Monday, March 28, 2011

But I have antivirus software!

I get this question all the time. "I have anti-virus software so how did I get infected with a virus"?.

Each anti-virus company has its own list of malware, which they call their "definitions". Every company releases updated definitions regularly, at least once a day but sometimes several times a day.

Each company also has its own rules for identifying a virus that isn't in the definitions list. If a file acts a certain way or loads itself into a certain folder, for example, your anti-virus may alert you that the file could be a virus. It also sends a message to your anti-virus company with the details about the potential new virus (the name, location and behavior). Since many of these alerts are false positives, each company has to investigate each new report before they can update the definitions.

The term Zero-Day Attack refers to new types of threats and malware that are released before your anti-virus is aware of them and has time to add them to the definitions list. Completely new threats get around this because they don't behave or use code which can be detected by existing anti-virus definition files.

There is usually a 24 to 72 hour window of vulnerability when a new type of threat is released. During this time, your anti-virus company must learn of the threat, perform investigation, and then release definition updates to detect the threat.

So what can you do to help protect yourself?

There are certain websites which are more likely to transmit the virus to your computer. Adult (xxx) sites, Gambling sites, illegal software (warez), movie or music sites are the biggest culprits. Try to surf only trusted websites. It is also important to always double check before clicking on an unknown link whether it's on a website, a social media page like Facebook or in your email.

Thursday, February 18, 2010

Windows XP Update KB977165 Causing BSOD

A recent Windows Update has been causing BSOD (Blue screen of death) issues for many Windows Xp users. If you're getting a blue screen like this,

with the stop message STOP Error 0x0000007E, this is probably the cause. This is something that I can easily resolve for you, so contact me today to get your computer up and running better than brand new.

Saturday, January 30, 2010

Microsoft Says Battery Woes Not Caused By Windows 7

Microsoft's Stephen Sinofsky says Windows 7 isn't degrading PC batteries. Rather, deeper detection in Windows 7 is flagging batteries performing at or below 40 percent of capacity. Vista and Windows XP do not have the battery detection provided in Windows 7. Some users are continuing to dispute Microsoft's stand on Windows 7 battery problems.

Battery problems on Windows Relevant Products/Services 7 machines are not caused by the operating system Relevant Products/Services. That's the position of Stephen Sinofsky, head of the Windows division, in a long posting Monday on the Windows engineering blog.

"At this time," he wrote, "we have no reason to believe there is any issue related to Windows 7 in this context." He acknowledged reports in the press and in forums about faulty battery warnings and batteries failing. "In every case we have been able to identify," Sinofsky added, "the battery being reported on was in fact in need of recommended replacement."

'Accurately Detected a Failing Battery'

Sinofsky said that the company has been contacting customers who report issues in forums, monitoring customer Relevant Products/Services-service Relevant Products/Services communications Relevant Products/Services, keeping in touch with PC makers, and utilizing opt-in, anonymous "telemetry in Windows 7" to keep track of the situation. In all cases investigated, he wrote, "Windows 7 has simply accurately detected a failing battery."

One factor Sinofsky emphasized is that there is a new battery notification in Windows 7 not available in Vista or Windows XP. The notification, with a battery meter icon and the message "Consider replacing your battery," appears when the battery is performing at 40 percent of its designated capacity. He noted that some customers upgrading a PC to Windows 7 did not know the battery was degrading until 7 offered this new level of notification.

He pointed out that PC batteries, through the hardware Relevant Products/Services and the BIOS firmware, offer several read-only fields of information Relevant Products/Services about the battery, including manufacturer, serial number, design capacity, and last full charge capacity. Sinofsky added that this information "is read-only and there is no way for Windows 7 or any other OS to write, set or configure battery status information."

'The Answer Is RIGHT THERE!'

But user complaints continue to populate the Microsoft Relevant Products/Services support forum, where the issue has been reported in a variety of configurations and conditions since June.

On Monday evening, a commenter named DanLee81 posted Sinofsky's assertion about the read-only fields, and then insisted that "the answer is RIGHT THERE!" The user contended that the design capacity value "with all problematic batteries is an unpopulated field," and that, instead of that missing variable, the OS should be reading the total capacity variable, for which every battery provides a value. "That is why the false alarm is appearing," he wrote.

