The Download Blog

The feature-rich versions of popular security program AVG have been updated, with AVG Technologies claiming faster scan times, faster boot times, and other under-the-hood improvements. While version 8 introduced a consolidated product line, making those features work better together takes the attention of AVG Internet Security 9 and AVG Anti-Virus 9.

AVG 9--photos

AVG is making some bold claims for these updates. The company is touting scan times that are "up to 50 percent" faster, based on marking files safe until their file structure changes, and boot times that are "10 to 15 percent" faster. Memory usage is also expected to be "10 to 15 percent" better, as well. The built-in firewall, available only in the Internet Security version, uses a new database for automatically determining if certain programs are safe to access the Internet without user input. This trusted database, called TrustedDB by AVG, should be less intrusive by querying for user input 50 percent less often than in the previous version, says AVG. Also, the installation process has been shortened from 22 screens to 11.

There are few wholly new features available in version 9, but an interesting one is the Identity Theft Recovery Unit. Included in AVG Anti-Virus and AVG Free, but only for users in the United States, ITRU is a business partnership with Identity Guard which provides "consumer identity theft solutions." Accessible only from the browser toolbar, which only works in Firefox or Internet Explorer, the service provides "a dedicated identity theft recovery unit with fraud experts," to assist handling, getting and analysing a credit report, enrolling in credit file monitoring, and offering report-filing support.

In hands-on testing last week, I found AVG to be relatively easy to navigate around, although the interface could be simpler. When you click on one of the items in the main window, you must double-click on one of the features to access more information on it. A single click, or even a mouse-over pop-up, would make the experience faster. Before I even ran my first scan, AVG detected icons associated with Pidgin as threats.

AVG 9 looks very similar to AVG 8. Most of the changes are under the hood.

(Credit: Screenshot by Seth Rosenblatt/CNET)

Double-checking them against Avira and McAfee revealed those detections as false positives, and when I finally ran the Fast Scan it took longer than 20 minutes. That doesn't compare favorably to competitors, some of which can complete a first Fast Scan in around 60 seconds. I was also surprised to find that Mozilla Thunderbird was not automatically approved to go through the firewall, despite the new firewall trusted database. While the installation process offers to install the browser toolbar for you, it doesn't seem possible to opt out during the installation and then install it later from the AVG interface, a strange oversight.

AVG Internet Security 9 is available for $49.99, and AVG Anti-Virus costs $34.99. Both come with a one-year license and a 30-day trial, although AVG Anti-Virus lacks the firewall, identity protection, antispam, and system tools that come in AVG Internet Security. Fans of the free version of AVG 9 will have to wait a bit longer, as AVG always delays the release of Free until after the full suites have been made public.

Compromised computers that send spam as part of their regular botnet activity increased dramatically in September, according to a Symantec study (PDF) released Monday.

The Symantec report follows a study from MessageLabs also illustrating the increased use of automated spam relays.

After seeing a 37 percent drop in botnet-related spam for August, Symantec reported a 101 percent increase in September. The growth appears to be focused in Europe, the Middle East, and Asia, with South Korea experiencing the largest increase at 4,236 percent. It was followed by Kazakhstan (761 percent), Romania (607 percent), Saudi Arabia (555 percent), and Vietnam (540 percent).

Compromised PCs sending spam had been part of the background noise until recently, when their usage surged in September.

(Credit: Symantec)

In looking for a reason behind the one-month increase, Symantec speculated it had something to do with the increase in e-mail with sensationalistic news headlines that included links to downloadable malware. These include malicious spam campaigns emulating e-mail from CNN and MSNBC.

Turkey topped the list of countries hosting spam-sending compromised PCs, responsible for 12 percent of such traffic, according to Symantec. It was followed by Brazil (9 percent), Russia (8 percent), the U.S. (6 percent), India (6 percent), China (6 percent), Germany (5 percent), Argentina (4 percent), Poland (4 percent), and Thailand (3 percent).

Like my colleague, CNET News' Caroline McCarthy, I've noticed a worrisome uptick in the amount of spam splatting against my Facebook Wall. It also nestles into my in-box in the form of a courtesy e-mail message prompting me to read my Wall.

While Facebook seems to have internal methods to resolve the malicious spam that has hijacked my friends' accounts, the only other recourse they offer is to update your antivirus software against an attack. That's too late. You want to block it before it ever drops its malware payload, and that means installing software that's designed to sniff your links.

If you see this on your Facebook Wall, delete it or report it; just don't click it.

(Credit: CNET Networks)

I'll admit to being tricked the first time I read a Facebook Wall spam message, and clicked the link. My surfing path was immediately blocked by Firefox 3 and McAfee Site Advisor (for Firefox and Internet Explorer). While we don't recommend chasing down viruses to test the efficacy of your antivirus or privacy software, it was heartening to see the security features on these apps work as advertised. Grisoft's LinkScanner Lite and LinkScanner Pro are also very good at alerting you to perilous Web pages, though Firefox users should know it is not yet compatible with Firefox 3.

