AntiMalware
Rogue AV Prevention
Feb 3rd
Do to the alarming number of PCs being infected by Rogue Anti Virus applications I feel the need to talk about the steps required to prevent infection. The common denominator of infected systems that we receive is a complete lack of updates. Updates are your most important defense against the current set of Rogue AV applications. You not only need to do the Windows updates but also all your third party updates. Third party updates include things like Adobe Flash and Reader which have been common vectors of infection. I highly recommend www.filehippo.com and their free update checker at http://www.filehippo.com/updatechecker/ The update checker scans your system and compares your installed applications against their list of down-loadable programs. The application is very lightweight and will alert you whenever an update is available for download.
Windows releases updates every month on Patch Tuesday which is the 2nd Tuesday of the month. We always post a complete list of the current updates and link to other sites with Patch Tuesday info.
Rogue Antispyware at http://rogueantispyware.blogspot.com/ is an excellent source for info about the latest Rogue applications.
The main thing to keep in mind about these new breed of Rogue AV programs is there ability to download more viruses. I have found Trojan Down-loaders on all the Rogue infected PCs that have come in lately. The best thing to do after infection is to disconnect from the network immediately and use another PC to download virus removal tools. The longer your infected PC stays running and connected to the network, the worse the infection will become.
The following steps will help prevent infection.
Make sure you do all your updates, both Windows and Third Party updates.
Run a current updated Anti Virus/Anti Spy-ware application like Sunbelt Vipre
Use a browser like Firefox instead of Microsoft Internet Explorer. I only use Internet Explorer to access sites that still require it.
If you get infected, unplug the network cable immediately and use another PC to download your removal tools. Keep in mind that if you get in over your head, you should call your local computer repair specialist . Sometimes going it alone and trying to repair your PC can actually make it harder for the repair shop to fix the problem later.
So before you head on over to your favorite website, do your updates.
Don’t be an update slacker… oh yeah and have a great day 
Check out our Amazon Mac Store Amazon Mac Store
Free Stuff and Great Deals http://rootaid.com/deals/
Follow Me on Twitter http://twitter.com/scccpj
Follow me on Facebook http://www.facebook.com/home.php?ref=home#/pages/Port-Jervis-NY/Clark-Computer-Consulting/133104913979?ref=ts
Use the following link to get an extra 250MB of storage when you sign up for Dropbox. https://www.getdropbox.com/referrals/NTEyODQxMjE5
Is Microsoft Security Essentials essential?
Oct 1st
Is the new free Microsoft Security Essentials really a good thing? Lets see what others are saying and then Ill give my 2 cents.
The ESET Blog had this post
http://www.eset.com/threat-center/blog/2009/09/30/microsoft-security-essential
Symantec post from Sept 29th read: Microsoft Security Essentials: “Reruns” Aren’t Just for TV Anymore
Stress Testing Microsoft’s Free Anti-virus Offering from the Washington Post Security Fix
http://voices.washingtonpost.com/securityfix/2009/09/stress_testing_microsofts_free.html
Thoughts on MSE from the Sunbelt blog
http://sunbeltblog.blogspot.com/2009/09/thoughts-on-mse.html
OK so my 2 cents…I personally will not recommend Microsoft Security Essentials to my clients. As long as other companies continue to provide quality free alternatives to Microsoft products I will continue to recommend them. Putting all your eggs in the “Microsoft security” basket might just end up costing you far more than you thought.
There are currently many high quality free applications available online from Avira, Comodo, AVG and Panda.
As always, don’t forget to do your updates and have a nice day
Check out our Amazon Mac Store Amazon Mac Store
Free Stuff and Great Deals http://rootaid.com/deals/
Follow Me on Twitter http://twitter.com/scccpj
Follow me on Facebook http://www.facebook.com/home.php?ref=home#/pages/Port-Jervis-NY/Clark-Computer-Consulting/133104913979?ref=ts
Use the following link to get an extra 250MB of storage when you sign up for Dropbox. https://www.getdropbox.com/referrals/NTEyODQxMjE5
Conficker Eye Chart
Apr 8th
The Conficker Working Group at http://www.confickerworkinggroup.org have created the Conficker Eye Chart. I found this to be a simple yet useful tool to test for the Conficker worm.
