Antispy.microsoft.com is another Scareware

It looks like the people who invented “Antivirus System Pro” have made another site looking like it was a Microsoft site:

It looks like they use hijack your host file and inseart “Antispy.Microsoft.com” to the host file  with the IP address of “209.44.111.62″  There is no real website at Microsoft with that url so if you get this you have a some kind of trojan or virus on your system.   By using the domain name of Microsoft.com the chance that people will believe this is actually from Microsoft and buy this fake software is higher than with it having its own domain.

They seem to have incorporated the Site Adviser Scareware tactics these tactics seem to be a new way for them to look Official almost like they are the read deal and should there for be taken for the REAL Thing.   You should Download SUPERAntiSpyware and See if you can find the problem.   If that doesn’t work you can always remove this threat manually.

Insanity Run Rampant — Antivirus Pro System (scareware)

Some of you would want to ask me why I am calling this title an usual title. In fact it is quite simple, I have been at the hospital since early this morning. While I was there I had some intriguing things happen. I was watching a person cruise the internet while they were at work. This is someone who is supposed to answer the phones and such. Then I see this POP UP, this draws my attention. “You SYSTEM Has Spyware”. This was my first thought, Scareware. The Popup said it was for “Antivirus Pro System”.

Since this was a Hospital computer, I couldn’t get a real screen shot of this but there are plenty examples out there, just like that one above.  Anyways what worries me is how System Admins are allowing employees to surf the web while at work on company time.   It also makes for a bad experience with their family.  It also concerns me about the fact that while that computer is infected some of the patients records could be leaked online.

Are You and Your Friends Fine — Virus Spam

Logged into my Google Email and was checking my spam to see what I see and this one draws my attention:

I think I know where this is leading me but I click the link and this website with the Reuters logo pops up:

Now as you can tell this looks authentic but when I did go to this site, AVG detected some trojan.  It blocked it, but  the file that it is downloaded called “save.exe” and I have talked about flash player fake updates.  I have seen other blogs talking about dirty bomb news report leads to malware.  I don’t know about you but if I wanted to update my flash player, I go to the source and not use any links.  It is wise not to download any programs or files and run them without properly checking them out for viruses and Trojans.  You should have a firewall and anti-virus running at all times and that will help but it is your actions that help your prevent from getting viruses or Trojans.

How do you like your Cricket USB Modem?

Lately I talked about the A600 USB 3G modem and Now I want to hear from the Readers?  You see I can’t do my best reviewing these with comments from the readers, that being you.

Click the picture to send me email, just remember to replace “AT” with “@”.

So I want to hear what you think about either the USB UM100 Modem or the A600 USB 3g Modem?  Here a re a few things to answer when you write your email.

Something will go to the people who email me?  I want to publish some of these comments on my blog for all to read.  I want to hear if what I am publishing helps you?  I will even give your credit as  to who wrote it.  If you have a site or something you want to promote by all means add that to your testimonial.  Here’s the basic questions that should be talked about:

• Which one did you buy? (Cricket USB A600 or Cricket USB UM100)
• Did you Upgrade from the Cricket USB UM100 to the Cricket USB A600?
• Are you using it for travel or Primary internet?
• Is it for business or Pleasure?

Getting to the A600 Program Files

So you want to see this screen when you plug in the A600 Broadband Card:

But doesn’t pop up! I found out why. If you installed it one time or another and had a problem with the installation and it won’t pop up with that screen. You’ll need to take this first step:

Uninstall THE USB DRIVERS for A600
C:\Program Files\Cricket\USB DRIVERS\Uninstall.EXE

Once you do that you will see need to reboot and then try to insert the A600 Modem into the USB slot. It should pop up with t hat screen or you should see the drive become available.

I’ve also took the drive and copied the program files into a sub Directory of the 4 Gig drive installed in the A600 and I decided to help everyone else out by uploading the self-extracting program to rapid share:

Cricket-A600-Program.exe Bit torrent file

This is the file I created on Memory card for when I need it.  If you are uncomfortable downloading this because your worried about virus, then follow the directions on how to uninstall the software to get to your Cricket software for the A600.  I did this to make it easier later on to re-install the software without having to uninstall software.  Let me know if this helps. You should consider downloading Free Anti-virus Software and free Firewalls to protect your system if you haven’t already!!

