There is really nothing new about this so called “Google Hack”.   Hacks like this have around for quite some time.  The problem is that the hackers are getting better all the time and way too many web users don’t properly secure their PC’s.  Google is singled out because it has such a large user base, but most any search engine can lead you to an infected web site. 

One common risky practice is using the search engine to get to commonly used web sites instead of typing the URL in that address bar of their browser. 

Also, unfortunately, some popular web sites become infected with malicious code that infects unsuspecting visitors.   How does one stay safe? 

Update all security related software and software with commonly exploited security vulnerabilities.   These include: 1) your firewall/ anti-virus/ anti-malware software 2) your browser 3) JAVA 4) Adobe Flash  5) Quicktime  6) Adobe Reader 7) Microsoft Office your operating system

We suggest using the Secunia PSI tool to scan your computer for these security velnerabilities and more.

This video interview spells it out pretty well.

FaceBook is very popular and there are about 400 million FaceBook users around the world.  Experts believe millions of users will fall for this attack and get infected.  Yes, that’s right – millions of FaceBook users will be infected by this targeted attack.

Unfortunately, 400 million users makes for a big opportunity for delivering malicious software.  Hence, Inboxes all over the world are being flooded with SPAM that is trying to induce FaceBook users to click on an attachment.  This attachment installs Trojans and other malware that is very dangerous to the computer user.   And unless their security software catches it, they will have no idea it is on their computer.

Our advice:

• Never clink on any link or open any attachment in any email that warns of dire consequences – be it about FaceBook or your bank, or anything else.
• Keep your anti-virus software up-to-date.
• Periodical scan your computer with a tool specially made for finding and eliminating malware.  One of the best is MalwareBytes Anti-Malware freeware version, which can be downloaded from http://www.malwarebytes.org/

Key loggers can be some of the most dangerous spyware one can have have on a computer.  They can capture every stroke you type, and that includes passwords and user names, account numbers and  credit card numbers.  Many of the creators of this nasty spyware claim that there software is undetectable.  Well, we don’t know if that is true, but true or not, there is a solution that may well save you from ID theft, bank account theft and many other potentially very serious problems caused by key loggers.

Give yourself some piece of mind and install KeyScrambler from http://www.qfxsoftware.com/.   The free version protects Internet Explorer and Firefox.  Paid versions are available that protect much more software, including Microsoft Office and numerous other programs.  We have been testing it for a couple of weeks and have found no problems.  We have not tested its ability to foil key loggers, but it comes with some good recommendations.   And we are going to give it ours also.  Check it out.

After dealing with a number of machines with serious performance issues with Internet Explorer, we have come up with a solution.  Clear out the Restricted Zone. This is especially necessary with Internet Explorer 8.

It helps to use a utility that can clear out the Restricted Zone in mass.  We have used ZonedOut by http://www.funkytoad.com/ .  It is a simple tool that makes it much easier to manage a large Restricted Zone, or delete all entries at once.  It also provides you with an easy way to back up your zone entries before deleting them, so they can be edited and reimporting.  Or if you just want to clear the zone for testing.

Normally I wouldn’t recommend doing this, because the restricted zone can be a good tool for keeping out the bad guys.  But clearing it out improved the performance of Internet Explorer ( and also any browser that uses the IE engine, such as Maxthon).  On one of our machines, IE was taking about 25-30 seconds to open.  After clearing out the Restricted Zone, it opens in about 5 seconds.

Then use the built in tools in IE8, or use a safe surfing security tool such as provided in many security suites and anti-virus software and firewalls.  Just try not to use more than one, or they start tripping over one another.  Same with having multiple tool bars, like Google and Yahoo.  Don’t use more than one.

UPDATE:

If you use any security software that adds to the Restricted Sites list in Internet Explorer, you may want to modify its settings to prevent this.  We have found that Spybot Search and Destroy will add about 10 to 15 thousand sites to that list, and Spyware Blaster will add tons more.    In Spybot, go to the Immunizations tab and uncheck the domains for all users on your computer.  In Spyware Blaster, you can disable this by by disabling protections for Res triced Sites. Is that a good idea?  Depends on what your other security software does for you. But, if you don’t, these programs will add thousands of sites back to the list ASAP, and IE will again be slowed to a crawl.

