How To Tell If Your Website Has Been Attacked By Bots

Bots—software applications that run scripts over the internet—make up more than half of all internet traffic. This creates a major blind spot for IT security teams, as 79% of CISOs and other security leaders said they can’t tell for certain if web traffic comes from humans or bots, according to a recent Radware report.

It’s key to understand that there are good bots and bad bots, said Reid Tatoris, vice president of product outreach and marketing at Distil Networks. “‘Good bots enable search engines to index web content, price comparison services to save consumers money, and market researchers to gauge sentiment on social media, for example,” Tatoris said. These also include chatbots, and search engine and social media bots.

Meanwhile, “‘bad bots are used to conduct a variety of harmful activities, such as denial-of-service attacks, competitive data mining, online fraud, account hijacking, data theft, stealing of intellectual property, unauthorized vulnerability scans, spam, and digital ad fraud,” Tatoris said. These include impersonators, scrapers, hackers, and spambots.

Bad bots are used by many different groups, ranging from organized crime to state actors pushing a political agenda to people trying to make money. But there are ways to tell if your website has been visited by a bot and keep it safe.

Here are five ways to spot a bot.

1. Monitor login attempts

One of the most profitable uses of bots for an attacker is via credential stuffing, the mass-scale automated testing of username and password combinations across multiple websites, according to Patrick Sullivan, Akamai director of security technology and strategy. When successful matches are discovered, attackers use these logins to take over the account for fraud or to resell the confirmed credentials.

One simple step to detect bots is to monitor macro-level success and failure rates of login attempts, Sullivan said. “Regardless of how advanced the bots are and how difficult they are to identify, credential stuffing generates high levels of failed logins,” he added. “Even if fraudsters are careful enough not to trigger account lockouts, they will generate failed logins, which are early warning signs of bot activity.”

2. Check your server logs

Most bots will visit the same website regularly, even several times a day, he said. “If you keep seeing the same IP address pop up on your logs, then the chances are they could be a bot,” he added. You can check the IP addresses, location, and hostname manually, using a website like IPAvoid. If the IP is included on a blacklist or is not a residential address, there’s a strong chance that it’s a bot.

3. Check your email outbox

If your Sent messages folder contains messages that have been drafted, sent, or returned to you that you did not write, this is a tell-tale sign that you may have been visited by a bot, said Steve Pritchard, search content manager at giffgaff. “The bot is then intending to infiltrate the computers of your email contacts by sending them emails riddled with malware,” Pritchard said.

4. Watch if your website slows down or crashes

“Bots move fast across websites and do so in hoards, so you get a lot of server requests per second, which can overload the system and cause a major slowdown in loading times,” said Tatoris. “The result is that you end up spending more money on server costs for traffic that doesn’t translate into any benefit for your business. In addition, any humans who try to visit your site or make a purchase at a time when the site slows down will typically leave and take their business somewhere else.”

5. Check if your site content shows up elsewhere on the internet

Bots can sometimes copy website content and post it elsewhere without permission, Tatoris said. “The site Copyscape can help you to determine whether or not any of your site information has been posted elsewhere on the internet,” he added. “If you enter in the URL of a page from your website into their search field, they will return any pages that have high percentage matches to the content on the referenced page. While this isn’t a sure fire way of telling whether your content has been copied, it can potentially give you some idea.”

For more information on how to secure your Window 10 pc, click here.

Window Meltdown patch: No more security updates for your PC…

Microsoft has updated its support notice to say that Windows computers will not receive any security updates at all until their AV software is certified compatible with the Spectre and Meltdown patches.

Windows PCs running anti-virus software that is incompatible with the recent Meltdown and Spectre patches will no longer receive any security updates, Microsoft has warned.

Spectre and Meltdown are design flaws in modern processors that could allow hackers to bypass system protections on a wide range of devices, allowing attackers to read sensitive information, such as passwords, from memory.

Microsoft has rolled out a series of patches for the flaws since January 3rd, but last week said these patches would not be pushed to computers running incompatible third-party AV.