When do you “Never Fold”

So I got this email and wanted to show you just how try to get you to link to their site:

I got this email and wanted to talk about how people link to sites they shouldn’t.  Although this a real site, I had my doubts from the get go.   You see it talks about sending 21 visitors to my site.  I got to the site Neverfold.net which after I looked and there I am but I wonder why? Because Poker and Calicanis have nothing in common with Poker or at least news and all that.

As you can see when you go to that site via the link he gives me, which by the way if you weren’t paying attention is a hidden link with Neverfold.net/?pg=YKchR. As you can see this is a way for him to know when you click it to put your name on the forum page. You can tell because Ref: YKchR is at the bottom of the email. This is most likely a generated email by a bot, I did even more research to find out more information. I found out that the so call 5k to 7k page views were bogus. I checked with Alexa, and I find out this:

Cracking and Warez sites are Host of Trouble!!

It is nothing to laugh at and should be understood that gamers have no freedom right now.   That said this new Variant to Virux Trojan is in regards to Win32/Vitro Trojan.  It seems tobe infecting .exe and .Scr files just like this.

According to Trend Micro:

The downloaded malware include variants under the FAKEAV, TDSS, and VUNDO families. Infection chains, however, are notable for the presence of VIRUT and VIRUX malware. VIRUX and VIRUT attacks were initially about the volume of infected PCs. The numbers are massive enough to worry Web users and security researchers: around 20,000 PCs are infected per day
Read more: “Crack Sites Distribute VIRUX and FakeAV“

Now it seems to be more and more sites with getting computer infected. It also seems the Malware writers are using these servers for helping infect essentially gamers computers. So for the time being, if you have a favorite game and you want to:

• No-CD Crack (This is good for those who want to play the game without the CD)
• Key Gen Cracks (This is used for pirated version of a game)
• Update Cracks (This is used to prevent CD checking or Also prevent Version Checking)

Facebook Goes Phishing again

In one of my Previous articles about the Koobface Worm, I talked about the way they were infecting the systems and what you need not do.

It seems that Trend Micro has seen an even more rise in people downloading the WORM_KOOBFACE.AZ and Seems to be on the RISE. This is all done with a Social engineering and Has had some attempts before with this little worm on Facebook.

After your Infected with this new Variant, it searches for cookies and Sends out a message to people from:
* facebook.com
* hi5.com
* friendster.com
* myyearbook.com
* myspace.com
* bebo.com
* tagged.com
* netlog.com
* fubar.com
* livejournal.com

This seems to be a social engineering Nightmare for these websites and as yet are unsure what else it does but it says the same thing it did before by saying “This is a Video of You on the Street.” Which is bogus but none the less people click and think they have to download a codec or update their Flash. Social Engineering is on the rise and will be taken seriously. You should read the full report from Trend on what it does but you also should have an anti-virus and Firewall installed to prevent this from happening in the first place. The only true way of preventing this is not to be fooled, you should NEVER Download from a site you don’t know or trust. See all the Facebook articles for more information.

A Sneak Peak at the A600 3G Broadband Cricket Card

So I was doing a little research and found this nugget from my Affiliates Network:

Features:

Removable Memory Format:  microSD
Storage Capacity External memory up to 4GB
Text Messaging Yes
Contact Directory Yes
Language English/Spanish

Wireless Capabilities:

Technology CDMA
Mode Tri-Band
Data Transfer Speed 3G (EVDO Rev 0, Rev A) and 1x
USB Broadband Modem (A600) Looks interesting, and I am thinking this will be the next thing the company will start Advertising for. Right now though, it cost 119$ with a 50$ Mail in Rebate and you spend 69$. With a CDMA only USB Card like the UM100, you know the speed of that. Now According to Wikipedia for 3G and I’ll quote:

Thus users sold 3G service may not be able to point to a standard and say that the speeds it specifies are not being met. While stating in commentary that “it is expected that IMT-2000 will provide higher transmission rates: a minimum speed of 2Mbit/s and maximum of 14.4Mbit/s for stationary users, and 348 kbit/s in a moving vehicle,”

And the Oscar goes to . . . Not these guys!

