Microsoft has just released Security Essentials 2.0 (MSE 2.0), which includes a number of enhanced features. In this latest version there is a updated and reportedly much better hueristic scanning engine for viruses and malware (heuristics look for virus/malware like behavior on your computer). Also included is improved integration with Windows Firewall, and new network traffic inspection. The firewall enhancements are only available to those running Vista or Windows 7 as Windows XP does not have the needed platform to run (if you are still on XP, it is really time to seriously consider upgrading as XP is now 10 years old and was never designed for today’s internet or programs).
Microsoft Security Essentials integrates with Internet Explorer to protect your machine from Web threats like malicous scripts. With the increasing number of viruses and malware spreading to all computers from social networking sites like Facebook, and the constant email bombardment, it is imperative to make sure that you have active and updated anti-virus and antispyware/antimalware software on our computer (yes, even Macs and Linux machines are now getting infected with viruses and malware).
The best part of Microsoft Security Essentials is that it is free for home users as well as being free for small businesses with 10 PC’s or fewer. While only time will tell how effetive this latest version is, I would certainly recommend using it in place of software like Nortons or Mcaffee (both of which are often first targets for virus and malware writers).
You can download Microsoft Security Essentials free directly from Microsoft here: http://www.microsoft.com/security_essentials/
*Note: Microsoft Security Essentials, like most antivirus software cannot be installed with other antivirus software as well as some other security software, so make sure to remove other security software before installing it.
For links to other free security software or help with Malware, Spyware and Virus removal, visit Pensacola Computers Tech Support page
Most people who have watched TV or listened to the radio have heard the ads touting the amazing incredible website that will help fix everything wrong with your computer and help your slow system to immediately speed up and run like it was brand new – well all I can say, is beware! I have had the unfortunate users of such software come to me with computers that wouldn’t boot to Windows, or that were freezing up and crashing all the time after using this software. While it is certainly true that spyware/malware/viruses can slow down your system, and removing them will certainly help the performance, using these ‘fix all’ software solutions can often cause more problems than they fix – as a matter of fact, the free ‘diagnosis’ they offer has nothing to do with finding spyware, malware, or viruses.
One thing I find very interesting is the disclaimer in the Terms of Service on doublemyspeed.com: “ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE WEBSITES IS DONE AT YOUR SOLE RISK AND YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY SUCH MATERIAL” In other words, if you use their software and it hoses your system, too bad, they did warn you after all. The other bit I find interesting is this part: “CyberDefender EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT OF PROPRIETARY RIGHTS. WITHOUT LIMITATION, CYBERDEFENDER AND THE PROTECTED PARTIES MAKE NO WARRANTY THAT THE WEBSITES OR ANY SOFTWARE DISTRIBUTED THEREFROM WILL MEET YOUR REQUIREMENTS, THAT THEY WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, THAT THE RESULTS OBTAINED FROM THE USE OF THE WEBSITES WILL BE ACCURATE OR RELIABLE” – so basically, they won’t provide any kind of warranty for their product, and they certainly don’t claim that their software or results it gives you will be secure, error free, accurate, or reliable. So then tell me, why in the world would I ever spend money on their product????
One of the worst things is their Registry Cleaner which can definitely cause irrepairable damage to your system if it removes the wrong things from the registry. Granted, back in the days of Windows 95/98, a lot of registry errors could have a significant performance impact on your system, however in today’s world of high RAM and multi-core processors, registry errors of the kind that this software usually fixes have a negligible impact on most systems, and the risk of the software removing a critical registry entry is too great to justify the results.
The truth is, many machines just need a simple cleanup of malware/spyware, and some tweaking of startup programs to run better. Then of course there is the fact that your old Windows XP machine with 256MB of RAM will NEVER be able to keep up on the internet of today due to the much increased demands. Remember, Windows XP is about 10 years old, and when it was released the internet was pretty much all text based. Today the internet is multi-media rich with all kinds of add-ons running – Java, Toolbars, Browser helpers, etc. and older computers just don’t have the hardware or software to keep up.
