GETACLUE
Unfortunately I only caught the tail-end of the 1st segment of 60 minutes this past Sunday which was about this Malware called 'Confiker'. Does anyone have info on something they mentioned about some event/action will happen to dormant sleeper infections on April 1st, April Fools Day? Will my Mcafee scan & firewall w/Yahoo at&t protect me? Any helpful info would be appreciated.
Ty BillM, so if I understand you correctly, does this mean it could be hidden in ANY e-mail from a friendly source?
Answer
get a clue,What Happens on April 1, 2009?
Computers previously infected with the Conficker worm will begin to use specially crafted instructions to contact web domains owned by the attackers with the intent to find ways to spread (worm) Conficker to other computers to infect.
What does the Conficker worm do?
We donât know the purpose of the Conficker worm. We have evidence that the creators of the worm can connect to an infected computer to remotely install software and possibly steal information. What will that software do? Most likely the worm will be used to create a botnet that will be ârentedâ out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.
The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malwareâs creator. The worm then tries to spread itself to other computers on the same network.
How does the worm infect a computer?
Conficker, also known as the Downadup worm, tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.
Who is at risk?
Users whose computers are not fully patched and receiving updates from GDITâs System Management agent (SCCM) or directly from Microsoft and who are not running an up to date antivirus product are most at risk.
Ensure your Symantec Antivirus is up-to-date and actively running.
1. Your Symantec Antivirus program should be configured to receive updated signatures that have the latest information to identify and prevent th <<image001.jpg>> e variant of the worm from running on your computer. Please follow these instructions to help determine if your Symantec AV program is up-to-date (you must be connected to the Internet):
1. From your computer, open the Symantec AV console (from the system tray double-click the yellow, PC mouse-looking icon). The icon looks like this: cid:image001.jpg@01C9B1EC.32543F30
2. Check the Program Versions section, the Scan Engine should be 81.3.0.13
3. If the Scan Version is not at this level then call the GDIT IT Service Desk and Support for assistance
4. Next, check your Virus Definitions File section, the version should be at a minimum of 3/29/2009 rev. 3
5. If the version is not current then click the LIveUpdate button à Click the Next button --> It will go out to Symantec's website and automatically download the latest version
6. If your system is prevented (confirm that you have Internet access) from accessing the Symantec website call IT Service Desk and Support immediately for assistance.
7. From the pull-down menu, choose Scan and select Full Scan. Click the Scan button and allow Symantec to perform a complete scan.
8. If Symantec finds a virus please contact the IT Service Desk and Support for assistance.
To reiterate, if your computer does not have the latest Program Version or Virus Definitions or it is prevented from accessing the Symantec website to receive the latest signatures please contact the IT Service Desk and Support and immediately.
Advice to Stay Safe from the Downadup Worm:
* Periodically check the Symantec AV console to ensure you are receiving Program and Virus Definitions and they are not out of date.
* Keep your computer updated with the latest patches. This includes Microsoft Operating and Office updates (every 2nd Tuesday of every Month), and Adobe Flash Player, Acrobat and Reader programs, If you donât know how to do this contact IT Service Desk and Support to assist you.
* Donât use âfreeâ security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their âfullâ service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
* Be smart with your passwords. This includes
o Change your passwords periodically as per GDIT Policy
o Use complex passwords â no simple names or words, use special characters and numbers
Contact Information:
IT Service Desk: http://servicedesk.gdit.com/
IT Expanded Support Line: local to Massachusetts.: 781-455-5020,
Long Distance: 800-663-8315
* GDIT Information Security Risk Manager: 703-818-5187
get a clue,What Happens on April 1, 2009?
Computers previously infected with the Conficker worm will begin to use specially crafted instructions to contact web domains owned by the attackers with the intent to find ways to spread (worm) Conficker to other computers to infect.
What does the Conficker worm do?
We donât know the purpose of the Conficker worm. We have evidence that the creators of the worm can connect to an infected computer to remotely install software and possibly steal information. What will that software do? Most likely the worm will be used to create a botnet that will be ârentedâ out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.
The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malwareâs creator. The worm then tries to spread itself to other computers on the same network.
How does the worm infect a computer?
Conficker, also known as the Downadup worm, tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.
Who is at risk?
Users whose computers are not fully patched and receiving updates from GDITâs System Management agent (SCCM) or directly from Microsoft and who are not running an up to date antivirus product are most at risk.
