Posts tagged Virus

scareware

How to prevent “Scareware” (Rogue Antivirus)

Jan 19th

Posted by Memphis PC Guy in Security

Practically all my service calls the last two months have been due to Scareware related issues. Rogue anti-virus programs that claim every program is infected and that for some amount of money your computer can be secured. Unfortunately, the scareware program IS the infection and your money is sent immediately to some far off country while little if any relief is provided for your payment. It is a scam. And the worst part of it is you no longer have to be surfing the seedier side of the Internet to become a victim!

The authors are actually paying people to infect you, which means it is being included in blogs, forums, even websites you actually pay to use. Typically they rely on your trust of a website to open up the security of your web-browser, to drop your guard, to OK a download.

They operate primarily by using Javascript Code. Javascript is very common and the internet would be a horribly bland place without it, which makes it the perfect vehicle. Javascript are little snippets of code that are included in websites to generate dynamic content, like time stamps and the like. They allow a website to offload some of the heavy lifting and More >

, , , , , , , , , ,

Computer Virus or Spyware? Try this first!

May 23rd

Posted by Memphis PC Guy in Security

If you suspect your computer has become infected by a virus or spyware program (sluggish performance, pop-up windows, internet search takes you to an unknown site etc.) following the steps outlined below may save you some time and money. Simply running the programs listed below could correct the problem(s). If additional help is needed, the programs listed will generate reports you can submit here for more precise removal instructions.  

If you feel your computer is infected and/or a program below confirms it you should NOT continue to use your computer for online banking or other sensitive operations such as logging into your work computer. Many infections include programs that track and record your keystrokes! Things like account info and passwords are highly sought after on the “black market”.

Download, Install, Scan instructions After installing and updating each one, Do the Scan to clean in SAFE MODE, offline with IE closed How to start the computer in Safe mode Windows 98: »support.microsoft.com/kb/180902 Windows XP: »support.microsoft.com/kb/315222 Windows Vista: »windowshelp.microsoft.com/Window···033.mspx Copy the instructions in the link above for easy use in safemode since you will not be able to access online information. (Note: Safe Mode with Networking is not recommended) Copy any other instructions you need to operate the programs you are using so you More >
, , , , , , , ,

Bootable Antivirus Scanners

May 4th

Posted by Memphis PC Guy in Security

PC infected and can’t boot up to safemode to run initial scans? If you have access to another computer with a CD Burner and Internet access try one of these bootable rescue scanners!

Avira’s bootable CD scanner program (daily manual signature updates) is at http://www.avira.com/en/support/support_downloads.html

Dr. Web’s capable bootable CD scanner program (do a manual signature update before scanning) is at http://www.freedrweb.com/livecd

F-Secure’s bootable CD scanner program (updates when run) is at http://www.f-secure.com/en_EMEA/security/tools/rescue-cd/

Kaspersky’s bootable CD scanner program (occasional manual updates) is at http://www.brothersoft.com/kaspersky-rescue-disk-197959.html

Sunbelt’s Vipre rescue program (download and put on computer or USB drive–a bootable CD is in the works) is at http://live.sunbeltsoftware.com/

, , ,

Virus scanning recommendations – Microsoft Windows OS

Feb 18th

Posted by Memphis PC Guy in Security

For computers that are running Windows Server 2003, Windows 2000, Windows XP, Windows Vista or Windows 7 source: http://support.microsoft.com/kb/822158

Do not scan the following files and folders. These files are not at risk of infection. If you scan these files, serious performance problems may occur because of file locking. Where a specific set of files is identified by name, exclude only those files instead of the whole folder. Sometimes, the whole folder must be excluded. Do not exclude any one of these based on the file name extension. For example, do not exclude all files that have a .dit extension. Microsoft has no control over other files that may use the same extensions as the following files.

  • Microsoft Windows Update or Automatic Update related files
    • The Windows Update or Automatic Update database file. This file is located in the following folder: %windir%\SoftwareDistribution\Datastore

      Exclude the Datastore.edb file.

    • The transaction log files. These files are located in the following folder: %windir%\SoftwareDistribution\Datastore\Logs

      Exclude the following files:

      • Edb*.log

        Note The wildcard character indicates that there may be several files.

      • Res1.log. The file is named Edbres00001.jrs for Windows Vista and Windows Server 2008.
      • Res2.log. The file is named Edbres00002.jrs for Windows Vista and Windows Server 2008.
      • Edb.chk
      • Tmp.edb
    • You want to add the following files in the %windir%\security More >
, , , , , ,
12»