Basically what this website does is con you into running a pretty much worthless registry scanner that will of course show massive errors on your system (which in reality may or may not be errors, and even if they are errors they have a negligible impact on your systems performance if any impact at all) – then if you decide you want to fix these inconsequential errors, you will be taken to a website where they want you to spend $39.98 for a basicaly worthless product, then they want you to buy their CyberDefender antimalware/antivirus software for $29.95, and then of course ad $14.97 for a cd with a copy of your software (you can burn your own CD for about 25 cents). All in all, it is just another company trying to make a quick profit off of anyone who believes their overhyped ads. My opinion: the software is a total waste of money, and you take a risk of totally messing up your machine by using it – not to mention, trying to exit out of the ‘free scan’ software just leads to pop-ups and opens their web page, and you have to confirm multiple times just to uninstall the software! Stay away from this product!!
Of course, this is just my opinion, take it for what it’s worth, but there is no way I would ever recommend this software to anyone – EVER!
For links to Free Software such as Malwarebytes, Spybot S&D, and AVG Free that can help you keep your computer malware and virus free and keep it running faster, visit the Tech Support page at PensacolaComputers.com
Lately I have been seeing more computers infected with the Vundo Trojan, which as one of the ill effects constantly bombards users with Antivirus 360 messages that their computer is infected. This program should not be confused with Norton’s 360 (which in my opinion is almost as bad, but not malware). The infections it tells users are on their machines are bogus, and are often critical Windows Files. Of course they want you to buy their product in order to ‘clean’ your system, however what you buy is actually more spyware/malware. Unfortunately, in many cases if your computer is infected with this, there is a chance that you also have other infections, and while there are tools such as Malwarebytes Anti-Malware and Spybot S&D that can help remove some of these, they often cannot get everything (it is a hit or miss kind of thing).
The best thing of course is not to get infected in the first place, which can be done by keeping up to date Windows updates, a good antivirus, and usually a couple anti-spyware products, and of course not downloading anything that you aren’t sure of what it is. Many of these spyware products are installed when you install supposed ‘video codecs’ or by viewing infected videos and even music files (stay away from the file sharing sites). You can also be infected by malicious code that can attack your computer from social networking sites like MySpace and Facebook (never click on a link that you aren’t sure of, nor download any kind of ‘media viewer’ from these sites).
If you do get infected, you can try a system restore (hopefully you have a restore point that is before you got infected), as well as run full antivirus and anti-spyware scans. Many times it is best to run these scans in Windows Safe Mode (press the F8 key when the computer is first booting). Safe mode will load only essential drivers and services and often the antivirus/antispyware software will have better success at killing these pesty infections. Of course, before attempting any cures, it is a good idea to make sure you have critical data backed up (and make sure you scan your backups for viruses/spyware before putting it back on your system once it is cured!)
Win Antivirus 2009, it’s not an antivirus program, rather it is a particularly nasty piece of malware that will infect your machine, tell you that your machine is infected (all the stuff it says you are infected with is bogus), and will try to get you to purchase something that will ‘clean’ your system, when in fact it will just infect it further. What is particularly nasty about this program is that it often bundles even more garbage on your system and the resultant infection can be almost impossible to remove. Besides hitting you with constant popups telling you that your system is infected, it will slow your internet browsing to a crawl, redirect your web searches, and it, or one of the other bits of crap it installs, can disable your antivirus, block you from downloading products that can actually detect and remove some parts of it, disable your system restore points, replace critical system files, install other nasties like keyloggers which can steal your passwords, infect your email program and send off copies of other malware to your contacts, and generally just make your system unusable.
While I have read of many different methods to remove this infection, due to the nature of it, the only guaranteed way to ensure a clean system after a nasty infection like this is to wipe the drive and reinstall Windows. This is often the cheapest (in terms of time) and pretty much the only sure fire way to make sure your system is clean.
