Many fake antivirus programs will install themselves through something that looks completely legitimate but is far from it. Once a fake antivirus program installs itself, it begins to damage your system files and eventually destroys your copy of Windows. A few of the most common fake or “rogue” antivirus programs are:
Antivirus 2009 or Antivirus 2010 (or a variant of this)
Personal Security 2009
Personal Antivirus
System Security
System Doctor 2009
A more in-depth list is at http://en.wikipedia.org/wiki/Rogue_security_software
There are many ways to become infected. The most common is that someone will send you a link to what looks like a video, and in the middle of the black video window, you will see a message that you do not have the correct version of Flash Player. 99.9% of PC’s automatically have the correct version of Flash Player, so this is a sham. Don’t fall for it and don’t click on anything on the page. Instead, hit CTRL, ALT and DEL and then go to Processes. Find IEXPLORE.EXE and right-click on it, then do an END PROCESS.
This is the ONLY way to be sure that Internet Explorer is actually closing. If you try and “click off” the video page by clicking the red “X” in the upper-right corner, you will then see a small gray box that will state, “You may be infected…….etc.” You MUST hit CTRL, ALT and DEL at this time and do an END PROCESS on IEXPLORE.EXE (however many you find), or you will have the fake .EXE file installed on your PC.
There are literally hundreds of thousands of web sites on the Internet that have these fake programs set up on their Home pages, so that when you visit the site, you will inadvertently pull the file to your temporary internet files folder and it will begin installing itself.
Be safe and be watchful for these messages, and DON’T TRUST ANY “SCANNER” THAT YOU COME ACROSS ON THE INTERNET, especially if it seems to be for “free.” It’s more than likely that it will come attached with a big bill for cleaning your PC off in the very near future.
Friday, January 1, 2010
How to Prevent Rogue Antivirus Programs From Infiltrating Your PC
First of all, the biggest headache on the internet today, other than unwanted spam ads for Viagra and Cialis, are programs that attach themselves to your PC from certain sites and notify you that, “You may be infected with viruses and spyware.” Then they want you to either start a “scan” or install a “program.” These “programs” start out just annoying you, and go on to actually damage your system files unless they are removed; not an easy task even for a veteran computer technician.
The worst thing you can do in the case of receiving one of these messages is either start the “scan” or install the “program” that wants you to do so. These “programs” are nothing of the sort, and are merely fake alerters that are geared to steal not only a one-time payment from you, but to steal your credit card information as well, and then go on to turn your PC into a non-functioning yet expensive paperweight.
The people who have put out these programs are based in Russia, and haven’t a care for what havoc their destructive and misleading program does to your PC. They just want your money. It has been said that over 300 million dollars has been made by these unscrupulous people since 2000. It’s probably a lot higher than that.
So, what can you do?
First of all, avoid sites where you seem to be getting things for free, like torrent sites (The Pirate Bay, Isohunt, Mininova, Torrentbox, etc.) These sites frequently host the “droppers” for these rogue programs on their home pages, and when you go to the home page, your browser will close and you’ll get a “warning” that your PC may be infected.
Limewire is also a great place for these horrible programs and song lyrics sites, Facebook, and MySpace are a few major suspects as well, But then, no matter WHERE you went to receive this message, you need to IMMEDIATELY close your browsing session to avoid having the program get a firm footing in your operating system
This is not all too easy for the casual computer user, especially when it doesn’t even look like you have a browser open anymore after the virus hits. In fact, your browser is STILL RUNNING, and that is why you are seeing the little gray box, or the page that looks like it’s scanning your PC. At this point, hold the CTRL and ALT keys down, and then hit the DEL key. The Windows Task Manager will come up. Under the APPLICATIONS tab, you should see one or more instances of Internet Explorer. Click on these with your RIGHT-MOUSE button and do an “End Task.” Do this for all instances of Internet Explorer you see and for any other odd-looking programs you may not recognize.
Then, make absolutely sure you DO NOT go to that particular site again!
Believe it or not, that’s all there is to it, and keeping this in mind will prevent you from getting one of these destructive programs.
If you have a problem or a question. Contact Your Brainiacs at 845-493-0208 or http://www.yourbrainiacs.com. And Happy Computing!!
