Triona's Tech Tips

The real Microsoft Security Essentials is a free tool that helps protect your computer from viruses and other threats. A fake antivirus program is using the Security Essentials name to spread its infections.

Fake antivirus programs are viruses that purport to be legitimate security software. It can be very difficult to tell the tricksters from the real deal. In this case, if you run across something claiming to be “Security Essentials 2010“, stay far away.

Like other fake antivirus programs, this particular rogue hijacks your computer and prevents you from accessing the web sites of legitimate antivirus vendors. It uses hyperbole to convince you that your computer is infected, then tries to con you into paying for removal. Such tricks are becoming more common. I’ve previously written about the odious Win Antivirus 2010, a rogue that really raised the bar on how far these con artists will go in order to make money at your expense.

By itself, Microsoft Security Essentials (the real one) is not adequate security software. You need something more robust like the free or paid versions of AVG, or Trend Micro or McAfee. I’m still not recommending Norton because it’s such a memory hog, but use it if you must. Also be careful if you look for for antivirus programs via a search engine, as the con artists hijack search results to spread their dangerous look-alikes.

The next time you do an online search for something, pause before you click. Some of the results you receive are poisoned links to malicious sites that may infect your computer with viruses and malware.

Search engines don’t verify that keywords match results, nor that sites are free from infection. Sponsored ads are particularly notorious. If you do a search for “Windows antivirus”, the paid results are often links to fake antivirus programs just waiting to lure you in.

I advocate the use of link-checkers such as McAfee SiteAdvisor or LinkExtend for Firefox. These free add-ons indicate through red, yellow or green icons whether links are safe to visit. Even so, you should always be cautious. Make sure your security software is up to date and that you have the latest versions of programs like Adobe Reader and Flash (here’s why). You can also run Secunia’s Online Software Inspector to check the status of your security protections.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

After a well-publicized incident in which Internet Explorer 6 was implicated in the hacks against Google and other high-tech firms in China, Microsoft is releasing an emergency fix for Internet Explorer, and begging users to upgrade to newer versions.

Today’s emergency fix is for Internet Explorer 6, 7 and 8, particularly under Windows XP although Vista and Windows 7 are also affected. This chart shows the risk potential and illustrates why upgrading to the latest version of Internet Explorer is vital to protecting your computer against viruses.

It also illustrates what I mentioned in my recent Northwest Herald column: that the older a program is, the more vulnerable it is to viruses and other Internet threats. The hack on Google involved “spear phishing”, a targeted campaign in which fake emails appeared to be from people the victims knew. The victims were therefore lured into clicking on infected PDF and Microsoft Office documents they might not otherwise have opened. These documents infected the computers with malware using holes in Internet Explorer 6 and other programs. There is some question as to why these companies were using a version of IE well-known to be vulnerable.

This incident is a good reminder for businesses and consumers to monitor their software versions and consider switching to an alternate web browser. It’s also a reminder to be wary of opening attachments even if they appear to be from someone you know.

Your free email subscription to Tech Tips includes bonus tips, tricks and product reviews. Through January 31, 2010, new subscibers will also receive a special gift: my IT Business Continuity Checklist. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Starting in 2010, I’m writing a monthly technology column for The Northwest Herald. In January’s column, Old Software Poses Risk Of Viruses, I talk about how outdated versions of your software can open the floodgates. Here are some previous Tech Tips articles on how you can protect yourself:

• Old Versions Of Internet Explorer Vulnerable To Viruses
• Fall In Love With Secunia Personal Software Inspector
• Mozilla Firefox Expands Check For Unsafe Plug-Ins
• No Click Required: Malware Via Infected Ads

Below you’ll find links to related resources including those mentioned in the column.

• Adobe Acrobat Reader updates
• Flash updates
• Mozilla Firefox plug-in check
• Microsoft Update for Windows, Office, Internet Explorer
• Apple Software Updates for Mac OS, iTunes, Safari, iPhone and iPod
• Secunia Online Software Inspector for Windows

Your free email subscription to Tech Tips includes bonus tips, tricks and product reviews. Through January 31, 2010, new subscibers will also receive a special gift: my IT Business Continuity Checklist. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

If you are using an old version of Internet Explorer, your PC is more vulnerable to viruses and spyware.

