-protected system appears to have been subjected to a questionable download in his browser.
Malware can enter a machine through the recently discovered IE hole that Yardena Arar described in her
Jan. 21 Top Story.
Windows Secrets Lounge member Cris Wadlooper experienced a different kind of threat, which he explained in the
comment thread
for Yardena's story:
-
"I noticed that I had a PDF download pending in my Firefox queue, which I dismissed instinctively. (Why is there a file in my download queue? I asked myself.)
"Disclaimer: I have IE6 on a Win XP2 box, Firefox is my default browser, IE is only for banks and other dinosaurs, etc.
"I then browsed around a bit as usual, using Firefox, and the same download appeared! — interestingly, just after I refreshed Boston.com for some local news. (I block Boston.com from opening pop-ups via my Firefox preferences, yet the site still manages to do so!)
"Somewhat stupidly (before finishing my coffee!), I accepted the download request out of coffee-deprived curiosity. I (again, stupidly/curiously) opened the PDF, and it was blank!
"The silver lining to this story is that I opened the file using an open-source PDF reader, Sumatra, which I use because Adobe Reader is so bloated. After seeing this blank PDF, I immediately Shift-deleted it, and so I now don't remember even the file name.
"However, I also instinctively (even in my coffee-deprived stupor) ran a deep scan immediately. Nothing was found — likely because I sent the file to never-never land instead of the Recycle Bin.
"So, maybe this tale is nothing but a blip in the universe of the brave new world. But did anyone else get pushed a PDF from some seemingly random site over the past few days?"
One of the best tools for clearing a PC of malware is the free Malwarebytes Anti-Malware (more info). Note that only the paid version of the program provides real-time scanning for malware.
Most of the major antivirus vendors also offer free online scans you can employ without having to purchase the full product. For example, Symantec offers Security Check, Kapersky provides Free Virus Scan, Trend Micro has House Call, McAfee offers FreeScan, and so on. Running several of these may uncover infections that any one tool might miss by itself.
And of course, you also need to patch whatever hole let the malware in. For sure, replace IE 6 (even if you never surf using IE 6) with IE 7 or 8, both of which provide security features that IE 6 will never have. In the case of the IE Aurora vulnerability, apply the new Cumulative Security Update for Internet Explorer explained in Susan Bradley's Jan. 28 Patch Watch column (paid content) and in MS security bulletin MS10-002.
Senders may unwittingly spread infection
One of the precautions mentioned in Yardena's story is to contact the sender of a suspicious e-mail to verify its authenticity. WS Lounger Hans Bool expands on this point:
-
"[M]ost users wouldn't know how to open attachments in the inbox safely. As you suggest — contacting the sender — may not be a secure solution at all! He or she may have unknowingly attached an infected file!
"My routine strategy is to save any unopened attachment to my desktop or other location and scan the file with my virus program — in my case, MSE [Microsoft Security Essentials] — before opening the file."
|
Have more info on this subject? Post your tip in the
WS Columns forum. |
|
Loungers Cris and Hans will each receive a gift certificate for a book, CD, or DVD of their choice for posting comments we printed. Send us tips via the Windows Secrets
contact page. |
The Lounge Life column brings you posts from the WS Lounge threads for our recent articles. Dennis O'Reilly is technical editor of WindowsSecrets.com.
Digg
Del.icio.us
Reddit
StumbleUpon
Other
Permalink