April 19, 2010

Not Protected After All: Antivirus Infections Strike Despite Your Security Software.

Filed under: Computer Performance, Fake Antivirus, Viruses, data recovery — Tags: anti-spyware, anti-virus, antivirus, Antivirus 2009, computer infection, computer recovery, computer security, data recovery, firewall, firewalls, Pro Antivirus, Safe mode, security software, Software, System Antivirus, Ultimate Antivirus, Vista Antivirus, Windows registry, Windows repair, XP Antivirus, XP Antivirus 2008 — admin @ 3:10 pm

You got your polio and whooping cough shots as a kid and you never came down with either of these dreaded diseases.

You might think that your security software on your computer works the same way. You took the preventative measures to avoid the infection, so you should be safe.

But, surprisingly, security software does not always provide the kind of protection to your computer that your childhood vaccines provide to your body’s immune system.

Your anti-virus/anti-spyware programs and firewalls can be made vulnerable through fake antivirus program scams that fool even savvy computer users.  The fake antivirus program scams arrived last year as “XP Antivirus 2008.”  It lives on in many variations, including “Antivirus 2009.” This scam is successful because it cleverly mimics Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, so it’s no wonder so many computer users are confused–and duped!

Here’s how the infection scam works. You get an official looking popup warning or an e-mail message telling you that you are infected. To remedy the situation, you are instructed to click on a link that takes you to a website. Then you are told you need to download software.

As a result, you click on links that generate malicious code or downloads and runs questionable files. You will inadvertently override your own installed protection. In some cases, you will actually disable your protection programs! Even worse, the scam will make it look as if your protection programs are still running, so you will be none the wiser.

Any popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it a fake–and dangerous.

Windows won’t ever alert you of a virus infection.

Getting rid of the code once it has infected your system is quite involved. In our service business, we use a combination of several manual detection and removal processes, along with multiple scanning programs to recover your data. This ensures that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored. We routinely warn novices not to attempt this without help.

Depending upon how long and which version of the malware you have been infected with, you may also need to run a Windows repair after you remove the code. Certain Windows files become corrupted as a side effect.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have. If not, consult a tech savvy friend or a professional. Again, removing this infection so that you don’t re-infect is technically complex and not for the novice.

November 10, 2009

Best Antivirus software to use

Filed under: Software, Viruses — Tags: antispyware, antivirus, antivirus program, antivirus software, computer solution, computers, recommended software — admin @ 9:00 am

With all the lurking threats on the Internet, this is one of the most common questions that we field. The answer to this question is very much specific to you and your computer and less about what the various review sites may profess.

We have recommended and used just about every companies’ solution and since virus’ are ever evolving and getting stronger there will continually be better and better software designed to protect. The sad fact is that none of the programs will ever protect you 100% because the virus developers have the upper hand. They have the advantage of being able to ‘reverse-engineer’ the protection programs that are on the market and ‘cook’ their new attacks until they can bypass or evade protection programs.The other problem is that if they can get you to click on or open anything with malicious code embedded, they can disable or bypass your antivirus program.With that being said, you must have antivirus software installed on Windows based computers that are connected to the Internet (Mac users can currently get away without it, but this is likely to change as more users migrate to that side of the fence).

For now here is what we recommend:

Windows is the most attacked operating system because it has the most users by a very wide margin. If you are a hacker and want to exploit the largest number of users, you will always choose to write malware directed at Windows users.

I prefer a solid antivirus program accompanied by a pro-active antispyware program that does what it can from allowing spyware into your computer in the first place. Lots of free programs exist in both the antivirus and antispyware categories, but there is a reason that they are free. It isn’t that they don’t provide good protection; it has more to do with the frequency of updates, lack of support and the active protection against the latest threats.

Technically, most freeware programs vs the pay version of the same program are less powerful generally based on how they attempt to detect malicious code. Most basic program use ‘signature-based’ detection, while more sophisticated programs add behavior-based analysis to better detect newer exploits. There isn’t really a ‘one-size fits all’ solution for every single situation, but in most cases we currently install the antivirus/antispyware combination from Computer Associates. If you can’t wade through all the technical geek-speak when making your decision, consult an expert or someone you trust to review your specific situation for the best results.

November 9, 2009

32 bit vs. 64 bit Windows 7

Filed under: PC, Software, Windows 7 — Tags: antivirus, computer, computer repair, computer service, computer software, laptop repair, recover my files, software upgrades, Windows 7, windows vista, windows vista upgrade, windows xp upgrade — admin @ 2:16 pm

Before you get too hyped up on the 64-bit revolution, let’s make sure you aren’t “buying a car based on the tachometer”. Without question, the future of personal computing is in the 64-bit realm.  64-bit processors and operating systems have been out for quite a long time, but primarily only useful to very knowledgeable techies that had specific tasks they needed to address (such as video editing, computer aided design, graphic design or gaming).