The worst thing you can do in the case of receiving one of these messages is either start the “scan” or install the “program” that wants you to do so. These “programs” are nothing of the sort, and are merely fake alerters that are geared to steal not only a one-time payment from you, but to steal your credit card information as well, and then go on to turn your PC into a non-functioning yet expensive paperweight.
The people who have put out these programs are based in Russia, and haven’t a care for what havoc their destructive and misleading program does to your PC. They just want your money. It has been said that over 300 million dollars has been made by these unscrupulous people since 2000. It’s probably a lot higher than that.
So, what can you do?
First of all, avoid sites where you seem to be getting things for free, like torrent sites (The Pirate Bay, Isohunt, Mininova, Torrentbox, etc.) These sites frequently host the “droppers” for these rogue programs on their home pages, and when you go to the home page, your browser will close and you’ll get a “warning” that your PC may be infected.
Limewire is also a great place for these horrible programs and song lyrics sites, Facebook, and MySpace are a few major suspects as well, But then, no matter WHERE you went to receive this message, you need to IMMEDIATELY close your browsing session to avoid having the program get a firm footing in your operating system
This is not all too easy for the casual computer user, especially when it doesn’t even look like you have a browser open anymore after the virus hits. In fact, your browser is STILL RUNNING, and that is why you are seeing the little gray box, or the page that looks like it’s scanning your PC. At this point, hold the CTRL and ALT keys down, and then hit the DEL key. The Windows Task Manager will come up. Under the APPLICATIONS tab, you should see one or more instances of Internet Explorer. Click on these with your RIGHT-MOUSE button and do an “End Task.” Do this for all instances of Internet Explorer you see and for any other odd-looking programs you may not recognize.
Then, make absolutely sure you DO NOT go to that particular site again!
Believe it or not, that’s all there is to it, and keeping this in mind will prevent you from getting one of these destructive programs.
If you have a problem or a question. Contact Your Brainiacs at 845-493-0208 or http://www.yourbrainiacs.com. And Happy Computing!!
Tuesday, September 22, 2009
Speed Up Web Browsing NOW
Speed up web browsing with OpenDNS
Whenever you type in a domain name such as google.com, your browser must resolve that name into an IP address to download the web page and supporting files. Windows uses what is called a DNS (domain name system) server to lookup this information. By default, Windows uses your ISP’s DNS server. Depending on your provider, the performance of their DNS resolving server varies. Some large national providers are known to provide unreliable and slow DNS servers.
The performance of the DNS server you are using is one component that affects the speed of your internet browsing. Since each domain name you type in must be resolved into an IP address, the amount of time that takes will delay the loading of any web page. Some users with overloaded ISP DNS servers can see delays in multiple seconds before web pages start to load.
OpenDNS provides free alternative DNS servers that anyone can use with any internet provider. Unlike many national internet providers, OpenDNS’s DNS servers are very fast and reliable. Using OpenDNS servers instead of your ISP servers will help you speed up your internet browsing by cutting down on the delay between resolving a domain name and getting the IP address so your browser can start loading the web page.
Configuring your computer to use OpenDNS servers instead of your ISP’s is a simple change that works in both Windows XP and Windows Vista:
Click on the Start Button and type in ncpa.cpl and hit Enter. In Windows XP Click on the Start Button, click Run and then type in ncpa.cpl
Right click on your active network connection that you use to connect to the Internet and select Properties. It's usually the connection marked "Local Area Connection."
On the Networking / General tab, select Internet Protocol (TCP/IP) (IPV version 4 on Windows Vista & Windows 7) and hit Properties.
On the properties screen, select "Use the following DNS server addresses" and then type in 208.67.222.222 in the preferred and 208.67.220.220 in the alternate boxes. Like this:
The performance of the DNS server you are using is one component that affects the speed of your internet browsing. Since each domain name you type in must be resolved into an IP address, the amount of time that takes will delay the loading of any web page. Some users with overloaded ISP DNS servers can see delays in multiple seconds before web pages start to load.
