Apr092009

Conficker - What now?

Published by dave at 7:34 AM under Current Threats | Malware | Microsoft Operating Systems | Windows 2000 | Windows Server 2003 | Windows Vista | Windows XP | Opinion

Now that the news media and computer security firms have managed to stir the entire computing world into an almost out of control frenzy, what's really going on?  The dreaded Conficker evolution of April 1 was, for most US users, a big yawn right up there with the feared Y2K meltdown.  That is not to say you have nothing to fear and there is no danger of your computer becoming infected with this or some other form of malware.

There's good and bad to come from both the Conficker and Y2K hype.  On the upside, any news that heightens awareness among computer users of their computing environment and the potential dangers and methods used by the bad guys is a good thing.  The downside is, anytime an event is so overly hyped, it's easy to become complacent when nothing bad happens in our immediate little universe.

I've talked about dangers of fake Anti-Virus and Anti-Spyware products in the past.  I mention this because it appears the underlying plan of Conficker's payload is to ultimately sucker you into the same kind of trap.  Security firm Trend Micro says some machines have recently been updated  with fake antivirus software in an apparent attempt by Conficker's authors to profit from their massive botnet.

Consider yourself warned, if you receive ANY messages on screen from anything other than your already installed security solution claiming your computer is infected, it could be Conficker, or any of the many other rogue programs out there designed to make your computing life hell while extorting your money.

If you suspect your computer may be infected, don't wait and wonder, contact the St. George PC Doctor today.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Mar312009

Conficker Worm update

Published by dave at 7:28 AM under Current Threats | Malware | Microsoft Operating Systems | Windows 2000 | Windows Server 2003 | Windows Vista | Windows XP | Daily Tips

See this link for a great collection of Conficker detection and removal tools.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Mar302009

Conficker Worm expected to evolve April 1

Published by dave at 7:17 AM under Current Threats | Malware | Microsoft Operating Systems | Windows 2000 | Windows Server 2003 | Windows Vista | Windows XP | Daily Tips

Your best defense? Make certain your PC is up to date on all critical patches for your version of Windows. Microsoft has modified it's free "Malicious software removal tool" to detect and eliminate Conficker.

How dangerous is Conficker? Dangerous enough that there is a $250,000 bounty on the heads of those responsible. It's the potential for havoc including password and identity theft that has IT departments scrambling to get a handle on this. Read more about this extremely dangerous worm here

[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments

Mar162009

Today's Tip: Update to AntiSpyware XP2009

Published by dave at 2:22 PM under Current Threats | Malware | Microsoft Operating Systems | Windows 2000 | Windows 7 | Windows Server 2008 (Longhorn) | Windows Vista | Windows XP | Daily Tips

Last week I alerted you to a common trojan trap that is surfacing all over the web under a variety of names. AntiSpyware XP2009 is just one name. Rather than update the original post, I have decided to post this once again because of the EXTREME DANGER this type of threat poses.

A colleague of mine recently passed away. While searching for news about him, I navigated to a site where I was greeted by this pop-up window:


AV360 Pop Up


Pretty scary huh? It gets better. It matters not how you exit the pop-up message, as soon as you do, a fake "scan" animation is displayed that makes it appear your system is being scanned. It is important to note that the script is NOT PERFORMING A SCAN. What you see is only an animated webpage made to resemble an actual scan. A full size screen capture of this scan animation is displayed here
So how do we know the scan is a fake? Well for starters, the fake animation displays only 2 Local Disk drives and a DVD-RAM drive. In reality, there are 9 Disk drives on my computer and one DVD-RW drive. Secondly, while "local disk" is the name Windows assigns Hard Disk Drives during installatioin, I rename all my drives to unique names. It's a neat little trick that can help you spot these fake screens. Renaming HDD's to a friendly name will be the subject of a future post. And lastly, we know this is a fake screen because the layout is based on a Windows XP Explorer window, I'm actually using Windows 7 Beta on this computer.
Finally, take a close look at the final screen capture below:


AV360 Pop Up


Under no circumstances should you select the "OK" option to install. Clicking on the X, or the Alt-F4 keystroke combination just puts you in a repeated error message loop. Close the actual BROWSER window to cut this trojan off at the knees.
It's easy to be fooled by these tricks and a lot harder to clean up after, so surf smart. Don't panic when you see a pop up like this, but if you get taken in, call the St. George UT PC doctor for disaster cleanup.



[KickIt] [Dzone] [Digg] [Reddit] [del.icio.us] [Facebook] [Google] [StumbleUpon] [Twitter]

Tags: , , , , , , , ,

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Comments