Category: Windows Update

Why you can’t run Antivirus or Taskmanager!

Paul

Photo by : Kristi Evans Photo by : Kristi Evans

As you know there has been more and more virus writers and scammers who don’t want you to interfere with the ultimate plan.   You see the two major plans these people have are:

  1. [intlink id=”2811″ type=”post”]To use your computer as a Botnet[/intlink] —  This is most common because the Command and Control server is where they tell these other computers what to do weather send spam or do a denial of Service attack on a website.  Although this is the most common it isn’t however the easiest to get rid of rid.   Far be it from being easy these virus writers want to keep a foot hold on your system.   This is like the SG-1 the “Foothold” Situation, they try to look like there is nothing wrong.

  2. [intlink id=”3805″ type=”post”]Fake Antivirus software[/intlink] — This is the other common reason why you can’t load up Taskmanager or SUPERantispyware/Malwarebytes.   It could even prevent AVG,  Norton Antivirus, and Other Antivirus software from being loaded at boot up.  Because most Antivirus software can detect this type of scareware.   The scammers want to make as much money as they can so they don’t want the End user to be able to stop the program from scaring you into buying the fake product.  It could also have a [intlink id=”3872″ type=”post”]Scareware Adviser[/intlink] trying to get you to buy the fake product!

As you can see these are what I call the Prime “2” reasons why you can’t run your Antivirus software, although there is a way around this.   I have found loading up in Safe Mode to be the easiest way to run antivirus scans on an infected system.   Although this can be difficult to do it, however it helps prevent these programs from loading up in more ways then one.  If you can go download the Antivirus programs from another computer and have them to install once you load up in safe mode.   You should also think about installing other software like a [intlink id=”2205″ type=”page”]Firewall even the Free firewalls[/intlink] are the better than Microsoft’s Firewall.

[ad]The other options for those tech savy people who know what a hard drive is and how to remove it, is to mount it onto another system as a slave and then run your antivirus software on the hard drive in question.   This however shouldn’t be done unless two conditions are met:

  1. You Know what you doing —  Again if you don’t know what your doing please don’t try this.  It could hurt your system far more than you can know.   If you don’t know how to do this you should take it to a professional and let them do the work for you.

  2. Out of Warranty — Yep that is right if this has a 2 year or longer warranty and you open up the hardware you automatically void the warranty on anything to do with your system.  So it is best to have someone who is qualified warranty specialist to open it up.  This way you still have your warranty on the system and if something does go wrong in the shop, they can fix it easier than a novice.

If you know what your doing this can be an easy process or it can be a hard process it only depends on how knowledgeable you are and how far you are willing to go.   Although there are [intlink id=”2955″ type=”post”]some viruses that require you to just start over[/intlink].  This is because they have embedded so deeplyinto the system that removing them will ruin your Windows system and prevent it from booting in the first place.  This is the last option, if you have a system who has been overrun with virus and spyware it might be time to reinstall the Operating system.  This is what I call the end all way to get rid of the Virus, Trojan, Or spyware on your system.   If you do this you will need to make sure to install all the Microsoft updates before you do anything else.  Also you will need to [intlink id=”2205″ type=”page”]re-install any Firewalls and Antivirus[/intlink] software to better protect your system from having the virus in the first place.

Scareware Adviser from securitybrowseradviser.com

Paul

It looks like I have been added to this website but it is a fake URL Hijacker that wants to sponsor [intlink id=”3607″ type=”post”]Personal Antivirus Just Scareware[/intlink]. Yep you guessed it they are blocking this url from trying to be displayed some of the people are still ignoring the warning and coming to my site  anyways.
securitybrowseradviser1

So the first question is how do I know this is a fake site warning. Well I did my research I went to Phishtank.com and check to see if my URL was being blocked. I also clicked the link to see what this link went “Activate my Web protection software”. It sent me to this site:

personalantivirus2

[ad]As you can see this site “ieprotectionlist.com” calls itself the [intlink id=”3607″ type=”post”]Personal Antivirus[/intlink] and look it even says “Malicious behavior detected”. I start looking for anything about this software no links to contact them or no links to learn more about this product. This is how I know this is a scareware site. If you seem to be getting these warnings it is time to go download[intlink id=”2205″ type=”page”] real antivirus software[/intlink].

[ad]As you can see the Securitybrowseradviser.com is a scareware sponsor for the [intlink id=”3607″ type=”post”]fake Personal Antivirus software[/intlink] that it is linking to. So if you getting this it is time to remove it.

