Could you tell the difference between your anti-virus program and malicious website attempting to install viruses into your computer?

Real (Windows Security Center)

Fake (Antivirus 2008)

Studies show that cybercrooks have a 3.4% success-rate infecting users’ computers. Chances are high that you will eventually come across an infected website. It would definitely be a good idea to make sure that you can spot the good security suites from the rogues.

Tip #1

The first thing you should do is find out which antivirus you are actually using. Remember the name of the program and what the application windows and interface look like. You should do the same for your antispyware and firewall applications as well. You will therefore be able recognize when a hacked site is attempting to lure you into a trap using scare tactics. Here’s an example of a rogue antivirus program using the scare tactic, “found infections, now buy me or else!”

Fake “Virus Detection”

Tip #2

Use Firefox and the Web of Trust addon. The main reason we recommend Firefox to our clients is because of the wide variety of addons available for it. When setting up a new computer, one of the first things I install is Firefox and the Web of Trust (WOT) addon. WOT shows you ratings for websites before you even click on them.

Let’s say you do a Google search for an anti-virus program. From my experience using WOT, I have found that at least one of the links on the page will receive a bad rating from WOT. Here’s one of the links WOT shows as having a poor reputation when searching for “anti-virus” in Google.

Notice the red warning circle next to the link.

What this means is that other WOT users have checked the site out and have found it to be unsafe. WOT even allows you to see other peoples’ comments about the site. You can rate sites and comment as well. In fact, the WOT community relies on users like you and I.

Here’s what you will see if you enter a site that WOT users have deemed as having a poor reputation.

Of course, websites are constantly being infected so there may be some newly infected sites that have not yet been detected by the WOT community. In these cases, you will need another layer of protection.

Tip #3

Malwarebytes, The Best Free Anti-Malware Program That You Really Should Buy.

Malwarebytes is a free program that has excellent detection rates. It is able to find and remove viruses, spyware and malware that many security suites cannot. It is maintained by a small group that regularly browses forums looking for infection trends and stopping them early. Like I said, the program does an excellent job of removing viruses, but for $24.95 for a lifetime subscription, the full version can actually prevent threats from infecting your computer. Prevention is really the key to safe browsing. (Buy Full Malwarebytes by Clicking Here.)

So lets just suppose you visit a website that was just infected a few hours ago. Since it has just been newly infected, the WOT community has not yet rated the site negatively in order to warn you. So you go to the site and a window comes up saying that your computer is being scanned for viruses and that it is infected with numerous trojan viruses. Assuming you didn’t follow Tip # 1 and cannot differentiate between the rogue anti-virus and your real anti-virus, you download the “fix”. Many times, I have found that Malwarebytes will actually block the download based on the IP address of the website. If it doesn’t, it will detect that the file you’ve downloaded is malicious once you try to install it. Malwarebytes will block these attempts by the virus to infect your computer.

Malwarebytes detecting and removing infections.

Summary

1) Familiarize yourself with your security programs and what they actually look like.

2) Use WOT, Web of Trust addon for Firefox so that you know whether links are safe or not.

3) Use Malwarebytes to prevent malware from infecting your PC.

Digg

Stumble Upon

Del.icio.us

Buzz

As you know, E-Geniuses provides maintenance plans to proactively prevent viruses and spyware from infecting your computer. This allows our clients to safely perform time saving tasks such as online purchasing and online banking. In addition to having us maintain their computers to ensure security, we would also recommend that clients keep track of their credit reports and to look out for unauthorized charges.

Federal law states that you have the right to receive a free copy of your credit report once every 12 months. AnnualCreditReport.com allows users to view their credit reports from the three major reporting agencies; Equifax, TransUnion, and Experian.

If you see any unauthorized credit cards or charges on your existing credit cards, then call your card company right away. Other companies also offer paid services that can alert you when there is suspicious charges made.

A credit report can also come in handy when purchasing a vehicle. If your credit rating is good, then you may use it as leverage to negotiate a better interest rate.

Checking your credit report is not only easy, it’s also free! Make sure to check your credit report at least once a year to ensure a level of security that will protect your credit score. Oh yeah, make sure your computer is also properly secured and maintained.

