This Phish will Bite your Butt

[ad name=”new”]

Here’s a youtube video from Sophos that shows how you can get infected from a Google Ad advertising Norton.  Note how on the fake Norton website the colors are yellow like Norton Antivirus or Symantec, but there’s no real name, only the word “Anti-virus,” a clue you’re not getting the real deal, but a rogue antivirus. Be aware when going to unfamiliar sites. In the meantime, I’ll try to let Google know this is a fraudulent website. We call that a phish website. Try not to go phishing, the phish ARE biting, but are biting right in the ol kazoo, meaning where it hurts most: your wallet and computer.

If you did buy the fake Norton from the phish website, it wouldn’t work, and would infect your computer with more viruses and spyware.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

If Microsoft Calls, Hang Up

[ad name=”new”]

Many new Ducktoes clients have been victims of a phone scam where a caller from outside of Canada claims to be from Microsoft. The friendly and helpful caller convinces the client their computer is infected with viruses.  He sympathizes  and earns their trust.  And then persuades them to give him access to their computer and even (yes, even!) payment with their credit card number.  He remotely controls the computer and “fixes” it.  After hanging up, the client gets that hair-prickling-the-back-of- your-neck, you been compromised feeling and calls Ducktoes to ask if this was a legitimate repair service by Microsoft.  I don’t even have time to tut-tut, instead I say, yikes, or the stronger language “omg,” hang up immediately and call your bank or credit card company to turn off the credit card!  They are lucky if the purchase price is the only amount withdrawn.  It’s often too late to get the $200 – $300 back of the dubious virus removal and computer repair costs, but often prevents even larger amounts from being stolen.

Then at the shop we remove the keyloggers: software that records every keystroke you make, also known as the “betrayed lover” software because many people use it to catch a straying partner in an affair by reading their emails and instant chats to other man or woman.  But the fraudsters don’t care if you’re stepping out, they’re out for cold cash, and oodles of it they must be making off Calgarians alone, not to speak of others all over North America.

In Winnipeg the police have issued a warning about the same fraudsters. Here’s the link to the CTV News story. And here’s another story about the same scam.

Microsoft doesn’t call people to tell them they have viruses or computer problems. They never do unsolicited computer repair. So if you get a call telling you this, hang up. If you’ve fallen for the scam, bring in your computer to Ducktoes Computer Repair or let us check it out remotely. You may have a keylogger or other spyware. Also speak immediately to your bank about the credit card purchase. You’ll have to get a new card and number.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Be Careful when Downloading AVG from Google

[ad name=”Google Adsense”]

I like AVG…no bones about it. And I recommend it to my clients because it’s easy to use and it’s reliable and now with version 9.0 it’s also faster again. On the comparative tests at Virus.gr, AVG Free removed 97% of the viruses. I have clients–with teenage sons— who used to hire me every six months to clean their computers of malware, I convinced them to try AVG and voila, two years later, and they still haven’t needed me to clean viruses again. I know, amazing!! And so much easier on the budget than computer repair bills.

If a client calls and asks me how to get AVG for their computer, I tell them to search for AVG on Google, but this week a client named Anna accidentally downloaded a virus from Google instead. Among all the legitimate links for AVG in her Google search results, she managed to click on a link that lead to Antivirus 2010, a rogue anti-virus which I remove several times a week from other clients’ computers.

Here’s where she clicked:

Don't download this one!

Don't download this one!

All the rest of the links are good. Look for http://avg.com or http://free.avg.com. Or you can use the one I use from CNET’s download.com: http://download.cnet.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10320142.html Since it’s Cnet, you know it’s safe. Just scroll down further in the Google search results for AVG.

Be careful out there, it’s a wild web!!

[ad name=”Google Adsense”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Virus Alert: P2Ps Spreading Dangerous Virus called Virut

[ad name=”new”]

The worst virus I’ve ever seen is now making its way through Bit Torrent and Limewire and other file sharing programs. It’s called Virut. And once you have it it’s pretty much game over and time for a clean install. You’re done. At least you’re operating system is kaput. So if I were you I’d make sure your anti-virus is working and updating regularly. And stay away from P2Ps until this settles down. Lots of people are losing everything on their computers. What makes Virut so nasty is that it patches itself to every executable, so everything time you run an anti-virus, it “patches itself” onto the anti-virus. Also it changes system files, so if you “delete” instead of “cure” or “heal” them, you’ll be facing at least a Repair install.

Some fixes for Virut run in Safe Mode, but on my client’s computer, Safe Mode isn’t working. I’m right now trying a method I saw on the Internet that uses Dr. Web. Cure-it.

[ad name=”Google Adsense”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Downandup or Conficker USB Worm Prevention and Removal

[ad name=”new”]

Ms. Ducktoes is really busy removing spyware and replacing power supplies today, but I’ve noticed an influx of this new worm. So I thought I should warn you. It’s called the Downandup/Conficker worm. Millions of computers are infected. To avoid getting it, turn off Autoruns on your computer. Click here to learn how to turn off Autoruns.

To fix or remove Downandup or Conficker worm, there are these free removal tools:
ftp://ftp.f-secure.com/anti-virus/tools/beta/fsmrt.zip
ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip

Then run the usual Malwarebytes et al as in this post on Free Anti-spyware just to get rid of any remaining spyware. More later, my chickadees.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather