Tech Geek and More

Technology Explained for All

Sponsor Ad IDrive Remote Backup

Category Archives: Ninite.com

Removing Security Shield (Fake Antivirus) Malware – How to

computer  After a quiet couple of months, where Fake Antivirus pop up’s stopped being a daily issue in tech support, this week we had the return of an oldie but goodie.

     We received calls from a couple of clients with a pop up for the “Green Dot Security Shield”. After comparing what each client was doing, we believe that the pop up most likely came while each client was browsing the same “Major Website” (I will not list the website as of now, since we CANT prove our theory, but the suspected site has been notified). Remember, Pop up’s like these can occur surfing any part of the internet, it does not just happen to those who surf the shady side of the web.

What do you see when your get infected

     While browsing, what you will see is a pop up (like this example), that looks like an Antivirus program with a message that infected files have been found.  This is why it is important to know what Antivirus / Antimalware software you have installed and what it looks like. 

green shield fake av

     Once you have this pop up on the screen, what you will find is that you will be unable to open various programs (like your actual malware cleaner), as this pop up starts making changes to your pc.  If you get to this stage, you NEVER NEVER NEVER want to click on any part of the window or any corresponding messages, because even messages that say ignore or skip will actually continue to infect your pc. What you need to do is power off your pc, and then start in safe mode. To get to safe mode, press F8 key over and over as soon as you power on your pc until you get the safe mode message. At which point select “safe mode with networking” (Example below).

image

     Once you get booted in safe mode with networking, launch CCleaner. If you don’t have it already installed you can download it from the (LINK) Piriform (http://www NULL.piriform NULL.com/ccleaner) website.  Once installed, and opened, go to Tools (on left side) then select Startup. This will show you a complete look at everything you have starting on your pc.

image

You want to look for a lines for programs that are set to start automatically with names like qfhsl.exe. (Your line may be use a different name, and there may be more than one). If you are not sure if the .exe file is legit or not, use one of the search engines (like Google or Bing) and search for each .exe name. 

image

If you are not sure if an item is legit or not disable it, if you know the item is NOT legit then you can delete it right from the CCleaner application. In addition, if you know that the file is not legit, make a note of the listed location and go to that location and manually delete the file as well, as in this example for qfhsl.exe

image

This specific Green Dot Malware can be found in

C:\Documents and Settings\(User name of the signed in user at time of infection)\Local Settings\Application Data\ (for XP)

C:\Users\(User name of the signed in user at the time of infection)\AppData\Local (for Windows Vista and Windows 7)

Additional Clean Up Steps

     Once you have taken these steps, you must still run your Antimalware programs to make sure whatever is left behind gets cleaned up. The 2 programs I can recommend are Superantispyware and Malwarebytes.  If you don’t already have these 2 programs installed, go to (LINK) Ninite (http://ninite NULL.com/) to download and install them

image

     Once installed, I recommend running Superantispyware first. When you launch the program, before starting the scan, select Check for Updates and let the program update to the latest signature files. (The Database Status should say “Updated X minutes ago)

image

     Once your system is updated run a complete scan on all your drives. Once the scan completes, select all items found and click on the remove button. Once all those items are removed, you will get prompted to reboot, at this point select NO.  Instead of the reboot, start Malwarebytes. 

     Once Malwarebytes starts, click on the Update tab and select Check for Updates and let the software update the signature files.

image

     After the software update completes, go back to the scanner tab and select “Perform a full scan”

image

     Again, once the full scan completes, select all items found and click on remove.  After you have run both programs and removed all items found, you can reboot your pc and your system should now be clean of the “Green Dot” Malware.

     One additional step you may want to take at this point is to uninstall and reinstall your Antivirus software, as many of these malware attacks break the antivirus software, make sure you have the software to reinstall prior to removing the software and if you need to replace your software, you can download free Antivirus software from the (LINK) Ninite (http://ninite NULL.com/) site.

image

     Just pick one of the Antivirus choices under the security section.

