Wednesday, April 14, 2010

More on security

Two things:

1) On those two machines I worked on over the weekend, the ones infected by the rogue programs, one machine had an up-to-date, fully-functioning copy of Norton 360 installed and the other had McAfee. These are two of the best security programs money can buy. I saw absolutely no problems with the Norton installation. This tells me, plain and simple, that Norton did not do the job it was being paid for, and allowed the rogue program to take over the machine and thereafter run wild. Not nice. On the McAfee machine, although the system tray icon was a red M, McAfee's indication that all was well (hey, since when does RED mean all's well McAfee?), in fact the McAfee security suite was NOT even running. It wasn't clear to me if this was as a result of the rogue program or if it was a bad installation, but the user had downloaded McAfee fom AOL and assumed that it was running. Hmmm.... It obviously wasn't!

2) As posted before, Microsoft's Malicious Software Removal Tool (MSRT) is downloaded to your system each month (an updated version) via Automatic Updates. It turns out that MSRT has an option for Quick Scan and one for Full Scan. I do not yet know which option Micosoft uses to run this tool in the background, or for that matter, if it runs it at all. I take it on faith that they do at least run the quick scan. However, being the Doubting Thomas that I am, I download MSRT manually every month and personally run a Full Scan. This is a one-time run once a month. The program takes a very long time to run, so I start it when going to bed and let it run. When finished it does not tell you how long it took, but on occasion when I have run it during the day I have seen it still active after more than 3 hours. It could take 6 hours for all I know, but it is a rather painless process for me to download it and install it and let it run once a month. I view this as an ounce of prevention. If you would like to do the same, you can download MSRT at one of the two following sites:

32-bit version (for most of you): MSRT

64-bit version (for you others): MSRT

If you are not sure if you are running the 32 bit or 64 bit version of your operating system, download the 32 bit version of MSRT. If it runs, you have the correct version! If it doesn't, it will indicate that you need the 64 bit version.

Tuesday, April 13, 2010

SeniorNet of Vermont

I can't say enough good things about the non-profit SeniorNet organization. Locally, on Dorset Street in South Burlington, VT, you will find very inexpensive computer courses for seniors over 50 taught by a dedicated staff of senior volunteers.

The schedule of courses for May-June is now posted on their web site, and I encourage you Vermonters to take advantage of this opportunity by enrolling in one or more classses.

Monday, April 12, 2010

Rogues

I spent most of my time this past weekend working on two customer machines that had been infected by rogue programs. One rogue was XP DEFENDER and the other was SECURITY TOOL.

If your system becomes a host to one of these unwelcome visitors, most of which are recognized by their scare tactics (like YOUR SYSTEM IS INFECTED WITH .....), I strongly recommend that you shut down your computer and call me or some other qualified PC Doc type person.

The reason for recommending this is that things can get worse if you try to get out of it yourself. Things can get MUCH WORSE!

To date these rogues seem to be only a shakedown for your money, and while they mess with system settings and make recovery very difficult the longer they are present, they have not yet, in my experiences with many of them, destroyed user data like pictures, music, or video. But I predict that is coming next, so take steps NOW to back up your valuable data to some external device that is not always attached to your computer.Thumb or flash drives are okay to use for backup as long as you have one large enough to contain all of your data. I use an external 1TB hard drive that I can attach via a USB cable whenever I want to do my backups. There are also service companies that provide backup of your data.

For those of you who feel qualified and might want to attempt to recover your system without assistance, I strongly recommend SuperAntiSpyware's Portable Scanner, available free here. I now use this as the tool of first choice when I get started in tackling one of these rogues.