Archive for the ‘Computer Virus’ Category

« Previous PageNext Page »

Keeping your computer virus free

Posted by South City Computer

The best way to deal with a virus is to not have to deal with one in the first place. However, in the event that your computer does get infected you should always have the tools to deal with it. In this article I’ll go over several tips to help prevent you from getting a virus.

To start off with, you’ll want to find an anti-virus program. If you have any Windows operating system installed I would recommend downloading the Microsoft Security Essentials anti-virus. It’s free and works very well with Windows. Other anti-virus programs that are popular and offer free versions are AVG, Avast, Kaspersky, Malwarebytes Anti-Malware and my personal favorite SuperAntiSpyware. The aforementioned anti-virus software will scan and remove viruses, malware, and spyware. Spyware will sit on your computer and send information about you to a website. Malware is defined as any “mal”icious software that tries to harm your computer. No matter which program you choose, always remember to update it! An anti-virus with definitions from last year will be pretty useless.

Next, we will talk about tips to prevent your pc from getting infected.

  • Don’t download anything from a site you don’t trust
  • Don’t click on a link in an email from someone you don’t know
  • Make sure to click the correct link when downloading something
  • When entering login information on a site such as Facebook or the very popular Google+ look to make sure that you are on the correct site. “www.facebook.com/login” and “www.plus.google.com” respectively

The last tip on the list is a method known as “phishing” where people trick you into thinking you are on a site you trust by making them look similar and getting you to type in your login info.

One of the most common ways I’ve seen people get viruses lately is from couponing. Never download coupon software and try to avoid going to coupon sites.

Overall just be wary when on a site you do not commonly browse and you can save yourself the time and headache that comes with getting a virus.

In the event that your computer does get a virus simply running a virus scan may not actually remove the virus. A lot of the time it will only get part of the virus or the virus will keep reinstalling itself. If you do suspect that you have a virus it’s always best to bring it to a professional, like any tech at South City Computer, and we can remove it for you. We can even recover data from a hard drive if the virus is bad enough.

Can’t create new folder virus

Posted by South City Computer

Right-click, new, and…. the folder option is missing? Ctrl+Shift+N but all you get is a quick thinking mouse icon before nothing happens.

Not being able to create a new folder can be very annoying, a big waste of your time, and an almost paralyzing experience in a users computer work-flow. Whether it was a virus that caused it or an Adobe update the result is the same, no new folders.

There is no quick fix to this problem, for the average user, as most of the time it resides in Registry of a computer. This problem stems from this subkey:

HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\New\

Editing your registry can cause serious damage to the system and cause many core components of Windows not to work correctly. I would not change anything in the registry unless you create a backup and are very comfortable with it.

DIY Fix

This problem is just a symptom and is most commonly caused by either a virus or the latest Adobe update. The first thing you should do is scan you computer with an anti-virus software. If it comes up clean you can try to uninstall the latest update for Adobe and then reinstall it. If your computer does however have a virus then you will not be able to create new folders until the registry problem is fixed. If any of this was too complicated or you just don’t want to risk further damage you can always  bring your computer into South City Computer and we will easily remove the virus, tune up your computer, and fix any problems you have.

Windows Repair in St. Louis

Posted by South City Computer

South City Computer can fix your computer.South City Computer offers Windows repair services to the St. Louis metro area. South City Computer can fix all Microsoft Windows versions including Windows 10, Windows 8.1, Windows 7, Windows Vista, and Windows XP. Contact South City Computer for Windows repair services today!

Microsoft Windows is the most commonly used and therefore the most targeted computer operating system and often requires repair and support services. Some of the most common Windows repair issues are the infamous “Blue Screen of Death”, “BSOD”, or also known as the “Blue Screen”, or a black screen and blinking cursor issue and black screen with mouse cursor. Windows can sometimes fail to start and needs service. Sometimes the Windows operating system will only be able to boot into “safe mode” because possibly a system file has become corrupt or was deleted by a computer virus. Another very common Windows issue is that the network connection or the wifi “wireless” internet connection has stopped working and therefore the Internet stops working on the Windows computer. Most computer viruses are targeted at Windows computers since they are the most commonly used. Windows start menu is missing or will no locks up. Windows device drivers also become corrupt or have been deleted and need to be repaired. Windows user profile has become corrupted and can no longer access the desktop. Windows is slow and unresponsive. Windows can get stuck in an update and never boot again.