SEE: Incident response policy (Tech Pro Research)

Now Microsoft has updated its support notice to say that Windows computers will not receive any security updates at all until their AV software is certified compatible with the Spectre and Meltdown patches. Windows systems will not be certified as compatible until the AV vendor sets a specific key in the Windows registry.

“Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets the following registry key,” says Microsoft.

Security researcher Kevin Beaumont has put together a list of antivirus products that are compatible with Microsoft’s Spectre and Meltdown updates, and which have set the Windows registry key.

Compatible anti-virus products include those from Avast, AVG, Avira, Bitdefender, ESET, F-Secure, Kaspersky, Malwarebytes, Sophos, and Symantec. Systems running McAfee, TrendMicro, and Webroot software are also expected to be eligible to receive the updates soon.

Various other security providers, including CrowdStrike, Cylance, FireEye and Palo Alto Networks, have not yet set the registry key, but claim their products are compatible.

Beaumont says that companies whose AV products are designed to be used alongside other security software say they are loathe to set the key, in case other software on the system clashes with the fix.

System admins can manually set the registry key, however, Microsoft warns that doing so may cause serious problems that “require you to reinstall your operating system”. To manually update the registry, follow this guide.

Use the Steps Recorder tool to help solve problems remotely

By Ed Bott

Nothing is more frustrating than trying to help someone solve a problem from a distance, especially when the person suffering through the problem is technically unsophisticated. Remote assistance software is an excellent tool, but it’s not always practical for solving intermittent issues.

Instead of listening to vague descriptions of error messages and buttons, introduce your remote contact to the Problem Steps Recorder. To start the program, type PSR in the search box (Windows 10) or in the Run box (Windows 7) and press Enter.

The Steps Recorder has just three buttons: Start Record, Stop Record, and Add Comment. Clicking Start Record captures the exact contents of the screen and adds an annotation each time your remote contact performs an action like clicking a mouse button. Teach them to use the Add Comment button if they want to explain what’s happening in their own words.

Armed with that detailed report, you’re likely to have a much more productive support session next time.

Apple To Release New iPhones

Apple expert Jason Snell offers his take on what the next iPhones’ rumored features and changes could mean for business users.

Apple is set to introduce new iPhone models on Tuesday at a special event on its new campus in Cupertino, CA. Leaks suggest that the new iPhones will include a high-end model that’s dramatically different from any previous model. But what does that mean for the professionals who rely on the iPhone as a key part of their business life?

Let’s start with the most obvious features of any iPhone upgrade: All the new iPhones will presumably offer new versions of the Apple-designed A series chips, with faster processing and graphics power, as well as improved cameras.

That’s always true to some degree, but this year that added power and improved camera feeds into a larger story: In June at its annual developer conference, Apple announced that the new version of iOS, which should arrive in the next few weeks, will feature an augmented-reality framework known as ARKit. With the release of iOS 11, Apple will become the world’s largest augmented-reality platform, and every iOS developer will have access to Apple’s state-of-the-art frameworks.

Augmented reality may sound frivolous, but it has tons of real-word uses. Microsoft has spent several of its recent media events showing off its HoloLens augmented-reality system not just as a way to play Minecraft in your living room but as a tool for businesses. The new iPhones will undoubtedly be optimized to run ARKit at a high level; imagine interior designers and contractors instantly previewing changes to someone’s home or office space, live, via an AR app. Preview that IKEA desk in your office before you order it.

That top-of-the-line iPhone is rumored to carry a large price tag—$999 or more, just to start. That’s a big expense for any businessperson to bear, though Apple has never been the low-price leader on smartphones, and it continues to sell phones and reap the profits. My guess is that with two-year contracts becoming less common in the US as carriers shift to other methods of financing phones, the buying cycle of the average smartphone will lengthen. Perhaps there’s a nice space for a high-end phone that costs a bit more, but lasts for three years. An ultra cutting-edge iPhone might take longer to feel outdated.

Another interesting thing about this rumor is that it suggests Apple is broadening its product line even more than before, from the small and low-cost iPhone SE all the way up to this rumored high-end model. More models at more price points gives businesses purchasing flexibility and gives users more options, and that’s all good.