UPDATE 2:  It appears that this slow starting issue  is resolved or at least significantly reduced in the latest versions of Spybot and Spyware Blaster.  In fact, it Spyware Blaster seems to have contributed little to this problem, and we recommend users return to full protection with both of these important security programs.

This video may give you a good idea as to why updating is important.

It is incredibly important to keep *all* the software on your computer updated on a very regular basis.  Do not leave this to chance.  Do not rely on programs to update themselves. 

Do use tools like Secunia PSI.  Secunia PSI can help you keep a lot of these programs up to date.  We highly recommend this tool, found at: http://secunia.com/vulnerability_scanning/personal/

 Do insure that you have the latest anti-virus software and  keep it updated with current definitions.

There is a list of software that *must* be updated on a regular basis (if installed):

• Sun Java Runtime
• Adobe Flash
• Adobe Reader
• Your computers operating system, be it XP, Vista, MAC OS, Linux or whatever.
• Your browser, be it IE, Firefox, Opera or whatever
• QuickTime
• Spybot Search and Destroy Immunization definitions
• Spyware Blaster
• Your antivirus software
• Your firewall softwares
• Your Security suite, it that is what you use
• CCleaner or whatever temp file and registry cleaner you may use
• Any other anti-spyware software you may use
• WordPress, or any server based blogging  or similar tools you may use

http://www.myantispyware.com/

This site provides a number of excellent tools for defeating Malware.  We highly recommend it.

Secunia, the leading vulnerability intelligence provider in the world, has provided one of the best free tools for securing a computer. this tool, called the Secunia PSI is a free security tool designed with the sole purpose of helping to secure your computer against vulnerabilities in programs.

It will scan your computer, rather quickly I might add, for programs that have known security vulnerabilities. It will then provide you with options fixing the problem..

Keeping the programs on your computer patched for security vulnerabilities is a very important proactive means of keeping your computer secure, and the Secunia PSI is a tremendous help in the regard. We have added it to our standard set of security tools, and run it on all computers that we repair or maintain.

We highly recommend it.

The Secunia PSI can be downloaded at the following web site. Please note that there is also an online scanner available.

http://secunia.com/vulnerability_scanning/

The bad news is that, Yes, AVG Anti-Virus Free Edition must be upgraded to version 8 by May 29, 2008.

The good news is that AVG Free is still free.  Now that may seem redundant, but lots of folks thought AVG Free was going away when they had to upgrade to version 7.0.  In fact, ever one of my customers who were using AVG free at that time, thought they had to pay for the new version.  Not true then, and not true now.

AVG Free Version is still alive and well.  Just download AVG Free, version 8 before May 29 and install it.  There is no need to uninstall version 7.5 before installing version 8.   The installation routine will find your old version and uninstall it automatically.

The following link will take you to the download page:  http://free.grisoft.com/ww.download?prd=afe

A nifty little program, Spy-The-Spy, monitors your C:\windows folder (or any folder you designate) for new or changed .dll or .exe files.

It will tell you instantly if files are added or modified.  Use it careful, and understand what is does and does not do.

From the author:

“But I want to know the very moment something is being installed on my computer. It is sad that Windows while trying to be friendly is quiet about things that are being added. I don’t care if it is legit application or not. Obviously if I am installing application, I expect it to add some files to Windows or Program Files. No surprise. But I am just browsing web and application is secretly added and run while Windows is fine with it?

Monitor my Windows
So I build an application that when it is running it simply monitors system folders for any new exe’s or dll’s being added or renamed: For example Windows and System32 folder is the main harbour for these bugs, but also Program Files or Documents and Settings.”

For more info and to download this program, please visit the authors site:

http://www.mediachance.com/free/spythespy.htm