A Unique Take on Infections - Image From SunBelt Software (VIPRE Antivirus)

While on calls in Beaverton or elsewhere, I always get the dreaded “How’d I get infected?” question. Unfortunately, it’s too broad of a question to answer the right way.

The reason I say this is that there could be hundreds of programs installed, each with their own security problems, windows updates missing, Antivirus and anti-spyware programs missing or not updated, firewalls turned off, etc.

Then, we have the “Adobe Affect”. I call it this as a lot of security researchers feel that the majority of attacks will come from Adobe this year. On top of this, there is a huge amount of vulnerabilities in the Adobe Software already. Unfortunately, the software company is typically slow to release security patches as well, so Zero-day flaws, are slow to be fixed.

Today, Sunbelt Software, the writers of VIPRE Antivirus, notified their followers, via their blog, of a flaw that allows attackers to get into your computer after the Adobe Updater Runs. That’s right ladies and gents, the simple fact of updating Adobe to patch security issues can now infect your computer. How to stop this issue? First, reboot if you see that Abode has updated.

It’s sad to see such software cause infections. Adobe Flash and Reader are some of the most popular programs installed on computers today. Well, it’s not sad – I should say that it’s disheartening. Adobe has a huge target on their back, just like Microsoft. Sadly, Adobe doesn’t really seem to be taking the issues head on, like Microsoft does with their anti-spyware, IE page blocking, etc.

So, the moral of the story is – don’t trust any software to be perfect. The more software that is installed, the bigger the target you have on your back. Keep your computer updated and for peets sake – STOP running in Admin mode with UAC turned off!
Justin

So, with the advent of all the video floating around the web, there is a new scam floating around as well. It specifically attempts to attack Flash, which is installed on roughly 90% of all the home computers online. As the screen shot points out, the attacking website may get you to “Fix” or install a plugin to get the video to work. Sneaky stuff.

Why am I hitting on the whole Spyware/Virus issue lately? Because this is the number one thing we’re seeing right now. More specifically: Fake Antivirus software that attempts to get your credit card information, shows you Pornography, etc.

As always, if you have questions, please let us know.
Justin

It seems that other computer repair companies in Portland are just starting to see this malware/spyware/virus as well. Protocol16 has clean at least 40 computers infected by this stuff as a lot of people are getting it, and that doesn’t count all the virtual computers we infected studying it (see the video link below for a sample of one of those tests). First – DON’T give your credit card info away! Second, write down our number and just turn the power off on the computer – don’t bother waiting for Windows to shut down.

Give us a call, we’re very experienced with this “software”, as it’s a reincarnation of several other types of programs. Antivirus 2010 is not the only version of this stuff out there, so be careful.

We started studying this software, and others like it, back in October when it first started to become a problem. In fact, we posted a video about how you get infected and what it does (luckily, I stopped recording before the Porn pop-ups started).

The fix for this is normally pretty quick as we have a lot of experience with it. In fact, our latest customer paid less than our hourly fee (currently $70), complete with pickup, cleaning (physically and removing the Antivirus software), updates to several types of programs and drop off… And all that was on our busiest day yet, a record breaker for us.

Give us a call and we’ll be glad to help out: 503-524-9047.
Justin