TechTidBit - Tips and advice for small business computing - Tech Experts™ - Monroe Michigan

Brought to you by Tech Experts™

Viruses

How To Spot And Protect Yourself From An Infection

Are you finding it harder and harder to protect yourself from malicious attacks from the internet?

To help protect yourself you should first start with how to identify them. We will start with sorting them in basic categories.

Viruses – they attach themselves to any file so that when you start the program, you activate the virus. These viruses are usually sent through email or downloaded files from the internet.

Worms – worms are just like what they sound. They keep multiplying and using up all the resources from the computer till the computer comes to a complete stop. These usually are spread through P2P programs and email. They can also be spread over your local network.

Trojans (a.k.a Spyware) – Trojans are the worst. They are used to steal information from the user. They are installed and used without permission and usually have some type of key logger to record what you are typing and send it back to the source so that they can collect credit card numbers and username/password to accounts. These are generally the hardest to find because they usually consists of multiple files.

The best way to protect from and prevent infections is to run the best antivirus/spyware software around. The number one common reason people get infected is not that they accidently download it but, that they do not keep track if their antivirus is installed and updated properly.

Just because you see in the bottom corner that your antivirus is running, does not mean its doing its job. Every day you should check to make sure that your antivirus is updating so that you are protected against the most recent infections. By doing that even if you download a virus the antivirus will scan the file and catch it before it gets too late.

If you do not have an antivirus program installed, I recommend installing one as soon as possible.

One of the best currently out right now is Computer Associates E-Trust Integrated Threat Manager and Antivirus. The program isn’t free, but is a bargain compared to the cost of downtime and an infection.

Is Your Computer Acting Scary? Try These Tips!

Has your computer been acting strange lately? Has it been popping up with funny messages, running slower than normal, missing buttons or cannot get on the Internet? All of these things can be caused by malware and can do so without the computer user even knowing that they are being targeted.

Most effects of malware are just annoying to the user but some can attack your PC and cause the computer to be unusable or even to lose data.

The use of the Internet has caused an increase in this type of infection. What exactly are viruses, spyware, Trojans, worms, and adware?

• Viruses are computer programs that can copy itself and infect files increasing memory usage and slowing down the system. Viruses can be opened by launching a file that has .exe on the end. Other people can be infected by contact to the file that was originally infected. The virus can do harm by attaching to an application, application file or by residing in the memory (RAM).

• Spyware collects information about the user’s Internet activity or changes the configuration of the computer. They can change the home page that opens up when you start Internet Explorer or add buttons to Explorer. Also called adware.

• Trojans are, many times, a form on a web site that misleads you in believing that a program is used for a helpful purpose but instead has a malicious intent. You can be downloading a paint program to make artwork but instead you are really being infected by a Trojan that may harm your computer .

• Worms are like a virus but spread through a network of computers without a user doing anything. These will corrupt files and cause the Internet to run slowly on your computer.

• Malware are any of the above types of infections.

Now that you know exactly what these pesky pieces of software are, it is time to modify your Internet habits. These are some tips to help avoid risky behavior on the Internet.

• Use a firewall. This will help block unwanted transmissions to your computer.

• Update your operating system when needed. Microsoft routinely releases updates for security fixes.

• Use an anti-virus software.

• Never open e-mail or attachments from anyone that you do not know.

If you have questions about computer viruses, or think you may have an infection, call the Tech Experts 24 Hour Computer Emergency Hotline at (734) 240-0200.

“Storm” Worm Makes Anti-Virus Programs Brain Dead

The ever-mutating, ever-stealthy Storm worm botnet is adding yet another trick to its vast repertoire: Instead of killing anti-virus products on systems, it’s now doing a modification to render them brain-dead.

The finding was made by Sophos and was mentioned by a security strategist for IBM Internet Security Systems. According to Sophos, the Storm botnet—Sophos calls it Dorf, and it’s also known as Ecard malware— makes programs that interact with Windows, tell the virus every time a new program is started.