OpenDNS provides free alternative DNS servers that anyone can use with any internet provider. Unlike many national internet providers, OpenDNS’s DNS servers are very fast and reliable. Using OpenDNS servers instead of your ISP servers will help you speed up your internet browsing by cutting down on the delay between resolving a domain name and getting the IP address so your browser can start loading the web page.
Configuring your computer to use OpenDNS servers instead of your ISP’s is a simple change that works in both Windows XP and Windows Vista:
Click on the Start Button and type in ncpa.cpl and hit Enter. In Windows XP Click on the Start Button, click Run and then type in ncpa.cpl
Right click on your active network connection that you use to connect to the Internet and select Properties. It's usually the connection marked "Local Area Connection."
On the Networking / General tab, select Internet Protocol (TCP/IP) (IPV version 4 on Windows Vista & Windows 7) and hit Properties.
On the properties screen, select "Use the following DNS server addresses" and then type in 208.67.222.222 in the preferred and 208.67.220.220 in the alternate boxes. Like this:
Hit OK twice and you're finished! You should see an immediate improvement in your web browsing speed.Visit OpenDNS.com to learn more about some of the advanced features of OpenDNS on top of the speed benefits.
Stay tuned for more speed tips by Your Brainiacs!
Credit goes to Steve Sinchak for this. Re-edited for easier reading by anthony@yourbrainiacs.com
Monday, September 21, 2009
Rogue Antivirus Programs
One of the most important subjects in computing today is virus and spyware infection. The amount of lost productivity, time and expense with even one infection can be extensive, due to the continually-evolving nature of malware. Several very intrusive “rogue antivirus” software packages exist that can seriously affect the operation of your desktop or laptop. These fake antivirus programs are installed through “drive-by” web pages and bogus missing video codec messages. Once installed on your machine, these programs, a partial list of which is here, will seriously affect the operability of your system, lock the installation of new software and redirect your browsing, making it nearly impossible to use your PC. Most antivirus software WILL NOT prevent these programs from installing if you click on an infected link. Even after “purchasing” the software, the messages and changes that the program has wrought will not cease, and will eventually damage the operating system and render it unusable, requiring a full reinstallation. A typical rogue antivirus infection can severely affect productivity and can take hours to research and sometimes more than a day to remove correctly. In some cases, they cannot be removed once they have infiltrated an infected machine with hundreds of randomly-named files in an attempt to continue installing themselves.
There are, however, certain good practices an internet user can follow that will ensure that these programs do not attach themselves to their PC. First and foremost, DO NOT install anything that seems to be for free or wants to scan your PC for free. A common scam is to notify you through a popup that your PC is “infected” and you should initiate a scan by clicking OK or SCAN. Once this “scan” is completed, you will most likely have let the rogue software install itself on your PC, whereby you will then be told that to clean the infections you must purchase the software. Unfortunately, by then you’ve been had, and the software will continue to propagate and annoy you ceaselessly until you do something about it. Even after “purchasing” the software, it will continue to tell you that your machine is infected and will eventually start to damage your system files.
Secondly, DO NOT install any “missing video codecs” on your PC. This is also a ruse to get you to click on a link which will download a small .exe file to your PC and begin the infection process. If you do happen to come across a website that is telling you that you’re infected or to install a codec, click on the red “X” (close) icon on the popup until it goes away. DO NOT click “cancel” and DO NOT click “OK”. If all else fails and you cannot seem to close the popup, hit CTRL-ALT-DEL and look in PROCESSES for iexplore.exe. Highlight it with a single mouse click and then click “End Process”. This will ensure that your browser closes completely and you are away from the malicious site. In many cases, popup blockers do not work with these websites, as rogue software is very slick and professionally-written. It has been reported that an actual team of cyber criminals are behind the development of these programs and it has furthermore been speculated that over 200 million dollars has been made on these rogue programs in just one year. A very lucrative business, hence the large number of web sites that will attempt to infect you.
