Free Help from Tech Experts

Geeks To Go is a helpful hub, where thousands of volunteers serve up answers and support. Check out the forums and get free advice from the experts, including malware removal and how-to guides and tutorials. Converse about Windows 10, get system building advice or download files... Go to forums >>

Archive for malware

Heartbleed–Things you should know and what you can do about it

 

What Is It?

By now I’m certain you’ve heard of the Heartbleed bug. If you haven’t, then you should know that it is a flaw found in one of the most common open source SSL implementations on the internet that COULD allow an attacker to get sensitive information from the web server. A successful attack could expose the server’s SSL private keys that would allow the attacker to decrypt the data traveling to the site, such as usernames and passwords.

As of now there have been no confirmed attacks using this bug, but an exploit of the bug is completely untraceable so there’s no way to be certain if a site has been targeted.

Places to learn more:
General information
LastPass and the Heartbleed Bug
How Heartbleed Works: The Code Behind the Internet’s Security Nightmare

How can you tell if a site is affected?

First, you need to figure out how vulnerable your data might be. There are several  lists of vulnerable sites that you can manually search through and several online tools that can be used to check specific sites (lastpass and SSL Labs have two particularly useful tools, linked below). There is a Chrome extension that can help identify vulnerable sites as you visit them. The folks at www.Mashable.com have a “hit list” of sorts that lists several sites that they have had direct communication with and recommendations as to what you should do to protect yourself on those sites.

Since Google’s Android operating system is built on open source principles, it is heavily integrated with OpenSSL so any Android device may be vulnerable to this bug as well. Lookout Security has developed a tool to check your device for vulnerability (linked below). If your device is vulnerable you will have to wait for an update for the device.

How can you protect yourself now and in the future?

Once you’ve identified what sites you’ve used that contain sensitive information, you need to change your passwords. You should make sure that they have patched their systems before you change your password for good but many experts are saying that you should change the passwords now just to be sure that any data captured in the last 2 years is safe.

Many systems online were not affected at all because they run on server platforms that don’t use OpenSSL (like Microsoft IIS). These sites have not been compromised by this bug and you should make your own judgment as to whether or not you should change your passwords. If you have used the same username and password combination on an unaffected site as you have on an affected site, you should change your password on both, and make sure they’re different this time.

If you have two factor authentication in place (which you should on any service that supports it) you are at an advantage since even if someone has your username and password they don’t have your second authentication method (typically an app or a text to your mobile phone). You should probably still consider changing your passwords on these sites to be safe.

If you use a password manager (like LastPass or Keepass) then you should most likely regenerate new passwords for your important sites. If you’re using LastPass, they have updated their app to include a tool that will automatically alert you of the Heartbleed status of any sites that you have saved or generated passwords for and give you suggestions as to when you should change their respective passwords.

You should never use the same logon and password for two important sites (like your banking site and your email). If you are using the same information on multiple sites that are important to you, you should change them now so that they are different.

The best thing you can do is not panic and stay aware of the current status of this bug. Keep checking the status of your frequently visited SSL enabled websites and if any of your important sites aren’t patching their systems, find a different company to do business with.

Don’t Be Scammed by Fake Tech Support Calls

It’s happened to me a number of times. The phone rings, and often the caller id display reads “Private.” Upon answering, I’m greeted by someone with a heavy Indian accent who informs me that he/she is calling from the Windows Support Center, and that for several weeks my PC has been sending out many error messages. This caller wants me to allow remote access to my computer so the errors can be analyzed, then fixed remotely, for a fee.

telemarketer

If you get one of these phone calls, hang up. First off, there are no “Windows Support Centers” that monitor error messages from your PC. They just don’t exist. Secondly, neither Microsoft, nor any of its partners, will place unsolicited calls and offer to fix your PC. The real purpose of these calls is to gain access to your PC. From that point, the caller could install malware to capture personal data, or alter settings to make your PC less secure. They’ll also show you fake alerts and problems in event viewer, in order to dupe you into paying for repairs. Once they have your credit card information, not only are you charged for unnecessary services, but you’ve just provided your credit card information to a scammer.

What if you’ve already succumbed to one of these calls? First off, change your password for your computer, bank accounts, email, etc., but don’t do this from the infected computer. Make the change from another PC. If your credit card has been charged, call your credit card company and work with them to reverse the charges. They can also work with you to monitor your card for fraudulent activity. Scan your computer with whatever antivirus program you use (you do use one, right?), and if you’re concerned, you can ask for help here at Geeks to Go! to help ensure that your computer is clean.

If you want more information about these types of scams, then visit Microsoft. For more information about telemarketing scams in the US, visit the FTC.

No Microsoft Security Essentials for Windows 8

Officially, Microsoft Security Essentials “is not compatible with Windows 8”. Unofficially, it’s been renamed Windows Defender. If you’ve used Microsoft Security Essentials, the new Windows Defender bundled with Windows 8 will have a very familiar look and feel.

Windows-Defender

Microsoft Security Essentials has gained a lot of momentum in recent years as a terrific, and free antivirus solution. Some would argue one of the best antivirus solutions at any price. It’s reputation is deserved. It is light on system resources, runs silent, and has good detection and removal. Windows Defender on the other hand was primarily an antispyware application. A remnant of the pop-up ad era, and what remained of the Giant antispyware acquisition. Installing Microsoft Security Essentials (MSE) even disables Windows Defender.

