April 19, 2010

Not Protected After All: Antivirus Infections Strike Despite Your Security Software.

Filed under: Computer Performance, Fake Antivirus, Viruses, data recovery — Tags: anti-spyware, anti-virus, antivirus, Antivirus 2009, computer infection, computer recovery, computer security, data recovery, firewall, firewalls, Pro Antivirus, Safe mode, security software, Software, System Antivirus, Ultimate Antivirus, Vista Antivirus, Windows registry, Windows repair, XP Antivirus, XP Antivirus 2008 — admin @ 3:10 pm

You got your polio and whooping cough shots as a kid and you never came down with either of these dreaded diseases.

You might think that your security software on your computer works the same way. You took the preventative measures to avoid the infection, so you should be safe.

But, surprisingly, security software does not always provide the kind of protection to your computer that your childhood vaccines provide to your body’s immune system.

Your anti-virus/anti-spyware programs and firewalls can be made vulnerable through fake antivirus program scams that fool even savvy computer users.  The fake antivirus program scams arrived last year as “XP Antivirus 2008.”  It lives on in many variations, including “Antivirus 2009.” This scam is successful because it cleverly mimics Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, so it’s no wonder so many computer users are confused–and duped!

Here’s how the infection scam works. You get an official looking popup warning or an e-mail message telling you that you are infected. To remedy the situation, you are instructed to click on a link that takes you to a website. Then you are told you need to download software.

As a result, you click on links that generate malicious code or downloads and runs questionable files. You will inadvertently override your own installed protection. In some cases, you will actually disable your protection programs! Even worse, the scam will make it look as if your protection programs are still running, so you will be none the wiser.

Any popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it a fake–and dangerous.

Windows won’t ever alert you of a virus infection.

Getting rid of the code once it has infected your system is quite involved. In our service business, we use a combination of several manual detection and removal processes, along with multiple scanning programs to recover your data. This ensures that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored. We routinely warn novices not to attempt this without help.

Depending upon how long and which version of the malware you have been infected with, you may also need to run a Windows repair after you remove the code. Certain Windows files become corrupted as a side effect.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have. If not, consult a tech savvy friend or a professional. Again, removing this infection so that you don’t re-infect is technically complex and not for the novice.

April 15, 2010

Don’t Fool Around with the F1

Filed under: F1 Scam, Microsoft, Microsoft Security Essentials, Viruses, security advisory — Tags: computer, computer help, computer security, computer service technician, computer services, computer technician., computers, F1, F1 Scam, internet explorer, keep your computer safe, malicious web page, march Microsoft advisory, march Microsoft security advisory, March security advisory, Microsoft, Microsoft advisory, Microsoft Essentials, Microsoft Security, Microsoft Security Essentials, Microsoft virus, Microsoft viruses, security advisory, security services, security virus, security viruses, service technician, snopes, snopes.com, virus, Viruses — admin @ 12:59 pm

It sounds like it couldn’t possibly be true, but Microsoft itself confirms it: pressing F1 on a computer keyboard can actually activate malware for Internet Explorer users.

Microsoft released an advisory March 1, 2010 that warns of the F1 scam.

“Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008. The main impact of the vulnerability is remote code execution. We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time[…] Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.” By: Microsoft TechNet.

With this security issue, a dialog box is displayed by a malicious web page or other Internet site. Then a prompt occurs that urges users to press F1. The prompt often appears repeatedly. When users hit the F1 key, malware can cause malicious code to be run on the user’s computer.

Microsoft admits that there is not a patch for this vulnerability at this time.

If you are online and a site is trying to convince you to press F1, you are advised to simply log off the system. You could also use the Task Manager to kill the Internet Explorer process. Making sure that you have working security software such as Microsoft Essentials is most essential to keeping your computer and information safe.

The F1 scam is currently one of the Hot 25 on the scam-busting website Snopes.com.

Check back for updates on security advisories!  Should you suspect that your computer has been infected with a virus, contact your local computer service technician.