Ensure your Symantec Antivirus is up-to-date and actively running.
1. Your Symantec Antivirus program should be configured to receive updated signatures that have the latest information to identify and prevent th <<image001.jpg>> e variant of the worm from running on your computer. Please follow these instructions to help determine if your Symantec AV program is up-to-date (you must be connected to the Internet):
1. From your computer, open the Symantec AV console (from the system tray double-click the yellow, PC mouse-looking icon). The icon looks like this: cid:image001.jpg@01C9B1EC.32543F30
2. Check the Program Versions section, the Scan Engine should be 81.3.0.13
3. If the Scan Version is not at this level then call the GDIT IT Service Desk and Support for assistance
4. Next, check your Virus Definitions File section, the version should be at a minimum of 3/29/2009 rev. 3
5. If the version is not current then click the LIveUpdate button à Click the Next button --> It will go out to Symantec's website and automatically download the latest version
6. If your system is prevented (confirm that you have Internet access) from accessing the Symantec website call IT Service Desk and Support immediately for assistance.
7. From the pull-down menu, choose Scan and select Full Scan. Click the Scan button and allow Symantec to perform a complete scan.
8. If Symantec finds a virus please contact the IT Service Desk and Support for assistance.
To reiterate, if your computer does not have the latest Program Version or Virus Definitions or it is prevented from accessing the Symantec website to receive the latest signatures please contact the IT Service Desk and Support and immediately.
Advice to Stay Safe from the Downadup Worm:
* Periodically check the Symantec AV console to ensure you are receiving Program and Virus Definitions and they are not out of date.
* Keep your computer updated with the latest patches. This includes Microsoft Operating and Office updates (every 2nd Tuesday of every Month), and Adobe Flash Player, Acrobat and Reader programs, If you donât know how to do this contact IT Service Desk and Support to assist you.
* Donât use âfreeâ security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their âfullâ service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
* Be smart with your passwords. This includes
o Change your passwords periodically as per GDIT Policy
o Use complex passwords â no simple names or words, use special characters and numbers
Contact Information:
IT Service Desk: http://servicedesk.gdit.com/
IT Expanded Support Line: local to Massachusetts.: 781-455-5020,
Long Distance: 800-663-8315
* GDIT Information Security Risk Manager: 703-818-5187
New Computer what do I Need?
mely_590
I just purchased a new computer and Iâm not tech savvy but need to know what to install to avoid Spyware and viruses and all that? I Will be on adult websites and online School so what do I need to install any information would be helpful Thanks in advance for any help
Answer
Long answer but should tell you all you need to know. There is no best piece of software - you have to make choices the info below should enable you to do that - and all the recommendations are free :-)
AJ
Threats to your computer come in different guises with various funky names. Collectively they're considered malicious software, abbreviated to 'malware' in security parlance. The main types are as follows:
* Viruses. Hidden programmes which wreak havoc.
These are transmitted via websites, e-mail attachments, directly over the internet, or via any other removable media. They hide in applications or files and spread from computer to computer, generally wreaking havoc wherever they get the chance to.
* Trojans. Bugs within harmless looking files.
Trojan (horses) are hidden within a file that looks harmless, like a picture of a celebrity, aiming to trick the user into installing the malicious software like spyware or adware on the computer.
* Worms. Can drill in via open web connections
Worms take advantage of any open Internet connection, to try and sneak in and replicate on the computer. Once loaded, they often start to send spam email from your computer without your knowledge.
It's often about big, organised crime.
It's a common misconception that producing computer viruses is the sole domain of angst-ridden one-man-bands with little to do, showing off to their equally reclusive peers. Whilst there may have been some truth in this at the beginning, and of course it still happens, these days it's often about big criminal business. Some of the reasons it happens include...
* Stealing your information.
Cracking into your computer can reveal a breadth of information about you, possibly including bank details for ID fraud or just directly taking your cash.
* Grabbing your e-mail contacts.
It may be a programme looking to grab all the e-mails in your contacts e-mail data in order to find real addresses to sell to spammers. These people may well then be e-mailed from your address.
* Utilising your computer to threaten websites.
Some viruses can allows your computer to be controlled in order to create a DDOS attack. This is where a website (or even a country's whole domain e.g. Estonia's .ee domain) is closed down due to simulated use by billions of simulataneous users. This can be for political reasons, ransom, to close down competitor sites or just for 'sport'.