If you are using Windows XP, you may have noticed that it has become difficult, or impossible to run Windows Update. Microsoft announced some time ago that they had discontinued all support and updates for Windows XP, and that they had officially “end of lifed” the Windows XP operating system. Unfortunately this causes many issues for Windows XP users that still rely on Windows XP because they are invested in software that will only run on Windows XP, and therfore cannot upgrade to Window Vista, Windows 7, Windows 8, or Windows 10.

Windows computer users may notice big user interface changes when moving into the Windows 8.1, or Windows 10 operating system. A new “Start screen”, similar to the one on the Windows Phone OS, includes live application tiles which some users find confusing when compared to the classic Windows desktop. While this is not a malfunction of the Windows 8.1 and Windows 10 operating system, it is rather a new feature that can seem confusing to some Windows 7 and Windows Vista users who are familiar with the classic Windows desktop and start menu.

Many of these are common issues of Microsoft Windows and can be repaired by the expert computer technicians at South City Computer. If you are experiencing any Windows issues, and need expert PC repair and computer support services then bring your computer to South City Computer today!

How to fix renamed files after virus

Posted by South City Computer

One of our friends brought in a computer where a virus had renamed all of his files so that they appeared as a .html file. He had thousands of files so doing this manually was out of the question so he came to us to write a program to do it. Below is the program we used to strip the .html extension recursively from all of his files.

find -name "*.html" -print0 | xargs -0 rename 's/\.html//'

If we knew all of his files had the extension .html appended, then we may have done something like this. But upon closer inspection only some files had been renamed.

find -maxdepth 1 -type f | sed ‘s/.\///g’| grep -E [.] | while read file; do mv $file ${file%%.*}; done

Alert: Fake Anti Virus Software

Posted by South City Computer

Avasoft Professional Fake Anti-VirusOver the past couple years there have been a number of computer viruses that appear to be anti-virus software. The programs will appear to be scanning your computer and finding many computer viruses, trojans, and worms. Some of these fake anit-virus programs will even turn off the network connection until a payment is made into a phishing website.

Computer Virus

Computer virus mimicing anti-virus software

Fake Anti-Virus programs can appear to be “very similiar” to real anti-virus software programs to most computer users. However they are NOT really anti-virus software at all, and do not find viruses and worms on your computer, but instead are fake/phoney interfaces meant to scam you into divulging your personal identity and credit card information. It is very important you do not fall for this type of Internet scam, as it could cost you big and cause you future problems.

This past week a computer came into South City Computer with a fake anti-virus program called Avasoft Professional Antivirus. The customer understood this was a fake anti-virus program and immediately brought her computer in to have her data backed up and the computer fully restored to factory defaults to insure the program would longer infect her computer.

If you think your computer may have fake antivirus software on it, bring it to South City Computer today!

Fake Secure Email Notification

Posted by South City Computer

Today I received an email saying I had a secure message waiting for me from Fiserv, Inc. ( a global provider of financial services technology), and I needed to download and open the attached zip file to view it. While it is possible Fiserv would want to communicate via a secure system, I have not ever done any business with Fiserv, so my scam flags were already set off.

Here is the body of the email message I received:

Subject: Fiserv Secure Email Notification – 2QTENYPDRS226IB

Message: “Encryption

You have received a secure message

Read your secure message by opening the attachment, Notification_2QTENYPDRS226IB.zip. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it in a Web browser. To access from a mobile device, forward this message to mobile@res.fiserv.com to receive a mobile login URL.

If you have concerns about the validity of this message, please contact the sender directly. For questions about secure e-mail encryption service, please contact technical support at 888.015.2496.