April 8, 2010

Open your eyes when surfing the internet!

Filed under: E-mail, Online Safety, Viruses, Wireless Internet — Tags: computer, computer expert, computer security, computers, cybercrime, Internet, minneapolis, minneapolis minnesota, minneapolis mn, minnesota, open wifi, security, spam e-mail, spam emails, spyware, surfing the internet, surfing the net, virus, Viruses, WiFi — admin @ 2:57 pm

Would you cross the roads with your eyes shut?  Open your eyes when surfing the internet!

Reading the Star Tribune on Sunday, we learned that Minneapolis is now ranked the seventh-riskiest city in America for cybercrime!!  Eeek, now that is hitting a little close to home.  Every day we are hearing or seeing in the news something about a new virus attack or online threat to our computers.  It’s not like all the computers in Minneapolis are going to grow legs and arms to strangle us.

The Minneapolis area does have one of the highest populations of in-home computers and computer users in the nation.  Minneapolis is growing to become known as a very internet savvy city.  Due to this, we are more likely to encounter spyware, spam emails and other viruses.

Keep yourself safe by never fully opening an email, use a preview window to read your messages  (both entourage and outlook allow you to do this), do not log into confidential sites when you are on an open wifi network unless it is secure, and make sure you know what you are downloading before you hit ok.  It’s just like you’re a kid again and your mother is teaching you how to cross the road. Look both ways to ensure that there are not any viruses coming before you begin to access the site and keep looking both ways as you access the site to make sure a virus doesn’t pop up out of nowhere.  If you are nervous or have questions, ask a computer expert. We’re here to help and answer questions.

March 15, 2010

Bug Alert: Am I infected with the April 1st virus (Conficker C)?

Filed under: April Fools Virus, Conficker C, Viruses — Tags: April Foods virus, Conficker C, free checkup, internet worm, virus, virus scan, Viruses — admin @ 11:08 am

An Internet worms known as Conflicker has been in circulation since late 2008.  Also known as the April Fools virus this third generation pest labeled Conficker C is far more dubious than the preview two versions.

Conficker C is so bad due to the it specific design to bypass and disable most security programs and websites.  TO make it worse Conficker C, is extremely good at hiding.  It has been built with the ability to evolve over time and learn how to best hide itself.

So do I have this virus?  Good questions.  Go into your Windows Control Panel and check to see if your automatic updates have been shut off.  If you find that it has been shut off, it doesn’t mean that you are infected, however if you know that it was previously on, you’d be wise to bring it in to do a deeper evaluation.

There are many online instructions on how to remove the virus but you have to have working knowledge of the Windows Registry.  If you don’t have a computer resource available any one of our locations would be available to help.  We provide free checkups to help those with concerns to determine your computer status.

If you wish to try removing it yourself, go to google and type in ‘Conficker C removal’ and you’ll get a large amount of results that may assist you. To watch for updates on viruses and how to prevent them check out the virus blogs.

February 17, 2010

McAfee, Inc. Names Jessica Biel the Most Dangerous Celebrity in Cyberspace

Filed under: Tips, Viruses — Tags: beyonce, cybercriminals, cyberfan, dangerous celebrity, dangerous cyberspace celebrity, dangerous online celebrities, jessical biel, justin timberlake, kim kardashian, lidsay lohan, mcafee, megan fox, miley cyrus, most dangerous celebrities, most dangerous celebrities in cyberspace, scammers, tom brady — admin @ 9:00 am

It’s not just Justin Timberlake who is infatuated with actress Jessica Biel.  The comely starlet is the object of thousands of Internet searches. But the quest for pictures and information pertaining to the actress could leave her cyberfans with a crashed computer. Internet Security Company McAfee, Inc., reported that fans who search for Jessica Biel info, whether as photos, videos or wallpaper, have a one in five chance at getting a nasty surprise–landing at a website that tests positive for adware, spyware, phishing schemes, viruses and the like.