So why would Microsoft chose to confuse customers by dropping the Microsoft Security Essentials name in Windows 8? It’s a business decision. Bundling full antivirus protection with Windows 8 is a bold move on Microsoft’s part. One that obviously caught the eye of in-house legal hawks, and angered the antivirus industry. Microsoft recently ended its anti-trust oversight, and while it may be bolder, it’s not stupid. Windows Defender has been bundled since Windows Vista. While Microsoft Security Essentials would technically be a new bundled application, Microsoft can claim Windows Defender has been bundled for years. Windows Defender may not have the reputation of MSE, but that will be changing.

Read the rest of this entry »

Malware Played a Role in Plane Crash?

imageTwo years ago Spanair flight JK-5022 crashed, killing 154 of 172 on board. According to El Paris (via Google Translate), this was at least in part due to a PC located on the ground in the headquarters of the airline. That computer was supposed to sound an alarm signal when three similar technical problems registered on the same device. While the plane that crashed had accumulated three incidents, they were not registered in time because the system was infected by malware (trojans).

Investigators believe this may be the cause of the crash. The judge said that if these three incidents had been identified earlier, the plane never would have taken off.

Why would Intel buy McAfee?

intel-mcafeeToday Intel announced plans to buy McAfee for $7.7 billion dollars. Most people are asking, “Why?”. Why would a chip maker acquire a security company?

The answer may lie within Moore’s Law. Simply stated Moore’s Law states that the number of transistors on a chip will double every 2 years. Intel seems to have difficulty figuring out what to do with all those transistors. Most computer users don’t need a quad core CPU. Yet Intel continues to roll out more cores.

However, as anyone who has installed an antivirus program knows, it’s probably the single biggest resource hog on your system. Slowing everything from email and the Internet, to startup and shutdown. What if the major components of an antivirus program could be placed in a special section of the CPU, or even its own core? Whether you’re a gamer, enthusiast, or just an average user you’d enjoy the benefits of being able to run an AV without the associated system slowdown.

Have you ever removed an antivirus, or run a system without an antivirus because of performance issues? Need a free antivirus program, check out our recommendations.

FBI Security Warnings – Too Little, Too Late?

Earlier tonight, I ran across a press release from the FBI. As I read it, I nearly screamed out loud at my computer. In short, the release is warning computer users of the dangers of a malware infection commonly referred to as Zlob. This infection will cause popups on your desktop, warning you that you are infected, and should download such-and-such software to cure this problem. Welcome to our world, FBI folks… a tad late.

Read the rest of this entry »

Tales of an Infected Laptop

Earlier this evening I was working on a few blog posts for my boss, minding my own business. I was in what I jokingly refer to as my zone. When I’m writing, it’s actually hard to distract me. You have to yell at me, or poke me repeatedly. I’ve gotten quite good at blocking things out when I’m writing. I’ve had to do that being a work-at-home Mom. It’s not easy to get anything done if you hear every sound coming out of your teenager’s bedroom!

As I sat there writing, my zone was shattered by the yells from my daughter. She was screaming for me to “Hurry! Help me!”. Thinking for sure something horrible had happened, I nearly killed myself getting out of my chair and into her room. I crossed the doorway to see her pointing at her laptop with a completely horrified look on her face. I look down, knowing already what I would see, and sighed heavily. You guessed it… popups… of the adult variety. Great. Just lovely!

Read the rest of this entry »

Avast Reporting Too Many False Positives

AvastpngI was without power for most of the afternoon and evening today. When the power company had everything fixed, the first thing I did was to head over to Twitter to see what I had missed. That’s honestly where I find out most of my news lately. On Twitter, I follow a lot of different people. Many of those are staff members and experts right here on GeeksToGo, as well as other security-related sites.

As soon as my Twitter homepage loaded, I started seeing tweet after tweet talking about Avast, and their horrible “oopsie” today with updates. Being the person I am, I started nosing around the web, trying to find out more. The more I read, the more disturbed and angry I became.

Read the rest of this entry »

Protect Against Malware With Your Brain

brainEarlier this evening, I received an email from my sister. It was a forwarded email, with her words of “warning and caution” at the beginning. She went so far as to say something along the line of how everyone better be extra vigilant. She stated that people need to “be fearful” these days when it comes to malware.

The email detailed a supposedly horrible “new” piece of malware, which had been classified by Microsoft as the “worst ever”. I knew, before checking into it, that this was absolutely false. However, being the person that I am, I did my research. I did a “reply all” on the email and explained to everyone what my credentials are. I then gave them several REAL links that describe this virus in detail. The email discussed the “postcard virus”, which is actually quite old – and not as harmful as the email would have you believe.

Read the rest of this entry »

Malwarebytes vs. IObit – Where Does the Truth Lie?

mbamEverywhere I turned online yesterday, there was conversation surrounding the Malwarebytes blog post, in which they have very publicly accused IObit of stealing their proprietary database(s). It’s being talked about in blogs, on forums, via newsletters and news sites, and within private mailing lists. People chatted about this on IRC, and fights were instigated on various forums as to the validity of the claim.

Read the rest of this entry »