Archive for August, 2012

FBI Scareware ALERT

News, Warnings | Posted by Dennis August 21st, 2012

FBI LogoThere’s a new, very scary “Ransomware” attack spreading like wildfire across the USA in the last few weeks.  It poses as the FBI, and states that you have downloaded illegal material (movies, music, child porn, etc.)  They use VERY sophisticated means to convince you that you should pay money to them.  The FBI is aware of the problem, as well as digital security pros everywhere.  It’s been dubbed “Reveton Ransomware” and it’s a complete hoax, designed to get your money and/or steal your passwords.  It’s not easy to remove, and if you catch it the first thing you should do is CHANGE ALL YOUR ONLINE PASSWORDS from a different PC.  Then, follow these instructions  for removal.  Finally, update ALL software, including Windows, Java, Adobe products, etc.  Better yet, call your favorite IT Pro.  :-).  You can read full details of the attacks  and the “bot” network that is spreading it here.  (Thanks to Krebson Security!).  IMHO the most concerning thing about this attack is the method of payment.  They try to get you to go to a local store and buy a “MoneyPak” for electronic transfer!  This will help them cover their tracks, and helps them skirt around blocks by credit card companies. 

Norton Power Eraser

Helpful Hints, Warnings | Posted by Dennis August 17th, 2012

If you’re using Norton for your PC protection, you may have wondered about some of the extra tools that they offer.  Although I REALLY like Norton’s virus and malware protection, these tools are practically worthless.  The main two I’m talking about are called Norton Power Eraser (NPE) and the Norton Bootable Recovery Tool (NBRT).   First of all, Power Eraser is a TERRIBLE name for this software.  It implies that it’s a scrubbing tool or something.  But MOSTLY I should warn you:  If you get a message from Norton that you should run NPE, you most likely have a ROOTKIT!  This is the worst kind of infection, and allows total control of your computer.  The really sad part is that NPE probably won’t be able to remove it!  The tool seems to hang on removal or completely fail, and the boot tool rarely works unless you burn a CD of it.  Your best bet, if this happens, is to download and run ComboFix from this site.  (NOTE:  It’s the second Download button.  The first one is an ad).  You should turn off your virus protection while it runs.  It removes the vast majority of rootkits without a hitch.  But if all this makes you nervous, just take your PC to a good technician, and tell them the problem.   By the way, I still highly recommend Norton Internet Security.  I’ve only had ONE infection, out of hundreds of PC’s, in the last year since I started recommending it.  It’s great at prevention, which is the key in the first place.