2000-2013 Fiserv Secure Systems, Inc. All rights reserved.”

Of course I did NOT open the attached zip file called:
Notification_2QTENYPDRS226IB.zip

This zip file most likely contains a virus that will execute when the zip directory is extracted onto the computer.

I did futher investigation into the email headers and found:

Received: from unknown (HELO smtpout.zixmail.net) (63.71.8.106) by zimx.onyxlight.net with SMTP; Tue, 2 Apr 2013 22:14:52 +0500

Now I can be pretty sure that this is a hoax email scam meant to only spread a computer virus onto an unsuspecting users computer.

I did a quick Google search about this particular email virus scam and found an interesting Threat Outbreak Alert from Cisco in Feburary 2013:

“Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a secure message for the recipient. The text in the e-mail message attempts to convince the recipient to open the attachment and view the message. However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the system with malicious code.

E-mail messages that are related to this threat (RuleID5286) may contain the following files:

Notification_K8XDS9NY.zip
EncryptedMessage.exe

The EncryptedMessage.exe file in the Notification_K8XDS9NY.zip attachment has a file size of 132,096 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xB20694AA43ED58B3550777DCF3ADB102

The following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject: Fiserv Secure Email Notification – 232113549

Message Body:

Encryption
You have received a secure message
Read your secure message by opening the attachment, Notification_232113549.zip. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it in a Web browser. To access from a mobile device, forward this message to mobile@res.fiserv.com to receive a mobile login URL.
If you have concerns about the validity of this message, please contact the sender directly. For questions about secure e-mail encryption service, please contact technical support at 888.492.1202.
2000-2013 Fiserv Secure Systems, Inc. All rights reserved.

Cisco Security Intelligence Operations analysts examine real-world e-mail traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global e-mail security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases.

Cisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. E-mail that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam e-mail and hostile web URLs from being passed to the end user.”

BEWARE of emails that seem suspicious that try to get you to download and execute a file. It is highly unlikely any business would communicate with you in this fashion. If you have received an email like the one in this article and you downloaded the email attachment, bring your computer into South City Computer today for a virus scan and virus removal, as your computer is probably infected with a computer virus, and could be performing malicious or illegal activity without your knowledge.

Schnucks Falls Victim of Cyberattack

Posted by South City Computer

Last week the news stories broke all over the St. Louis metro area about people’s credit card number being stolen and fraudulent charges being made. The common thread of all of these fraudulent charges was these cards were also used at Schnucks Markets in St. Louis, Missouri. According to a press release on Schnucks.com from March 30, 2013, Schnucks CEO Scott Schnucks says “After extensive review, we confirmed that Schnucks was the victim of a cyberattack”.

Why would Schnucks supermarket store your credit card information in a centralized database system that could fall victim to cybercrimes and hacking? Most stores take in credit card information encoded on the magnetic stripe at the point of sale and store this information temporarily until all transactions are batched out. They do this to keep banking fees at a minimum for charging credit cards, unfortunately this means that your credit card information is being stored for a period of time, which in turn means it can be hacked and stolen, which is exactly what happened to Schnucks.

If you have fallen victim to this cyberattack, you will need to cancel your credit card and get a new one, as the cybercriminal will still be able to use your credit card number to make fraudulent purchases until the card has been canceled.

This is the official Press Release from Schnucks:

“ST. LOUIS – Schnucks announced today that it has “found and contained” the issue behind the reports of unauthorized access to payment card information at Schnucks, and it has taken comprehensive measures designed to block any further access. The computer forensic firm that Schnucks engaged found evidence of computer code that would capture the magnetic stripe data on the back of payment cards. Now that the issue has been identified and contained, the investigation will turn to determining for how long the issue existed and which stores were affected. Customers can continue to use credit and debit cards at Schnucks.