- (Microsoft Security) Essentials

- Avast

- AVG

    All 3 are free for home use.

Malware / Scams – What to look out for

Scams  We saw a couple of Malware attacks make a come back this week, these infestations most likely appear to have come from Online Ad’s (on legitimate web sites). One of the things to keep in mind is that online ad companies receive billions of ads every year, it is NOT impossible for a “Bad” ad to get thru.

On (LINK) Google’s Official Blog (http://googleblog NULL.blogspot NULL.com/2012/03/making-our-ads-better-for-everyone NULL.html#!/2012/03/making-our-ads-better-for-everyone NULL.html) this week they reported

Bad ads are declining
The numbers show we’re having success. In 2011, advertisers submitted billions of ads to Google, and of those, we disabled more than 130 million ads. And our systems continue to improve—in fact, in 2011 we reduced the percentage of bad ads by more than 50% compared with 2010. That means that our methods are working. We’re also catching the vast majority of these scam ads before they ever appear on Google or on any of our partner networks. For example, in 2011, we shut down approximately 150,000 accounts for attempting to advertise counterfeit goods, and more than 95% of these accounts were discovered through our own detection efforts and risk models (http://googlepublicpolicy NULL.blogspot NULL.com/2011/03/keeping-counterfeits-out-of-ads NULL.html).

     What that means is that bad ad’s will get thru, (as there is no human way to verify billions of ads) and its up to you to pay attention and make sure you don’t become a victim.

     Here are 3 simple things to keep in mind about online ad’s. This comes from the (LINK) Google Stay Safe Online (http://www NULL.google NULL.com/goodtoknow/online-safety/ads/) page

  1. If it’s too good to be true, it probably is…

    Be wary of online ads offering deals that seem too good to be true. Ads promising expensive products or services for free or next to nothing, such as a new car or island vacation, likely have a malicious intent.

  2. Avoid the usual suspects…

    Ads congratulating you for being a website’s one-millionth visitor, offering prizes (like a new laptop or tablet) in exchange for completing a survey, or promoting quick and easy ways to make money (“get rich quick working from your home in just two hours a day!”) are more often than not up to no good.

  3. Watch out for Google money scammers…

    Some online ads illegally use the word “Google” (http://googleblog NULL.blogspot NULL.com/2009/12/fighting-fraud-online-taking-google NULL.html) or other trademarks to promote false “work from home” or “get rich quick” schemes. Google does not offer such programs; remember: if you can’t find an advertised product or service on our list of Google products (http://www NULL.google NULL.com/options/) or on the business solutions page (http://www NULL.google NULL.com/services/), don’t trust it.

     In addition to the common sense steps listed above, here are a couple of more things you really need to consider

  1. You need current Antivirus software on your pc (and you need to know how to use it) A good Anti-Virus program doesn’t have to cost you anything, so there is NO EXCUSE as to why you don’t have one (or a current one). We can recommend products like (LINK) Microsoft Security Essentials (http://windows NULL.microsoft NULL.com/en-US/windows/products/security-essentials), (LINK) Avast Antivirus (http://www NULL.avast NULL.com/en-us/free-antivirus-download), or (LINK) Panda Cloud Antivirus (http://www NULL.cloudantivirus NULL.com/en/#free-antivirus-download). You don’t install all 3 of these, just choose 1 and install it, then make sure you keep it updated regularly.
  2. You need current Antimalware software on your pc (and you need to know how to use it, as well) The 2 must have software pieces we recommend are SuperAntiSpyware and Malwarebytes. You can download both of these from the (LINK) Ninite (http://ninite NULL.com/) website, which is “The easiest way to keep apps up-to-date”. Ninite is free for home users. When it comes to Antimalware software, you DO want both of these installed, updated and run regularly on your pc.
  3. Update ALL Software on a regular basis (That means at least once a month or more, NOT just once during the life of your pc) What this means is that all major software gets regular updates, make sure you check and when an update is out there, UPDATE UPDATE UPDATE. For those of you who regular read a newspaper or watch the news, when you hear about a break in what do they usually say, “The intruder got in via an unlocked back door or window”. So imagine your Windows software as the front door, and software from Oracle (Java), Adobe (Flash, Reader), being the back door and windows to your pc. Unless you lock all of them, you are leaving a way for a bad guy to break into your “digital home” (otherwise known as your pc). You can use (LINK) Ninite (http://ninite NULL.com/) (as well) to check and update your key software (Example shown below)image
  4. Backup, Backup, Backup (oh and did I say Backup!) Lastly, there are times when a tech will NOT be able to recover your pc. At times pc issues can be so bad that there is NOTHING that a tech can do. If you face a situation like this, you better have a backup of those files that cant be replaced (Pictures, Music, Documents, Downloads, etc.).  The rule of them for backup is that you should have (at least) 2 backups for any file that matters to you. Of these 2 backups, 1 should be a local backup on an external hard drive or DVD/CD disks, and the 2nd backup needs to be a remote backup. Again, there is no reason for not having at least a minimal set of files backed up as many places offer FREE backup.  We recommend (LINK) iDrive (http://www NULL.idrive NULL.com/?p=techgeekandmore)* who offers 5 gigs for free and rates as low as $4.95 / month for 150 gigs. (*iDrive is a Tech Geek and More sponsor)