The current version of Internet Explorer (IE) is version 8, but I routinely encounter computers running version 7 or–heaven help us–version 6. Upgrading isn’t a matter of wanting all the bells and whistles. It’s a security necessity.

The longer a piece of software is publicly available, the easier it is for hackers to design viruses or spyware to exploit its weaknesses. Also, newer software benefits from advances in security research. By running the most current version, you boost your protections.

I advocate that you break the Internet Explorer habit by using an alternate web browser like Firefox. But you still need to keep up to date on your Internet Explorer patches. Because IE is a component of Windows, you are vulnerable even if you don’t use it. One rare reason you might not want to upgrade to IE8 is if you have software that isn’t compatible. Unless this applies to you, you should consider the upgrade.

You can check your version of Internet Explorer within the program by selecting About Internet Explorer from the Help menu. To upgrade, visit update.microsoft.com or click here to go directly to the download. After you’ve installed, be sure to visit update.microsoft.com again to seek out the most recent security fixes for IE8. This will provide you maximum protection.

If you enjoyed this article, subscribe to the email version of Tech Tips for bonus tips, tricks and product reviews. Through December 31st, 2009, new subscribers will receive a special gift: my tip sheet on Creating Strong Passwords (PDF). Just click here to sign up.

Have you ever gone to install a program, only to be offered some completely unrelated software via a tiny, unremarkable checkbox? This is called pre-checked software, and I think it stinks.

Pre-checked software differs from malware or PUPs (potentially unwanted programs) in that you are given a choice, albeit an unobtrusive one. It’s a marketing gimmick, and it often backfires. Apple got its rump handed to it for pre-checking their Safari web browser during the Windows install of iTunes. Most Windows users didn’t know Safari from sassafras and didn’t want it on their computers. Apple had to backtrack and make sure the Safari offer was unchecked by default.

Some pre-checks are actually good for you. If your antivirus software asks if you want a special security toolbar to go with it, you might like that. But if I go to install a program–Java, for example–I don’t want a trial copy of Carbonite backup software alongside it. Maybe I don’t have a lot of hard drive space, or maybe I just like keeping my computer tidy. We have enough problems with viruses, malware and fake antivirus software without having to deal with programs that invite themselves along like unwanted guests at Thanksgiving dinner.

So next time you’re installing a program, watch out for that pre-checked box. You’re not obligated to install anything you don’t want to.

Through December 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet: Ten-Step Computer Troubleshooter. Just click here to sign up.

Secunia Personal Software Inspector (PSI) is a beautiful thing. We’ve talked about how hard it can be to make sure your Windows computer has all the right patches for its software: Windows itself, Internet Explorer, Microsoft Office, Adobe Acrobat Reader, Adobe Flash, Java, Mozilla Firefox… it’s enough to make your head spin.

PSI takes care of this for you, by scanning your computer and giving you a vulnerability assessment, with links to download what you need. Call it one-stop shopping for computer updates. While it doesn’t detect every program, it does scan for all the major ones, and that alone is enough to give you an edge on viruses and other threats.

If you want to check it out, give the Secunia Online Software Inspector (OSI) a try. If you like it, download PSI and toast your new-found happiness.

Through December 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet: Ten Step Computer Troubleshooter. Just click here to sign up.

This week sees the public release of Microsoft Windows 7. I’ll be giving you an in-depth look at Windows 7 in next month’s Tech Tips (so don’t miss your free subscription and special gift). To whet your appetite, let’s talk about whether or not you should upgrade.