Digg

Stumble Upon

Del.icio.us

Buzz

One morning we received a call from a frantic homemaker.  She had explained that her computer system seems to slow down dramatically.  From experience, we suspected that it was computer virus related but we couldn’t be sure until we physically saw the computer.  Since she had to take care of her almost 2 years old daughter, there was no way for her to come into the office.  When I met her in person, the real story came out.  She had recently opened an email with an invitation in it.  When she realized what she had done, it was too late.  I was able to install our usual perferred antivirus programs but was not able to do any updates.  After several minutes of configuring, I was able to get all the programs updated and ran a scan of the computer.  One of the program found 38 viruses and malware while another found 17 more.  The computer had Norton Antivirus installed so the customer was confused as to how the virus slipped past the protection.  I had to explain to her that we use at least 3 different antivirus programs everytime we do a clean up because there is no one program that can catch them all.  After a couple of hours, we were able to remove all the viruses and the customer was happy that she doesn’t have to see the error pop-up messege every minute.

Digg

Stumble Upon

Del.icio.us

Buzz

Granada Hills Computer Repair

I went to the client, a previous client of ours, who had a Monthly Maintenance Plan that, unfortunately, had not been renewed. They had only been without the maintenance plan for about 3 months and already had many infections on their computer. The computer was setup at a flower shop, but the computer was also being used for personal use. Guests would come in and use the computer as well.

Because the computer was so heavily infected by various Vundo viruses as well as some rogue anti-spyware programs such as Antivirus 2009, the computer could not get online. The computer was being used for accounting purposes and the client did not want to risk inputting sensitive information without the computer being completely secured.

The normal means of virus and spyware removal weren’t working and the viruses had to be removed manually. There were several rootkits and malware that most antivirus suites cannot detect. It took longer than expected and I had to take the computer back to the office to get it online and running well, but it was worth it. I was very satisfied that I didn’t have to reinstall since the client had so much existing work on the system. All of their programs were already installed and customized to suit their specific needs. Reinstalling the operating system would have been a last resort since it requires reinstalling all of the software, reinstalling drivers, reconfiguring the settings and re-customizing the look and feel. This makes reinstallation less cost effective as well. Sometimes it is necessary, but it wasn’t in this case.

This client has referred many friends and family to E-Geniuses. They also make sure we are comfortable since we sometimes are working for long periods of times without breaks. We thank you and appreciate clients like you. You know who you are.

Digg

Stumble Upon

Del.icio.us

Buzz

Out with the Old and In with the New

Time to say goodbye to your old security applications that are are hogging up your resources, annoying you with notifications and yet they still don’t guard you from the most recent strain of malware. Lets update your entire security suite!

Old Anti-Malware:

Spybot Search & Destroy, Adaware, and AVG Anti-Spyware

New Anti Malware:

Malwarebytes

Why it’s better:

Malwarebytes can remove malware that the others cannot. On a relatively new computer, Malwarebytes’ targeted quick scans take around 10 minutes instead of 30 with the old programs. The dedicated team at Malwarebytes updates their definitions regularly by constantly scanning the forums and reviewing hijackthis logs looking for new threats.

Summary/Notes:

I know AdAware and Spybot were the best back in the days, but they can’t protect against the latest malware. At first, I felt guilty removing these old programs but I got over the feeling once I saw how much stuff they missed in their scans. Keep in mind that it is a person, not a computer program, that’s creating the malware. A computer program that isn’t updated regularly won’t do you any good against malicious programmers who’s programs are updated regularly. The great thing about the Malwarebytes team is that they respond quickly to threats ensuring that they don’t get a chance to spread to others. For another good malware remover, check out Super Anti-Spyware. You might be surprised what you find with these two programs.

I recommend paying the $25 for the full version with a resident Protection Module which prevents malware from getting in to begin with. If you don’t want to pay for the full version of Malwarebytes, the free version still does an awesome job. One con is that entire program, not just definition updates, need updating more often than other anti-malware software. I am willing to deal with it as long as my PC’s are secure.

Security Suite (Best Anti-Virus Programs) – Watch the top videos of the week here

Old Anti-Virus Suite:

McAfee, Norton, AVG Anti-Virus (without Threat-Fire)

New Anti-Virus Suite (With 0-Day Protection Against Viruses):

Threat-Fire

Why it’s better:

Threat-Fire is actually meant to supplement your current anti-virus program. Threat-Fire can detect brand new viruses and rootkits by detecting suspicious program behaviors rather than needing to know the every virus type and variant. It is called 0-Day protection because it can detect malicious programs on the spot instead of having to wait for the files to be analyzed by the people who create your anti-virus. Anti-virus programs are usually designed to react to specific viruses. Threat-Fire offers a more pro-active solution as opposed to a re-active one.

