Skype Users Beware
Folks, if you use the very popular VoIP program Skype – as I do – you need to be aware of some recent cybercriminal activities. These bogus ‘alerts’ try to trick you into installing malware on your machine (which will bypass your security).
1) The fake “Windows needs immediate attention” attack is active again. Please see, Skype — “Windows Requires Immediate Attention”.. Not!
2) There’s a new attempt – using a trojan and a pretend ‘add-on’ – to steal your account information. Please see, SpySkype.C Trojan Wants to Talk to You! by Internet Security blogger Bill Mullins.
Please alert your friends and family (who use Skype) to these “social engineering” scams too.
[addenda: Peter Parkes (Skype Blogger) wrote and asked me to remind my readers to, quote, “Please report users who send these messages to abuse@skype.net – that will help us to block them where appropriate.”]
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Simple Yet Important Tip
Most everyone has read in the news about Monster.com and USAJobs.gov (both career job seeking and posting sites) being illegally accessed and account data being taken.
Most of you are probably wondering, what’s the big deal? So what, someone has taken usernames, passwords and email addresses to a career site. Just change the password, as instructed, and you will be fine. Wrong!
Please click this link to continue, whether or not you have ever used these two sites. Why the security breach at Monster.com and USAJobs.gov is a BIG deal…
And, yes, please– watch the short video.
Stop Error Solution #8 – SigVerif
Vista Stop Error: “A recent hardware changes, or unsigned driver, has prevented Windows from loading..”
The Blue Screen of Death (BSOD) is an error screen displayed by Microsoft Windows after encountering a critical system error which can cause the system to shut down to prevent damage. (They are not always blue anymore – sometimes you see a black screen, saying only “Stop: 0x000000F1”, or some other similar, ‘helpful’ hexadecimal string – but they are still called “bluescreens”.)
Bluescreen (Stop errors) on NT-based Windows systems are usually caused by poorly-written device drivers or malfunctioning hardware. Way back when dinosaurs roamed, in the Win9x era, incompatible DLLs or bugs in the kernel of the operating system could also cause BSOD’s. (There are different types and causes of stop errors, a good summary can be seen here.)
With Vista, Microsoft got a bit more restrictive, and it can happen when an unsigned device driver is found.
Microsoft got a a little tired, I guess, of taking the rap for the poorly written, and often amateur, device driver-caused BSOD’s. (People tend to blame Windows for the crash..) And so they, over the years, have tried various ways to get the hardware vendors to write and release good driver software, and rewarding those that did with the coveted Microsoft Compatible seal of approval (usually a logo on the box), and placement on the WHQL (Windows Hardware Compatibility List). But.. hardware vendors build, box, and ship, devices.. not program code, or study all the minutia of the OS kernel.
Digital “signatures” (in this instance) are one way to determine if the driver was written by the kid down the street. When a driver has been tested and approved in Microsoft’s own labs, it gets a super-special digital certificate. And with Vista, you pretty much gotta have that driver, or expect stop errors. These Microsoft-signed drivers are available through Windows Update, and the “Update driver” feature (a subset of “Add new hardware”).
(For more on troubleshooting and/or installing device drivers, see my Plug and Play series.)
Tip of the day: In Windows XP and Vista there is a utility that you can use to scan your all your installed drivers. It will report any it finds that don’t have a “signature”. This is a great way to ‘zero in’ on the (possible) cause of the Stop error.
Use the Sigverif.exe tool to identify unsigned device drivers installed on your Windows XP/Vista computer. To use the tool, perform the following steps:
1) Open Start menu, select Run, type Sigverif and then click OK.
The File Signature Verification tool will open. Click “Start”.
The scan will run, and ideally produce the following result…
But if it finds anything, it will produce a list of funny-named files… like “msndis5.sys” which are your unsigned drivers (or, they’re signed.. but not Microsoft super-specially signed). Hopefully it will be a list of one.
2) Use your favorite search engine to find out what the funny-looking driver belongs to. (In my example, it turns out that msndis5.sys is a part of NetStumbler – a very popular wireless “hotspot” locator.) Now you will know which device, or program, needs your attention to cure the BSOD.
3) Remove the offensive device driver.
There’s options to how you go about this. In the case of my example, it is a program. So, I can uninstall the program, or look for a newer version (update) of the program.
If it were a device, I would go into Device Manager (see, If It Ain’t Broke – Don’t Fix It), select the device in question and try:
* “Update driver. If that says ‘no dice’ (“The best software is already..”),
* “Rollback driver”. If that is not available, or fails to stop the Stop errors,
* “Uninstall”, then reboot. Windows will reinstall the device, and it will grab the driver from the WHQL.
Hopefully, this will resolve your issues. If not, you should start looking at your hardware itself. I’ve run long, so..
Today’s free download: Google Calendar Sync.
