AntiSpyware Master Service Alert

Posted on September 16, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , |

Reliant PC Consulting Service Alert

 

Date: September 16, 2008

 

Subject: AntiSpyware Master

 

Purpose

 

This alert has been generated due to an issue that may affect my clients’ computer security. A malware program masquerading as a legitimate antivirus software exists. Of particular note are the following:

 

  1. The program looks legitimate.
  2. There are several methods that this malware can be introduced into your computer:
    1. Installing a malicious codec through a multimedia file.
    2. Infection from a Trojan virus.
    3. Social networking spam from fake social networking profiles.
    4. Peer-to-Peer (file sharing) networks.
  3. The software, and others like it, requires payment before the software is “installed” and activated to “protect” you. This is a typical ploy for malware.

 

Background

 

A client noticed a red circle with a white ‘X’ in the lower right-hand task bar and a pop up notification that the computer had been “infected” with a virus.

 

This threat is persists with initial reports of this malware starting in April 2008.

 

What AntiSpyware Master Looks Like

 

On the next page you will note a screen shot of the main program screen. It is in process of “scanning” the subject computer and relies on false positives to encourage users to take the next step in the process: to pay money for nothing.

 


The program looks like this:

 

 

AntiSpyware Master

AntiSpyware Master

 

 

 

Resolution

 

In this case Malwarebytes’ Anti-Malware was downloaded and installed. A quick scan was initiated and in 10 minutes the program found 8 suspicious items. The items were removed and the pop ups ceased. Once the scan is complete and the malicious items removed then:

  1.  
    1. Remove the icon titled “AntiSpyware Master” was removed.
    2. Remove the program group titled “AntiSpyware Master” was removed.

 

Precautions

 

  1. Keep your anti virus software up to date.
  2. Be aware of this program in general and do not initiate any web activity that directs you to a site that promotes this software.
  3. Ignore any alert that AntiSpwyare Master has “detected” any virus on your computer.
  4. Do not attempt to click on the program to close it. This WILL generate more activity and insure infection.
  5. Simply shut down all other programs and then shut down your computer completely.
  6. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.malwarebytes.org/mbam.php

 

Conclusion

 

This Service Alert addresses a potential threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Advertisements
Read Full Post | Make a Comment ( None so far )

Sympatico Does Not Do It Again…

Posted on September 12, 2008. Filed under: Trends | Tags: , , , , , , , , , , , , , |

On a recent service call I did a speed test on a client’s internet connection. I now do this as a matter of course during any service call regardless of the ISP they are using.

In this case the ISP was Bell Sympatico. The test netted a download speed of 577 KB/s and upon inquiring with the customer they confirmed they were paying for 7 MB/s. Wow. Not bad. They were only getting 8% of their rated maximum throughput!

What was interesting about this visit was several fold:

(more…)

Read Full Post | Make a Comment ( 1 so far )

BBC Spam Emails

Posted on August 14, 2008. Filed under: Service Alert, Trends | Tags: , , , , , , , , , , , , |

According to Websense over 5 million spoof emails about the Olympics are being generated per hour. Add to that the fact that now spam emails with the BBC moniker attached to them are now being generated.

This is what the BBC email looks like.

Read Full Post | Make a Comment ( None so far )

Back Up Solutions

Posted on August 13, 2008. Filed under: Hardware, Software | Tags: , , , , , , , , , , , , , , , , |

Why you want to do a backup…

I was recently asked to comment on an online back up soltution. This is my response: (more…)

Read Full Post | Make a Comment ( 1 so far )

PC Decrapifier

Posted on August 12, 2008. Filed under: General | Tags: , , , , , , , , , , , , , |

Interesting Utility.

I love this entry:

All versions of Norton Anything are completely incompatible with Norton AnythingElse. Searching the Symantec support site, you’ll see that there are more entries there for REMOVING their products after something’s gone wrong than for any other issue. Multiple uninstallers must be downloaded, and pieces can still be left behind.