Summary/Notes:

I could not recommend McAfee or Norton because they just slow your system down so much. I also make sure to disable AOL or Yahoo’s “Protection” software that usually get bundled with your high-speed Internet. These are all well known resource hogs. Of course protecting your system is important, but you shouldn’t have to take a huge performance hit. No wonder Macs are so popular right now. No well-known viruses means there’s no need for anti-virus programs wasting your CPU cycles, memory and disk space.

My favorite free anti-virus is Avast. My favorite (non-freeware) anti-virus is NOD32 by Eset. A lot of people recommend Kaspersky but I found it had too many options and was too intrusive for many clients. AVG Free also seems to be popular, but I’ve noticed that sometimes it times-out when trying to download the definitions and so your computer is more vulnerable until it can download the latest definitions. Either one will get the job done, but much more effective when you combine them with Threat-Fire. From my experience, the combination of Threat-Fire and AVG or Avast is relatively light on resources. Threat-Fire and Norton seem to conflict on certain systems. I have not yet tested Threat-Fire with McAfee. Post in the comments if you have. I’ve also seen a lot of the new rogue anti-virus programs and fake anti-spyware programs get by Norton, McAfee, AVG and Avast. Threat-Fire seems to help a lot. Malwarebytes running with it’s Protection Module seems to work the best. Most systems seem to run pretty well using the combination of Avast, Threat-Fire, and Malwarebytes Protection Module.

One con is that Threat-Fire may detect a few false positives since it is detecting suspicious behavior. It doesn’t seem too intrusive in my experience with it.

Old Firewall:

Zonealarm or Windows Built-in Firewall

New Firewall:

Comodo Firewall

Why it’s better:

It’s user interface is friendlier and is less intrusive to your workflow. It also has a learning mode that can figure out which programs and services need to be allowed access without the user having to click allow a billion times before the system is usable again. Make sure your computer is clean first or else you will just be setting your system to allow access to malicious programs.

Summary/Notes:

For most general users, a combination of Windows’ built-in firewall and a hardware SPI/NAT firewall with uPNP disabled is sufficient. Many people would rather be less secure rather than have pop-ups asking them for permission every time a program wants to access the Internet. It’s a sacrifice a lot of users are willing to take. If you are not willing to sacrifice one ounce of security, then definitely check out Comodo. It will give you that extra layer of protection with minimal interruptions. Keep in mind that there is still, like any good firewall, a slight learning curve. Most users will have no problem.

Conclusion:

The best security is being proactive by being careful which links you click on and making sure that your computer is up-to-date. Still, extra layers of protection can safeguard your computer just in case something unexpected happens.

I would like to hear back from you with your experiences with these programs. What programs have you found to be exceptionally effective?

Make sure to stay up-to-date with the latest in computers and technology by subscribing to the E-Geniuses Insider RSS Feed .

Digg

Stumble Upon

Del.icio.us

Buzz

New Malware Notice

Fake Rogue Anti-Virus & Anti-Spyware in Action

Lately we’ve been seeing a lot of people being infected by rogue (fake) antivirus and anti-spyware programs. The virus is stored on a website, perhaps even a trusted website, that’s been hacked. A window that looks like an authentic Windows warning message appears saying that the computer is infected. The purpose of the fake warning message is to scare the user into clicking “Yes” to every window that pops up claiming to fix the “virus problem.” Clicking “Yes” actually downloads the virus. Do not download the file. If you already have, delete it immediately.

Above: Picture of a Rogue Virus acting as an Antivirus Warning Message.

If you see a similar warning message to the one above, close the browser completely. If you have a Monthly Maintenance Plan with E-Geniuses, you should call to have a technician scan your computer for infections. We will then examine the suspect website and have it reported if necessary.

The are many variants of the same malware. Some common names are Power Antivirus 2009, Antivir64, Internet Antivirus, PowerAntiSpy, AntivirusDoc, XP or Vista Antivirus 2008, and Antispyware XP 2008.

If you’ve been infected, we have found a few programs that work well. One of the programs is called Malwarebytes. It’s free to download. For more security, we recommend that you purchase the full version for around $25. The full version of Malwarebytes can monitor and prevent rogue programs from being installed. Installation and configuration is available at no cost to Monthly Maintenance and Personal Technician clients.

We will keep you posted in our newsletter, The E-Geniuses Insider, and our blog so you’ll know which programs work best for the most current infections. As you know, the people programming these viruses change them to circumvent preventive measures. Just make sure that you have an E-Genius on your side to stay a step ahead of them. If you have anymore questions about Virus and Spyware Removal, visit www.E-Geniuses.com.

Digg

Stumble Upon

Del.icio.us

Buzz