In a culture that is increasingly fascinated with celebrities, cybercriminals use their photos as bait. The scammers latch onto stories and pictures about high profile figures to hook fans, who can inadvertently download malicious software while simply trying to get the latest news about their favorite star. And it appears younger consumers are often the most vulnerable.

Celebrities who have strong appeal to the youth market pepper the list of Most Dangerous Celebrities in Cyberspace. Second to Jessica Biel is Beyonce. Others on the list include Miley Cyrus, Lindsay Lohan, Kim Kardashian, Megan Fox and Tom Brady.

The best advice to avoid the harmful downloads? Play it safe. Avoid sites you’ve never heard of in favor of surfing mainstream websites with a reputation for safety and trustworthiness.

January 25, 2010

Is airline Wi-Fi any good and is it safe?

Filed under: Internet, Tips, Viruses, Wireless Internet — Tags: airline, airline wi-fi, airline wifi, cloud computing, computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, file recovery, Gogo, internet safety, IT, IT department, laptop repair, recovery, repair computer, Row 44, safe airline internet, safe internet, Virtual Private Network, VPN, Wi-Fi, Wi-FI safety, WiFi, wifi safety — admin @ 3:17 pm

In-flight Wi-Fi brings a whole new meaning to the term ‘cloud computing’! In past years, the offerings were expensive, restrictive and inconsistent. But not anymore!

In our experience, speed, reliability and cost have all been reasonable. We’ve tried Gogo and expect Row 44 to be good, too. Just check with your airline before you go to see what is being offered.

Although Wi-Fi on airlines only works above 10,000 feet, the providers and airlines are not currently blocking access to any specific content or websites and are relying on passengers to behave themselves (this could change)!  One exception is voice traffic. The airlines decided that their passengers didn’t want to get stuck next to loud, obnoxious ‘deal makers’ flapping their gums about their latest conquests during these long flights.

Any device that is Wi-Fi enabled and has a browser can make use of the connection:  laptops, Netbooks, smartphones and even the iPod Touch and some handheld gaming systems should work.  You must have a browser in to get past the ‘I Agree’ terms of use gateway page.

As far as safety goes, this shouldn’t be approached any different than any other public Wi-Fi connection.  If you aren’t careful, you could expose your computer to others on the flight, just like in the airport or at a hotel (our column on public Wi-Fi safety is posted here: http://bit.ly/2ldfHp.)

Be very mindful that those in the row behind you can easily see through the gaps in the seats to your screen or lots of folks if you are seated in the aisle seat.  This means you should avoid typing in any sensitive information or websites that will display sensitive information.

As should be expected, if your company requires you to use a VPN (Virtual Private Network) to connect to the company network, you may have problems getting it all to work depending upon how restrictive your IT department has set the VPN to be (check with them before your flight for the best results).

December 28, 2009

Does a backup copy the infection, too?

Filed under: Backup, Viruses — Tags: computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer — admin @ 8:15 am

The simple answer is “It depends upon your backup routine.” Most of today’s malicious code attacks the average computer in one of three main areas: The operating system, software programs or data files.

So, if you execute a typical backup of only the data files, viruses that affect the operating system or software programs (like a browser) will not be included. Moreover, data infectors are in the minority these days because most of the focus for the very sophisticated cyber-gangs is Internet based applications, such as browsers and operating systems that can spread their infection to other computers on the Internet.

If you believe you have a virus or unruly spyware, the real focus in cleaning up your main system should be on your data. Most important, any backup, even an infected one, is better than no backup.  You can always disinfect the backed up files individually or an entire external hard drive.

So, in most cases, here is a basic plan of attack:

Step #1 – Even if you know you have a virus, backup everything that you care about (data, pictures, music, video, favorites, address books, etc.) to an external hard drive or online backup service.

Step #2 – Disconnect the backup unit or internet connection for online backups. Then, go through the disinfection process on your primary hard drive (the steps will vary depending on the type of malicious code).

