Fake MS Security Essentials
Posted by Brian Gallutia on Oct 28, 2010
There is a new pest on the loose, and it is mimicking Microsoft Security Essentials.
This imposter is known in the technical world as “Win32/FakePAV.” FakePAV is a rogue program that displays messages that imitate Microsoft Security Essentials threat reports in order to entice the user into downloading and paying for a rogue security scanner.
The rogue program persistently terminates numerous processes, such as Windows Registry Editor, Internet Explorer, Windows Restore and other utilities and applications that would normally be used by computer technicians to eliminate and remove the threat.
If you feel your system or network may have fallen prey to this type of infection, please get in touch with us immediately so we can insure that the malware doesn’t result in lost productivity and additional costs. As always, please keep in mind that anything mimicking Microsoft Security Essentials that is asking for payment is not to be trusted.
Good Morning, Dave
Posted by Brian Gallutia on Oct 3, 2010
Would you like to have your computer welcome you on boot-up? It’s an easy thing to set up, and here’s how…
- Open up Notepad and paste in the following lines of code:
Dim speaks, speechspeaks=”Good Morning Dave”Set speech=CreateObject(“sapi.spvoice”)speech.Speak speaks
- Save the document as a .vbs file (eg: “goodmorning.vbs”)
- Place a shortcut to the new .vbs file in your Startup folder to insure that it plays on boot
You can modify what the script says by replacing the content in the quotes speaks=”Good Morning Dave” with anything you wish. You can also test the script by running it prior to creating a shortcut for it in the Startup folder.
Be sure to share your creativity by telling us how you use this script on your PC!
Reminder: Update your Flash
Posted by Brian Gallutia on Oct 3, 2010
Back in June PCS commented on vulnerabilities found in Adobe’s Flash player software and recommended our customers do a little bit of housekeeping by updating their Flash players and plug-ins as soon as possible.
Last week, we came across quite a few systems that not only did not have this update in place, but were also lacking updates with other Adobe products, most notably Adobe Reader.
Customers without these updates are susceptible to the following zero-day exploit:
This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Flash Player on Windows. Adobe is not aware of any attacks exploiting this vulnerability against Adobe Reader or Acrobat to date.”
Even though the Flash Player exploit has already been addressed, separate patches for Reader and Acrobat will be issued this week to tackle the above vulnerability.
We at PCS would like to remind you to keep these Adobe products updated in order to avoid down-time and the added expense incurred after recovering from a compromised computer system.
MSE Going Free
Posted by Brian Gallutia on Oct 3, 2010
Over the past few months, Microsoft Security Essentials has been a reliable tool in our fight against virus and malware infections, and in October, Microsoft is sharing the love with the small business.
Starting in October, small businesses will be able to license Microsoft Security Essentials for up to ten PC’s, at no cost.
Compared to other anti-virus solutions out there, that may not seem like a huge savings, but subscription costs do add up over time and MSE is just as good, if not better, than the standard commercial-fare.
For more information, review this posting from Microsoft’s SMB Community blog.
Is that Bill in 2010?
Posted by Brian Gallutia on Oct 3, 2010
There is a new feature in Outlook 2010 called the “People Pane,” which can be found at the bottom of email windows and shows information related to the contact, such as recent emails, past and future appointment dates and even Facebook status updates (when utilizing the Outlook Social Connector).
Another piece of information that the People Pane can serve up is an image of the person(s) you’re emailing. This information can be pulled from your smart phone, the social media connector, or just “any old image” you have associated with the contact in Outlook.
A funny thing was discovered recently in that when a contact does not have a picture association, the “default” image is a silhouette of Bill Gates’ infamous “mug shot” that was taken of him after a driving offense in his youth:
OpenDNS FamilyShield
Posted by Brian Gallutia on Aug 29, 2010
For the past couple of years, PCS has been configuring our customer’s networking environments to utilize the OpenDNS service 
for both its stability and speed, and now there’s another reason to get on the OpenDNS bandwagon: FamilyShield.
Kids get into all sorts of things they shouldn’t get into online and parents want to protect their kids from what’s “out there.” In June, OpenDNS introduced the FamilyShield service that is..
..the absolute simplest and most straightforward way for parents to protect kids from the bad stuff online.