Software: Update your Non-Tech friends pc day…. 11/25/11

computer Microsoft via their (LINK) Windows Team Blog for Internet Explorer (http://windowsteamblog NULL.com/ie/b/ie/archive/2011/11/23/get-ready-for-update-your-parents-browser-day NULL.aspx) is calling this coming Friday 11/25 “Update your Parents Browser” day. However, in the opinion of Tech Geek and More that idea is narrow minded.  Every Tech, Geek or just knowledgeable computer person has a few people (because no one has just 1) that call regularly whenever something goes wrong on a pc.  You know the call, “I wasn’t doing anything and then all of a sudden………” .  So Tech Geek and More is actually asking its readers to expand on the idea, and use Friday while your visiting non-tech friends and family, and update all software on the pc. Just remember, the more updated they are, the better chance you have of them NOT calling you to fix it.

Just an idea of what should be updated

- Adobe Acrobat

- Adobe Flash

- Adobe Air

- Adobe Shockwave

- Oracle Java

- Anti-virus (If they don’t have a current one install a free one)

- All Windows Updates

- All Office Updates

- All installed browsers (Not just IE)  

- **Plus review for any other installed programs that you know should be updated.

 

If you don’t want to take to long doing this, you can visit (LINK) Ninite (http://ninite NULL.com/), where you can install the latest version for a majority of the software. 

 

If you need ideas as to when, the (LINK) Windows Team Blog (http://windowsteamblog NULL.com/ie/b/ie/archive/2011/11/23/get-ready-for-update-your-parents-browser-day NULL.aspx) lists Top-10 Moments to Update…. (Windows Team Blog story by Scott Armstrong (http://windowsteamblog NULL.com/members/sarm34/default NULL.aspx)

 

Top-10 Moments To Update Your Parents’ Browser

10. When they’re manning the fire extinguisher dealing with the yearly deep-fried turkey accident.

9. When they’re telling your cousins “when I was your age” stories.

8. When they’re face down in the eggnog punch.

7. When they’re fighting over the right way to carve a turkey.

6. When your mom kicks you out of the kitchen for peeling potatoes “the wrong way.”

5. When they’re sent to the grocery store at 2PM on Thanksgiving Day for extra cranberries.

4. When they’re sitting at the Adult’s table (rally the other kids to help).

3. When they’re standing in a Black Friday line.

2. When they’re untangling Christmas lights.

And the number one time to update your parents’ browser is…

1. When they’re distracted by grilling you about when you’re going to get a real job, when you’re going to settle down, and when you’re going to give them grandchildren.

So watch for these moments and many more to help them make the upgrade to a modern web browser today. Web developers everywhere will thank you!

Happy Thanksgiving from the IE team!

Google Ads