Sans Internet Storm is reporting on Anti-virus Scareware tactic. I’ll quote from them:

ISC reader Gary wrote in to let us know that searching for “oscar presenters” and “oscar winners” with Google brings up a prominently ranked result on a web server in Poland, on a subdomain of “beepl”, which – surprise, surprise – includes a malicious JavaScript. The end result currently seems to reside on stabilitytracewebcom, and is yet another incarnation of the “Fake Anti-Virus Program” malware that we have covered repeatedly. Watch out, the EXE has a meager 6/39 on Virustotal.
[Via Sans]

I did my own research and it is true they are at least 3 sites with the .pl Domain that are used to send you to these fake sites. You should consider checking your system for possible viruses if you been to these sites and are worried. You should also report any site like this to Phishtank to fight this type of scare tactics. Please remember if you are worried about your system this is the best time to install software to prevent these types of scare tactics. Remember you don’t always have to buy software to be safe. There are free anti-virus and Firewall solutions at your fingertips, use them well. It is also a good idea to make sure you have the latest updates from Microsoft while your at it.

PDF Zero Day Vulnerability in the Wild

From sources all over the internet, Adobe made a sent out a Security bulletin yesterday:

APSA09-01 (Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat)

A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

Adobe Plans on patching this March 11, 2009

and According to some other reports are saying:

Symantec Security Response has received several PDF files that actively exploit a vulnerability in Adobe Reader. We are continuing to remain in contact with Adobe on this vulnerability in order to ensure the security of our mutual customers.

[via Symantec]

Zero Day For IE7 Being used in the wild.

It looks like IE7 patches are being used right now in the wild.  According to TrendMicro:

HTML_DLOADER.AS exploits the CVE-2009-0075 vulnerability, which is already addressed by the MS09-002 security patch released last week. On an unpatched system though, successful exploitation by HTML_DLOADER.AS downloads a backdoor detected as BKDR_AGENT.XZMS.

[Image from TrendMicro Blog]

As you can see this this can be very bad for the companies who wait a while.  Internet Explorer is still being used 1 out of 4 users and I see it it all the time on my stats.   The Good news is this isn’t as hard to get rid as the Conflicker but should be taken serious because the writers might start to want to get even more malicious and make it even harder.

This is the next step to prevent yourself from getting caught with your pants down so to speak, you need to patch all systems that have internet access.  I still like the Autopatcher because it will do the job with very little input from the user.   It also makes it easier for people to patch big systems.  You should also consider installing some Free Anti-virus software to help protect the systems you do have.

Internet Security Companies Warn about Patch Tuesday and Valentines Day.

With Tomorrow being released some very highly rated Remote Code Execution to become Zero day in very short time. Some researchers are speculating about more viruses will be released in conjunction to Valentines day. According to this one post it will be likely to be E-cards being sent to try to lure you into downloading Malware.

Various security vendors, including CA Inc, MX Logic Inc., Trend Micro Inc., and Panda Security, have issued alerts about new Valentine’s Day-themed spam campaigns that try to dupe users into installing the Waledec bot.

Researchers note that many websites which are affiliated to Waledac e-card scam have been recently updated with content based on the Valentine’s Day theme.

Web sites distribute Trojan files which are commonly named love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe and the list is not exhaustive.
[Via Express Buzz]

Offline Update 5.0, Clone of Autopatcher to Some!!

Offline updater 5.0 has been released a couple months ago and I just realized it now.  This is an excellent tool for IT professionals who want to keep all your Systems up-to-date with the last patches from Microsoft.  The systems it supports are Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 x64, And Windows Vista / Server 2008.(32 bit and 64 Bit updates).

I find this a very useful program for people who have a multitude of problems, from not being able to get on the net to computer virus infections.  This is really good for big businesses that want to update a lot of systems in easy way without having to wait for downloads of updates to install.   You can take a DVD and update on the fly within Mins.   DVD being Cheap or buying them in bulk helps saves time and money for the company.   Less time spent downloading the updates and more time actually getting work done.  As with the Conflicker, Downadup, and to some the Conflickr Trojan, if you got infected with that little worm.  This would help install the updates that it prevented you from doing in the first place.  I also found that once you download do the update the files are kept on the hard drive so you no longer have to redownload them again.  You just update the updates every second Tuesday of the month and it downloads the newest patches and creates a whole new ISO for you to burn.

Phishing sites pop up for IRS!

Well, this just came to light with The Spywareguide blog. I’ve seen some activity about Where’s my refund lately and I thought I tell you how to make sure you’re on the right site. If you’re expecting a refund check the OFFICIAL SITE. The Official Site is http://www.irs.gov and nothing else. If you want to find out about some of the most common Phishing attempts check out the Phishing advice from the IRS.