A major concern about this new high-end iPhone is the rumor that it will do away with the Touch ID sensor found on recent models and instead use a camera system to verify users via their faces. Obviously your corporate IT director is going to be concerned about the security of that system, but biometric security is such a core part of Apple’s strategy—including being the foundation of its Apple Pay system—that it’s hard to believe Apple would ship facial ID technology in its flagship device if it weren’t just as solid and reliable as Touch ID has been.

My guess is that the new face scanner will prove to be the most secure and accurate ever shipped in a smartphone, if only because Apple has the most to lose if it fails. But if the introduction of Touch ID creeped out some people in your company, you might want to expect the same reception for Face ID (or whatever it’s called).

Finally, there’s the rumor that the new high-end model will do away with the home button that’s been on the face of every iPhone since the first one was released 10 years ago. If that’s the case, Apple will certainly replace that button’s functionality with some combination of gestures and haptic feedback. I suspect that this is a direction Apple will go with all of its iOS products in the future—if there’s anything Apple’s designers love, it’s being able to remove a button or port—and some of the interface changes we’ve already seen in prerelease versions of iOS 11 suggest that Apple is beginning to redefine how it handles launching apps and multitasking.

In the long run I don’t think such a change will be a big deal—in fact, you can always argue that reducing the number of moving parts on a device increases product reliability—but any change can lead to short-term productivity drops as people get up to speed. I’d imagine that it won’t take long for the user of a new iPhone to adjust to the lack of a proper home button on the front of the screen, but some adaptation will still be necessary.

In any event, we’ll know more about where Apple’s taking the iPhone product line on Tuesday.

You Are Creating Password The Wrong Way

Was it m@nk3yP@$$w01rd or m0nk3yp@ssw0!rd?

For 20 years, the standard advice for creating a “strong” password that is hard to crack has been to use a mix of letters, numbers and symbols.

It’s so ingrained that when you go to create a new email account you’ll frequently get praising or finger-wagging feedback from the computer on how well your secret code adheres to these guidelines.

And you’re supposed to change it every 90 days.

Now, the man who laid down these widely followed rules says he got it all wrong.

“Much of what I did I now regret,” Bill Burr, a 72-year-old retired former manager at the National Institute of Standards and Technology told the Wall Street Journal.

In 2003, the then-mid-level NIST manager was tasked with the job of setting rules for effective passwords. Without much to go on he sourced a whitepaper written in the 1980s. The rules his agency published ended up becoming the go-to guides for major institutions and large companies.

The result is that people create odd-looking passwords and then have to write them down, which is of course less secure than something you can memorize. Users also lean on common substitutions, like “zeroes” for the letter O, which a smart hacker could program their password cracker to look for. Or they pick one “base” password that they can memorize and only change a single number. That’s also not as safe.

“It just drives people bananas and they don’t pick good passwords no matter what you do,” Burr said.

The new password guidelines are both easier to remember, and harder to guess. The NIST’s revised tips say users should pick a string of simple English words — and only be forced to change them if there’s been evidence of a security break-in.

Image: File picture illustration of the word 'password' pictured on a computer screen taken in Berlin© File picture illustration of the word ‘password’ pictured on a computer screen. Image: File picture illustration of the word ‘password’ pictured on a computer screen taken in Berlin

Not only did the old password format frustrate users, it wasn’t even the best way to keep hackers at bay.

For instance, “Tr0ub4dor&3” could take just three days to crack, according to one viral comic whose assertions have been verified by security researchers, while “CorrectHorseBatteryStaple” could take 550 years.

For some excellent information on Creating Strong Passwords from Cloudwards Click Here

Build a Successful Landing Page

A successful conversion starts with a great hook and ends with an offer that can’t be refused. However, more often than not, the majority of effort and budget is dedicated to obtaining that ad click, and the landing page it leads to is little more than an afterthought.

While this is great for the marketing consultant who you’re paying for each click, this doesn’t translate to customers either buying or signing up for your product or service.