For anyone who relies on a digital calendar to keep them on track, Google Calendar Sync is a must-have application. The free download isn’t fancy or even pretty–a simple log-in and options list comprises the system tray icon. However, the meat of the application is what it can do, which is flawlessly add details of Outlook calendar items to Google’s Calendar, and vice versa.
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Bummer. I only won 200,000 Euros this time…
YOUR E-MAIL ID HAVE WON.
From: sugerencias (sugerencias@presidencia.gov.py)
Sent: Tue 1/27/09 6:57 PM
To:
ANNOUNCEMENT YOUR EMAIL ID HAVE WON.
ANNOUNCEMENT MICRO WORD.COM CORPORATIONS.
CUSTOMER SERVICE:
MADRID SPAIN/ESPANA.
APARTADO DE CORREOS 48, 28230 las Rozas,
REFERENCE NO: MSFT-2008-X74-RS
BATCH NO: MSFT-2008- GM-0221
OFFICIAL WINNING NOTIFICATION.
Welcome to Microword.com Corporation end of year promotions, We are
pleased to inform you of the released results of Sweepstakes Promotion
organized by Microword.com Corporations, in conjunction with the
foundation for the Promotion of software products, held this Jan 24th
2009, here in Madrid-Spain.
Your email address emerged as one of the on-line Winning emails, in the
1st category and therefore You have been approved for a cash award
200,000.00Euros (TWO HUNDRED THOUSAND EURO) this is from a total cash..
* Micro Word??? Who are we trying to sound like?
Today’s free link(s):
Google Video search results poisoned to serve malware
This article is a bit difficult to read, and assumes the audience is security-savvy, but if you’re willing to look past that, you will see some frightening facts spelled out that tell you just how broken and insecure the Internet is.
Security Fix Pop Quiz, Reality-Show Style
“I want to give readers more perspective about why applying these updates are so critical, by looking through the lens of the criminal masterminds behind “Grum,” one of this year’s largest spam botnet..”
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
How To Cure A Malware Infection
3 Easy Methods
What do you do when your PC is displaying all the signs of having been infected and/or hacked but your antivirus and anti-spyware scan reports come back clean.. or fail to remove the infection?
This was the case for a fella who called me for advice recently. He had done things ‘right’ — and by that I mean he has a firewall, he keeps his antivirus definitions up to date, 
and he runs a couple of anti-spyware applications — but suspected his machine had been hacked anyway.
He couldn’t do things he was used to doing (like deleting a file) and his machine was “really slow.” But according to his scanners, his machine is in perfect shape!
He was right, btw, he was infected.
Tip of the day: If you should find yourself in a similar situation there are several steps you can take to help resolve your questions and (hopefully) fix your machine without taking the drastic step of wiping your hard drive, formatting, and reinstalling Windows.
The first step is to use a scanner that isn’t installed on your machine. Here’s two ways to do that: one, if your antivirus allows it (and most of them do these days), follow its instructions and make an antivirus recovery disk. This is a bootable disk that scans your system before Windows loads.
[note: for a quick method to create an AV disc, keep reading..]
To use one, put it in your CD tray and restart your machine. A plain-text sentence will appear* telling you to “press any key to boot from CD…” When you see it, hit your spacebar or, well, any other key, and then follow the instructions. When it’s finished, remove the CD and restart your machine again. (* If you don’t get a “press any key” prompt, you need to set the boot order in your BIOS. For instructions, click here.)
[note: you may also use a properly prepared USB thumb drive. Click here to read my article on how to do that.]
A second method is to use an online scanner. I have a list, with links, of several good online scans on my website, here. (My reco is Housecall) Quite a few of the online scanning tools will try to sell you their full application, but you’re under no obligation to buy. The big advantage to these two methods lies in the fact that they have not been compromised, or altered, and the files and scanners on your machine may be– the modification being done by the virus or hacker specifically to thwart your removal attempts.
[note: most modern malware blocks access to these sites. If that happens, do the repair found here, Can’t Download? Reset IE, and then try.]
Another thing to do is scroll down to my “Today’s free download” and download HiJack This!. Run it and dump the result into a .txt file (there’s instructions for this) and then register on one of the HiJack This! forums (there’s instructions for this too) and post your results there. Before too long, an expert anti-malwareologist [don’t bother looking: I just now made that word up] will have looked over the intricacies, and will post their analysis and instructions. These folks are really, really good at what they do, and you can trust their answers. These volunteers get a big tip of my hat.
Hopefully these efforts will be rewarded with a rejuvenation of your machine, and you will be back in business again. If not, you have my sympathy. You may have a rootkit and then your best solution is to re-format your hard drive and reinstall everything, or enlist the aid of a professional. There’s no shame in that last — the modern versions of viruses and worms are devilishly difficult to remove.
Today’s free downloads:
HijackThis™ is a free utility which quickly scans your Windows computer to find settings that may have been changed by spyware, malware or other unwanted programs. HijackThis does not clean infections, but creates a report, or log file, with the results of the scan. A large community of users participates in online forums, where experts help interpret the scan results to clean up infected computers.