The Spyware Guide blog talks about sites that looks to be IRS but are actually just phishing for information.  Some of the ones they talk about are:

gicrisis.org/data/refundtax/SearchTAXERR.php

irs-2009.com/refund/refunds.html

collectrefund-irs.com/refund/refunds.html

cimaonline.ca/application/Internal/Revenue/Service/pas.php?certegy_vm=trueportlet_change_1_actionOverrideFchaseonlineFchangeFprocessDetails_windowLabel_portlet_process_pageLabel_page_process

jklabs.cz/phpayv2/admin/import/.secure/www.irs.gov/get-refund/refunds.php?Where_is_my_refund&Get_Refund

Although this list will most likely change this is just starting for people who filed there income tax. Some things to Remember are:

You can generally access information about your refund 72 hours after IRS acknowledges receipt of your e-filed return, or three to four weeks after mailing a paper return

Via IRS.GOV

Disaster preparation 101 — Data backup

In this one I will talk about Disaster, it happens to all of us from time to time. A fire, a earthquake, a stolen laptop or any number of ways. So what happens to your data, is it stored on the laptop? Is it important very sensitive data? Could you get fired if you lost that data?

These are all questions you must ask yourself when you have laptop. How do you backup your data or even do you have a backup? Having seen this with my own clients, I must wonder if there are people out there who just don’t care. I had a client the other day who gotten a virus and this was a really mean virus. Deleted some very important files when you tried to clean the virus out. She called me in a panic because she couldn’t load up windows? I asked if she had any backups, she said “what’s a backup” . So I sat there discussing this with the client for over 20 minutes. Finally she started to understand, she said she had the OEM Backup DVD but nothing else. She also said she needed help with getting data off the computer. I told her that I would be able to come the next day and I was lucky the virus didn’t do anything else to her data. We were able to retrieve the data from her system. That is where I start my rant , Why would anyone not have backup of there most important data?

Microsoft released KB960714 to fix THE IE Problem

This is the update to fix the IE Vulnerability and if you have any questions please make sure to check my other post about this little update.   This was sent out today and should be patch ASAP, on all systems.  If you want to patch the easy way, I suggest downloading Clone to Autopatcher.  This seems to help make an ISO file on a DVD so you don’t have to update a system the old way.

IE vulnerability in the Wild

Well this was bound to happen, hackers found this vulnerability and is using it for their own purposes. 

It seems they put a virus on your system.  Microsoft has issued an Recommendation and to check out Microsoft Security Bulletin MS06-055.

“What we’ve seen from the exploit so far is it stealing game passwords, but it’s inevitable that it will be adapted by criminals,” he said. “It’s just a question of modifying the payload the trojan installs.”

Said Mr Ferguson: “If users can find an alternative browser, then that’s good mitigation against the threat.”

[Via BBC News]

I personally like to recommend a program that will do a better job at security and that is Firefox,  I also suggest people use the Thunderbird and not Microsoft mail program.  This will greatly reduce your likely hood of getting a virus or Trojan.   Most of the time hackers like to find new ways to infection to get into your system.  If you want to preven having a virus in the future, I’d recommend going to my Malware Resource and check out a good firewall and anti-virus.   This will prevent you from getting some of the viruses and other types of malware.

Tools for Virus Removal : The ones I like to use!

In this post I want to talk about virus removal tools that I like to use when I need to remove a virus.   Some thing to consider when using these tools are:

• Is it a Rootkit?
• Is it Spyware?
• Is it a Virus?
• Is it a Trojan?
• Is it a Worm?

Each of these have to be dealt with differently because each requires something different.  Like rootkits if you have one installed and know that it is a rootkit you only options are to download some rootkit removers like:

• Sopho’s Anti-rootkit remover –  This is good for those more known viruses and can remove several types of rootkits.   This isn’t the only one I use, but it is a part of group that does the rootkit removing for me.
• Microsoft Rootkit Revealer –  This is good for proving there is a rootkit.  I’ve not seen it not detect a rootkit.  Most of the time when I find a rootkit from the other rootkit revealers this one actually dos better with information.
• Panda Anti-Rootkit Remover — This one is another one I use when the other ones can’t remove it.  Each one does remove certain rootkit differently and works better than the other.