So how do these infections spread? There are a few ways that such nasty malware is spread across the internet, some of the more popular ways are through email attachments (never open attachements unless you know specifically that someone was sending you something, as even if the email comes from a friend, they themselves may be infected, and it is the virus that sent the email and not them), another way is through false ‘updates’, like if you go to a website that says something like “in order to view this content you need to update your flash player, or quicktime, or you need some kind of codec” – when you get something like this, NEVER install from that site. If you actually do need an update to flash, go to adobe.com, for quicktime, go to apple.com, for other codecs, go to the manufacturer. Once you have the latest update, or if you already do, and you still get those kind of popups, then you can be pretty much assured that it is a scam. These kind of things can also come from some spoofed Ecard sites, ie: you get an email from a known friend or associate that has a link to view an ecard they sent you, and when you go to the site, it says something like “click here to install the ecard viewer” – this is most commonly another way to install garbage on your computer.
Most importantly, make sure you are running current antivirus and antispyware programs. If you are unsure of something, don’t click on it. If you do get infected, as soon as you experience symptoms, try to do a system restore to a point before you got infected (sometimes you can’t as the system restore points are removed by the virus). In cases where you can’t get rid of it, take it to a professional, or if you are comfortable doing it yourself, back up all your important files, and reinstall Windows (a fresh install of Windows can be a good thing in terms of bringing back the speed to your system). Just make sure to update Windows with all the patches and service packs before venturing back out onto the internet!
Recently I have had a lot of people come to me with Virus and Spyware infected computers, and many people have asked me why has this happened to them, and if it is even safe anymore to go on the internet. My answer is of course not easy – it is yes, and no. Yes the internet can be safe if you take reasonable precautions. Never open email attachments (even from people you know) unless you specifically know that someone was sending you something. Many viruses will infect a computer, harvest email addresses from address books on it, and unknowingly to the computer owner, send copies of itself to all that persons contacts. Always run a current Antivirus and Anti-spyware product (usually a combination of anti-spyware products is best, though never run more than one Antivirus). Make sure that Windows is up to date with the latest security patches (these generally are released on Tuesday’s, although Microsoft will sometimes release them on other days if it is a serious threat that they address. Never, ever, click on links in an email as they are often what are called misleading links – although the link may say something like https://yourbank.com, the actual link may be something like https://yourbank.com.imahackerinchina.cn (you can tell the actual link by right clicking on it, choosing copy link, then pasting it in a text document). These malicious links can be anything from a spoofing site (designed to get your passwords), to a site with malicious code that will try to hijack your web browser, or download a virus or spyware.
You should also run some kind of firewall on your computer to keep hackers out – the best solution is to use a hardware router with a built in firewall along with some kind of software firewall. The router solution is often the best first line of defense as a hacker will generally only see the router and not any of your computers behind it. Also, beware of file sharing sites such as limewire, and torrents. Many of the files shared on these networks, in addition to being illegal copies, are full of viruses and spyware.
Most infections on computers get there because at some point, the computer user clicked a button allowing something to be installed. All the security in the world cannot do much if a user allows something to be installed in the first place. While most good Antivirus and Antispyware products will catch malicious programs when they are downloaded and installed, when a new Virus or Spyware program is first released on the internet, it often takes a while before the Antivirus/Antispyware software will have updated definitions to find it. If you happen to allow it to be installed, by the time the security software on your computer finds it, it may well be to late as many of these malicious programs can pretty much wipe out a Windows installation (and for you Mac users out there – Macs are no more secure than Windows in any way, as a matter of fact they are more vulnerable in many ways – it’s just that there aren’t many viruses that are written to attack them - yet).
In the end, your best defense is common sense and using good security practices. The other important thing, and this is probably the MOST IMPORTANT: always, always keep current backups of your important files. If by chance your computer does get a bad infection, often a Windows Reinstall is the best, cheapeast, and easiest way to safely remove it, however if you don’t have backups, this can cause additional problems as well as costs.
It amazes me how many computers I run across that have Windows update disabled, or have it set to manual and haven’t updated in quite a while. So why is it so important to keep your computer up to date with the latest Windows Updates? Most Windows updates are to either fix a bug, or fix a security issue. Does this mean that Windows is inherently unsecure? Not neccessarily. There are new exploits being found all the time, but if you take the majority of computer code out there today and play around with enough, sooner or later you will find exploits that will take advantage of the coding. Of course if you routinely visit malware ridden sites (music and file sharing sites are notorious for these), or if you open every email attachment that someone sends you, or if you download things like screen savers and programs from untrusted sources, you are just asking for trouble. For the most part, Windows, especially Vista, will not usually install something bad without you telling it that it is ok to install. Of course many spyware and virus programs now take advantage of what is called a Trojan downloader to install all kind of nasties on your computer, but usually you have to initially allow something bad to be installed first.