Avira AntiVir Rescue System This is a small download that, when launched, will create a self-contained anti-virus disc with the latest definitions. All you have to do is insert a blank CD. (You may have to go to an un-infected machine to do this..) It will boot even if your machine won’t load Windows. Avira gets a big tip of my hat for offering this free tool, too!
Today’s recommended reading: How to Protect Your Child on the Internet
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Do You Need AV on a Mac?
I get asked that from time to time. But usually, I’m not asked, I’m told. “I don’t need all that *crud*. I’m on a Mac.”
Usually, but not always, there’s a certain tone the speaker adopts when uttering that Standard Line (read, “dogma”) that conveys a smug superiority.. but, hey, everyone’s entitled to a little.. uh, delusion or two in my book. Keeps life interesting.
Basis in fact: There are some reasons for this don’t-need-an-antivirus belief system. One is, Apple itself has promoted the idea. Another is, there were hardly any (and at some points in history, no, zero, zip, nada) viruses / trojans / worms / etc. written to exploit the Mac OS. And even now, they’re considered “rare”.
Cyber-criminals (aka “hackers”) knew that less than 5% of computers were Macs, and essentially none of the “pots of gold” (database servers) were running the Mac OS.. so why write a attack program? (Apple products have been proven quite “hackable” – iTunes, QuickTime, Safari actually rank quite high on the list. See, Firefox More Secure? Tops ‘Most Vulnerable’ List) Answer– There’s basically nothing to attack with it.
Then and now: But, that was before Vista; and, the “I’m a Mac” series of television commercials. Now, instead of approximately 1-in-20 PC’s being Macs, it’s more like 1-in-10. Now, the idea of a all-Mac botnet has some merit (and a true Mac fan will tell you, all the Windows PC’s have already been taken!). An all-Mac botnet wouldn’t be all that big.. but the new numbers mean it’d be big enough for some uses…
So, sure enough, some enterprising criminal wrote a backdoor worm and glued it to a copy of iWork ’09 and posted it to several of the torrent sites, knowing that Mac-using folks who don’t like paying for things would download and install it.
Voilà, we got us an all-Mac botnet.
[note: this has happened before, to Mac+LimeWire² users; see, Firms discover Trojan horse targeted at Mac OS X]
Someone has named this worm “iServices.A”, which is much more rational and.. nicer (ahem) than what I might have named it. This worm allows the hacker to do pretty much what he wants with the infected machine, which so far appears to be sending boatloads of spam to specific URL’s, in what is called a “denial of service” attack (the flood of messages overloads the server, and causes it to ‘crash’/shutdown)(see, Our Modern Nightmare – Zombie Attack)
Me? I have consistently advised installing an AV, no matter what platform/OS you’re running, just as I consistently advise making backup copies of your files, (yes, I have been accused of being a bit of a “belt-and-suspenders” man) for one very simple reason — what is the cost if you do, versus what is the (potential) cost if you don’t?
Plus.. it’s simple math: the more popular Macs get, the more they’ll be targeted.
Feel free to disagree, but you won’t get me to change my mind. My Tiger machine has antivirus onboard.. though I don’t know why I bothered, I never turn the thing on.
Today’s free link(s):
* Brian Krebs has an absolutely great article detailing this worm, and I leave it to him to make what may be the most important point on the subject–
“Leaving aside (hopefully) the question of whether Mac users need anti-virus, I’ve tried to impress upon readers the importance of avoiding risky behaviors online that could jeopardize the security of their systems. The reality is that installing programs downloaded from P2P networks is about the most insecure practice a computer user can engage in,¹ regardless of the operating system in use.
This is why I think it’s important to call out this Trojan. Yes, it infects Macs, and that’s something we don’t see very often. But it’s also a teachable moment to remind readers that no security software is going to protect the user who is intent on installing software that may be tainted with malware, as long as that user is willing to ignore any advice (or alerts) to the contrary.
I highly recommend you read the whole article, Pirated iWork Software Infects Macs With Trojan Horse. Once you do, I think you’ll understand why he’s on my Blogroll.
* Blogroll member Bill Mullins posted an article that takes a look at the P2P “phenomenon” that I also highly recommend, Peer to Peer File Sharing – Evaluate the Risks – Consider the Trade-Offs
* And this article is a very good answer to the question, Is Mac still the safer bet?
¹ emphasis, mine.
² A very popular BitTorrent-style peer-to-peer program.
* One last thought.. anyone care to guess what percentage of people’s machines that I look at in my “real job” have LimeWire installed?
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Milestones
Yesterday, a reader posted a question using the “Comments” feature (found at the bottom of each article), which marked a milestone for Tech–for Everyone; it was comment #1,000.
I respond to comments/questions posted here, so let’s keep them coming people! But please remember– no offensive language, or “linkback” abuse.
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 