Service Alert

AntiSpyware Master Service Alert

Posted on September 16, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , |

Reliant PC Consulting Service Alert

 

Date: September 16, 2008

 

Subject: AntiSpyware Master

 

Purpose

 

This alert has been generated due to an issue that may affect my clients’ computer security. A malware program masquerading as a legitimate antivirus software exists. Of particular note are the following:

 

  1. The program looks legitimate.
  2. There are several methods that this malware can be introduced into your computer:
    1. Installing a malicious codec through a multimedia file.
    2. Infection from a Trojan virus.
    3. Social networking spam from fake social networking profiles.
    4. Peer-to-Peer (file sharing) networks.
  3. The software, and others like it, requires payment before the software is “installed” and activated to “protect” you. This is a typical ploy for malware.

 

Background

 

A client noticed a red circle with a white ‘X’ in the lower right-hand task bar and a pop up notification that the computer had been “infected” with a virus.

 

This threat is persists with initial reports of this malware starting in April 2008.

 

What AntiSpyware Master Looks Like

 

On the next page you will note a screen shot of the main program screen. It is in process of “scanning” the subject computer and relies on false positives to encourage users to take the next step in the process: to pay money for nothing.

 


The program looks like this:

 

 

AntiSpyware Master

AntiSpyware Master

 

 

 

Resolution

 

In this case Malwarebytes’ Anti-Malware was downloaded and installed. A quick scan was initiated and in 10 minutes the program found 8 suspicious items. The items were removed and the pop ups ceased. Once the scan is complete and the malicious items removed then:

  1.  
    1. Remove the icon titled “AntiSpyware Master” was removed.
    2. Remove the program group titled “AntiSpyware Master” was removed.

 

Precautions

 

  1. Keep your anti virus software up to date.
  2. Be aware of this program in general and do not initiate any web activity that directs you to a site that promotes this software.
  3. Ignore any alert that AntiSpwyare Master has “detected” any virus on your computer.
  4. Do not attempt to click on the program to close it. This WILL generate more activity and insure infection.
  5. Simply shut down all other programs and then shut down your computer completely.
  6. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.malwarebytes.org/mbam.php

 

Conclusion

 

This Service Alert addresses a potential threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Read Full Post | Make a Comment ( None so far )

BBC Spam Emails

Posted on August 14, 2008. Filed under: Service Alert, Trends | Tags: , , , , , , , , , , , , |

According to Websense over 5 million spoof emails about the Olympics are being generated per hour. Add to that the fact that now spam emails with the BBC moniker attached to them are now being generated.

This is what the BBC email looks like.

Read Full Post | Make a Comment ( None so far )

CNN/MSNBC Email Spam Service Alert

Posted on August 13, 2008. Filed under: Service Alert | Tags: , , , , , , , , , |

Reliant PC Consulting Service Alert

 

Date: August 13, 2008

 

Subject: EMAIL SPAM from CNN and MSNBC

 

Purpose

 

This alert has been generated due to an issue that affects my clients’ computer security. A new email spam purportedly coming from CNN and MSNBC is spam and should not be opened.

 

  1. The email looks legitimate. It contains the CNN or MSNBC logo.
  2. The email contains links that direct the user to a malware hosting site.
  3. The MSNBC spam is not being reported on but I have evidenced this spam email myself.

 

Background

 

During a service call to a client they made me aware of this spam email. Research indicated that this email was spam and in this case is particularly pernicious as it appears to come from a legitimate company. Upon opening the email the user will see a professional looking email with the CNN company logo.

 

Clicking on the “Full Story” link will direct them to a fake CNN site and be directed to download a Flash applet. This Flash applet will generate an endless loop of computer activity. Several pop ups will be generated. If they click cancel the loop will continue.

 

Clicking on any other links may take you to legitimate sites whose security has been compromised.

 

What the CNN Email Looks Like

 

The email is an html email and looks like this:

 

 

The spam has also morphed into this:

 

 

 

 

Resolution

 

  1. Keep your operating system, web browser and anti virus software up to date.
  2. Be aware of this email in general. Clients may get several “CNN” emails and the spam emails seem to be generated in response to the increased public awareness of the Olympics in the news.
  3. Delete the email immediately.
  4. If you use a spam filter program be sure it is up-to-date.
  5. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.itworld.com/news/54157/fake-cnn-spam-mutates-attacks-continue

http://www.circleid.com/posts/88184_cnn_spam_outbreak/

http://securitylabs.websense.com/content/Alerts/3154.aspx

 

Conclusion

 

This Service Alert addresses a new and emerging threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Read Full Post | Make a Comment ( 1 so far )

CNN Bogus Email Alerts

Posted on August 8, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , , |

Note:  This issue is now a Service Alert

 Reference this link for more information.

Outlook 2007 does not identify this as spam even after adding it to the spam folder and blocking the address. Upon further research a suggestion of creating an email rule as a work around seemed like a good idea. Used CrossLoop to create the email rule.

Time for problem resolution:  5 minutes.

Saved gas and time as it would have taken me 5 minutes to get there.

