U.S. Bank Accounts Siphoned to China by Cyber Criminals

PC Virus Doctors' Dallas Computer Repair is hardly shocked to learn that millions of American dollars has been siphoned off to Chinese cyber criminals, according to an article on BankInfoSecurity.com. There were 20 incidents that were involved in Chinese wire fraud between March '10 and April '11 ranging from under $100,000 to just under a million dollars.

The FBI has issued advisory warning to the latest attacks which deploy phishing attacks. Zeus, Spybot and backdor.bot are deployed through emails or visiting an infected website where the malware is downloaded and installed. After the malware installation, other malware may be downloaded and the machine is now readied for remote control.

The malware now can log keystrokes, gather bank information and steal tokin id's in order to successfully act as if the wire transfers are actually intitiated by the victim and sent to the perpetrators in China who are situated in port cities close to Russia.

Dallas Computer Repair recommends constantly updated the latest virus and anti-malware signatures in order to have the best computer defense as possible.

Cyber Attack- Iran Finds Second Virus- Stars

Iran has identified a second virus that they have named 'Stars', Yahoo reports. The head of the Iranian military unit in charge of combatting sabotage, Gholam Reza Jalali, says that their experts have not finalized the analysis of the "espionage virus" they call "Stars". Jalali did not report what facilities or equipment the malware targeted or when it was first detected.

Jalali, head of the "Passive Defense" unit dealing mainly with counter sabotage, downplayed the payload, a virus term meaning the destructive properties of the malware. Jalali did report that initially the virus would deliver minimal damage and the file may be mistaken for executable government organization files.

Jalali also reports that a second unit has been setup by Iran's Ministry of Information Technology and Telecommunications to disseminate the malware and fully examine the delivery and payload of the destructive virus.

Last year, Stuxnet, a powerfully destructive worm, hit the nuclear facilities in Iran that had the potential to completely shut down the centrifuges that make the uranium. Iran has said it has identified the malware/virus/worm authors as coming from two countries, the United States and Israel. Jalali reports that Stuxnet had the ability to cause a large-scale industrial accident and the potential for loss of life.

Stuxnet's payload was to play back pre-recorded data that was then monitored by machine and human while the centrifuges starting spinning faster and faster that would overload the physical machines and cause overheating and eventual failure.

PC Virus Doctors wonders if the name "Stars" for the virus was actually what they saw when they discovered the malware residing on the Iranian computers.

iPhone Tracking Data Deletion Tool

Much information has emerged over the last several days in relation to iPhones and iPads tracking user data location and logging and mapping data points over time. One new iphone app has come forth from Canadian Ryan Petrich, a programmer according to Cnet, who quickly came to the rescue for privacy rights. The application only works on jail-broken iPhones, however.

The application may be downloaded from a link in the Cnet article. The program is an unofficial Apple App that is not available through Apple's official store. The Apple app runs in a "daemon" environment that runs in the background consistantly deleting the "consolidated.db" tracking data file. The U.S. Senators and Representatives of Congress that have taken issue with Apple and Steve Jobs for storing tracking data but these type of available 'data deletion programs' should give Congress some type of "fix" if the data tracking files are deemed invasive.

iPhone and iPad users may also find positive features to the GPS data tracking:

• parents could monitor children's whereabouts
• if Apple iPhone or iPad users are victimized it could possibly help in solving crimes because of the absolute proof at "approximately" the time and location of the i-device during specified time lapses.
• if the Apple tech device is stolen and later retrieved the criminal and his known associates could be identified
• Apple users could "prove" to their employeer where they were during certain times if outside the office
• Users could log their "mileage"

We are curious why no similar option for data tracking deletion is built-in to the iOS4.

Coreflood Reminder and Fix

Users need beware and continue to lookout for botnets and to ensure our PCs are not infected by updating and running antimalware and antivirus scanners, the more the better. Several legitmate malware scanners and antivirus scanners that can run independently will significantly reduce the numbers of malware.

The U.S. Government stepped in to dismantle the malware installed on U.S. citizens which appears to be unprecedented according to an article on Wired.com. It appears that ISC.org took controls over from the originating server to mimic them and then send a "shutdown command" to all the client/individual PCs over the internet.

According to Wired.com, the infected owners of the offending computers will be notified of the infection and removal instructions.