Signs of a Computer Infection!

So I was thinking this morning what I missed and I totally missed on how you might be able to tell if you have a computer virus. It does me no good to talk about a virus if you don’t know you’re infected. I was thinking of the times I had a client who had trouble but wasn’t what I thought.

So How do you know?

Some people would say it depends on factors but here are what I call clues that make me suspect a virus:

1. Slow or Sluggish computers –  Here is what I know if the computer is really slowing down and have a dual core or quad core.  If you are running a system and sees a lot of hard drive activity even when the computer is idle then it might be a virus or it could be a program doing what it is supposed to be doing.  So this is somewhat of an indication but not always.
2. Slow internet connection on the computer or on the network — Due to the fact that most people have a router that is connected to all the computers and if you internet connection on all your systems are slower than normal then you could have a virus.  I use Speed Test website to help determine this.

Cricket Wireless Broadband Card — How to get better speed!

After buying the card last month,  I did a quick review about the broadband card. I wanted to talk about the speed problems that I had when I first used the modem.  Here is how to possibly getting better speeds when you use your card.   First off, you will need to disconnect from the internet and go to your quicklink mobile application:

You will click on “Tools”  and then hit ‘Activation’.   If you have it fail on your the first time you should reboot your system then try to do the activation after reboot that should fix the activation problem.
As you can see after I did the activation of the modem, my speed went way up from the last review.  I thought I should talk about how you could possibly fix this.  I called tech support over this to get a better speed.  

Uncovering a Virus/Trojan

Getting done with the first part really got my juices flowing. I was shopping looking and thinking about this next article. I came up to only one option turning this into a 3-5 length post due to all the content that I will have.  So where did we leave off?  Oh that is right figuring out if you have a virus/Trojan.  The instant I made a post about this 12 hours later someone make a comment and here is what he said:

Rene Van Belzen

I can’t wait to read part two of this article. I always wondered how you’d know you’re infected if a virus don’t want to be detected and no virus definitions are yet available, because the virus is so new.

Now the truth is anytime a Virus does something it usually leaves a footprint somewhere and somehow.   Even the hardest working hacker can’t plan for all possibilities and that is where we begin.   I have been helping people for a while with viruses and know that no matter how hard the virus tries to hide you can usually find it relatively quickly and easily do to virus check here are the ways I’ve done to figure out if they may or may not have a virus/Trojan.

Inside understanding of win32.netsky.q

Netsky.Q is a worm that spreads through e-mail. It is distributed as a 28,008 byte Win32 executable, compressed with PEtite, which drops a 23,040 byte DLL file. It also distributes itself inside ZIP archives.

I saw this on on the net and through we should talk about and let people know how you could get that the worm off your computer. It seems to be a self-replicating worm, it will continue to send out fake messages to people with the subject lines Like:

• Delivery Error
• Delivery Failure
• Delivery
• Mail Delivery failure
• Mail Delivery System
• Mail System
• Delivery
• Delivered Message
• Error
• Status
• Failure
• Failed
• Unknown Exception
• Delivery Failed
• Deliver Mail
• Server Error
• Delivery Bot

And with each message there is the reciepts email address at the end.  This worm seems to be spreading like wildfire today.   It is because people have not install

Crafty little Trojan:W32/DNSChanger.ARNF

Saw this post and couldn’t resist talking about it.   This was talked about on F-secure.    It looks like they use a program call “Homeview Installer” and after you install it you get the Trojan:W32/DNSChanger.ARNF.   So how do you get that off your system?  Before we talk about that, let’s talk about what it does.  According to F-secure:

This malware is dropped onto the system by Trojan-Dropper:W32/Agent.FLN. It is used to change the DNS settings on a system so that information such as passwords and credit card details can be retrieved.

[Via F-secure]

What you need to do to get rid of this of this Trojan is to scan your system.   You will also need to understand that this is a really good Trojan, it sees to modify your DNS and also your Registry.   Once you located and destroyed it you will then want to remove all your restore points.  After that you will want to check my other resources to better protect yourself.   You are the only one to prevent a virus from getting on your system.   If you like this one check out my other post as well.

Fix Shutdown Problems in Vista!

In the Patch Tuesday update, Microsoft quietly released the patch to fix Windows Vista machine shut problems. This patch should of came sooner.