The good news is that it’s not all that difficult to identify key mistakes made in a landing page, as we encounter numerous examples every time we venture online. If your are looking for more information you can learn how landing pages can fit into your marketing arsenal. Listed below are the 13 most common, and fixable, mistakes made:

1. Failure to impress

This could be the first time that your audience is viewing your product or service, which means it is crucial to create a positive impression when they arrive at the landing page. This first view needs to clearly introduce your product or service as an interesting and exciting proposition. Are your potential customers willing to spend more time to understand?

The most reliable assessment of this first impression is analysing the result of real visitors to your page. If the average time-on-page figure provided by Google Analytics is less than, say, 10-15 seconds, then it’s likely that visitors are leaving your site based on their first look at your landing page.

There are a few other quick checks you can do yourself to identify any potential issues: 

  • How much information is being communicated? The initial view should be simple and clean, with clear and concise messaging sharing your value proposition.
  • How modern or current does the site appear? If it looks like it was created some time ago then it’s unlikely your visitors will stick around to see if you’re still in business.
  • Is the product or service unique, or sufficiently differentiated from other providers?

2. Your value proposition is lacking

Your landing page needs to focus on the value proposition to the potential customer and satisfy the question of “What’s in it for me?”. It’s therefore important to not only clearly articulate the benefits of your product or service, but also ensure that your proposition is tailored to your target audience.

Key points to remember when writing your value proposition include:

  • Focus on your customer, not the details or technical specifications of your product.
  • Highlight the most significant benefit to your customer, and make sure the rest of your messaging aligns with this key proposition.
  • Use simple language and a verb to give your proposition life, such as “win”, “beat”, “get”, etc.

3. Inconsistency between advertisement and landing page

There is no quicker way to turn your audience off than leading a successful click to a completely unrelated page. Your visitor has chosen to find out about a certain product or service, so presenting a landing page on a completely different topic will seldom result in conversion, regardless of the merits of the actual product.

Similarly, there is limited success in overstating or over-promising in your advertisement and under-delivering on the actual product. Your aim should be to accurately communicate your product and target the right buyer from the first click. Try to maintain their interest and satisfaction throughout the purchase.

Consistency should be maintained by considering the following:

  • Keep descriptions of your product or service concise so that they can be used in both short-form advertising and as a headline on your landing page.
  • Maintain the same or similar language, tone, layout, colour scheme, font, etc. as much as possible.
  • Ensure the value proposition and branding aligns, to demonstrate that you’re confident in what you’re providing

If you are looking for further reading on the topic, learn how personalizing your advertising and landing pages are the next progression in digital marketing.

4. Poor site to mobile conversion

The rise of mobile and other handheld devices means that your customers are just as likely to visit your landing page through these avenues as they are from a laptop or PC. It is therefore crucial that your advertising and landing page is configured appropriately for all devices, to ensure both usability for your audience and maintain credibility for your product.

It’s particularly important to consider the types of users and the nature of activity that each device will be used for, and making sure that your advertising and landing pages is consistent. For example, the mobile user is more likely to be using their phone on the move, and therefore will have less appetite and ability to read much text or view complex images or videos. Conversely, the desktop viewer will likely have more time to investigate your product and service and require more detail to make their decision.

As mobile conversions are often created after a website is developed, listed below are key considerations to keep in mind:

  • Avoid too much text or any graphics and videos which slow loading the page
  • Ensure that everything is sized appropriately, i.e. images fit within the page, font size is large enough to read on a small screen, and the page doesn’t extend too far down, requiring excessive scolling
  • Simplify the “sign-up” or “buy” process as much as possible to make it easier to complete using your thumbs!

Craving more info? Find out here how you can increase your mobile conversions.

5. No clear target customer

No matter how witty your content, or how visually attractive your image or layout, there is no way that your advertisement or landing page will appeal to everyone. Find your niche!