Read Full Post | Make a Comment ( None so far )

Antivirus 2009 Security Alert

Posted on July 30, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , , , , , , |

 

Reliant PC Consulting Service Alert

 

Date: July 30, 2008

 

Subject: Antivirus 2009

 

Purpose

 

This alert has been generated due to an issue that affects my clients’ computer security. A new malware program masquerading as a legitimate anti virus software has emerged. Of particular note are the following:

 

  1. The program looks legitimate.
  2. There are several sites that promote this malware as legitimate.
  3. The distribution and customer awareness of this program used a web based attack on Google.
  4. The software, and others like it, requires payment before the software is “installed” and activated to “protect” you. This is a typical ploy for malware.

 

Background

 

During a service call to optimize a computer it became apparent that it was infected with a program called Antivirus 2009. The program is a threat to the security and functionality of your computer. During research to remove this threat the following information came to light.

 

This threat is in its initial stages. It is an emerging threat and an awareness of this issue will help prevent being a victim of this type of attack.

 

What the Hijack Google Page Looks Like

 

On the next page you will note a screen shot of a Google Main Search page. It looks completely normal EXCEPT the box immediately below the Google Search field. A box named Google Tips indicates that Google has deselected an unregistered copy of Antivirus 2009 on your computer. By clicking on the box you will then initiate the hack.

 

 

 

Clicking on the box will take you to:

 

 

The program looks like this:

 

 


Resolution

 

  1. Keep your anti virus software up to date. As this is an emerging issue several service providers DO NOT detect this threat at this time.
  2. Be aware of this program in general and do not initiate any web activity that directs you to a site that promotes this software.
  3. Ignore any alert that Antivirus 2009 has “detected” any virus on your computer.
    1. Do not attempt to click on the program to close it. This WILL generate more activity and insure infection.
    2. Simply shut down all other programs and then shut down your computer completely.
  4. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.bleepingcomputer.com/forums/topic154973.html

http://www.malwarebytes.org/forums/index.php?showtopic=5178

 

 

Conclusion

 

This Service Alert addresses a new and emerging threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Read Full Post | Make a Comment ( 4 so far )

Web Brower Security Vulnerabilities

Posted on July 8, 2008. Filed under: Service Alert, Software | Tags: , , , , , , , , , |

Approximately 40% of computer users do not have their web lbrowsers updated to the latest standard.

Note: Internet Explorer 6.x users are at high risk for security vunerabilities. Please consult this page for minimum system requirements. I am afraid that any Windows 98/ME users cannot upgrade to IE7. They cannot user Firefox either.

This is particularly relevant to my customers because the vast majority use… (more…)

Read Full Post | Make a Comment ( 1 so far )

Bell Sympatico/Bellnet Speed Issue

Posted on July 2, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , |

I was one of the first Bell Sympatico clients in this area. I had the old Nortel modem and had decent service. Compared to dial-up it was a dream but eventually as I wanted more speed the problems started to occur:

  • Service drop-outs lasting minutes at a time.
  • Service outages averaging once a week.
  • Power supplies on old Nortel modem failing 3 times and 5 business days to get a new one.
  • New Speedstream modem does not suppot new speed package as I am too far from the concentrator.

This week I called Bellnet tech support for a client and they have been paying for 6 MB/s internet access for years only to find out they can only get 1 MB/s! The “solution” was offered to “upgrade” the client to the new wireless internet access. Sure it was $6.00 cheaper per month but it was half as fast as the client was expecting from their original service.

It totally amazes me that someone would bother selling such services when the advertised thoughput is no where near the client’s actual experienc.

Read Full Post | Make a Comment ( 2 so far )

Flash Player Exploit Service Alert

Posted on May 30, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , |

Dear client,
 
The following is a SERVICE ALERT regarding a recent Flash Player exploit that may impact the security of your computer usage.
 
Many web sites serve video or other animation graphics using Flash. Because of the wide spread use of Flash to serve video content it is highly recommended to update your Flash Player at your earliest convenience.
 
Adobe considers this a CRITICAL issue.
 
 
Service Alert Details
 
Affected Computers: Any computer using the Adobe Flash Player used in web browsers. All browser types affected (Internet Explore/FireFox et al) not updated to the current Flash Player version 9.0.124.0.
 
More information can be obtained here:  http://blogs.adobe.com/psirt/
 
Verify Version of your Flash Player by going to http://www.adobe.com/products/flash/about/ and it will show what version you are currently running.
 
Resolution:  Download and install the latest Flash Player at http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
 
No uninstall is necessary, just install the latest Flash Player. Customers using multiple browsers should perform the update for each browser installed on their system.
 
The Adobe blog indicates most antivirus vendors have addressed this issue with their definition files but updating is still prudent. If Adobe is reiterating the importance of updating the player then the security vulnerability still exist in some form.
 
 
 
What is the Flash Player?
 
 
Where is it used?
 
Sites such as YouTube and Google Video but corporate sites use this tool as well.
 
Please contact me if you have any questions.
 
Eric Edwards
 
Main Email:  ericedwards@rogers.com
 
Cell:  519-497-9150
Landline:  519-893-2639
 
Read Full Post | Make a Comment ( None so far )

Panda 2008 Problem

Posted on April 14, 2008. Filed under: Service Alert, Software | Tags: |

I sent the following email out to my clients about an interesting issue with Panda Antivirus 2008. Anyone finding a resolution please comment on this blog please.

(more…)

Read Full Post | Make a Comment ( 1 so far )

Liked it here?
Why not try sites on the blogroll...