KB957388

Update for Windows Server 2008 and Windows Vista

Install this update to resolve a set of known application compatibility issues with Windows Server 2008. After you install this item, you may have to restart your computer.

This was not a critical update and it seems to resolve so many issues with compatibility.  One thing it seemed to fix on my system has been the shutdown time.  It is now quite fast, it would normally take me 2 to 3 mins to shutdown, now it does it in less than a Minute.   So if you’ve not installed this update please install it soon.   I would like to know if people are seeing the same thing I am.   I’ve found a great resource on fixing it if you are still having problem, it talks about how to check your system performance. Although this is been doing it lately with these programs not loaded or even running, they still seem to cause problems so now I get the feeling it has to do with legacy programs.  This should fix most of the problem with older programs.

The Important Windows patches Released Today

As many of you know we talked about the Non-critical patches that Microsoft will release today.  IF you want to read those please go and check it out.   I’ll be talking about the REALLY important ones that Microsoft has kept tight until now.    These are the more important ones but I will list the ones that I previous talked about to better help people recognize the non-important ones:

KB955839

KB957388

KB890830

KB905866

These are just the tip of the iceberg. although this list are not A lot.  I’d wanted to let people know about what people coin “Exploit Wednesday“.  I really don’t know if this is a Myth or actually does exist but I’d figure we discuss the problems associated with installing the critical updates and try to tell you which ones should be installed As soon as possible.  Though people have in the past used a Virtual Machine to see if there is any problem, that should be your first step if you don’t want to have any problems with these updates.  I don’t suggest testing it more than a couple days.  Here are some good Virtual Machine software to try out yourself:

Facebook: Virus Variant comes back from the dead!

In my recent post, I talked about a Virus that is circulating around on Facebook.  It is know as the Koobface virus and has been changed a little by the programers.   So I what is Techworld saying, just this:

In fact, Koobface is now using one of Facebook’s own features against it, Lovet said. The latest variant uses Facebook’s ability to redirect web links to drive users to malicious websites, often hosted on Geocities.com, Lovet said.

[Via Techworld]

If you have been victim to this little virus, you should check out my Virus removal page and download the programs that should fix this little virus for good on your system.  You should also check out my Previous post I also have some good tips and tricks to prevent the user(YOU) from getting hit by this virus in the first place. This virus is a Good social engineered virus, so please be careful.

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox’s Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

So having seen this I thought I’d come up with ways around this to better protect yourself.  One way to prevent this from getting your sensitive data is to get a program like Sandboxie.   You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer.   I’d also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening.  It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free  to download and try.  It will encrypt your passwords so if they don’t know the master password then they are out of luck.  Roboform is also good for coming up with some strong passwords.  Just some suggestions to prevent from people seeing your sensitive data, you don’t want anyone to get that data.

Are you patched, Secunia Says NO

Think you’ve got nothing to worry about, according to Secunia 98% of computers are not fully patched and are vulnerable to some kinda of attack.

So I wanted to talk about this a little and give you a few good ways to make sure you are patched.  There are several ways to get your system up to almost 100%.

Some things to do is make sure you have your Windows systems updated.  This is easy to make sure, if you have an internet connection you can just check for updates.  If you don’t know how to do it, it is quite simple, Just go here.    If you have Windows Vista all you have to do is hit Start and type in the search box “Windows Update” and hit Enter and you will be taken to the update page.

If you have a system that is off of the Net you could use the Clone of Autopatcher Program to do it for you.   You also need to update all your secondary programs such as Audacity, Open Office, and other programs that you use weekly.

Facebook Virus strikes again

“Look you were filmed all naked!” read the subject header on one iteration of the virus-spreading message, which is being sent automatically from infected accounts to the “friend” list for that account. Clicking the link usually takes users to a page that looks like YouTube, and a pop-up message advises the user to download a Flash plug-in. The download contains the virus, which replicates by contacting everyone on the victim’s Facebook friend list and advancing the hoax.

[Via Boston Media]

This is a good social engineered attack, they seem to have you download a virus into your system.  I Keep talking about how you need to be careful with emails.  I also suggest that you do a complete Virus scan if you think you’ve been hit with this.  There is only one way to prevent yourself from getting this little facebook virus and that is not to click it. Some other things to consider if you found out this was a virus is to contact the person who sent this to them so they to could do a virus scan on their system.