PC Virus Doctors' Dallas Computer Repair recommends the following to get rid of the botnet worm/malware by downloading, updating and scanning with:

1. Spybot S&D
2. Malwarebytes

Users having problems with Coreflood are welcome to call PC Virus Doctors.

Dallas Computer Repair- Power Supply Replacement

PCVD's Dallas Computer Repair can help assist in times of power failure with desktops in diagnosing power supply (P/S) failure. If the power supply fails and there is no lights on the front chassis of the computer OR the motherboard then it is time for the ultimate test. The following steps call for a known-working power supply with the minimum amount of wattage, preferably 350 watts to be safe, just for testing purposes but not full-out performance.

NOTE: the old style power connectors to peripherals around the motherboard connected by cable have the 4-pin connection. The newer style power connections are "L" shaped.

***NOW DISCONNECT THE POWER CORD FROM THE POWER SUPPLY (P/S):

The next step is to take a preliminary assessment where the power cords connect from the power supply and connect to the peripherals surrounding the motherboard, such as:

• DVD or CD drives
• hard drive(s)
• ATX main power cord
• 4-pin port

*Users can accomplish each step by aligning the new power supply on the computer laid on its side and removing each connection one at a time and replacing each connection with the new power supply one at a time.

The physical access to the internal personal computer may be accomplished by:

1. Identifying the entry into the inside whether by screws or a "latch" located on the top, back (the power supply side) or possibly the top and bottom latches compressed simultaneously. Remove these screws on ONE side of the computer to access the interior or depress the latch(es) to remove the panel to the chassis; MOST OFTEN THE LEFT PANEL IF THE PC IS FACING FORWARD.
2. Disconnect the top power connector on the interior front panel of the desktop, regardless if its a 4-pin or SATA power connector, and label if needed (the top most powered peripheral should be the DVD or CD drive). You will most likely have one or two DVD or CD player/recorders.
3. Working from the top of the computer down, after the top drives, listed in the above step #2, then we disconnect the power from the hard drives that hold the data; once again the same type "L" connector, just pull gently but firmly.
4. Next is the ATX or similar power connector to the motherboard that is a cable with around 16 wires going into a long, rectangular connector. [A] DEPRESS the clip that secures the wire harness to the motherboard. **Note how this connector is connected. [B] there may be a second 4-pin connector that completes the power connection to the motherboard that is located directly next to the larger power harness noted in [A].
5. There is another 4-pin connector located around the CPU that needs to be disconnected also.

The power may now be plugged into the power supply and tested.

***BE SURE EVERYTHING IS PLUGGED IN SECURELY AND GROUNDED.***

Remember if there is a power issue or power supply failure, it could effect the hard drive and data recovery may be in the forecast.

Any computer problems call Computer Repair Dallas.

IE9 Not Supported for XP

IE9 is not XP compatible: PC Virus Doctors are sad to announce that IE9, Internet Explorer 9, will not be available to XP users. It is our utmost regret this has happened but according to others it is time to upgrade Microsoft operating systems and go to Windows 7. Our Dallas Computer Repair Shop always made sure all XP users had the latest Windows browser but the last version compatible for XP, IE8, will be the last available Internet Explorer version available.

PC Virus Doctors have found reasonably priced Windows 7 operating systems (OS) for sale, however, your hardware is best to be "up-to-date" in order to accommodate the OS. Windows 7 is not so compatible with hardware that is antiquated. It is time to bear all, personal computer users and home office professionals.

If your hardware, meaning, printer, plotter, external drive cases, etc,, will not be recognized in the new system or if recognized will not perform properly then you should update the hardware to avoid a painful experience of configuration. If you encounter compatibility issues with Win 7 and your system then call us.

Windows Repair- Rogue Microsoft Program

PC Virus Doctors' computer repair in Dallas recently encountered Windows Repair, a fake Microsoft product on a Hewlett-Packard laptop. The malware was particularly difficult as it was accompanied with a rootkit and what appears to be dirty code that knocked out part of the file table structure leaving blank folders although the information was there and able to be accessed through our proprietary means.

This rogue program attempts to imitate Microsoft products but after a few minutes users understand that this is bribeware that is attempting to extort money from unknowing users.

The NTFS was in such bad shape that data recovery had to be performed. Also, the recovery disk would not install so the next move is to wipe the data and attempt a reinstall.