I would Recommend SUPERAntivirus Pro although the Free version is good to remove this scareware or spyware. I have found it does find all the programs and where they are located. If you feel like you want to do it yourself be warned that is a cumbersome process and might hurt your system more than letting a program do it for you.

I will be doing a review of SUPERAntivirus Pro in the next few weeks, I do think it does the job plus more. When I do a scan with this product it actually finds more than expected.

Microsoft Get Ready for Patch Tuesday. 6 Bulletins

Paul

According to Arstechnica there will be 6 Bulletins and each of them are very interesting:

  • Bulletin 1: Critical (Remote Code Execution), Windows

  • Bulletin 2: Critical (Remote Code Execution), Windows

  • Bulletin 3: Critical (Remote Code Execution), Windows

  • Bulletin 4: Important (Elevation of Privilege), Virtual PC, Virtual Server

  • Bulletin 5: Important (Elevation of Privilege), ISA Server

  • Bulletin 6: Important (Remote Code Execution), Office

[ad]It looks like there will be another Directx Patch for those who have Directx 7 through 9.0c.  It also seems they will be Patching the Virtual PC and Server and ISA Server.    Microsoft will also be patching 2007 Microsoft Office System Service Pack 1.  They will also Be Releasing 14 different patches for non Critical status.

The Directx Flaw that was reported in May is reportedly being patched and that is why we have these Directx updates that are comming down from Microsoft.

So Now is the time to get [intlink id=”2883″ type=”post”]Autopatcher[/intlink] updated to the lastest updates and schedule a time next week for you to test and install these updates.   I would recommend updating your [intlink id=”2205″ type=”page”]anti-virus and Firewall[/intlink] software if you have any, if not it is time to get them and install them.

Using Malwarebytes to get Rid of Malware

Paul

Malwarebytes

I have been using Malwarebytes for quite some time.  I have the Installer for Malwarebytes in place on a  USB drive so i can use anywhere I go. I have seen several computers with very old Viruses and this actually detected them.

[ad]How Malwarebytes useful

  • Malwarebytes has a really good protection module to help prevent infections in the first place, but that requires you to buy it.  It should never be used without at least a [intlink id=”2205″ type=”page”]firewall installed[/intlink] but it is a good defense against what I like to call a Drive by install.

  • Automatically create logs of Malware that is found — This is good to for people who want to be able to check out what might be infected.   Also good to help identify the virus or Trojan, and find out how to uninfected it.

  • Cheaper than buying AVG — Cost $24.95 which is half of the cost of buying AVG.

As you can see buying Malwarebytes can be cheaper than buying AVG or Norton and protects your almost as if you have a brand name.   I think if a customer can’t afford $50 this would be the next best thing to suggest being that it will at least protect the system.   You can always install a [intlink id=”2205″ type=”page”]Free Anti-virus[/intlink] along with Malwarebytes to better protect your system.   This is one way to not have to buy expensive antivirus and yet still protect your systems from Malware.

No matter if you Buy Malwarebytes or use the Free version you are better off then not having it.  With the Free Version you can’t unlocks real-time protection, scheduled scanning, and scheduled updating.  These can be done manually without the having any Real time Protect.   You can scan manually and Schedule manually without buying the full version.  This is still a good buy, I recommend this to all my customers.

A few Zero Day Exploits in the wild — Heads up

Paul

Several different Security Vendors are Reporting that there is an ActiveX and Directshow exploits out in the wild.

The Directshow file in question is : msvidctl.dll

[A work around to prevent this]

[ad]It involves an ActiveX control called the Microsoft Streaming Video control and there is no workaround that I know of just yet.   Microsoft is aware of these exploits but we don’t know when they will release the patches.
These flaws mean that if you visit an Infected site you will most likely install software that you really don’t need or want.   You should be cautious where you go especially on chinese servers because some of them are reporting that they have seen an overnight bloom of sites that have these exploits in place.

People should take care and [intlink id=”2205″ type=”page”]install anti-virus and firewalls[/intlink] even the free ones are the best choices right now to defend againts these types of attacks.  You should also make sure you have the updated virus definitions and make sure you have the latest version of the AV program.

It is also suggest for users to not use Internet Explorer to prevent some of these exploits but take care and install a good browser, I would suggest Firefox to better protect your computer from some of these exploits.