Design of your advertisements and landing pages should consider the following to identify separate groups of individuals:

  • Key differentiators, such as gender, age, nationality
  • Social or financial demographic
  • Profession or industry

While it may seem counter-productive to sell the same product or service in multiple ways, the reasons behind a purchase will differ widely between groups, therefore highly relevant offers made to a smaller number of people will ultimately be more successful than vague or generic offers made to a greater population.

6. Text overload

No matter how simple your product or service, images are far more effective and efficient at communicating compared to text. Our brains interpret stories similar to the way they interpret real experiences, and images make for the best story as they are processed 60,000 times faster than text.

In addition to static images, it’s worth considering the use of videos or infographics to give your message some depth, however any visual stimulant will improve the structure of your page.

Discover what visuals you need on your landing page.

7. Inappropriate or irrelevant images

Before selecting images for your landing page, make sure to avoid images which are:

  • Irrelevant – as tempting as it may be to promote your product or service with flashy or luxurious images (think palm trees and sandy beaches), if these do not have any relevance to your product then you are just as likely to confuse your potential customer. Make sure you do include images of your product or service in action, as an image will explain exactly what you’re selling better than any written description.
  • Distracting – similar to irrelevant images, distracting images divert the attention of your customer from your call-to-action and they’re less likely to result in conversion 
  • Small or low quality – high resolution images which are easily viewed contribute to your effective messaging of a high-quality product.
  • Stock images – it’s important if you want your product or service to be seen as unique and worthy to your customer, then you need images which are unique and specific to your product.

Where possible, if you are able to use images of living things (think people, animals) then you are able to create emotion in your storytelling which will create a stronger connection with your customers than any inanimate object will achieve.

8. Slow page loading

Once you’ve landed on the optimum structure and most effective use of text and images, it’s important to note the impact this has on the speed of loading your landing page. Research has shown that if your page takes longer than five seconds to load, more than three quarters of potential customers will exit your page.

Test the speed of your site using tools such as Google’s PageSpeed Insights or Pingdom to obtain an honest appraisal of the speed of your site. This may be achieved through cleaning the underlying code of your site, minimising redirects, compressing images, and upgrading your hosting.

9. Complex or competing call-to-actions

A “call-to-action” or CTA is an instruction to your customer to act, such as to “sign-up” or “buy”. When used correctly, these give a clear message to your audience about what you are offering and how they can take action to accept your offer.

However, many sites complicate the use of CTAs by overpopulating with multiple options, which lead to general confusion about the right path to take. When faced with multiple options the customer needs to spend more time to consider your offer, and increases the likelihood that they will become bored or lose interest in your proposition.

A well-designed landing page will provide a single CTA near the top of the page, it will describe the action to be taken, and clearly articulate what the customer will receive.

10. Lengthy “sign-up” and “buy-now” forms

As tempting as it is to learn all there is to know about your new customer as soon as the respond to your CTA, it’s important that you don’t overwhelm them with lengthy “sign-up” or “buy-now” requirements. This is particularly important where your visitors respond via a handheld device, where you run the risk of losing your potential customer at the last hurdle.

A good opt-in form will stick to the basics necessary to complete the transaction, such as basic contact details and specifics of the product or service they are interested in.

There are other steps you can take to learn about your customer which are less intrusive, particularly at this crucial first step:

  • Consider Google Analytics and other software which can form an understanding of your customer based on how they interact with your advertisements, landing page, and wider site. This links back to creating targeted advertising and landing pages which appeal to specific groups of individuals, which gives you an insight into their lifestyles and interests without asking them outright.
  • Incentivize your audience to participate in providing their information, such as offering a prize or discount on your pricing. This initial financial impact will be repaid many times over if you’re able to achieve this first opt-in and retain the customer for future purchases.
  • Play the long-term game by learning about your customers over multiple interactions, which are more likely to help if you can enable a stress-free first opt-in.

11. No alternative opt-in offered

Even the best-designed sites with the most exciting and popular products are going to have visitors to their landing pages who choose not to opt-in. This may be due to a number of reasons, such as lack of time at that particular point in time to opt-in. Therefore it’s worth providing an alternative option to provide for further interactions with your visitor.