How to clean the infection once you have it: It is very difficult to remove a rogue antivirus program once you have been infected by one. It will continually try to reinstall itself and will create randomly-named files that are tough to spot and tougher to delete since they will be in use by the system even if you can find them. If you have installed a program such as Malwarebytes, a completely free malware removal tool, before you have been infected, you will be able to remove it. Once the computer is infected, it will direct you away from antivirus websites and prevent installing new programs, and will sometimes prevent antivirus programs even from running, and you may need to rename the antivirus progam’s .exe file to allow it to run correctly. This is why it is imperative that these infections be prevented in the first place. Searching the internet (on a non-infected computer) once you have been infected, for the name of the malicious program will return a wealth of information on the program and how to remove it. Unfortunately, most rogue antivirus programs must be removed manually, making it very difficult for the average person to do so, which only reiterates the fact that you must be diligent in keeping these programs off your home and business PC’s. So, remember, DO NOT install anything to your PC from a web page and DO NOT click on any strange links or popups. Diligence in this will keep you virus-free and you’ll have a lot less headaches.
There are, however, certain good practices an internet user can follow that will ensure that these programs do not attach themselves to their PC. First and foremost, DO NOT install anything that seems to be for free or wants to scan your PC for free. A common scam is to notify you through a popup that your PC is “infected” and you should initiate a scan by clicking OK or SCAN. Once this “scan” is completed, you will most likely have let the rogue software install itself on your PC, whereby you will then be told that to clean the infections you must purchase the software. Unfortunately, by then you’ve been had, and the software will continue to propagate and annoy you ceaselessly until you do something about it. Even after “purchasing” the software, it will continue to tell you that your machine is infected and will eventually start to damage your system files.
Secondly, DO NOT install any “missing video codecs” on your PC. This is also a ruse to get you to click on a link which will download a small .exe file to your PC and begin the infection process. If you do happen to come across a website that is telling you that you’re infected or to install a codec, click on the red “X” (close) icon on the popup until it goes away. DO NOT click “cancel” and DO NOT click “OK”. If all else fails and you cannot seem to close the popup, hit CTRL-ALT-DEL and look in PROCESSES for iexplore.exe. Highlight it with a single mouse click and then click “End Process”. This will ensure that your browser closes completely and you are away from the malicious site. In many cases, popup blockers do not work with these websites, as rogue software is very slick and professionally-written. It has been reported that an actual team of cyber criminals are behind the development of these programs and it has furthermore been speculated that over 200 million dollars has been made on these rogue programs in just one year. A very lucrative business, hence the large number of web sites that will attempt to infect you.
How to clean the infection once you have it: It is very difficult to remove a rogue antivirus program once you have been infected by one. It will continually try to reinstall itself and will create randomly-named files that are tough to spot and tougher to delete since they will be in use by the system even if you can find them. If you have installed a program such as Malwarebytes, a completely free malware removal tool, before you have been infected, you will be able to remove it. Once the computer is infected, it will direct you away from antivirus websites and prevent installing new programs, and will sometimes prevent antivirus programs even from running, and you may need to rename the antivirus progam’s .exe file to allow it to run correctly. This is why it is imperative that these infections be prevented in the first place. Searching the internet (on a non-infected computer) once you have been infected, for the name of the malicious program will return a wealth of information on the program and how to remove it. Unfortunately, most rogue antivirus programs must be removed manually, making it very difficult for the average person to do so, which only reiterates the fact that you must be diligent in keeping these programs off your home and business PC’s. So, remember, DO NOT install anything to your PC from a web page and DO NOT click on any strange links or popups. Diligence in this will keep you virus-free and you’ll have a lot less headaches.
Saturday, September 5, 2009
Site Update
Our web site is now 90% complete! There's much more to come in the future, like an online do-it-yourself PC troubleshooter and up-to-the-minute repair tracking. Check back periodically and watch the site grow!
Sunday, August 23, 2009
Welcome!
Welcome to The Brainiac Blog!
Here, the Head Brainiac (me) will speak about current trends in PC repair, configuration and upgrading, will give tips on computer repair and how to speed up your PC, and will guide you through making sure your earthly computing experience is the best it can possibly be.
Here, the Head Brainiac (me) will speak about current trends in PC repair, configuration and upgrading, will give tips on computer repair and how to speed up your PC, and will guide you through making sure your earthly computing experience is the best it can possibly be.
Subscribe to:
Posts (Atom)