Here is why we view 64-bit computing in the late stages of the leading edge:

• 64-bit Operating Systems require 64-bit processors
• To take full advantage of the 64-bit platform, you must also have 64-bit applications, which are few and far between for the casual computer user
• You must have 64-bit drivers for all of your hardware and peripherals (forget about support for really old components, printers, scanners, etc.)
• You must have 64-bit Anti-Virus software & other vital security software
• You’re wasting your time if you don’t have more than 3 Gb of RAM (and actually 4-8 Gb to really make it worthwhile)
• You must be willing to put up with companies that are still trying to get their drivers and software compatible with 64-bit operating systems (which, thanks to Vista, is becoming much less of an issue)

While having a 64-bit operating system can be viewed as ‘future-proofing’, the question you have to ask yourself is: are you willing to take the chance of compatibility problems to be ready for the future? (iTunes seems to be a common configuration issue for many 64-bit converts on Internet forums.)

For most folks, seeing any appreciable difference between a 32-bit & 64-bit system while surfing the Internet, checking e-mail & writing letters is likely to be slim to none.  None of the ‘average user’ tasks really stress a properly configured 32-bit system.  With all the 64-bit hype, too many users are improperly blaming the ’32-bit limitation’ as the reason why their computers are running so slow.

The reality is that most folks don’t properly maintain their computers and are inundated with unnecessary programs, hidden malware and cheap hardware (that wouldn’t have a prayer of running a 64-bit OS anyway!) If you just have to have 64 Bit Windows 7 watch out for the Upgrade gotcha. 32 Bit Vista does not upgrade to 64 Bit Windows 7! To go from 32 to 64 you must do a clean reinstall.

In review, 64-bit is absolutely the way to go if you can verify your hardware, peripherals, drivers and programs are all compatible with a 64-bit environment.  If you are technically incapable of determining these things, too lazy to do the homework or don’t want to have to wipe out your existing Windows Vista installation, stick to the 32-bit version (or consult a knowledgeable professional).

October 7, 2009

How did I get infected with Antivirus 2009?

Filed under: Viruses — Tags: antivirus, computer, computer checkup, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, virus removal — admin @ 10:28 am

Even with security software in place, virus infections can occur. Anti-virus/anti-spyware programs as well as firewalls are of no protection if the user of the computer decides to click on links that generate malicious code or download and run questionable files. The user’s interactions can easily override the installed protection and in some cases, actually disable protection programs, but make it look like they are still running.

The fake antivirus program scams actually started last year as “Antivirus 2008” and they were so successful that they live on as many variations including “Antivirus 2009” and most recently, “Personal Anti-Virus Pro.” A clever author of malware discovered a sneaky way to fool folks into installing malicious software into their computers, THEN extract money from them by posing as a legitimate program for removing the malicious software.

The reason that this approach has been so successful is that they very closely mimic Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, which further confuses the uninitiated.

The most common ways to come in contact with this infection include maliciously coded websites that popup a warning message that you are infected, e-mail messages that trick folks into clicking on a link, websites that claim you need to download software in order to see a posted video and links or downloads that are spread through social networking sites such as MySpace and Facebook as well as all of the Instant Messaging systems.

Today, any form of popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you ever see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it to be a fake (Windows, itself won’t ever alert you of a virus infection).Similarly, any website that claims that you need to download a new video program or “codec” in order to view a video should be considered a threat.

Users of file sharing networks are at a high risk of contracting malicious software as it’s often hidden within what appears to be a legitimate program (referred to as a Trojan).The writers of malicious code count on users that are not really paying attention and at this point, they are fooling people by the millions around the Internet. This type of infection is amongst the worst that I have seen in my 20 years of using computers.

Getting rid of the code once it has infected your system can be very involved and is different for the various versions of the infections, so don’t attempt this without help if you are a novice.

Start by identifying the exact version of the malware that you have and placing it in quotation marks followed by the words ‘removal instructions’ in Google (Ex: “Antivirus 2009” removal instructions).

WARNING: There are so many people infected with this family of malware that many new scam programs that claim to specifically clean the code have popped up. Some appear to be free programs that will only scan your system for free, but charge you to remove the code and often they don’t even do that properly.

Since there are so many different variations of this infection, the exact steps are going to be based on the exact version of the malware that you have. In our service business, we use a combination of several manual detection and removal processes (again, based on the exact version of the infection) along with multiple scanning programs to ensure that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have.

If not, consult a tech savvy friend or a professional as removing this infection properly (so that you don’t re-infect) is not for the novice.