Don’t Use MSE Says Microsoft

 

 A picture of the Microsoft Microsoft Security Essentials logo of a blue castle and blue flag.

Microsoft, according to this article by How-to Geek and other articles, is telling everyone not to use Microsoft Security Essentials, but to use a third party anti-virus instead. No longer concentrating on making a great antivirus, Microsoft has shifted its focus. Now Microsoft sends its anti-virus information to third party  vendors to help them be more effective.

Since 2009, MSE has not done well on anti-virus comparative tests. Virus Bulletin, Dennis Technologies, and AV-Comparatives all report that several other antiviruses out perform it.
 

Use a Third-Party Vendor

According to the article, Holly Stewart, who works at the Microsoft Malware Protection Center as a senior programmer, said “that Microsoft Security Essentials was just a ‘baseline’ that’s designed to ‘always be on the bottom’ of antivirus tests. She said Microsoft sees MSE as a first layer of protection and advises Windows users to use a third-party antivirus instead.”
 

Some Ducktoes Techs Like MSE

At Ducktoes, some techs like Microsoft Security Essentials since it has such a low footprint, which means, that unlike many other anti-viruses,  it doesn’t hog resources and  slow computers down.  They also like its easy to use interface.  However, due to the above information from Microsoft, we will no longer put MSE on client computers unless the clients ask for it,  after being informed of its relative lack of effectiveness.  The article by How-to Geek says that MSE is fine for techs and others who know what they are doing.  The How-to Geek author says, “Now, if you’re a geek like we are, MSE and Windows Defender are very usable. If you have good security practices and know what you’re doing, you can manage just fine with this lightweight option. But average Windows users don’t always follow proper security practices and should use a strong antivirus that does well in tests — as Microsoft themselves now recommend.”
 

A red mean looking virus chases a scared looking computer tower.

 

What Should You Use?

Ducktoes likes and sells Kaspersky and AVG.  We’ve been installing AVG cloud solutions to business client computers with great results.  We also recommend and sell Malwarebytes Pro  which I have on my home computer.  I use the paid version (of Malwarebytes) with free AVG (free only for home use) .  The two work very well together.

 

Ducktoes Developing Anti-Virus Cocktail

The Ducktoes anti-virus techs are developing an anti-virus cocktail to sell to our clients that will combine a few programs and browser add-ons to make a computer much more virus resistant.

Stay tuned and soon I’ll post the details of this new service.

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

No Encryption Virus Yet

Notebook Security

Luckily we haven’t seen the encryption virus Crytolocker on a client computer in our Calgary repair shop yet. I hope we never do. This ransomware will encrypt your entire hard drive so you lose all your photos, data, and documents if you don’t pay the criminals the unencryption fee. I think the fee is $300.

Everyday we are still seeing the Cybercrime virus and Optimizer Pro and are expert in removing it. I think we could remove these two in our sleep. The Cybercrime virus is another ransomware that locks your computer until you send a gift card to the criminals. Really. The information on your locked computer says you are sending it to the RCMP or FBI or other law enforcement agency. Even if you pay your computer will stay “locked” until you bring it to a repair shop and get the virus removed. So don’t pay.

As far as the encryption virus goes, this is what you should do as a precaution: backup your drive and then disconnect your external backup from your computer so if you get the virus, the backup drive doesn’t get encrypted too. Then youcan transfer the data back to your computer if it gets encrypted. Problem solved. Also don’t open any attachments on emails especially if the emails are “phishy”, meaning if they purport to be from a reputable company but are not addressed to you but to a generic user. They might seem to be from a bank or shipping service such a Fed Ex or UPS. Do not open the attachment.

Click here if you’d like more information on the encryption virus and what you should do to prevent it.

 

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Infected by DNS Changer? You Have Until July Before the FBI Shuts You Down

If you happen to have a virus called the DNS Changer, you, or at least your computer, has been involved in a huge FBI crime sting operation involving Estonian and Russian cybercriminals.   What intrigue and thrills!   Here you thought your computer was behaving itself quietly at home when really it was off consorting with dastardly foreign types and now has even involved you with the FBI.  Aren’t you excited?  Isn’t the adrenalin flowing?  In fact, if infected, you are now getting your internet through the FBI.

Do you know where your computer has been?

But not for long.  The virus has rerouted your computer’s DNS  to go through the Estonian servers, and originally there were 4 million of you rerouted that way.   The FBI has now taken over these servers from the Estonians and so you now are getting the Internet courtesy of the FBI.  The Estonians have been arrested, by the way, the one Russian remains at large.