Many of the people whose computers cause this are unaware it's happening, as viruses are controlling their web connections. This site was hit by just such a DDOS attack, the irony being some of the people who were denied access for three days could've been contributing to the closure by hidden viruses on their system.
Free Anti-Virus Software
Pay for anti-virus software from the biggies Symantec/Norton or Mcafee and it'll cost roughly £50 per year. Yet you can also take advantage of a variety of decent free programmes...
* Grisoft's AVG 8.0.
AVG has a long history, and has been through loads of modifications to provide a better service on its way to the current version, AVG 8.0. The company makes its money by selling virus protection to small businesses, and offers free home-user versions as a means of promoting its professional service. It's protection is reasonably thorough, though it doesn't offer any real tech support. It's quite unintrusive, doesn't use too many resources, and it will regularly auto-update.
* Alwil Softaware's Avast! 4.
Alwil software's Avast! 4 is free for non-commercial users and offers regular updates, as well as proper technical support via e-mail or phone. Protection-wise it's very similar to AVG, covering all the same bases and not hogging system resources, but it has a funkier interface (for those who like a pinch of fashion with their computer security). The only downside is that you have to re-register it after each year of use.
* AntiVir.
AntiVir by Alvira actually offers better standard virus detection than both of the above, but lacks in other areas. It won't scan your emails before you open them, uses more resources (less of a problem if you've a more powerful PC), and maintains a perhaps-too-visible presence on your desktop. You'll also have to occasionally re-register it to keep it going.
Whichever of these you choose, there's one important warning...
Hackers develop new bugs constantly. All these free anti-virus services offer regular updates, if you don't download them, you're not protected.
Yet it's not just about how up to date your software is. If you're not using it, what's the point. Try to fit in a full 'on-demand' scan (that is, one where the virus scanner flicks through all the files on your hard drive) once a week. This should make sure nothing slips through the net.
Free online virus scanners for further protection
Whilst they shouldn't replace proper software, online scanners provide a secondary scan and can sometimes be more up to date. So if you're worried your software isn't working well enough, or want a second opinion, these are worth a regular play with.
* Trendmicro's Housecall 6.6.
Updated daily, Housecall 6.6 will rummage through your whole machine, identifying infections as it goes. As a bonus, it'll also look for other vulnerabilities in your machine, and in many cases fix those it finds. Feedback's generally excellent for the service, though be aware it might pique the interest of your firewall since it runs using ActiveX or Java (you choose which).
* Panda Security's Activescan 2.0.
In a bid to sell you its paid-for security programmes, Panda Security also offers a free online scan, which will be better for some as it can be customised to only scan certain sections of your hard drive.
A note for those with new PCs
Often companies throw in free anti-virus programs hoping you'll subscribe to them out of convenience once the free trial ends. By all means take advantage of the free offer, but then ditch and switch to a free version when it expires. Make sure you uninstall the trial too; it may interfere with the new virus scanner, and even if not it'll certainly slow down your PC.
Note for Norton users only: It can be a bit of a pain to get rid of all Norton AntiVirus's components from your machine. If you're having trouble doing so, try Symantec's own Norton Removal Tool, which is designed to solve this very problem.
Free Firewall software
Anti-virus isn't the only protection your computer needs. If you don't have a Firewall, you're leaving all your files and sensitive information vulnerable. Therefore its important to get one. To help explain this, let me use a simple analogy.
If anti-virus software's the border patrol checking to see what's allowed in, a firewall's the border fence stopping all the bad stuff coming in in the first place.
Got a router?
Thankfully most of us use a router to connect to the web nowadays rather than just a modem. I say thankfully because routers have built-in firewalls which deal with incoming connections before they hit your PC, and outgoing connections before they hit the web after leaving your machine. Ensure yours is turned on and set to a high enough level of security. Consult the manual or search online for the make and model number if you don't know how to check.
Whilst you're there, check your router password has been changed from its default; you'd be surprised at how many connections are hacked simply because the password hasn't been changed. Spend a little time and get your settings right here, as router firewalls afford a higher level of protection than software ones.
Windows Firewall.
Windows XP and Vista have a firewall built-in, which should be sufficient for most people (especially those who've already got router firewalls), though do make sure it's switched on and your copy of Windows is up to date. The firewall can be set on low, medium & high levels of protection.