On Sunday, I had an e-mail alert about someone writing on my Facebook wall--a college acquaintance with whom I hadn't spoken in quite some time. As it turns out, I was a victim of "wall spam," a recent phenomenon on Facebook in which automated spam posts show up on members' message walls. It's similar to a wave of profile spam that swept News Corp.'s MySpace a few years ago.

The message in question read, "Some thinks you are special and has a hot^crush on you. Find out who it could be!! ;)" with a link to a Flash file claiming to be hosted on the imageshack.us domain.

But by the time I navigated to my Facebook profile to get rid of the spammy (and possibly virus-ridden) message--within an hour or two of the notification showing up in the first place--the wall post was gone. This means one of either two things: someone else saw the message on my profile and flagged it, or Facebook is actively policing the site to keep it under control, probably by searching for duplicates of a known spam message.

Of course, an hour or two is still a big enough frame of time for people to click on the link and get their computers loaded with some nasty new malware.

I've asked Facebook for comment on exactly what their strategy is and whether any members' login credentials are getting compromised by this spam or virus. I'll update when I hear back.

"Wall spam" rose to notoriety earlier this month, when members started noticing the phenomenon, and security firms started flagging worms that were spreading via Facebook members' walls and installing malware when a link in the message was clicked. The company has recommended antivirus fixes and says it's acting fast.

The Silicon Alley Insider reported earlier this month that Facebook had been deactivating links in identified spam posts; removing the posts entirely is a more aggressive measure.

"If we get a report of a bug or a hole from a user, a security researcher, a reporter, blogger, or anyone, we check it out and fix it as quickly as possible," Facebook security chair Max Kelly wrote several weeks ago on the company blog in response to another virus. "In fact, we appreciate it when help comes our way from the many security experts and organizations out there."

I've been very popular on Twitter lately. Too bad it's not personal. Many subscribers seem to be gaining more attention than they've earned, and probably a good deal more than they want.

This past month has seen a surge in Twitter spam, subscriptions from followers who have created faux accounts to advertise their links or wares. The noticeable uptick has alarmed the blogosphere enough to warrant journalistic notice, off the record in intra-office chatter and on it. The disingenuous among my own modest list of followers don't appear to be peddling anything other than URLs, but it matters little. I have declared them a nuisance. The squatters must go.

These 'people' are not my friends.

(Credit: CNET Networks)

Unlike Facebook, which requires dual authentication before friends make it onto the social roster, Twitter attachments can be single-sided. I've never had reason to block anyone before, but scooping off the scattered scum is proving more tedious than it should. From the list of followers on Twitter.com there is the option to subscribe to a user's updates or to block them. Blocking one user resets the follower list, putting you back at the starting point of your multipage count. That's fine if all your new "pals" cluster on Page 1, but crummy if they're spread between Pages 4, 7, and 10. Simple pagination would simplify the task, as would the ability to batch process blocking.

Up until about a week ago, Twitter's API was itself the meta-blocker of a different sort, barring developers from building the rejection feature into third-party services. Now the capability is turned on, Twitter co-founder Biz Stone confirmed, though documentation won't be broadly shared until "some time next week." At that point, third-party services like Twhirl, a desktop client that adds all sorts of goodies to the Twitter experience, would be able to let users block stalkers by hovering over their icons from a scrolling interface.

For a service this popular, better native blocking tools should be a no-brainer. Hopefully they will be before the spam really catches on. In the meantime, you can at least pick out the fictitious followers using Twitter Twerp Scan, an app we learned about from DownloadSquad. Twitter Twerp Scan quickly calculates the ratio of friends to followers for each of your fans. Subscribers with high ratios follow many more tweeters, but are not followed in turn. The raked popularity count makes them likely spammers who you don't have to feel guilty about cutting out.

On Wednesday, the Danish security company BullGuard announced it will offer its spam filter product as a free download. The BullGuard Spamfilter (download) integrates with Microsoft Outlook, Outlook Express, Windows Mail, and Mozilla Thunderbird e-mail clients. It runs on Windows 2000, XP, and Vista.

The BullGuard product relies upon fellow users to identify spam; once e-mail is marked as spam, all other Spamfilter users will no longer receive that e-mail in their in-boxes. It will be available within the spam folder instead.

According to Google's Postini, 2007 saw record spam levels, with as much as 90 percent of all e-mail traffic being unsolicited spam.

In addition to providing the free software, BullGuard is also offering Spamfilter users free, live 24-7 technical support.

My father's Motorola E815 from Verizon is suffering chronic SMS, or text message, spam. At first, the unwanted messages trickled in--religious messages with pictures of saints one time, pharmaceutical marketing another. Then the spam rate escalated. After one spammy text message yesterday and two this morning, Dad decided he wanted out.

Carriers let you block messages, but won't filter spam.

(Credit: CNET Networks)

"Out" in his case, and in the case of most North American mobile phone users, is as much about the phone bill as it is receiving unwanted texts. Service providers like Verizon and T-Mobile charge for inbound and outbound SMS activity, either per message, generally 10 cents to 15 cents per outgoing text message, or as part of a larger service, usually between $5 and $10 more per month depending on the plan. Data downloads cost extra too, so spam texts with image attachments ratchet up the bill. "This was becoming an expensive habit," says Dad.

The kicker, of course, is that it's not his habit.... Read more