By configuring your home computers and/or home router with the following FamilyShield DNS numbers:
208.67.222.123
208.67.220.123
…your home network will block pornographic content, including OpenDNS’s “Pornography,” “Tasteless,” and “Sexuality” categories, in addition to proxies and anonymizers (which can render filtering useless). The service also blocks phishing and some malware.
OpenDNS provides instructions on configuring 18 different brands of routers to take advantage of this service. If you would like assistance in securing your home network, please feel free to tap PCS by using our Contact Form on this web site and a technician will be with you shortly.
From 8 To 12
Posted by Brian Gallutia on Aug 29, 2010
The days of wimpy, eight-letter passwords are now gone. The 12-character era of online password security has now begun.
The bad news: Researchers at the Georgia Institute of Technology utilized a cluster of graphics cards to crack eight-character passwords in less than two hours.
The good news: The researchers discovered that the same process would take 17,134 years to crack a 12-character password.
The article “How To Create a ‘Super Password’ by CNN’s John D. Sutter, outlines the issue very well and explains the how’s, why’s and what-to-do’s to insure that your online identity is secure as possible behind a good password.
Snipping Tool
Posted by Brian Gallutia on Aug 29, 2010
There is a little-known utility that is lurking in the Accessories area on all Windows Vista and 7 operating systems that we at PCS use on a daily basis, but no one seems to be aware of: the Snipping Tool.
The Snipping Tool can be used to capture a screen shot, or snip, of any object on your screen and then annotate, save, or share the image.
The mouse can be utilized to capture any of the following types of snips:
Free-form Snip: Draw an irregular line around an object
Rectangular Snip: Draw a precise line by dragging the cursor around an object to form a rectangle.
Window Snip: Select a window, such as a browser window or dialog box, that you want to capture
Full-screen Snip: Capture the entire screen when you select this type of snip.
After the snip is captured, it is automatically copied to the mark-up window where you can annotate, save or share the snip.
Personally, I use this tool in my day-to-day communications with clients via email. It is invaluable in allowing me to illustrate a concept, problem or solution with a program by taking a “snip” of my screen and then pasting that snip in a quick email.
I know a few clients are in the habit of emailing a screen capture by hitting the Print Screen (PrtScn) key on their keyboards, pasting the capture in Word, editing the capture and then mailing the document as an attachment. Hopefully this tool will make that process a lot easier for some folks.
AV Vendors See 19%
Posted by Brian Gallutia on Aug 9, 2010
According to a recent report by security firm Cyveillance, anti-virus software vendors detect an average of 19% of all malware attacks. What may be even more disturbing is that after 30 days of the malware attack being “in the wild,” the percentage only jumps up to 61.7%.
Per the findings reported:
Cyveillance tested thirteen popular AV solutions to determine their detection rate over a 30 day period and found that popular solutions only detect an average of 18.9% of new malware attacks. By day eight, AV solutions average a 45.7% detection rate. This rises to 56.6% on day 15, 60.3% by day 22, and 61.7% after 30 days.
Apple and Big Potatoes
Posted by Brian Gallutia on Aug 4, 2010
Last year, I wrote an article for this site entitled “Welcome to the party Mac..” where I tried to dispel the common myth that Apple computers were impervious to malware and viral infections. My argument called the Apple platform “small potatoes” because up until the past year or two, Apple systems did not have enough market share for virus writers to focus their efforts on compromising Apple’s operating systems for profit.
With the proliferation of the iPod, iPhone and now the iPad, the “curse of popularity” now afflicts Apple’s iOS. Gizmodo is reporting on a new exploit that allows a hacker to gain total control of your Apple device by loading a compromised PDF file:
Right now, if you visit a web page and load a simple PDF file, you may give total control of your iPhone, iPod touch, or iPad to a hacker. The security bug affects all devices running iOS 3.1.2 and higher.
This security threat is particularly scary because all that is needed to infect an iOS device is a link to the PDF. No user interaction is required other than following a link or being redirected to a “malicious” PDF file.
Safeguard yourself by keeping on top of this issue and making sure that you keep your iOS devices updated with the latest security patches. It is unclear when Apple is going to be addressing this particular issue, but it is my hope that they don’t hold another press conference (ala’ the iPhone 4 antenna debacle) and decide to spend most of the time blaming Adobe for the problem ;)