If you have the Windows firewall set on a high level of protection, it's likely you'll need to spend some time tweaking its settings in Control Panel to stop it becoming a nuisance. By default, it'll stop you downloading files over MSN messenger, and it'll block a whole load of programs which download from the web.
Alternative Free Firewall Software.
If you want better protection, are having problems with Microsoft's firewall, or just want more flexibility, consider these free firewalls too:
* Sunbelt Personal Firewall.
Formerly known as Kerio firewall, Sunbelt Personal is actually a commercial product, but after its 30-day trial you only lose its pop-up blocker (and chances are you've got one already, see below). Even though it'll nag you to register intermittently, it's widely credited as being one of the least irritating firewall products.
* Comodo Personal Firewall.
It's totally free to use but you will need to register and activate the licence by e-mail within 30 days of installation. Whilst Comodo usually outperforms the Sunbelt firewall in tests, it's a fair bit more intrusive than the latter. Tech support is available via email, but not by phone.
* ZoneAlarm Free Firewall.
One of the most popular free firewalls on the web, ZoneAlarm's comes with mixed user feedback. That said, it's easy to install and use, and has a long history to back it up.
Adware and Spyware
There are two more commerical types of software that you can find on your computer. Often legitimate developers will design programmes which incorpora
Long answer but should tell you all you need to know. There is no best piece of software - you have to make choices the info below should enable you to do that - and all the recommendations are free :-)
AJ
Threats to your computer come in different guises with various funky names. Collectively they're considered malicious software, abbreviated to 'malware' in security parlance. The main types are as follows:
* Viruses. Hidden programmes which wreak havoc.
These are transmitted via websites, e-mail attachments, directly over the internet, or via any other removable media. They hide in applications or files and spread from computer to computer, generally wreaking havoc wherever they get the chance to.
* Trojans. Bugs within harmless looking files.
Trojan (horses) are hidden within a file that looks harmless, like a picture of a celebrity, aiming to trick the user into installing the malicious software like spyware or adware on the computer.
* Worms. Can drill in via open web connections
Worms take advantage of any open Internet connection, to try and sneak in and replicate on the computer. Once loaded, they often start to send spam email from your computer without your knowledge.
It's often about big, organised crime.
It's a common misconception that producing computer viruses is the sole domain of angst-ridden one-man-bands with little to do, showing off to their equally reclusive peers. Whilst there may have been some truth in this at the beginning, and of course it still happens, these days it's often about big criminal business. Some of the reasons it happens include...
* Stealing your information.
Cracking into your computer can reveal a breadth of information about you, possibly including bank details for ID fraud or just directly taking your cash.
* Grabbing your e-mail contacts.
It may be a programme looking to grab all the e-mails in your contacts e-mail data in order to find real addresses to sell to spammers. These people may well then be e-mailed from your address.
* Utilising your computer to threaten websites.
Some viruses can allows your computer to be controlled in order to create a DDOS attack. This is where a website (or even a country's whole domain e.g. Estonia's .ee domain) is closed down due to simulated use by billions of simulataneous users. This can be for political reasons, ransom, to close down competitor sites or just for 'sport'.
Many of the people whose computers cause this are unaware it's happening, as viruses are controlling their web connections. This site was hit by just such a DDOS attack, the irony being some of the people who were denied access for three days could've been contributing to the closure by hidden viruses on their system.
Free Anti-Virus Software
Pay for anti-virus software from the biggies Symantec/Norton or Mcafee and it'll cost roughly £50 per year. Yet you can also take advantage of a variety of decent free programmes...
* Grisoft's AVG 8.0.
AVG has a long history, and has been through loads of modifications to provide a better service on its way to the current version, AVG 8.0. The company makes its money by selling virus protection to small businesses, and offers free home-user versions as a means of promoting its professional service. It's protection is reasonably thorough, though it doesn't offer any real tech support. It's quite unintrusive, doesn't use too many resources, and it will regularly auto-update.
* Alwil Softaware's Avast! 4.
Alwil software's Avast! 4 is free for non-commercial users and offers regular updates, as well as proper technical support via e-mail or phone. Protection-wise it's very similar to AVG, covering all the same bases and not hogging system resources, but it has a funkier interface (for those who like a pinch of fashion with their computer security). The only downside is that you have to re-register it after each year of use.
* AntiVir.