The patches that Microsoft issues through Windows Update include not only the critical security updates, but also new or improved features for Windows, as well as updated drivers for some of your hardware (although usually the best source for drivers is the manufacturers website). These updates are especially critical when they address a newly found security exploit. When a new exploit is found, many virus and spyware writers immediately take advantage of it and all of a sudden there are thousands upon thousands of websites which will be infecting your computer when you visit them. These jerks are very crafty and sometimes it will look like you are installing something needed (like an update to a flash player, or java) but in reality you are installing a virus or spyware program.
Exept for a very few exceptions, any update that has been installed can be uninstalled through either add/remove programs, or by doing a system restore in case something stops working properly. In order to enable Windows Update, go to your control panel > security settings, where you can set your computer to automatically update your computer without you needing to do anything. If you don’t have auto update enabled for a specific reason, then make sure that you check for updates frequently!
Social Networking sites like Facebook and Myspace, while abundantly popular have also proven to harbor quite a few nasty dangers for those who are unaware. The latest is a variation of a Worm program that first appeared in July, the Koobface Worm . This worm spreads from friends messages that appear to be video links, when you click the link, you are asked to download or update your software to view the video – of course the software you download is actually a Trojan horse downloading program (that can install other bad things without you even knowing), as well as a keylogger program that can steal all your login and password information.
Virus and spyware writers take advantage of the popularity of such social networking sites as they are a prime target area to reach a mass amount of people. The biggest problem is that these sites are used by a lot of younger people who will often just click things without understanding what they are doing. One day your teenager is using their MySpace or Facebook, and the next your bank is calling about all kinds of charges on your credit card because someone got your banking information from a virus/spyware that was planted on your computer.
So what can you do to avoid these things? Well the best is to just not use such sites, as they will constantly be attacked and are vulnerable to all kinds of malicious software. If that isn’t an option, then make sure you have up to date antivirus and antispyware software, and be especially careful to NOT download any software or active X controls. Many times these items will appear to be legitimate software (such as Adobe Flash player), however if in fact you need an update to this software, instead of clicking on a link that may appear when you visit a webpage that says you need to update the software, go to the source (like Adobe.com) and update your software directly from there. If you go back to another site and get a pop-up saying that it is still out of date, then more than likely it is malicious software trying to infect your system.
The majority of viruses and spyware infect peoples systems because people give them permission to – most of the time inadvertantly because they are misled, or don’t read what they are installing. So be careful! If you aren’t absolutely sure about something, then don’t install it!
Lately, one of the nastiest spyware/viruses out there causes pop-ups that tell you your computer is infected – this is just another ploy to get you to click and buy even more garbage. Unfortunately, some of these infections are very nasty because they disable your system restore, redirect your web browser, and some will even stop you from installing programs that can find and kill them.
Some of these real nasty ones are what they call polymorphic – they will recreate themselves using random file names, hide copies of themselves all throughout your files, and some will even release time bombs (applications that lay dormant for a specific period of time, making them very hard to be found and killed). While most of these infections can be removed, sometimes the removal process is very time consuming (sometimes not though), and there comes a time when you have to balance whether it is worth the time to try to kill these vermin, or if it is a better use of time to just wipe and reinstall Windows (reinstalling Windows is sometimes the only guaranteed way of ridding yourself of some of these pests for good).
So what can you do to protect yourself? First, make sure you have up to date antispyware and antivirus programs and definitions. Scan your computer regularly. Never open unknown Email attachments. And NEVER install anything that you aren’t sure of (many times these malicious files come when you visit a website and you get a box telling you that you need to install something to view the content) – generally if it isn’t something that you can get from a reputable site, like Adobe’s flash, or Windows media player, or Java, you could be risking your computer’s health by downloading an unknown plugin or program.