April 19, 2010

Not Protected After All: Antivirus Infections Strike Despite Your Security Software.

Filed under: Computer Performance, Fake Antivirus, Viruses, data recovery — Tags: anti-spyware, anti-virus, antivirus, Antivirus 2009, computer infection, computer recovery, computer security, data recovery, firewall, firewalls, Pro Antivirus, Safe mode, security software, Software, System Antivirus, Ultimate Antivirus, Vista Antivirus, Windows registry, Windows repair, XP Antivirus, XP Antivirus 2008 — admin @ 3:10 pm

You got your polio and whooping cough shots as a kid and you never came down with either of these dreaded diseases.

You might think that your security software on your computer works the same way. You took the preventative measures to avoid the infection, so you should be safe.

But, surprisingly, security software does not always provide the kind of protection to your computer that your childhood vaccines provide to your body’s immune system.

Your anti-virus/anti-spyware programs and firewalls can be made vulnerable through fake antivirus program scams that fool even savvy computer users.  The fake antivirus program scams arrived last year as “XP Antivirus 2008.”  It lives on in many variations, including “Antivirus 2009.” This scam is successful because it cleverly mimics Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, so it’s no wonder so many computer users are confused–and duped!

Here’s how the infection scam works. You get an official looking popup warning or an e-mail message telling you that you are infected. To remedy the situation, you are instructed to click on a link that takes you to a website. Then you are told you need to download software.

As a result, you click on links that generate malicious code or downloads and runs questionable files. You will inadvertently override your own installed protection. In some cases, you will actually disable your protection programs! Even worse, the scam will make it look as if your protection programs are still running, so you will be none the wiser.

Any popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it a fake–and dangerous.

Windows won’t ever alert you of a virus infection.

Getting rid of the code once it has infected your system is quite involved. In our service business, we use a combination of several manual detection and removal processes, along with multiple scanning programs to recover your data. This ensures that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored. We routinely warn novices not to attempt this without help.

Depending upon how long and which version of the malware you have been infected with, you may also need to run a Windows repair after you remove the code. Certain Windows files become corrupted as a side effect.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have. If not, consult a tech savvy friend or a professional. Again, removing this infection so that you don’t re-infect is technically complex and not for the novice.

January 25, 2010

Is airline Wi-Fi any good and is it safe?

Filed under: Internet, Tips, Viruses, Wireless Internet — Tags: airline, airline wi-fi, airline wifi, cloud computing, computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, file recovery, Gogo, internet safety, IT, IT department, laptop repair, recovery, repair computer, Row 44, safe airline internet, safe internet, Virtual Private Network, VPN, Wi-Fi, Wi-FI safety, WiFi, wifi safety — admin @ 3:17 pm

In-flight Wi-Fi brings a whole new meaning to the term ‘cloud computing’! In past years, the offerings were expensive, restrictive and inconsistent. But not anymore!

In our experience, speed, reliability and cost have all been reasonable. We’ve tried Gogo and expect Row 44 to be good, too. Just check with your airline before you go to see what is being offered.

Although Wi-Fi on airlines only works above 10,000 feet, the providers and airlines are not currently blocking access to any specific content or websites and are relying on passengers to behave themselves (this could change)!  One exception is voice traffic. The airlines decided that their passengers didn’t want to get stuck next to loud, obnoxious ‘deal makers’ flapping their gums about their latest conquests during these long flights.

Any device that is Wi-Fi enabled and has a browser can make use of the connection:  laptops, Netbooks, smartphones and even the iPod Touch and some handheld gaming systems should work.  You must have a browser in to get past the ‘I Agree’ terms of use gateway page.

As far as safety goes, this shouldn’t be approached any different than any other public Wi-Fi connection.  If you aren’t careful, you could expose your computer to others on the flight, just like in the airport or at a hotel (our column on public Wi-Fi safety is posted here: http://bit.ly/2ldfHp.)

Be very mindful that those in the row behind you can easily see through the gaps in the seats to your screen or lots of folks if you are seated in the aisle seat.  This means you should avoid typing in any sensitive information or websites that will display sensitive information.

As should be expected, if your company requires you to use a VPN (Virtual Private Network) to connect to the company network, you may have problems getting it all to work depending upon how restrictive your IT department has set the VPN to be (check with them before your flight for the best results).

December 28, 2009

Does a backup copy the infection, too?

Filed under: Backup, Viruses — Tags: computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer — admin @ 8:15 am

The simple answer is “It depends upon your backup routine.” Most of today’s malicious code attacks the average computer in one of three main areas: The operating system, software programs or data files.

So, if you execute a typical backup of only the data files, viruses that affect the operating system or software programs (like a browser) will not be included. Moreover, data infectors are in the minority these days because most of the focus for the very sophisticated cyber-gangs is Internet based applications, such as browsers and operating systems that can spread their infection to other computers on the Internet.

