St. George UT PC Doctor

Your best defense? Make certain your PC is up to date on all critical patches for your version of Windows. Microsoft has modified it's free "Malicious software removal tool" to detect and eliminate Conficker.

How dangerous is Conficker? Dangerous enough that there is a $250,000 bounty on the heads of those responsible. It's the potential for havoc including password and identity theft that has IT departments scrambling to get a handle on this. Read more about this extremely dangerous worm here

Tags: conficker, malware, alerts

Last week I alerted you to a common trojan trap that is surfacing all over the web under a variety of names. AntiSpyware XP2009 is just one name. Rather than update the original post, I have decided to post this once again because of the EXTREME DANGER this type of threat poses.

A colleague of mine recently passed away. While searching for news about him, I navigated to a site where I was greeted by this pop-up window:

Pretty scary huh? It gets better. It matters not how you exit the pop-up message, as soon as you do, a fake "scan" animation is displayed that makes it appear your system is being scanned. It is important to note that the script is NOT PERFORMING A SCAN. What you see is only an animated webpage made to resemble an actual scan. A full size screen capture of this scan animation is displayed here
So how do we know the scan is a fake? Well for starters, the fake animation displays only 2 Local Disk drives and a DVD-RAM drive. In reality, there are 9 Disk drives on my computer and one DVD-RW drive. Secondly, while "local disk" is the name Windows assigns Hard Disk Drives during installatioin, I rename all my drives to unique names. It's a neat little trick that can help you spot these fake screens. Renaming HDD's to a friendly name will be the subject of a future post. And lastly, we know this is a fake screen because the layout is based on a Windows XP Explorer window, I'm actually using Windows 7 Beta on this computer.
Finally, take a close look at the final screen capture below:

Under no circumstances should you select the "OK" option to install. Clicking on the X, or the Alt-F4 keystroke combination just puts you in a repeated error message loop. Close the actual BROWSER window to cut this trojan off at the knees.
It's easy to be fooled by these tricks and a lot harder to clean up after, so surf smart. Don't panic when you see a pop up like this, but if you get taken in, call the St. George UT PC doctor for disaster cleanup.

Tags: antivirus, critical updates, malware, patches, scams, spyware, threats, virus, windows

Microsoft released critical patches to it’s Windows 2000, Windows XP, and Windows Vista consumer platforms Tuesday March 10th. In addition, critical patches were released for Server platforms as well. If your system is not configured to automatically download and install automatic updates, you should run Windows Updates to insure you have the latest security fixes. This is one of the most important things you can do to protect your system from malware.

Tags: patches, windows, malware

 

Several acquaintances of mine have been stung in recent months by the rogue program “Antispyware XP2009″. This program relies on social engineering to dupe you into installing a malicious program to then extort money.

 

 

Looks legitimate right? Here’s how it works. You visit a website, and without warning, an ominous message appears on screen alerting you that spyware or a virus has been detected on your machine with the instructions to “click now to clean”. Unwittingly falling victim to this ploy can be costly in more ways than one.

When you “click to clean”, this trojan installs Antispyware XP2009 on your system “for free”. After you perform their “free” scan, the software instructs you that you must purchase a license to remove the infected items it “finds”. Unfortunately the one infected or malicious item it never finds is itself. Paying the ransom, er, “license fee” does nothing except extort money from you. In addition, Antispyware XP2009 destroys legitimate program executable files, rendering popular programs such as Windows Media Player, Internet Explorer, Office applications and more, useless.

 

 

There are several copycat variants of this malware with similar names so surf cautiously! Your best defense against this type of attack is your own common sense. Never “click here” to clean anything that is presented unsolicited on any website. Also make sure you have a robust security solution that detects rogue applications and viruses in real time. Of course having robust anti-virus and anti-spyware are useless if threat definitions are not updated regularly, and that will be the subject of a future post! If you do fall victim to Antispyware XP 2009, contact the St. George PC Doctor to restore your computer’s health today.

Tags: spyware, virus, malware, threats, exploits, windows, critical updates, patches, antivirus