COMPUTER MEDIC of Austin Texas




Complete Computer Service and Sales

Posts Tagged virus

Major Malware Outbreak

Mar 10

Posted by Scott in The Medic Speaks

Over the last few weeks, we have seen a major outbreak of a type of malware known commonly as Security 2010. In our experience, the speed of this outbreak’s spread and it’s tremendous reach are unprecedented. For maximum impact, the authors of this pestware have been releasing updated versions every few days to stay ahead of the common database-driven anti-malware programs.

This is the work of highly skilled, well-funded actors. The authors of Security 2010 have managed to infiltrate large numbers of legitimate, heavily visited websites with their infectious mother-ship software. Simply visiting a compromised website is often enough to deliver the malware. In other cases the user will receive an official-looking message stating that spyware has been detected, and that the user should download software to remove it. Following the attached link delivers the malware to the unsuspecting user.

Infected machines will display an legitimate-looking program that runs on startup bearing the name Security 2010, Antivirus Pro 2010, or any of a number of variations on this theme. The program appears to be scanning for, and finding, malware. The software also displays a rotating menu of  scary messages about dangerous malware supposedly found lurking on the system. The whole display is completely bogus. The software also displays a message that the user has an unregistered version installed, and offers a link to register the software, for a hefty fee of course. However, paying these extortionists will NOT make the problem go away. It is all simply a scam intended to separate the user from his or her money. Unfortunately, lots of people have taken the bait and handed over their credit card numbers to these criminals.

Security 2010 thoroughly monopolizes the user’s computer, rendering it essentially useless. The software also employs a number of defensive strategies to defeat removal, including deactivating firewalls, turning off anti-malware software, and disabling standard system-management tools such as the task manager and, more rarely, regedit. It may also disrupt the .exe file association, making it difficult to run executable files.

Beyond rendering your computer unusable, Security 2010 does not appear to be actively malicious. But it opens security holes that leave the computer vulnerable to other malware infections. Left unattended the problems could grow even worse. At Computer Medic, we have developed very effective methods for dealing with the Security 2010 software, and would be happy to assist you if you should become infected by it.

Tags: , ,

No Comments

What the Hell is a Worm and what is it Doing on my Computer?

Jun 10

Posted by Scott in The Medic Speaks

As anybody who uses a computer these days knows, there is a lot of harmful software out there. The terminology is a bit confusing: adware, spyware, viruses, trojans, worms, rootkits, exploits, redirects, hijacks, to name a few of the more common forms of malware. What the hell is this stuff, how does it get on your computer, and how can you get rid of it?

Malware (”malicious software“) has been around almost as long as computers have. But it has changed drastically changed over the years. Once upon a time, most malware was basically digital vandalism, whose purpose was to wreak general havoc, as well to call attention to its creator and show off his programming skills. The programs were simple, easily defeated, and generally speaking, fairly harmless. But with the rise of the Internet, criminals became aware of the vast possibilities for making money using various forms of malware. The schemes have gotten progressively more sophisticated as the stakes have risen. Now, the making and distribution of malware is a multibillion-dollar business, controlled by international criminal syndicates. It is a virtual arms race, and the end is nowhere in sight.

“How DOES this happen?” I often hear. Most malware arrives via the Internet, as you might imagine. Viruses typically arrive in infected email attachments, or buried in programs downloaded from non-legitimate sites. Much of the malware that travels via infected email practically announces itself; it comes from someone you don’t know, or have no reason to hear from. The subject line doesn’t quite make sense or is poorly written, contains an unseemly invitation, or demands that you do something RIGHT NOW. And there is always an attachment. It’s the attachment that contains the tainted payload. As long as the attachment is unopened, nothing happens. Viruses and worms are spread in this way. A virus replicates by infecting executable programs on the host computer, whereas a worm propagates from computer to computer across a network connection, typically in a work environment.

Viruses and worms require some action by a user to spread. But more and more, malware is delivered surreptitiously, without any overt action by the recipient. NEXT Stealth Infections: Trojans, Rootkits, and Backdoors.

Tags: , , ,

No Comments