Entries in Viruses (7)

Tuesday
Mar262013

What do I do if I think my computer has a virus?

There are many schools of thought on what to do if you computer gets a virus, here are the steps that I suggest you follow.

1) Stop all network access.  This means, disconnect form any network connection, including the internet.   This means disconnect any network cables, wireless, or other network connections.   This ensures that if there are any viruses that are dependent on network connections, their capabilities are restricted.   Furthermore you then prevent propagation to other networked computers. 

2) Document what you saw that made you suspect that you have a virus.   This includes the way the computer operated, any screen warnings, pop ups, or any antivirius warnings.   The better the detail, the more effective the response to the virus based on researching the root cause 

3) Shut your computer down.   Depending on the type of virus, the longer you leave your computer on, the more severe the damage. Shut down as soon as possible.

4) Verify your back up, have your system restore disks, and software installation disks.   Again depending on the type and severity of the virus, the system might not be able to be recovered without formatting and reinstalling the operating system.   If you do not have back ups, system restore disks, or software installation disks, a different strategy, more costly,  might have to be used in order to recover your system and its files. 

5) Attempt a virus removal on your own, or contact Collaboration Lab for virus removal.   We offer a free 15 min. estimate, so if you are hesitant about cost we can give you not to exceed estimate before starting. 

One other point, it is a good idea to change your passwords that were used on that computer.   Again, dependent on the type of virus on the computer there is a possibility that you passwords have been compromised.  Better safe than sorry. 

If you have any questions, feel free to comment or contact me. 

Saturday
Feb162013

A quick tip on rouge software

In the past month I have received several calls about a pop up security message, similar to these, 

DO NOT CLICK ON THESE POP UP WARNINGS.  

If you receive a message in a popup dialog box that resembles this warning, press ALT + F4 on your keyboard to close the dialog box. Do not click anything inside the dialog box, and do not click on any subsequent dialogue boxes that may pop up.  If a ongoing warning keeps appearing when you try to close the dialog box, it’s a good indication that the message is malicious.

If you see this message, do not purchase the software it promotes, do not install any program it suggests.

One tool that can provide you an oppurtunity to remove the software is Microsoft Security Scanner.  It is an excellent tool and works in the majority of infections.  If for whatever reason this program does not work, feel to contact me and we can get your system recovered.

 

Wednesday
Jan162013

New Twitter Phishing Scam

Recently a friend of mine received a strange email supposedly via Twitter.   The message claimed that someone was spreading negative information about them via a blog linked to Twitter, see the message below, 

 

So if you click on the link here is what you get, 

This is a clasic phishing scheme tied to Twitter.  You enter your Twitter account User ID and Password and then get your account compromised.  Always be wary of a unsolicited email from some you do not know.   Verify the links, especially if the go to a URL different from the stated location.

As always if you have any questions, please contact me via comments.

 

Tuesday
Jan152013

Time to Update Java

Over the past week there have been multiple updates concerning Java.   Here is a brief explanation of what Java is, straight from Oracle, Javas developer, 

 

What is Java technology and why do I need it?

Java is a programming language and computing platform first released by Sun Microsystems in 1995. It is the underlying technology that powers state-of-the-art programs including utilities, games, and business applications. Java runs on more than 850 million personal computers worldwide, and on billions of devices worldwide, including mobile and TV devices.
Why do I need Java?

There are lots of applications and websites that won't work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere!

Java at Oracle

Now there has been a lot of concern over people exploiting security flaws in Java,

Oracle Java 7 Security Manager Bypass Vulnerability

Oracle Security Alert for CVE-2013-0422

If you want to skip the technical side, my recommendation is to update Java as soon as possible, so here is a link to the Oracle site to download the latest software,

Latest Java Download

As always, if you have any questions, feel free to contact me.

Tuesday
Nov202012

Be prepared for phishing and link manupliation

I just recently spend quite some time fixing a virus infection on a clients machine.   He was using all the right anti virus and anti malware tools.  So how did the problem start? A phishing email with bad link.  

After receiving a email with a link to what listed as Linked In, he was taken to a site where a virus payload was downloaded to his machine and then proceeded to infect his machine.   

Here is a excellent description of the issue from Wikipedia, 

Link manipulation

Most methods of phishing use some form of technical deception designed to make a link in an e-mail (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, http://www.yourbank.example.com/, it appears as though the URL will take you to the example section of the yourbank website; actually this URL points to the "yourbank" (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the <A> tags) suggest a reliable destination, when the link actually goes to the phishers' site. The following example link, //en.wikipedia.org/wiki/Genuine, appears to direct the user to an article entitled "Genuine"; clicking on it will in fact take the user to the article entitled "Deception". In the lower left hand corner of most browsers users can preview and verify where the link is going to take them.[35] Hovering your cursor over the link for a couple of seconds may do a similar thing, but this can still be set by the phisher.

A further problem with URLs has been found in the handling of Internationalized domain names (IDN) in web browsers, that might allow visually identical web addresses to lead to different, possibly malicious, websites. Despite the publicity surrounding the flaw, known as IDN spoofing[36] or homograph attack,[37] phishers have taken advantage of a similar risk, using open URL redirectors on the websites of trusted organizations to disguise malicious URLs with a trusted domain.[38][39][40] Even digital certificates do not solve this problem because it is quite possible for a phisher to purchase a valid certificate and subsequently change content to spoof a genuine website.

 

Be on the look out for anything phishy, and when in doubt DO NOT CLICK ON THE LINK.