Avi Greengart, an analyst with industry research firm Current Analysis, noted that he has had no battery problems with his two Windows 7 netbooks. In general, he said, Microsoft appears "to be stepping up to the plate" on this issue by acknowledging it and trying to track down any issues.

He noted that, unlike Apple, Microsoft only controls the OS, not the hardware, and if there is a problem, "it's possible they're only part of the problem, not the entire problem."

Monday, January 25, 2010

How to Update Your AntiVirus Software

When one talks about antivirus definition updates, one usually speaks in terms of Manual and Automatic updates. A manual update is performed by going to the antivirus vendor’s website, downloading the definitions, and then either installing them by running a program or just placing them in your antivirus software’s definition directory. Antivirus software that automatically updates would download new definitions automatically on a set schedule, once a day or once a week, for example. Most antivirus software is pretty straightforward when it comes to Automatic updating. They will almost always come preconfigured for automatic updates, so they are mostly “set and forget” sort of solutions.

This is no way to make money, however. Due to the nature of ever-evolving virus threats, virus definitions are outdated within days of their release, necessitating some sort of a constantly updating definition system. The major antivirus companies have turned antivirus protection from a software to a service. They do this by selling you “subscriptions” or “licenses” to use the software. This means that when your subscription is finished, you will stop getting updates. That is why it is so important to stay on top of your subscriptions and make sure they don’t run out.

From this comprehensive set of links, you should be able to find the updates to the program you run on your computer. Some of the products can only be updated from within the program itself, meaning that you can’t download the definitions manually. I’ve made a note of those that are only updated manually.

If I missed on that you would like me to find the update link for, then please let me know.

Anti Virus Updates

Name of Antivirus ProductUpdate Link
avast! Professional EditionClick Here for the Update
AVG Anti-Virus Click Here for the Update
AVIRA AntiVir Personal EditionClick Here for the Update
BitDefender Professional PlusClick Here for the Update
Dr.Web for WindowsClick Here for the Update
eScan Anti-VirusClick Here for the Update
ESET NOD32 Anti-VirusOnly from within program*
Fortinet FortiClientOnly from within program*
F-Prot for WindowsOnly from within program*
F-Secure Anti-VirusClick Here for the Update
G DATA AntiVirusKit (AVK)Only from within program*
Kaspersky Anti-VirusClick Here for the Update
McAfee VirusScanClick Here for the Update
Microsoft OneCareOnly from within program*
Norman Virus ControlClick Here for the Update
Symantec Norton Anti-VirusClick Here for the Update
TrustPort Antivirus WorkstationClick Here for the Update

Monday, January 18, 2010

Virus Protection

Today I'll be giving a few tips on how to prevent virus infections on your computer.

The best defense against infections are up to date anti-virus software. If you don't have an anti-virus program, you can download one for free.

Avast Home Edition offers their home version for free for non-commercial & home use and includes ANTI-SPYWARE protection, certified by the West Coast Labs Checkmark process, and ANTI-ROOTKIT detection based on the best-in class GMER technology.

You can see below the different resident scanners for instant Messaging, internet mail, Network Shield, and Microsoft Outlook.

And here are the rest of the resident scanners, P2P (peer to peer), Standard and Web Shield.

AntiVir Personal is free anti-virus that constantly and rapidly scans your computer for malicious programs such as viruses, Trojans, backdoor programs, hoaxes, worms, dialers etc. Monitors every action executed by the user or the operating system and reacts promptly when a malicious program is detected. It detects and removes more than 150,000 viruses and includes 7 different resident shields which protect a user's PC, with minimal impact on system performance.

Here are some of the categories Antivir will scan for you:

And this is what the scanner interface looks like.

AVG Anti-Virus Free Edition
is trusted antivirus and antispyware protection for Windows (Xp, Vista and Windows 7)free for home use. It includes a new LinkScanner® Active Surf-Shield which checks web pages for threats at the only time that matters – when you're about to click that link.

And here is is during a scan:

If you already have anti-virus software, make sure it has updated virus definitions (this is the database of known virus infections used to scan your computer). Most programs have an option to automatically update and scan on a daily or weekly basis and give you the ability to set your scan for a time when the computer is not in use (like the middle of the night). Keeping your anti-virus updated and scanning on a regular basis is very important.