If you believe you have a virus or unruly spyware, the real focus in cleaning up your main system should be on your data. Most important, any backup, even an infected one, is better than no backup.  You can always disinfect the backed up files individually or an entire external hard drive.

So, in most cases, here is a basic plan of attack:

Step #1 – Even if you know you have a virus, backup everything that you care about (data, pictures, music, video, favorites, address books, etc.) to an external hard drive or online backup service.

Step #2 – Disconnect the backup unit or internet connection for online backups. Then, go through the disinfection process on your primary hard drive (the steps will vary depending on the type of malicious code).

Step #3 – Once you have verified that your primary drive is clean and that none of your critical data was corrupted as a result of the cleanup, you have two choices: run through the same cleanup procedure on the external drive or wipe it clean and produce a new backup of your clean system (if you are using an online backup service, deleting the infected files from your backup and backing them up again is the most efficient.)

If program or operating system files become corrupted by the disinfection then reinstalling those items from your original disks will put you back in business, HOWEVER, if your data files become corrupted as a result of the disinfection, don’t perform the same cleanup on your backup drive (consult a professional)!

If all of this sounds too complicated, do yourself a favor and keep your security software up-to-date and keep a regular backup going with redundancy and validation.  If that sounds too complicated, consult a professional!

December 11, 2009

Fun holiday tips from Data Doctors

Filed under: Google, Tips, Viruses — Tags: beware of virus', computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, e-commerce, easy recovery, file recovery, Google, hard drive recovery, holiday shopping tips, holiday tips, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, shopping, shopping tips, virus removal — admin @ 7:45 am

As the holidays near, shopping online continues to grow.  Great deals are out there and consumers are more savvy than ever when it comes to online shopping, but there are a few things that you want to watch out for while shopping online.

Sadly the holidays are a big time for virus’ because more people are spending time online, scouring the internet for deals on gifts so hacker’s and virus’ are in full swing as well.  Copycat sites and “cheap deals” are the main sources of virus attacks.

Here are some tips to remember:

Know where you are.

As you shop, try to stick to sites that you are familiar with and are reputable.  Sites like Amazon, Ebay and large retailers, Target, Walmart, etc. have great security on their sites so you are less likely to have to worry.  There are smaller stores who run great deals but be sure you know where your credit card information is going.

Beware of Flogs

The internet is one of the most used resources for finding information and is increasingly becoming a major spot for shopping.  As the e-commerce continues to grow, consumers need to be aware of reviews and what are called flogs.  Flogs are a form of “electronic communication that appears to originate from a credible, non-biased source, but which in fact is created by a company or organization for the purpose of marketing a product, service, or political viewpoint” (Wikipedia).

Flog can appear as consumer reviews and information about great deals, tips of where to shop, etc. but the perception is skewed.  Companies have created these to promote their own products and services, with great reviews no matter what.  The easiest way to decide if a blog is fake or not is to see if the only topic being discussed on the site pertains to only one particular product or service. Most bloggers generate new posts on a regular basis, covering a variety of topics or services.

Check reviews before entering credit card

An easy way is to see what information other consumers have.  Go to Google and type in the name of the store and reviews or the website address and reviews.  If it is a well-known scam site there, other people will be talking about being scammed.

Wifi

Public wifi’s  are a really nice feature when you are out and about, but can cause issues when shopping online.  The fact is that anyone can connect to that same internet that you are using and while not everyone is a hacker there are people out there that have the ability to electronically see what you are doing.  It is not a good idea to enter credit card or other personal information while connected to a public wifi. Another tip is to not have your user ID and passwords saved on web sites as hacker’s will be able to access this information over the public wifi as well.

E-commerce is rapidly growing and a great tool to decrease the amount of time and money spent shopping for the holidays.  Taking care while shopping online will keep that experience positive for you and allow you to continue to utilize the internet.

Safe Shopping!

From Data Doctors in Wayzata, MN

October 7, 2009

How did I get infected with Antivirus 2009?

Filed under: Viruses — Tags: antivirus, computer, computer checkup, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, virus removal — admin @ 10:28 am

Even with security software in place, virus infections can occur. Anti-virus/anti-spyware programs as well as firewalls are of no protection if the user of the computer decides to click on links that generate malicious code or download and run questionable files. The user’s interactions can easily override the installed protection and in some cases, actually disable protection programs, but make it look like they are still running.

The fake antivirus program scams actually started last year as “Antivirus 2008” and they were so successful that they live on as many variations including “Antivirus 2009” and most recently, “Personal Anti-Virus Pro.” A clever author of malware discovered a sneaky way to fool folks into installing malicious software into their computers, THEN extract money from them by posing as a legitimate program for removing the malicious software.

The reason that this approach has been so successful is that they very closely mimic Windows warning screens and legitimate antivirus programs. Virtually every legitimate antivirus company has a product called Antivirus 2009, which further confuses the uninitiated.