Now the FBI is worried that if they turn off the servers, all people whose computers have the virus will lose their internet connection.  So they are giving people until July to remove the virus.  At that point they will shut down the servers.  It is very considerate of the  FBI to do this, considering many if not most viruses turn off or prevent people’s internet browsers from working.

Everyone should check to see if they have the DNS Changer virus.  Here is a site that tells you how.  It has a utility to check your computer for the DNS Changer infection.  The site is an FBI security partner.

If you want Ducktoes to check to see if you have the virus we can do in our shop or remotely.   We are Calgary virus removal experts.  We can even check out your computer remotely with our remote services.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

What Free Antivirus I Recommend

What Anti-virus do we use in our computer repair shop?

Computer Virus Removal

I’m often asked what free anti-virus I recommend.

Unfortunately no one anti-virus can remove all viruses. In our Calgary computer repair shop we use many different ones and each finds different infections. Some that we use are AVG, Avira, Avast, Kaspersky, Dr. Web Cure-it, E-set online and off, among others. If we relied on only one, we wouldn’t be able to do an adequate job of fixing computers. So it rankles when an anti-virus company wants to be the only one used by people. It’s not realistic and would mean that a lot more computers would have to be reformatted to get cleaned.

If you’re asking which one I think you should keep resident on your computer, I like both Avira and AVG best. Both are really good at catching viruses. Google (search on Google for) either one and find the result that includes “download.cnet.com” in its address. I recommend both Avira and AVG. Of course, I don’t mean both at once. I mean choose one of the two.

I used to prefer AVG over Avira until AVG stopped working with Combofix of Bleeping Computers. I loved AVG and put it on every computer in close proximity. I liked AVG better because of its easier user interface. Being “easier” meant more effective, because people were able to use it more effectively. Now I prefer Avira since you don’t have to uninstall it to run Combofix, which is, unfortunately, the only solution sometimes to an infected computer.

By the way, whoever the creator of Combofix is, whoever sUBS is, he ought to receive knighthood or hero-hood for the amount of computers he saves on a daily or even an hourly basis, and for which he does not even receive payment. He really makes a huge difference in people’s lives without much recognition or money. I respect him enormously and hope he lives a long time because we will be all be sunk without him.

Only people who are experienced techs should use Combofix, however. Very, very occasionally it will cause a computer to stop booting and if this happens and you don’t know how to undo the changes it makes, you may have to reinstall Windows.

Both AVG and Avira ought to take note, their new default of having scheduled scans disabled upon install is dangerous. Many people think they are protected when they are not. If you have Avira or AVG make sure they’re scanning on a daily basis.

If you have a virus and live in Calgary, come to our Virus Removal Lab and will be able to help you out without losing your data or programs or even changing your computer except to speed it up. We would love to see you.

PS. We enjoy all kinds of people and computers and viruses…and aren’t judgmental.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to Get Rid of Virut without Reformatting

Ms. Ducktoes did it! I beat the dreaded Virut without reformatting. This is how I did it.

  1. The Dr. Web Cureit Live CD I spoke of in the last post didn’t work. At the beginning of the scan, it stopped everytime. So instead:
  2. I created an Ultimate Boot CD for Windows. I downloaded the image from the UBCD website and burned it to cd. There are detailed instructions on the site on how to do this.
  3. I booted off the cd and went on the Internet through the UBCD interface. I downloaded Dr. Web Cureit to the Ram drive.
  4. Then from the “Run” option off the start menu I browsed to the B: Ram drive and opened cureit.exe.
  5. Dr. Web Cureit started. I had to stop the Express scan and run the Custom scan and select the C drive or the C and D drives since I had more than one hard drive. Otherwise Dr. Web Cureit just scanned the CD.
  6. I cured the files instead of deleting them. The Virut virus changes the system files and your computer system needs them.
  7. I scanned a three times this way.
  8. I rebooted but the computer wouldn’t start. So I did a “repair install” with my Windows Xp cd.
  9. After the Repair Install, it booted, but after the logon, the logon kept returning. I couldn’t get past it.
  10. So I booted off the UBCD and replaced the Userinit.exe file in the System32/dllcache folder. I found another copy of it in the 1386 folder and copied and pasted. You can search using the Windows Explorer on the UBCD disk.
  11. Then I ran regedit (still off UBCD) and searched for userinit. I found the registry keys related to userinit. One of them was set for the logon to repeat over and over, so I changed it from “1” to “0”.
  12. Then I rebooted and the computer started and the logon didn’t repeat!!
  13. Immediately I went into Safe Mode and started running virus scans like crazy. I ran Malwarebytes, AVG, SuperAntiSpyware and Dr. Web Cureit again. And found more trojans and viruses.
  14. After all the scans ran clean. I rebooted.
  15. The Virut was removed!!! And I didn’t reformat.
Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather