Windows XP a Major Rootkit Target (but all versions are extremely vulnerable)

This is a very interesting article on a very dangerous form of malware called a rootkit, and the vulnerability of Windows XP. Windows XP is extremely vulnerable because it does not use a feature that is in Vista or Windows 7 called User Access Control, that warns you when you attempt to run a file for the first time. Windows XP will allow the execution of a rootkit without any warning what so ever. To make matters worse, your Antivirus protection will give you absolutely no warning that a rootkit has infected your computer. It doesn’t matter which antivirus you are using, or what version of Windows you are running. Because of their stealth nature, root kits are virtually undetectable, unless the computer is scanned from outside of Windows.

I have done some very extensive testing of security features in different versions of Windows and various antivirus products, both free and commercial products. I intentionally infected multiple computers, each running a different version of Windows, with the most insidious rootkit to date, known as TDL4. The results of my tests are very scary. For a full report, please send an email to help@2pcgeeks.com, requesting that you be added to my newsletter distribution list. The August edition should be available within 10 days.

http://www.2pcgeeks.com

Windows XP a Major Rootkit Target, Study Finds / Infopackets.com.

Preliminary review of OS X Lion

Just some quick impressions on the latest operating system from Apple, OS X Lion. A full review will be coming within the next couple of weeks.

First of all, the installation. As per a previous post, I had already performed some routine maintenance to get ready for Lion, so when it was released last Wednesday, all I had to do was download and install it. Installation went quickly, only taking about 20 minutes. Everything worked as expected without any glitches, printers, scanner and most applications. All low level system utilities needed to be upgraded for Lion compatibility as I suspected, eg. Onyx, Parallels, the virtual machine for running Windows 7, etc. Other than that, smooth sailing, well sort of.

I noticed higher than normal fan speed to keep the processor cool, and upon investigation in Activity Monitor, found that Spotlight was reindexing the hard drive. OK, no big deal. I walked away and let it do it’s thing. Within an hour, things settled down and I began my exploration of all the new goodies which I will discuss in my followup complete review. Bottom line is I love all of the new changes, especially the new version of Apple Mail, which was very well thought out by Apple engineers, and is a great productivity booster.

One of the alarming things I noticed is that some applications, like Safari, seemed to take a lot longer to open than I has expected. General performance was sluggish, like the Lion had a boat anchor around it’s neck. I was used to a very snappy Snow Leopard installation, so initially I thought I had been bitten by the bleeding edge, version one bug. After thinking about this awhile, I knew my old late 06 MacBook Pro was a little behind the times, but with it’s Core 2 Duo processor and 4 GB of memory, it should have been performing a lot better than it was. I realized that over the past 5 years, I had never done a clean install. I had upgraded Tiger to Leopard, Leopard to Snow Leopard, and then finally Snow Leopard to Lion. I wondered how much old legacy garbage was lurking deep in my hard drive, so I decided to do a clean install of Lion and “migrate” my applications, documents and settings from my Time Machine backup to my clean install.

After initially downloading the Lion Upgrade, I created a bootable Lion install DVD before installing Lion. This was important, as once you begin the upgrade to Lion, the source file is deleted after the upgrade is completed. So I took a deep breath, and rebooted to the Lion install DVD. I launched Disk Utility and formatted my hard drive, and then returned to the Lion installation to let it do it’s thing to on a freshly cleaned hard drive. I held my breath as it rebooted into the Lion installation, performed the initial setup, and booted to the desktop. As I suspected, the Lion had shed it’s restraints, and now ROARED! Without the encumbrances of the legacy trash, Lion was now performing as I expected and hoped it would. I restored my files from Time Machine, and started my evaluation in earnest.

In the next article, I will write a complete evaluation. Is Lion worth the upgrade? Unequivocally, YES!

http://www.2pcgeeks.com

“This device isn’t eligible for the requested build”

Is anyone getting this error in iTunes when attempting to update your iOS device, iPod Touch, iPhone or iPad? If so, please leave a comment and I will post instructions how to resolve it. I will need to know what operating system your computer is using, Windows 7, Vista or XP, Mac OS X, etc.

www.2pcgeeks.com

Are you ready to take the leap to Lion?

Is your Mac computer ready for the latest and greatest Mac OS X upgrade, Lion?

Lion offers 225 significant changes to the Mac OS X operating system, adding many user enhancements to make it even easier than ever to “just use” and enjoy your Mac.

Contact us TODAY for information on how we can assist you in installing and configuring your Mac to take advantage of this outstanding operating system.

http://2pcgeeks.com

TDL4 (rootkit) Botnet

I have cleaned this one a bunch of times since the beginning of this year. It is extremely dangerous so beware!

http://www.eweek.com/c/a/IT-Infrastructure/Sophisticated-TDL4-Botnet-Has-45-Million-Infected-Zombies-132759/?kc=rss

Www.2pcgeeks.com

URGENT: Windows users, take action immediately!

“The new Popureb Rootkit infection requires Windows reinstall”, said Microsoft in a press release today. This new infection hides in the Master Boot Record of your computer and is so insidious that when attempting to clean the infection, it will give every indication that the infection has been cleaned, but in reality will overwrite the clean file with the infected one once again. Microsoft states that to eliminate it, the MBR must be destroyed and recreated, and then Windows must be reinstalled.

So what must you do to protect yourself? First of all, run a complete virus scan on your computer, followed by a malware scan from the freely available MalwareBytes Antimalware. If your scans come up clean, IMMEDIATELY backup all of your important data to an external hard drive or burn to DVD. The better option would be to create an exact system image of your existing Windows installation that can easily be restored in case of emergency or catastrophic infection. Your data MUST be backed up BEFORE you get infected. Copying off infected files after infection is counterproductive and will only reinfect you when restored.

There are many good freeware utilities available to backup your files, such as the excellent Cobian Backup. This program will backup your documents, pictures, music, etc. If your Windows installation is damaged, you would need to reinstall Windows and your programs, and then restore your data.

However, the ideal solution is to create an exact bit by bit copy of your hard drive on to an external medium, such as a hard drive. This type of backup is called an image, as it is an exact mirror image of your hard drive, including your Windows installation as well as all of your programs, data, pictures, music and documents. In case of catastrophic failure, all you need to do is restore your image back to the computer, and it will boot to the exact point it was at when you created the image. There are many freely available imaging utilities available for Windows XP, Vista or Windows 7. However, if you are running Windows 7, there is a great imaging utility that is already included in your installation.

Folks, as the malware writers get more sophisticated, these viruses, Trojans and root kits get a lot more difficult to remove. Root kits are the most serious, as they hide themselves from the operating system and antivirus tools, making them almost undetectable. Unfortunately, even with good antivirus protection, you can easily be infected. Computer security takes on a multiple level approach to protection, including firewalls, HIPS protection, sandboxing, etc. But the most important thing is to THINK about what you are doing before you do it. Practice safe computing by not clicking on links in Facebook, opening email attachments, or not going to websites not marked as safe by Web of Trust.

Unfortunately, it has come down to not if you get infected, but when you get infected. Take action TODAY! Backup your data so you are prepared for the worst case scenario. Don’t wait until it is too late.

If you have any questions, please post a comment.

2 PC Geeks Computer Repair

File sharers beware!

This is an important reminder about downloading popular software titles via peer-to-peer file sharing programs,including music sharing services such as Limewire. P2P networks are directly responsible for transmitting a large percentage of the viruses and other malware in the wild.

By the way, I LOVE Limewire. It brings me a LOT of business and makes me a lot of money. 🙂 Seriously, how many songs can you legitimately buy from iTunes or other music vendors, for what it costs you to repair an infection on your computer?

http://krebsonsecurity.com/2011/06/software-cracks-a-great-way-to-infect-your-pc/

New Mac Malware?

Or maybe it’s just the same-old, with polymorphic (constantly changing) behavior. Here’s what I ran into today:

I think I may have stumbled onto a new rogue for Mac, or a variation of the recent, with a random name. Using the same tricks as the Windows malware writers? I did a search for lambtonshield.com, a newspaper in Sarnia, Ontario, Canada that a friend of mine had written an article for. At the top of Google’s results was a link for their website. When I clicked on the link, a download called lambtonshield.zip started downloading. Sophos Antivirus caught it as a rogue security product, you know the kind that states “You are infected. Click here to run a scan.”. YEAH Sophos! When I cleared my cache, and tried the search again, the link was now legitimate. Pretty typical behavior of SEO poisoning by the bad guys. I never would have been infected anyway, as I have disabled “Open known safe files after downloading” in Safari preferences.

But this leads me to think about the polymorphic behaviors I have encountered while cleaning Windows machines. Rogue security malware in Windows tends to change names, or randomize their names, each time a “victim” downloads one. Is this the new trend for Mac malware as well? The good news is that the file was headed to my download folder, so unless I decided to decompress the ZIP file, I was never in any danger. Remember what I mentioned above about the Safari preference? All I had to do is drag it to the trash, and then empty it. Malware gone!!!

Folks, there is no need to panic but please be careful! Macs ARE inherently safer, but common sense rules! And PLEASE make sure to download one of the free antivirus products available, either Sophos or iAntivirus. My personal favorite is Sophos,as it will detect Windows malware, and help prevent you from spreading them to your Windows friends. 😉 Just install one of these 2 products and forget about it. They will update definitions quietly behind the scenes, and never bug you unless there is a problem.

www.2pcgeeks.com

Quixey – search engine to help you find computer apps and software

Interesting new search engine to help you find programs and apps. What set this apart from other search engines is that you tell it what you want to do, and it will return a list of software titles that will help you do what you are looking for.

Quixey – Find apps that do what you want.

A Geek’s Perspective on Macs

I am a computer geek and am damn proud of it. I have many years of DOS, Windows and Linux experience, and have always enjoyed the challenges or repairing and configuring each operating system until is purrs as smoothly as a baby kitten. There is nothing I like better than drilling down through a Windows registry to hunt down and destroy elusive malware entries, or to solve operating system issues, or writing Linux configuration files, scripts or CRON jobs.

However, in 2005 my life was turned upside down and I was forever changed. That is when I first “met” Mac. While recovering from back surgery, I had a hankering to find out what all the fuss was about in the Mac community. Mac fanboys raved about there love of their favorite operating system, while the Windows geeks extolled the virtues of their favorite system. I was used to seeing the flame wars between the two groups, but really needed to see for myself what all the fuss was about. So … Much to my family’s chagrin, I ordered yet ANOTHER computer, a refurbished Mac Mini with a Core Duo Intel processor. I figured, what the heck, if I hated the Mac, I could always run Windows on it via Bootcamp, or this new Virtual Machine called Parallels. , I could also just download and install natively my favorite Linux distro and throw that on it. It was a win-win for me. 🙂

So for the next five days, while drugged up on Vicadin, I paced the floors, waiting for my delivery. It finally arrived and I was shocked at the size of the box it had come in. It must have misboxed as it is way to small to be a REAL computer! Inside the brown box was an elegant white box that housed the object of my geek infatuation. I unboxed it carefully and took note of the quality of the packaging. Boy, even the restore DVDs were housed in an elegant box. I setup the Mac Mini, plugged my existing digital monitor in, followed by my existing keyboard, mouse and Ethernet cable and turned it on. And that’s when the trouble began!

Where’s the Start Menu? What the heck is this Finder thingy? How do I get on the Internet? Oh, gotta use this Safari program? Well it seems to work OK. What the heck are all of these “I” programs for? Where is the registry? How can i fix it if it doesnt have a registry like Windows or config files like Linux? How do I install this program I just downloaded? What do you mean I just drag it to the Application folder to install it? And if I want to uninstall it, I drag it to the Trash? You’ve got to be kidding me! I hate this Mac!!! This frustration lasted for about 3 days when I finally had a revelation from my Higher Power. He said “Joe, forget all you know about Windows and Linux, take a deep breath, and pretend you don’t know anything about computers. Just explore and enjoy the experience.” And so my journey had begun.

Looking at my Mac from this different perspective, I began to realize how logical the Mac OS X graphical user interface was, and I got more comfortable with it hour by hour. I began to think to myself, if I wanted to do something, how would I do it? More times than not, my logical expectations were met with success. Hooking up my printers was very straight forward. No software was needed, as the li’l Mac already had the drivers that were needed to make them “just work.” Now for the big challenge, my old dinosaur circa 1996 SnapScan scanner. Plugged it in and son of a gun, it knew what it was. I did however download a shareware program called VueScan to give it full functionality. I still use it today. As far as all the “I” programs that came preinstalled, I found out that they were part of what Apple calls iLife. The iLife suite consists of several incredibly useful programs, such as iMovie and iPhoto. Both work very logically and are a lot of fun to use to bring out your creative side. I also began experimenting with the much maligned iTunes music player, and realized that it works fantastic on Macs, despite some of the challenges I faced when using it on Windows.

I also purchased MS Office for Mac as I was scared to take the dive into the Apple suite of office programs called iWork. Office for Mac is nothing like it’s Windows counterpart, it’s actually simple and fun to use, though it’s code leaves a lot to be desired with very slow times. The biggest difference between the Windows and Mac versions is the toolbox, or formatting palettes that are separate from the main writing window. These palettes allow you to quickly perform all of your document formatting without digging through menus and submenus. Everything you need is in a small palette just to the side of your main menu. Unfortunately, Office for Mac 2011 ruined everything by going to the “ribbon” which is no where as easy to use.

A few years ago, I took the dive and purchased iWork. The suite of office programs was a very reasonable $79, and each program is now available a la carte for $20 each via the App Store. This is also the case with the iLife apps. iWork is different from Office in that you have many more creative options available to you when creating documents, spreadsheets and presentations, and yes, they are very logical to use, similar to other Apple products.

My Mac Mini was the beginning of my love affair with Apple products. They work very logically when compared to other manufactures products, and because Apple makes both the hardware and software, you don’t have to worry about compatibility issues. No operating system is completely bullet proof, and Macs are no exception, but they have a proven record of reliability and security because of their underlying Unix core. To date, Mac OS X has never seen a virus, a few Trojans here and there, and recently an outbreak of “scareware” trying to con some into buying a rogue antivirus that is malware.

For the record, I like Windows 7 very much. It is without question the finest version of Windows to date, and I enjoy using it, for awhile that is. When I want to get some serious work done, or just goof off, I turn to my Macs, whether it be my Mac Mini, MacBook Pro or my iPad. I have been a long time Windows user, since Windows 2, so I understand and know it VERY well. But my first love is my Mac products. when I need to be productive or creative, that’s where I turn.

“Once you go Mac, you’ll never go back.” That’s my motto and I’m sticking to it. 🙂

I welcome any and all comments. But Windows users: if you’ve never used a Mac, please don’t bash them until you try one. You can’t hate anything unless you’ve tried it.

2 PC Geeks