Step #3 – Once you have verified that your primary drive is clean and that none of your critical data was corrupted as a result of the cleanup, you have two choices: run through the same cleanup procedure on the external drive or wipe it clean and produce a new backup of your clean system (if you are using an online backup service, deleting the infected files from your backup and backing them up again is the most efficient.)

If program or operating system files become corrupted by the disinfection then reinstalling those items from your original disks will put you back in business, HOWEVER, if your data files become corrupted as a result of the disinfection, don’t perform the same cleanup on your backup drive (consult a professional)!

If all of this sounds too complicated, do yourself a favor and keep your security software up-to-date and keep a regular backup going with redundancy and validation.  If that sounds too complicated, consult a professional!

December 11, 2009

Fun holiday tips from Data Doctors

Filed under: Google, Tips, Viruses — Tags: beware of virus', computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, e-commerce, easy recovery, file recovery, Google, hard drive recovery, holiday shopping tips, holiday tips, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, shopping, shopping tips, virus removal — admin @ 7:45 am

As the holidays near, shopping online continues to grow.  Great deals are out there and consumers are more savvy than ever when it comes to online shopping, but there are a few things that you want to watch out for while shopping online.

Sadly the holidays are a big time for virus’ because more people are spending time online, scouring the internet for deals on gifts so hacker’s and virus’ are in full swing as well.  Copycat sites and “cheap deals” are the main sources of virus attacks.

Here are some tips to remember:

Know where you are.

As you shop, try to stick to sites that you are familiar with and are reputable.  Sites like Amazon, Ebay and large retailers, Target, Walmart, etc. have great security on their sites so you are less likely to have to worry.  There are smaller stores who run great deals but be sure you know where your credit card information is going.

Beware of Flogs

The internet is one of the most used resources for finding information and is increasingly becoming a major spot for shopping.  As the e-commerce continues to grow, consumers need to be aware of reviews and what are called flogs.  Flogs are a form of “electronic communication that appears to originate from a credible, non-biased source, but which in fact is created by a company or organization for the purpose of marketing a product, service, or political viewpoint” (Wikipedia).

Flog can appear as consumer reviews and information about great deals, tips of where to shop, etc. but the perception is skewed.  Companies have created these to promote their own products and services, with great reviews no matter what.  The easiest way to decide if a blog is fake or not is to see if the only topic being discussed on the site pertains to only one particular product or service. Most bloggers generate new posts on a regular basis, covering a variety of topics or services.

Check reviews before entering credit card

An easy way is to see what information other consumers have.  Go to Google and type in the name of the store and reviews or the website address and reviews.  If it is a well-known scam site there, other people will be talking about being scammed.

Wifi

Public wifi’s  are a really nice feature when you are out and about, but can cause issues when shopping online.  The fact is that anyone can connect to that same internet that you are using and while not everyone is a hacker there are people out there that have the ability to electronically see what you are doing.  It is not a good idea to enter credit card or other personal information while connected to a public wifi. Another tip is to not have your user ID and passwords saved on web sites as hacker’s will be able to access this information over the public wifi as well.

E-commerce is rapidly growing and a great tool to decrease the amount of time and money spent shopping for the holidays.  Taking care while shopping online will keep that experience positive for you and allow you to continue to utilize the internet.

Safe Shopping!

From Data Doctors in Wayzata, MN

November 10, 2009

Best Antivirus software to use

Filed under: Software, Viruses — Tags: antispyware, antivirus, antivirus program, antivirus software, computer solution, computers, recommended software — admin @ 9:00 am

With all the lurking threats on the Internet, this is one of the most common questions that we field. The answer to this question is very much specific to you and your computer and less about what the various review sites may profess.