AntiVir by Alvira actually offers better standard virus detection than both of the above, but lacks in other areas. It won't scan your emails before you open them, uses more resources (less of a problem if you've a more powerful PC), and maintains a perhaps-too-visible presence on your desktop. You'll also have to occasionally re-register it to keep it going.
Whichever of these you choose, there's one important warning...
Hackers develop new bugs constantly. All these free anti-virus services offer regular updates, if you don't download them, you're not protected.
Yet it's not just about how up to date your software is. If you're not using it, what's the point. Try to fit in a full 'on-demand' scan (that is, one where the virus scanner flicks through all the files on your hard drive) once a week. This should make sure nothing slips through the net.
Free online virus scanners for further protection
Whilst they shouldn't replace proper software, online scanners provide a secondary scan and can sometimes be more up to date. So if you're worried your software isn't working well enough, or want a second opinion, these are worth a regular play with.
* Trendmicro's Housecall 6.6.
Updated daily, Housecall 6.6 will rummage through your whole machine, identifying infections as it goes. As a bonus, it'll also look for other vulnerabilities in your machine, and in many cases fix those it finds. Feedback's generally excellent for the service, though be aware it might pique the interest of your firewall since it runs using ActiveX or Java (you choose which).
* Panda Security's Activescan 2.0.
In a bid to sell you its paid-for security programmes, Panda Security also offers a free online scan, which will be better for some as it can be customised to only scan certain sections of your hard drive.
A note for those with new PCs
Often companies throw in free anti-virus programs hoping you'll subscribe to them out of convenience once the free trial ends. By all means take advantage of the free offer, but then ditch and switch to a free version when it expires. Make sure you uninstall the trial too; it may interfere with the new virus scanner, and even if not it'll certainly slow down your PC.
Note for Norton users only: It can be a bit of a pain to get rid of all Norton AntiVirus's components from your machine. If you're having trouble doing so, try Symantec's own Norton Removal Tool, which is designed to solve this very problem.
Free Firewall software
Anti-virus isn't the only protection your computer needs. If you don't have a Firewall, you're leaving all your files and sensitive information vulnerable. Therefore its important to get one. To help explain this, let me use a simple analogy.
If anti-virus software's the border patrol checking to see what's allowed in, a firewall's the border fence stopping all the bad stuff coming in in the first place.
Got a router?
Thankfully most of us use a router to connect to the web nowadays rather than just a modem. I say thankfully because routers have built-in firewalls which deal with incoming connections before they hit your PC, and outgoing connections before they hit the web after leaving your machine. Ensure yours is turned on and set to a high enough level of security. Consult the manual or search online for the make and model number if you don't know how to check.
Whilst you're there, check your router password has been changed from its default; you'd be surprised at how many connections are hacked simply because the password hasn't been changed. Spend a little time and get your settings right here, as router firewalls afford a higher level of protection than software ones.
Windows Firewall.
Windows XP and Vista have a firewall built-in, which should be sufficient for most people (especially those who've already got router firewalls), though do make sure it's switched on and your copy of Windows is up to date. The firewall can be set on low, medium & high levels of protection.
If you have the Windows firewall set on a high level of protection, it's likely you'll need to spend some time tweaking its settings in Control Panel to stop it becoming a nuisance. By default, it'll stop you downloading files over MSN messenger, and it'll block a whole load of programs which download from the web.
Alternative Free Firewall Software.
If you want better protection, are having problems with Microsoft's firewall, or just want more flexibility, consider these free firewalls too:
* Sunbelt Personal Firewall.
Formerly known as Kerio firewall, Sunbelt Personal is actually a commercial product, but after its 30-day trial you only lose its pop-up blocker (and chances are you've got one already, see below). Even though it'll nag you to register intermittently, it's widely credited as being one of the least irritating firewall products.
* Comodo Personal Firewall.
It's totally free to use but you will need to register and activate the licence by e-mail within 30 days of installation. Whilst Comodo usually outperforms the Sunbelt firewall in tests, it's a fair bit more intrusive than the latter. Tech support is available via email, but not by phone.
* ZoneAlarm Free Firewall.
One of the most popular free firewalls on the web, ZoneAlarm's comes with mixed user feedback. That said, it's easy to install and use, and has a long history to back it up.
Adware and Spyware
There are two more commerical types of software that you can find on your computer. Often legitimate developers will design programmes which incorpora
Powered by Yahoo! Answers
Comments :
Post a Comment