If you use Windows, you’ll have to upgrade eventually, especially if you haven’t already made the leap to Vista. Many people have delayed this either because they don’t like the changes to the Windows look-and-feel, or because they have software that isn’t compatible. But, as I said in a previous article:

It’s sad to say, but our decisions to upgrade have become less about whether we need it for productivity and more about whether our computers can remain functional against the continual onslaught of cyber-attacks. Remember, Windows XP is 8 years old. These attacks are sneaking through despite our best defenses. Windows Vista is no panacea, but its improvements in security offer better protection.

This is even more true of Windows 7, which improves on Vista’s security while eliminating some of the headaches that slowed Vista adoption, notably incompatibility with drivers. In the past most of us have chosen to hold off until the first Service Pack comes out, but in this case we may not have that luxury. Hardware makers aren’t likely to support three versions of Windows, so they will be eager to get everyone off XP as soon as possible by making new equipment Vista- and Windows 7-compatible only. Between that, the Internet threat risk and Microsoft’s lifecycle policy, XP’s days are numbered.

The good news is, Windows 7 is supposed to be more stable than Vista, so waiting for the first Service Pack isn’t a necessity. Also Windows 7 comes with a compatibility mode for XP, which may make migrating your applications easier.

If you have an older computer and are considering an upgrade anyway, Windows 7 is a wise choice. If your computer is less than three years old and doing what you want it to do, you don’t have to move to Windows 7 right away. But plan for the future, knowing you will eventually have to make that leap even if you’re not fond of Windows 7’s Vista-like look.

Are you planning to move to Windows 7? Why or why not? Click Comments to discuss.

Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

Mozilla Firefox has upped the ante in the fight against cybercrime with automatic checks for updated plug-ins.

Plug-ins are bits of software that work within your Web browser to provide additional functionality. Mozilla debuted this feature with a check for updated versions of Flash, a popular plug-in used to view video content. Outdated versions of programs like Flash are used to spread viruses and malware.

Firefox will run the check automatically, or you can visit this site to check your plug-ins manually. You still have to update them yourself, but Mozilla’s new feature provides a more intuitive way to do so. You can also view your plug-ins and get more information about enabling and disabling them. The check works for both the Windows and Mac versions of Firefox. It’s such a good idea I suspect we’ll see this sort of functionality added soon for Internet Explorer and Safari, the default browsers for Windows and Mac, as well as other browsers like Opera.

Mozilla says it will continue to expand this feature to include additional plug-ins, which is great news for users struggling to keep their computers free of malware and other threats.

We all know the risks of computer viruses, but what do you do if you think you have one?

First, follow Douglas Adams’ advice: Don’t Panic! Run your antivirus and anti-spyware software to see if they can remove the infection. Windows users might try the free online virus scanners from McAfee and Trend Micro. Malwarebytes is a good Windows resource for removing spyware and other kinds of virus-like intruders. Mac users should try the free programs Avast for Mac or ClamX AV.

Some viruses are easily removed, but others embed themselves deep within your computer. The worst-case scenario is having to format and reinstall your computer from scratch, which is why backups are a must.

There are some commonly-held misconceptions about how to prevent computer viruses.

• Adding “aaaa@aaaa” to your address book doesn’t work. It was a trick from years ago that only applied to one particular virus… for about five minutes, until the virus-writers wrote a workaround. These days it’s the equivalent of fighting a wildfire with a squirt gun.
• Booting into Safe Mode also doesn’t work. Safe Mode is used to diagnose computer problems by starting Windows into a minimal version where only the basics are loaded. Most of your software won’t function and the virus will remain in the background, chewing on your system.
• Fake antivirus software and computer cleaners will only add to your woes. Ads for these run rampant across the Internet, especially when you’re searching for legitimate tools like the ones I mentioned above.
• Fake security bulletins claim to be magic cure-alls, but they’re far from it. They are scams out to trick you into clicking on malicious links and further infecting your computer.
• Fake pop-up Web windows pretend to scan your computer, but they are also scams trying to trick you into clicking them.

Your best protection is prevention. Maintain good backups and stay tuned to Tech Tips for the latest computer news. Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

In November I’ll teach you about Do-It-Yourself Tech Support. If you have any computer questions, let me know.