The most common ways to come in contact with this infection include maliciously coded websites that popup a warning message that you are infected, e-mail messages that trick folks into clicking on a link, websites that claim you need to download software in order to see a posted video and links or downloads that are spread through social networking sites such as MySpace and Facebook as well as all of the Instant Messaging systems.

Today, any form of popup or error message that refers to Antivirus 2008 or 2009 (including System Antivirus, Ultimate Antivirus, Vista Antivirus, Pro Antivirus or XP Antivirus followed by a number) should be considered extremely suspicious. If you ever see any reference to a virus that is not specifically from the product that you have installed in your computer for protection, you should consider it to be a fake (Windows, itself won’t ever alert you of a virus infection).Similarly, any website that claims that you need to download a new video program or “codec” in order to view a video should be considered a threat.

Users of file sharing networks are at a high risk of contracting malicious software as it’s often hidden within what appears to be a legitimate program (referred to as a Trojan).The writers of malicious code count on users that are not really paying attention and at this point, they are fooling people by the millions around the Internet. This type of infection is amongst the worst that I have seen in my 20 years of using computers.

Getting rid of the code once it has infected your system can be very involved and is different for the various versions of the infections, so don’t attempt this without help if you are a novice.

Start by identifying the exact version of the malware that you have and placing it in quotation marks followed by the words ‘removal instructions’ in Google (Ex: “Antivirus 2009” removal instructions).

WARNING: There are so many people infected with this family of malware that many new scam programs that claim to specifically clean the code have popped up. Some appear to be free programs that will only scan your system for free, but charge you to remove the code and often they don’t even do that properly.

Since there are so many different variations of this infection, the exact steps are going to be based on the exact version of the malware that you have. In our service business, we use a combination of several manual detection and removal processes (again, based on the exact version of the infection) along with multiple scanning programs to ensure that all potential re-infection avenues (temp files, restore points, modified dll files, etc.) have been removed or restored.

If you know how to work with the Windows registry, operate in Safe Mode and have a current backup of your critical files, you should be able to find instructions online for removing the exact version of the infection that you have.

If not, consult a tech savvy friend or a professional as removing this infection properly (so that you don’t re-infect) is not for the novice.

October 5, 2009

Dropped my phone in water, ugh!

Filed under: Tips, mobile — Tags: battery, computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, phone recovery, recover files, recover my files, recovery, recovery software, repair computer — admin @ 7:34 am

Ker-plunk. There goes my phone, down into the dark depths of the lake, a burial of yet another phone costing me hundreds of dollars. Wouldn’t it be nice if there was something that I could do to attempt lifesaving measures on this electronic device?

The first thing to do is turn the phone off and take out the battery (iPhone users don’t have the battery removal option, so turning it off is critical.) The biggest mistake that’s made in these panic situations is repeatedly trying to get the device to power up hoping that everything will be ok; each attempt could be your last!

Your best chances of recovery will be to not turn it back on until you are absolutely certain that all of the moisture has been removed or has evaporated – this could take days.

October 2, 2009

Am I really safe using public WiFi?

Filed under: Online Safety, Wireless Internet — Tags: computer, computer recovery, computer repair, computer service, computer services, computer stores, computer support, computers, data recovery, data recovery software, disk recovery, easy recovery, file recovery, hard drive recovery, laptop repair, partition recovery, recover files, recover my files, recovery, recovery software, repair computer, WiFi — admin @ 7:12 am

How many times have you logged onto public WiFi and wondered if you’re safe and secure? In order to intercept your transmissions, a hacker would have to install special software called a ‘packet sniffer’ which secretly copies unsecured packets transmitted on the same network or create a ‘man-in-the-middle’ exploit to trick you into connecting directly to their computer instead of a wifi access point.

Packet sniffers are readily available on the Internet and any motivated 14-year old could figure out how to use one, but that doesn’t mean that everyone around you has one.

The other issue is that even if someone can see what website you are surfing while you are at the airport, no harm is done unless you access your e-mail account, an online banking site or other normally secured resources on the Internet.

Secured sites on the Internet will show up as ‘https:’ instead of ‘http’. If you need to type sensitive information into your computer while on public WiFi, make sure you are doing it on a page that has the ‘https:’ prefix so that your transmissions are being encrypted.

Sadly, many web-based e-mail systems have a secured login page, but once you get past the login, the rest of the pages are not secured. The easiest way to tell if your webmail system is secure at all times is to log in, then go to your Inbox and see if the ‘https:’ remained in the URL.

If your webmail does not encrypt pages after the login screen, then you need to think twice about using it on public wifi networks without adding additional security software, such as VPN – Virtual Private Network software (more on this later).

To avoid the ‘man-in-the-middle’ attack, be very careful to look at the icon next to each available connection when you are attempting to connect to a wifi network. A fake wifi connection will appear as two computers instead of something that looks like an antenna.

Overall, you are pretty safe using a public wifi. Just remember to watch what you click and don’t go into confidential files without a secure login while you are public.