The quickest and simplest options could be to:

  • Obtain an email address or phone number for future communications
  • Give the visitor the opportunity to follow the company on Facebook, Instagram, or some other social media account
  • Create a simple log in via using their email address or social media profile

12. Information gaps

While advertisements and landing pages are most effective when they are simple and to the point, some customers will require additional information to opt-in, particularly for higher value items and for more complex products and services.

Consider linking further pages to your landing page which fill these information gaps in a succinct and interesting way, which further engage your visitor and support your value proposition. This information could take the form of additional narrative of the technical specifications or detail of services provided, testimonials from customers, answers to frequently asked questions (FAQs), and additional images or videos of your product or service in action.

13. Failure to plan beyond the landing page

Once you’ve invested all that time and money attracting the attention of the customer through advertising and successfully obtaining that first opt-in, it’s important to maximize your return as much as possible. It’s much easier to repeat a sale to an existing customer than to attract new customers.

Common steps taken by successful companies include a mix of regular communication such as marketing emails, social media interactions, blogs and special offers for their customer base.

Finally, ensure that every other aspect of your relationships is as stress-free and satisfying as possible.

  • Fulfill your obligations as efficiently as possible. Ensure that products are shipped on a timely basis or that you follow up with your customer with additional information before they have time to wonder when you’ll be in touch.
  • Make sure that your product or service exceeds the expectations of your customer. This may be achieved by additional benefits received that you haven’t included in earlier information, or giving the customer a little something extra that they weren’t expecting.
  • Personalise your interactions wherever possible, from the way your product is packaged through to your written communications.
  • Give customers the opportunity to provide feedback, and take action to respond to and resolve any criticism. After all, the most effective and cost-efficient advertising will be through word-of-mouth from happy customers!

How to Stop Windows 10 Upgrade

What I did was uninstall updates KB3035583, KB2990214, and KB2952664. The first two were mentioned by other users as connected with the Windows 10 upgrade. The third was installed on my computer on 7/31/2015 which is the day the upgrade takeover of my computer began.

——————————————————

THE IMPORTANT THING IS TO ENSURE THAT THESE UPDATES ARE NEVER INSTALLED AGAIN!

Turn off automatic updates. The first and third update are listed as “Important” updates, yet are NOT automatically selected. There is an “Optional” update ‘Upgrade to Windows 10 Pro’ (no KB number) which IS automatically selected—this may be the middle update listed above.

——————————————————

I still find TrustedInstaller.exe running on my computer when I power up, yet it disappears after a while. This process can NOT be ended via Windows Task Manager. There are also files installed on my computer that cannot be deleted without permission from TrustedInstaller which is above any Administrator and System privileges. These files are in the hidden C:\$Windows.~BT folder.

I hope this info is helpful to you.

Another user states:

I had the exact same issue as all of you.  Once the Windows 10 install files were downloaded, there was no way to change your mind, you’re in the clutches of Windows Update!   Completely ridiculous if you ask me!

Luckily I came up with a solution that worked perfectly for me.  I performed a system restore to the first available date prior to July 29th.  Once my system was restored, I searched for the above installed updates (KB3035583, KB2990214, and KB2952664) and uninstalled them.  After uninstalling, I went back in and “hid” those updates so that they wouldn’t show up when Windows Update would run.
I did all this 2 days ago and my PC is running like a champ as nothing had ever happened!
Hope this helps.

Select the KB3035583 update with a click or a tap and then press the Uninstall button found at the top of the updates list. Confirm that you want to uninstall this update and wait for the process to finish. Then, reboot your device. Now, the “Get Windows 10” app is completely removed from your system.

From Microsoft:
https://support.microsoft.com/en-us/kb/3080351

Autoruns by SysInternal

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and when you start various built-in Windows applications like Internet Explorer, Explorer and media players. These programs and drivers include ones in your startup folder, Run, RunOnce, and other Registry keys. Autoruns reports Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond other autostart utilities.

Autoruns‘ Hide Signed Microsoft Entries option helps you to zoom in on third-party auto-starting images that have been added to your system and it has support for looking at the auto-starting images configured for other accounts configured on a system. Also included in the download package is a command-line equivalent that can output in CSV format, Autorunsc.