The virus then checks the program that started to see if it was an anti-virus or anti-spyware program, and if it is, it will either stop the program from running, or modify the program so that it can’t detect the virus.

Then, when the anti-virus programs run, they simply tell the user everything is ok.

The strategy means that users won’t be alarmed by their anti-virus software not running.

The anti-virus is running but brain-dead, which is worse than shutting it off, since it then opens the door for all sorts of other virus and spyware programs to infect the system.

This new behavior the latest evidence of why Storm is the scariest and most substantial threat security researchers have ever seen. The Storm virus is patient, it’s resilient, it’s adaptive in that it can defeat anti-virus products in multiple ways. It changes its virus footprint automatically every 30 minutes.

It even has its own mythology: Composed of up to 50 million zombie PCs, it has as much power as a supercomputer, the stories go, with the brute strength to crack Department of Defense encryption schemes.

In reality, security researchers in the know peg the size of the peer-to-peer botnet at 6 million to 15 million PCs, and not on par with a supercomputer. And it can’t break encryption keys. Still, it is very dangerous.

“No Virus Wednesdays” A Huge Hit!

More Than 900 Virus And Malware Infections Eradicated Thanks To Tech Experts’ Free In-Shop Scanning Service.

More than 900 virus and malware infections have been eradicated as a result of Monroe-based IT services company Tech Experts’ “No Virus Wednesdays” war on computer viruses, spyware and junk e-mail.

We are incredibly pleased with our results so far!

We’ve had more than a dozen PC users bring in their computers to be examined, and have successfully removed dangerous infections on all of the affected machines.

In July, Tech Experts announced its “No Virus Wednesdays” program, offering computer users basic spyware and virus removal services at no charge each Wednesday in July, August and September.

Since Wednesday tends to be our slowest day of the week, we decided it would be better for our techs to be destroying viruses and spyware instead of sitting around twiddling their thumbs. That’s why we decided to give away this valuable scanning and disinfecting service for FREE on Wednesdays.

It’s clear that PC infections are on the rise, and in many cases, computer users aren’t aware they’ve got a problem.

Several computers we repaired were infected with trojan-horse type malware, which was tracking the users activity on the Internet.

One machine alone had 493 distinct infected files!

Of the computers we have examined, half either did not have anti-virus software installed, or the anti-virus software was disabled or expired.

We’re obviously very concerned about how safe computer users are when they’re on the Internet which is why we’re extending our “No Virus Wednesdays” program through the end of the year.

The Tech Experts “No Virus Wednesdays” program works like this: Users who would like their computers checked and cleaned of spyware call Tech Experts’ special “No Virus Hotline” at 734-243-1500 and set up an appointment to drop off the computer late Tuesday afternoon, or first thing Wednesday morning.

The computer will be evaluated, disinfected, and available for pickup as soon as it is ready, usually late Wednesday afternoon or Thursday morning.

Computers will be checked for over 1000 types of spyware, thousands of different viruses, as well as Trojans and keyloggers.

Any malicious software that is discovered will be removed, and a complete report provided to the client.

By having users pre-schedule their appointments, the company can plan for this work and provide the service at no charge, while still maintaining its normal weekly workload.

FAIR WARNING: This free service is scheduled on a first-come, first-served basis and limited to Wednesday appointments only. Call right now for your appointment!

Malicious Software Is Spreading Through Multiple Operating Systems

“A new worm is being distributed within malicious OpenOffice documents. The worm can infect Windows, Linux and Mac OS X systems,” according to a Symantec Security Response advisory. “Be cautious when handling OpenOffice files from unknown sources.”

Apple’s Mac OS is not a virus-free platform, said Jan Hruska, who co-founded antivirus firm Sophos.