“After an extensive review, we confirmed that Schnucks was the victim of a cyberattack,” said Chairman and CEO Scott Schnuck. “We have identified the issue and taken comprehensive measures to contain the incident. We are cooperating with law enforcement, the Missouri Attorney General’s Office, and the credit card companies to determine the scope and magnitude of this crime and apprehend those individuals making fraudulent purchases. We have been told by the computer forensics expert that the security enhancements we have implemented in the last 48 hours are designed to block this attack from continuing. Our customers can continue using credit and debit cards at our stores. We apologize for any inconvenience this may have caused our customers, and we thank each of them for their patience while we worked hard to investigate their concerns.”

Schnucks advises that if customers suspect their cards may have been compromised, they should immediately contact their credit or debit card company, typically a bank or credit union.

Founded in St. Louis in 1939, Schnuck Markets, Inc. operates 100 stores (including five Logli and six Hilander stores) and 96 in-store pharmacies in Missouri, Illinois, Indiana, Wisconsin and Iowa. Follow Schnucks on Facebook at www.facebook.com/Schnucks.”

The official press release webpage.

Over 2 Million Cards stolen from Schnucks – StLouisPublicRadio.org

Don’t Fall Victim to Paypal Phishing Scams

Posted by South City Computer

Paypal has warned of recent phishing scam emails that are being sent to unsuspecting Paypal users that look real, but describe a strange transaction that was probably never made. Here is an official statement from the Paypal.com website about this particular type of scam:

“You may receive a fake email that claims to be from PayPal. Sending fake emails is called “phishing” because the sender is “fishing” for your personal information.

The email may ask you to:

Visit a fake or “spoof” website and enter personal information.
Call a fake Customer Service number.
Click an attachment that installs malicious software on your computer.

If you suspect an email is fake, don’t open it. Don’t reply to the email, click any links, or download any attachments. If you have clicked a link or opened an attachment from a suspicious email, report the phishing email or spoof site as soon as possible so we can help protect you and other PayPal members. Please forward any suspicious emails to spoof@paypal.com. Then, delete the suspect email.”

Here is an example of the email that comes into your inbox.
Paypal Scam Email

You can see the email looks pretty real. It would show the Paypal logos and everything if I had allowed it to download the images, but DON’T LET IT DOWNLOAD THE IMAGES IF YOU CAN HELP IT. This could trigger a notice to the scammer that you indeed opened the email, your email address is a real working address, and they now may try to send more scamming attempts to your email address. It is best to not give the scammer any more information than they already have.

Most people would immediately be concerned that their Paypal may have been hacked since they would have no recollection of sending a payment as the email describes. This could lead the unsuspecting user to click on a link in the email that does not take them to Paypal.com but instead to an imposter website that was made to look like Paypal.com asking the user to put in their account login information. OR the user may hit reply to probe for more information. DO NOT CLICK ON ANY LINKS OR IMAGES IN THE EMAIL AND DO NOT REPLY TO THE EMAIL or you may fall right into the scammers trap.

Paypal Email Scam HeaderHow can you tell this email is a scam? Look at the email headers. Upon digging into the email header, this email shows us its ugly secret. The email return path and the originating email server both point to a .ru (Russian) domain that was from a “rogue” email script running on that server. This should be more than adequate proof that this email is a hoax, and that it should immediately be deleted and/or reported to Paypal.com by forwarding the suspicious message to “spoof@paypal.com”. The server that the message originated has more than likely been compromised, and the owner of the server probably has no idea that the server is attempting to phish for Paypal account information.

What to do if you clicked on a link or put your Paypal Account information into the hoax website

  • First, immediately login to your Paypal account and change your password. Notify Paypal that you think your account may have been compromised so that they can take the necessary precautions to protect you and your identity.
  • Second, you will probably want to have your computer scanned for any malware that could have been installed as a result of visiting the phishing website. Bring your computer to South City Computer for computer repair service to be scanned for viruses, trojans and other malware that could infect your computer.
  • Third, if you notice any Paypal account transactions that were not from your use of Paypal, notify Paypal immediately, and if the crime against you was serious enough, contact your local law enforcement to inform them of the computer crime against you. It may be possible for law enforcement to entrap the scammer and prevent them from scamming others in the future.