Click the following link to see the clever Conficker Eye Chart.
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
Conficker Removal Tools
Mar 31st
Links to my recommended Conficker removal tools.
http://www.foundstone.com/us/resources/proddesc/confickerdetectiontool.htm Conficker Detection Tool 1.0.8
http://www.sunbeltsecurity.com/DownLoads.aspx Download the Sunbelt Conficker/Downadup Removal Tool
http://download.eset.com/special/EConfickerRemover.exe ESET conficker removal tool
http://www.bdtools.net/how-to-remove-downadup.php Remove Downadup (aka Conficker or Kido)
http://vil.nai.com/vil/stinger/default.aspx Stinger Conficker removal tool
http://www.sophos.com/products/free-tools/conficker-removal-tool.html Sophos Conficker clean-up tools
http://www.shadowserver.org/wiki/pmwiki.php/Stats/Conficker#toc5 ShadowServer Conficker Remediation and Stats
What is Conficker and are you ready for its April 1st surprise
Mar 29th
OK so I keep hearing about Conficker and some bad thing that is going to happen on April 1st. What is Conficker anyway? Conficker aka Downadup is one of the many worms that are prevalent on the Internet these days.
Wikipedia defines a computer worm as…A self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
OK so is the world going to end on April 1st? Probably not. Is someone in your office going to do something really stupid and say April fools? Probably. Is the entire Internet going to crash and then turn your laptop into a toaster or turn your Mac into a PC? Probably not. Should you actually care about this new nasty worm? Well…if you have not run your Windows updates and you do not have a currently updated Antivirus program running then yes you need to worry.
There are a few very simple things that you can do that will actually keep your computer clean and safe. Drumroll please…and the 5 PC safety steps to not get infected are….
1.Do your Windows updates. Do not ignore the Windows updates. Take the time off your busy schedule to actually click the annoying yellow shield at the bottom right side of your screen and install the current set of updates. You will find it takes far less time to keep your system updated than it takes to recover your data that has been destroyed by a virus.
2. Update Adobe Flash and Adobe Reader frequently from the Adobe site and not from some web-page that says your Flash player is outdated. Always go to the official website to get the most current version of Flash and frequently check Acrobat for updates by using the update menu in Acrobat.
3. Keep your Internet Security Software updated. If your Personal Computer AV software is expired then uninstall it and install the freely available Avira Antivirus instead. If your office PC has expired Anti-virus software you really need to get an updated license ASAP. My current favorite Anti-virus is Vipre from Sunbelt http://rootaid.com/2009/03/19/vipre-antivirus-takes-a-bite-out-of-malware/
4. Use Firefox as your main browser instead of Internet Explorer. Only use Internet Explorer on sites that require Internet Explorer.
5. Do not open links or attachments in email. Do not plug your flash drive in someone else’s computer or let them plug their flash drive into your computer. Flash drives have become the modern floppy disk which was the original way of spreading viruses back in the day. http://www.eset.eu/press-threatsense-report-february-2009
F-Secure has an excellent Q and A on Conficker at the following link. http://tinyurl.com/cdlqlp
Using a modern updated AntiMalware product will prevent infection from Conficker and other similar malware. I recommend Vipre Antivirus for home or small-business use. http://rootaid.com/2009/03/19/vipre-antivirus-takes-a-bite-out-of-malware/
So before the clock rolls to 12:00 AM on the April 1st you have some homework to do. Install your windows updates and update Adobe Flash and Adobe Acrobat from the Adobe website http://www.adobe.com/. Make sure you have an updated AntiVirus application running on your computer.
So now it’s time to go and do your homework. Don’t be an update slacker…go already. Update, this means you. Why are you still here.
Have a good day and come back soon for more rootaid.com ramblings