CrapWare all the way! All versions and all variations of Norton and Symantec software must be removed with all due prejudice!

LOL!

Read Full Post | Make a Comment ( None so far )

It’s My Bread and Butter…

Posted on August 11, 2008. Filed under: General | Tags: , , , , , , , , , , |

…but I’ll cry if I want to.

The state of the Wintel/XP/Vista industry is a shambles. Seriously, I get paid to wade through the minutia of the various intricacies of computer maintenance and ownership and I am pleased to do so. But there has to be a better way. I do not think that certain aspects of computer ownership are properly communicated to computer owners. The issues of OEM versions of XP/Vista and the impact to a client if they have a problem and do NOT go to a OEM service provider often cause problems and additional expense.

In one particular case, the non-OEM service provider (whom will remain nameless in this post) did not adequately address their client’s needs. They simply and correctly should not have fixed the laptop. They did thereby incurring an additional expense for the user and may have made it even more difficult to solve future operating system problems. The work order description is simply inadequate. No traceability of the work completed can be done. “Back up documents. Re-install Windows.” just does not cut it. I will add a redacted version of a work report sometime to give an idea of what is adequate.

We have a duty to communicate and assist our clients. The industry has to do a better job of making computer ownership easier. Frankly, the out-of-the-box experience for low knowledge users is in a sorry state.

Read Full Post | Make a Comment ( None so far )

Antivirus 2009 Security Alert

Posted on July 30, 2008. Filed under: Service Alert | Tags: , , , , , , , , , , , , , , , , |

 

Reliant PC Consulting Service Alert

 

Date: July 30, 2008

 

Subject: Antivirus 2009

 

Purpose

 

This alert has been generated due to an issue that affects my clients’ computer security. A new malware program masquerading as a legitimate anti virus software has emerged. Of particular note are the following:

 

  1. The program looks legitimate.
  2. There are several sites that promote this malware as legitimate.
  3. The distribution and customer awareness of this program used a web based attack on Google.
  4. The software, and others like it, requires payment before the software is “installed” and activated to “protect” you. This is a typical ploy for malware.

 

Background

 

During a service call to optimize a computer it became apparent that it was infected with a program called Antivirus 2009. The program is a threat to the security and functionality of your computer. During research to remove this threat the following information came to light.

 

This threat is in its initial stages. It is an emerging threat and an awareness of this issue will help prevent being a victim of this type of attack.

 

What the Hijack Google Page Looks Like

 

On the next page you will note a screen shot of a Google Main Search page. It looks completely normal EXCEPT the box immediately below the Google Search field. A box named Google Tips indicates that Google has deselected an unregistered copy of Antivirus 2009 on your computer. By clicking on the box you will then initiate the hack.

 

 

 

Clicking on the box will take you to:

 

 

The program looks like this:

 

 


Resolution

 

  1. Keep your anti virus software up to date. As this is an emerging issue several service providers DO NOT detect this threat at this time.
  2. Be aware of this program in general and do not initiate any web activity that directs you to a site that promotes this software.
  3. Ignore any alert that Antivirus 2009 has “detected” any virus on your computer.
    1. Do not attempt to click on the program to close it. This WILL generate more activity and insure infection.
    2. Simply shut down all other programs and then shut down your computer completely.
  4. If you are infected contact me ASAP and I will assist you on the removal of this software.

 

References

 

http://www.bleepingcomputer.com/forums/topic154973.html

http://www.malwarebytes.org/forums/index.php?showtopic=5178

 

 

Conclusion

 

This Service Alert addresses a new and emerging threat. There is a good chance you may not be affected by this particular threat but an awareness of it existence will make it less likely to affect you.

 

If you have any questions or concerns please contact me.

Read Full Post | Make a Comment ( 4 so far )

Liked it here?
Why not try sites on the blogroll...