“Viruses on the Mac are here and now. They are available, and they are moving around. It is not as though the Mac is in some miraculous way a virus-free environment,” Hruska said. “The number of viruses coming out for non-Mac platforms is higher. It gives a false impression that somehow, Apple Macs are all virus-free.”

Once opened, the OpenOffice file, called badbunny.odg, launches a macro that behaves in several different ways, depending on the user’s operating system.

On Windows systems, it drops a file called drop.bad, which is moved to the system.ini file in the user’s mIRC folder. It also executes the JavaScript virus badbunny.js, which replicates to other files in the folder. On Apple Mac systems, the worm drops one of two Ruby script viruses in files respectively called badbunny.rb and badbunnya.rb.

‘Surge’ In Hijacked PC Networks

The number of computers hijacked by malicious hackers to send out spam and viruses has grown almost 30% in the last year, according to a survey.

More than six million computers world wide are now part of a “bot network,” reported security firm Symantec.

Computer users typically do not know that their PC has been hijacked.

More than a third of all computer attacks in the second half of 2006 originated from PCs in the United States, the threat report said.

While the total number of bot-net PCs rose, the number of servers controlling them dropped by about 25% to 4,700, the twice-yearly report said.

Symantec researchers said the decrease showed that bot network owners were consolidating to expand their networks, creating a more centralised structure for launching attacks.

Ollie Whitehouse, senior consulting services director at Symantec, said: “This rise in the number of infected computers can certainly be attributed to the rise in the online population of countries like China and Spain, in Europe.”

Whitehouse continued: “There is almost an educational curve that the users and service providers have to go through. Unfortunately when certain countries go through rapid increases in connectivity and availability of technology that curve is not always kept up.”

Alfred Huger, vice president of Symantec Security Response, said online criminals appeared to be adopting more sophisticated means of “self-policing.”

He added: “They’re launching denial-of-service attacks on rivals’ servers and posting pictures online of competitors’ faces.”

Huger concluded: “It’s ruthless, highly organised and highly evolved.”

The best defense against attacks? Never click on an unknown link, regardless of who sent it, and always run up to date anti-virus and anti-spyware software.

‘Storm’ Trojan Hits 1.6 Million Computers; General Virus Activity at an All Time High

It is mission critical that you keep your antivirus subscription current and your software up to date. Many small business owners think that because they purchased the software one time, they’re protected.

Most anti-virus software requires an annual subscription. And, if you don’t renew, you’re not protected. Too many business owners are finding this out the hard way.

For example, the Trojan horse that began spreading during the last week of January has attacked at least 1.6 million PCs, with no signs of stopping. In addition, Windows Vista is also vulnerable to the attack.

Originally dubbed the “Storm worm” because one of the subject heads used by its e-mail touted Europe’s recent severe weather, the Trojan’s author is now spreading it using subjects such as “Love birds” and “Touched by Love.”

The Trojan, meanwhile, piggybacks on the spam as an executable file with names ranging from “postcard.exe” to “Flash Postcard.exe.”

If your computer’s anti-virus software is out of date, or if you’ve not renewed your anti-virus subscription, your system could easily get infected by a seemingly innocent e-mail.

By Symantec’s estimate, the Storm Worm is the most serious Internet threat in 20 months.

As with most large-scale Trojan attacks, the goal seems to be to acquire a large botnet, or collection of compromised PCs, that can be used to send traditional scam spams or for later identity mining.

Windows 2000 and Windows XP are vulnerable to all of the Storm Worm variations, but Windows Server 2003 is not; the Trojan’s creator specifically excluded that edition of Windows from the code. We presume the malware writers didn’t have time to test it on this operating system.

New computer viruses are discovered on a daily basis. In order to remain effective, your antivirus software needs to be regularly updated, generally once a week.

Make sure you know how to check your antivirus software for updates, and spot check automatic updates to make sure they are, in fact, updating.

If your version of anti-virus software doesn’t automatically update (many free or low cost programs do not), schedule reminders on your computer so updates are performed regularly.