This advice was also given from Paypal.com website:

“How to protect yourself from fake emails

When you aren’t sure if you can trust an email claiming to be from PayPal, here are 2 guidelines that can help you to spot the real from the fake:

PayPal emails will always use your first and last name, or your business’s name.
PayPal emails will never ask for your personal or account information such as credit or debit card numbers, bank account details, driver’s license number, email addresses, or passwords.

Never click a link in an email that requests personal information.

Any time you receive an email about your PayPal account, the safest and easiest thing to do is to open a new browser, enter https://www.paypal.com, and log in to your account. You can also send us an email by clicking on the “Contact Us” link at the bottom of every PayPal webpage.”

The Internet is like the “Wild-West” of the modern world. Nobody likes to be cheated robbed or fall victim to a phishing scam. Be alert of what you are doing, suspicious at all times, and overly cautious. Remember, if it looks fake (or too real), but doesn’t seem quite right, it probably is fake.

Don’t Fall for the FedEx Computer Virus

Posted by South City Computer

FedEx officially released this statement on their website about this particular computer virus scam:

“Be alert for fraudulent e-mails claiming to be from FedEx regarding a package that could not be delivered. These e-mails ask the receiver to open an attachment in order to obtain the airbill or invoice for picking up the package. The attachment contained in this type of e-mail activates a virus. DO NOT OPEN the attachment. Instead, delete the e-mail immediately.”

If you weren’t expecting a delivery from FedEx, this virus can be easily identified as a knock-off scam, however if coincidentally you were expecting a package, this could turn into a silly mistake that could cost you.

Basically what happens is an email comes to your inbox that appears to be a legitimate FedEx delivery email that includes an attachment said to be a tracking receipt.

Here is an example of the FedEx Scam email text:

“FedEx

Tracking ID: 5521-93679984
Date: Monday, 25 February 2013, 10:22 AM

Dear Client,

Your parcel has arrived at February 27.Courier was unable to deliver the parcel to you at 27 February 06:33 PM.

To receive your parcel, please, print this receipt and go to the nearest office.

Print Receipt

Best Regards, The FedEx Team.

FedEx 1995-2013”

DO NOT OPEN THE ATTACHMENT! This attachment could contain a virus. This is just an example of many different email scam viruses currently going around the internet. If you were scammed into clicking on the attachment, it may not be too late to rescue your data, and recover your computer. Bring your computer into Ivanhoe Computers for computer repair service if you think you may have downloaded the FedEx virus.

Need help removing a computer virus?

Posted by South City Computer

Do you think you may have opened a virus file disguised as an image or document file from a trusted email? Is your computer no longer functioning normal, like it used to? Does your computer seem like it is constantly doing something even when you are not using it? Your computer might be infected with a computer virus.

A computer virus is a computer software known also as malware that can sometimes replicate itself and spread from one computer to another. The term Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware, malicious or unwanted software, true viruses, adware and spyware programs that do not have a reproductive ability.

Many computer problems are the result of a computer virus. This is a list of common signs of an virus infection you should watch for:

  • The computer runs slower than normal
  • The computer stops responding or freezes up
  • The computer cannot connect to the Internet
  • The computer has limited to no network connectivity
  • Internet Explorer will no longer connect to the Internet
  • The computer is crashing and restarting often
  • The computer restarts on its own and is not running normally
  • Your files seem to have disappeared
  • There are other system users available at start-up
  • Software on your computer is not functioning correctly
  • Strange support software pops up when running Microsoft Office
  • Hardrives or recovery partitions are inaccessible
  • The computer will no longer print correctly
  • The computer has unusual error messages, strange anti-virus and anti-spyware programs running, or is showing pop-ups
  • The computer is showing alternate window borders, and strange menus that are not normally there.
  • Rouge security software is running on the computer
  • Your email contacts have been receiving strange emails from you that you did not send

If you know your computer has been compromised at some point or if you are experiencing any combination of these signs, your computer may be infected by a computer virus. Bring your computer to Ivanhoe Computers today for a virus scan and removal!

« Previous PageNext Page »
// //
//