You’ll probably be surprised at how many executables are launched automatically!

Screenshot

Autoruns

Usage

Simply run Autoruns and it shows you the currently configured auto-start applications as well as the full list of Registry and file system locations available for auto-start configuration. Autostart locations displayed by Autoruns include logon entries, Explorer add-ons, Internet Explorer add-ons including Browser Helper Objects (BHOs), Appinit DLLs, image hijacks, boot execute images, Winlogon notification DLLs, Windows Services and Winsock Layered Service Providers, media codecs, and more. Switch tabs to view autostarts from different categories.

To view the properties of an executable configured to run automatically, select it and use the Properties menu item or toolbar button. If Process Explorer is running and there is an active process executing the selected executable then the Process Explorer menu item in the Entry menu will open the process properties dialog box for the process executing the selected image.

Navigate to the Registry or file system location displayed or the configuration of an auto-start item by selecting the item and using the Jump to Entry menu item or toolbar button, and navigate to the location of an autostart image.

To disable an auto-start entry uncheck its check box. To delete an auto-start configuration entry use the Delete menu item or toolbar button.

The Options menu includes several display filtering options, such as only showing non-Windows entries, as well as access to a scan options dialog from where you can enable signature verification and Virus Total hash and file submission.

Select entries in the User menu to view auto-starting images for different user accounts.

More information on display options and additional information is available in the on-line help.

Autorunsc Usage

Autorunsc is the command-line version of Autoruns. Its usage syntax is:

Usage: autorunsc [-a <*|bdeghiklmoprsw>] [-c|-ct] [-h] [-m] [-s] [-u] [-vt] [[-z ] | [user]]]

-a Autostart entry selection:
   * All.
   b Boot execute.
   d Appinit DLLs.
   e Explorer addons.
   g Sidebar gadgets (Vista and higher)
   h Image hijacks.
   i Internet Explorer addons.
   k Known DLLs.
   l Logon startups (this is the default).
   m WMI entries.
   n Winsock protocol and network providers.
   o Codecs.
   p Printer monitor DLLs.
   r LSA security providers.
   s Autostart services and non-disabled drivers.
   t Scheduled tasks.
   w Winlogon entries.
-c Print output as CSV.
-c Print output as tab-delimited values.
-h Show file hashes.
-m Hide Microsoft entries (signed entries if used with -v).
-s Verify digital signatures.
-t Show timestamps in normalized UTC (YYYYMMDD-hhmmss).
-u If VirusTotal check is enabled, show files that are unknown by VirusTotal or have non-zero detection, otherwise show only unsigned files.
-x Print output as XML.
-v[rs] Query VirusTotal (www.virustotal.com) for malware based on file hash. Add ‘r’ to open reports for files with non-zero detection. Files reported as not previously scanned will be uploaded to VirusTotal if the ‘s’ option is specified. Note scan results may not be available for five or more minutes.
-vt Before using VirusTotal features, you must accept VirusTotal terms of service. See: https://www.virustotal.com/en/about/terms-of-service/ If you haven’t accepted the terms and you omit this option, you will be interactively prompted.
-z Specifies the offline Windows system to scan.
user Specifies the name of the user account for which autorun items will be shown. Specify ‘*’ to scan all user profiles.

Related Links

  • Windows Internals Book
    The official updates and errata page for the definitive book on Windows internals, by Mark Russinovich and David Solomon.
  • Windows Sysinternals Administrator’s Reference
    The official guide to the Sysinternals utilities by Mark Russinovich and Aaron Margosis, including descriptions of all the tools, their features, how to use them for troubleshooting, and example real-world cases of their use.

Do Macs Need Malware Protection

On the popular Discovery Channel program “Mythbusters,” hosts Adam Savage and Jamie Hyneman take a legend and deconstruct it to see whether its long-held beliefs are legitimate. They’ve busted all kinds of myths, from Jimmy Hoffa being buried under Giants Stadium (not true) to the ability to kill someone without a trace using an ice bullet (the bullet vaporizes as soon as the trigger’s pulled).