We have recommended and used just about every companies’ solution and since virus’ are ever evolving and getting stronger there will continually be better and better software designed to protect. The sad fact is that none of the programs will ever protect you 100% because the virus developers have the upper hand. They have the advantage of being able to ‘reverse-engineer’ the protection programs that are on the market and ‘cook’ their new attacks until they can bypass or evade protection programs.The other problem is that if they can get you to click on or open anything with malicious code embedded, they can disable or bypass your antivirus program.With that being said, you must have antivirus software installed on Windows based computers that are connected to the Internet (Mac users can currently get away without it, but this is likely to change as more users migrate to that side of the fence).

For now here is what we recommend:

Windows is the most attacked operating system because it has the most users by a very wide margin. If you are a hacker and want to exploit the largest number of users, you will always choose to write malware directed at Windows users.

I prefer a solid antivirus program accompanied by a pro-active antispyware program that does what it can from allowing spyware into your computer in the first place. Lots of free programs exist in both the antivirus and antispyware categories, but there is a reason that they are free. It isn’t that they don’t provide good protection; it has more to do with the frequency of updates, lack of support and the active protection against the latest threats.

Technically, most freeware programs vs the pay version of the same program are less powerful generally based on how they attempt to detect malicious code. Most basic program use ‘signature-based’ detection, while more sophisticated programs add behavior-based analysis to better detect newer exploits. There isn’t really a ‘one-size fits all’ solution for every single situation, but in most cases we currently install the antivirus/antispyware combination from Computer Associates. If you can’t wade through all the technical geek-speak when making your decision, consult an expert or someone you trust to review your specific situation for the best results.

October 7, 2009

How did I get infected with Antivirus 2009?

Filed under: Viruses — Tags: antivirus, computer, computer checkup, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, virus removal — admin @ 10:28 am

Even with security software in place, virus infections can occur. Anti-virus/anti-spyware programs as well as firewalls are of no protection if the user of the computer decides to click on links that generate malicious code or download and run questionable files. The user’s interactions can easily override the installed protection and in some cases, actually disable protection programs, but make it look like they are still running.

The fake antivirus program scams actually started last year as “Antivirus 2008” and they were so successful that they live on as many variations including “Antivirus 2009” and most recently, “Personal Anti-Virus Pro.” A clever author of malware discovered a sneaky way to fool folks into installing malicious software into their computers, THEN extract money from them by posing as a legitimate program for removing the malicious software.

The reason that this approach has been so successful is that they very closely mimic Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, which further confuses the uninitiated.

The most common ways to come in contact with this infection include maliciously coded websites that popup a warning message that you are infected, e-mail messages that trick folks into clicking on a link, websites that claim you need to download software in order to see a posted video and links or downloads that are spread through social networking sites such as MySpace and Facebook as well as all of the Instant Messaging systems.

Today, any form of popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you ever see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it to be a fake (Windows, itself won’t ever alert you of a virus infection).Similarly, any website that claims that you need to download a new video program or “codec” in order to view a video should be considered a threat.

Users of file sharing networks are at a high risk of contracting malicious software as it’s often hidden within what appears to be a legitimate program (referred to as a Trojan).The writers of malicious code count on users that are not really paying attention and at this point, they are fooling people by the millions around the Internet. This type of infection is amongst the worst that I have seen in my 20 years of using computers.

Getting rid of the code once it has infected your system can be very involved and is different for the various versions of the infections, so don’t attempt this without help if you are a novice.

Start by identifying the exact version of the malware that you have and placing it in quotation marks followed by the words ‘removal instructions’ in Google (Ex: “Antivirus 2009” removal instructions).

WARNING: There are so many people infected with this family of malware that many new scam programs that claim to specifically clean the code have popped up. Some appear to be free programs that will only scan your system for free, but charge you to remove the code and often they don’t even do that properly.

Since there are so many different variations of this infection, the exact steps are going to be based on the exact version of the malware that you have. In our service business, we use a combination of several manual detection and removal processes (again, based on the exact version of the infection) along with multiple scanning programs to ensure that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have.

If not, consult a tech savvy friend or a professional as removing this infection properly (so that you don’t re-infect) is not for the novice.