Also, be sure to install Windows Updates whenever they are available. These updates can be downloaded for free from Microsoft and will patch known security holes in your software, as well as adding new features. Windows Update can be configured to install updates automatically, ensuring that a computer is always up-to-date and not vulnerable to computer worms and other malware.

This is what Windows Update looks like if you use Windows XP. It can be reached by going to the Microsoft Windows Update website

If you use Windows Vista or Windows 7, the web site is no longer used for selecting and downloading updates. Instead, enter the control panel and select the Windows Update icon.

Here you can check for updates, configure automatic updates, and see if there are any extras available for your operating system.

Although these tools provide good protection against most average virus infections, some infections are severe and may require professional service.

Sunday, January 10, 2010

Spyware Protection

There are dozens of good anti-spyware programs on the market, but I'm going to highlight a few that I prefer because they are free and easy to use.

SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed. It will also stop malware from communicating with its host server. This helps to stop popups and malware from functioning and further spreading the infections.

Malwarebytes' Anti-Malware can detect and remove malware that even the most well known anti-virus and anti-malware applications fail to detect. Malwarebytes' Anti-Malware monitors every process and stops malicious processes before they even start.

SUPERAntiSpyware features a highly advanced Real-Time Protection to ensure protection from installation or re-installation of potential threats as you surf the Internet. Used in conjunction with their First Chance Prevention and Registry Protection, your computer is protected from thousands of threats that attempt to infect and infiltrate your system at startup or while shutting down your system.

Spybot S&D searches your hard drive for so-called spy- or adbots; that is, little modules that are responsible for the ads many programs display. Many of these modules also transmit information, including your surfing behavior on the Internet and possibly your personal information. If it finds these modules, it can remove them. In most cases your computer still runs fine after removing the spyware/adware.

Here you can see the feature that allows you to immunize important files and folders:

And one of my favorite things about this program- once it finds infections, it gives you valuable information about them.

No matter which program(s) you choose for spyware protection, make sure you update and scan often (at least weekly). Severe spyware infections can require professional service to be completely removed.

Saturday, January 2, 2010

How did I get infected with spyware?

Almost every computer I work on has some type of infection on it, whether it's spyware, adware, or other general malware. Most people say they have no idea how they got infected and end up asking the same questions.

First of all, what is spyware? Spyware is software that hides itself somewhere on your computer collecting information about you and what you do on the internet without your permission.

Basic Spyware

Spyware is often downloaded onto your PC when you download other free software. When you see a license agreement for any software you have downloaded from the internet be sure to read it carefully. Somewhere in the installation process there may be an option to install a free web toolbar, which could be spyware (Mywebsearch, Coolwebsearch, Weatherbug, etc).

Often buried in the license agreement will be a disclaimer saying that information about you and your browsing habits will be sent to the company's website. This kind of software slows down your computer and may install additional spyware as time goes on.

The information collected about you is usually for advertising purposes but spyware can scan files on your hard drive, listen in on other applications like chat programs, read cookies, etc.

Adware and Malware

Adware is a form of spyware which installs secret advertising software on your computer. These generate on-screen adverts (often pop-ups) which can be really annoying!

The worst forms of adware 'hijack' links in web pages. So, instead of taking you to the correct website they take you to a different site - who have often paid the adware makers.

Malware is another form of spyware. It's short for malicious software and is often designed to cause damage to your computer system just like a virus does. Some can even keep a log of every keystroke you have typed and steal your passwords and financial info.

These adware/malware applications can also seriously use up system resources and can cause your PC to slow to a crawl, crash or freeze. Some of them will even pretend to be anti-spyware programs, trying to fool you into clicking and further infecting yourself.

How You Get It

One of the most common ways spyware gets on your computer is the use of peer-to-peer file swapping programs such as Limewire, Bear Share. These programs not only come bundled with spyware when you install them, but many of the files you download using them are also infected. If you insist on using peer to peer file sharing programs, use Bear Share Lite or Lime Wire Basic instead. They have 0 spyware or adware included in the installation files.