One tall tale they haven’t tackled is that Macs are impervious to malware, so you needn’t worry about cybersecurity solutions. Antivirus and anti-malware protection is for the PCs.

We’re here to bust that myth.

Growing trend

Out the gate we can tell you that it’s true, Macs don’t have the same problem with malware as PCs do. One of the main reasons: sheer numbers. Cybercriminals look at the market and see that the vast majority of folks are on PCs, so they concentrate their efforts on creating malware that will result in the largest return on investment.

But the tide is turning. Macs are now responsible for 7.5 percent of global personal computer sales. In the U.S., Apple is one of the top three PC vendors, just behind HP and Dell. And as creative departments grow in corporate environments (from design and content to programming and testing), more and more businesses are adding larger numbers of Macs to their environments.

The popularity of Macs leads to more cybercriminals wanting to write malicious code for OS X. Although still much lower than PCs, the number of threats targeting Apple operating systems has grown steadily, with a spike in Mac infections observed over the last 18 months. A recent study by Bit9 + Carbon Black found that the number of Mac OS X malware samples detected in 2015 was five times greater than in the previous five years combined.

Forms of malware on Macs

Apple security is fairly tight—OS X has a basic built-in anti-malware feature, and if the machine detects a malicious program, it gets added to the signature database. From that point on, that piece of malware can’t be opened on any Mac, unless the user has explicitly disabled security updates. But clearly some malware is getting through. Which forms?

The worst offender is adware. “There are many different adware programs infecting the Mac right now, and they’re in a constant state of flux,” says Thomas Reed, Director of Mac Offerings at Malwarebytes. “Adware-riddled installers are everywhere, and it’s becoming harder and harder to tell where a safe place is to download software.”

Other forms of malware have given Apple the slip, including Potentially Unwanted Programs (PUPs), Info stealers, Trojans, and even ransomware (KeRanger). While these forms of malware are less prevalent, they can still be quite dangerous. KeRanger was downloaded by around 6,500 people within the 12-hour period that it was available. Some of those users had their data completely destroyed.

How are they getting through?

The main way that adware and malware is getting through on Macs these days is through codesigned apps, using a certificate obtained from Apple. The certificate is either stolen or bought and simply treated as disposable, since it costs only $99. Apple can revoke these certificates if they see them being abused, and they do so quickly when they find a new signed malware. However, Apple doesn’t take a particularly hard stand against most adware, which can persist for a long time with the same certificate.

In addition, video and audio streaming sites and piracy sites often dole out adware. Software download sites distribute installers containing adware that has been added without the permission of the developers. Worse, even some developers’ own sites are guilty of bundling adware. For example, the popular Filezilla FTP client installs adware even when downloaded directly from the official site, and the free version of Avast had (and may still have) an ad-injecting feature in its browser extension.

What happens to your Mac after an infection?

Adware is a serious hassle. Injected ads are intrusive and can contain offensive content. They can also slow down your computer’s performance and result in browser destabilization. Malicious ads can even direct you to tech support scams where you can be scammed out of your money or into installing other harmful software.

But that’s not all, Bob! What else have you won? Info stealers can, obviously, steal your info. And in the case of ransomware, data can be totally destroyed with no shot of getting it back.

Final verdict

Myth: Macs are impervious to malware.

Fact: Macs, while less vulnerable than PCs, are assailable. Their security can be penetrated, especially by cybercriminals looking to deliver adware.

So do you really need a security solution for your Mac? “Although the primary threat right now is adware, it’s still a problem of epidemic proportions,” says Reed. “Even knowledgeable Mac users have been known to fall victim to some kind of adware, so it’s no longer true that you can avoid threats by simply being careful what you download.”

With increases in Mac popularity making OS X more appealing for crooks, plus the already considerable onslaught of adware, it makes sense to install an anti-malware program for your Mac. It should catch what OS X misses and restore your Mac’s performance to the high caliber you expect.

Now what other myths can we bust? Can tooth fillings really receive radio waves?