Posts Tagged ‘downloads’

Clampi Virus targets online banking

In the modern world, most peo­ple never see their bank (with the excep­tion of ATM with­dra­wals).  We use bill pay, direct depo­sit and bank debit cards.  This is the exact beha­vior that the Clampi virus is living on.

Clampi is a very stealthy virus, just biding it’s time on a com­pro­mi­sed machine and watching for con­nec­tions to online finan­cial web­si­tes.  So many so that the Lon­don Times Online reports:

The tro­jan has a list of more than 4,500 finance-related web­si­tes that it moni­tors, inc­lu­ding Bri­tish high street banks. Secu­rity experts war­ned that it was one of the stealthiest and most per­va­sive threats to com­pu­ters using the Mic­ro­soft Win­dows ope­ra­ting systems.

The virus appears to be gea­red with more of the busi­ness users ins­tead of the nor­mal home user (though it does infect home users).  If the virus does end on a work com­pu­ter, it will attempt to cap­ture login cre­den­tials admi­nis­tra­tors and spread itself through the net­work.  As it spreads, it con­ti­nually moni­tors for login infor­ma­tion to the watch list of finan­cial web­si­tes.  If this virus does infect the finance group of a com­pany, it will attempt to send wire trans­fers from that account.  You can ask Slack Auto Parts.  It has been repor­ted that they lost $75,000 July 3–7, says owner Henry Slack. Clampi-infected com­pu­ters sent nine pay­ments to six dif­fe­rent mules � and fai­led to trans­fer an addi­tio­nal $69,000 in eight other attempts.

A word of war­ning, if your com­pu­ter is desig­na­ted for finan­cial usage, please do not surf the inter­net or use social media sites to mini­mize the risk of infections.

Since this virus has been out for a while, all the major anti­vi­rus ven­dors have upda­ted defi­ni­tion files that inc­lude the scan for this par­ti­cu­lar virus.  Make sure your sys­tem is always upda­ted and scan­ned on a regu­lar basis.  If you would like to run a quick check, using a dif­fe­rent ven­dor, I recom­mend these online scanners:

Trend­Micro: http://housecall65.trendmicro.com/
Syman­tec: http://security.symantec.com/sscv6/WelcomePage.asp
McA­fee: http://home.mcafee.com/downloads/freescan.aspx?cid=60447
Panda: http://www.pandasecurity.com/activescan/index/

I Love this utility

One of my favo­rite web­si­tes to look at daily (ok many times a day) is Life Hac­ker.  Today as I was going through some of their archi­ved pos­tings I found this.

A few days ago I tal­ked about a pro­gram called smart ins­ta­ller, but I must say I am over the top impres­sed with life hacker’s ver­sion.  The uti­lity itself is ultra tiny (292k) with an xml file.  The Smart Ins­ta­ller is in excess of 200 megs.  The size dif­fe­rence is due to Smart ins­ta­ller having the ins­ta­llers inc­lu­ded whe­reas life hacker’s ins­ta­ller auto­ma­ti­cally down­loads the latest ver­sion from the net.

Another great fea­ture, to me at least, is that the Life hac­ker Pack has an XML file that you can add or remove appli­ca­tions in.  So if there is an app you like to ins­tall, modify the file in any text edi­tor, get the down­load path, and away you go.  With Smart Ins­ta­ller, you have to hope they add it.

Please don’t get me wrong, Smart ins­ta­ller is very good for a machine that you do not have on the inter­net.  But for size and fle­xi­bi­lity, I will be adding the Life Hac­ker pack to my arse­nal.  You can down­load the pack here. Other users have crea­ted some addi­tio­nal XML files:

PC Res­cue Pack

The PC Res­cue Pack’ll come in real handy in a few weeks at Thanks­gi­ving when Mom and Dad ask you to fix their com­pu­ter. Down­load the Ins­tall­Pad PC Res­cue Pack list, which includes:

• Ad-Aware (mal­ware scan­ner and cleaner)
• CClea­ner (sys­tem optimization)
• Clam­Win (anti-virus)
• Spy­bot Search & Des­troy (spy­ware scan­ner and cleaner)
• Spy­ware Blas­ter (spy­ware prevention)

Media Pack

Oh, you free-loading, Bit­To­rren­ting, DVD-ripping, MP3-sucking, pod­cas­ting, remi­xing, iPod-trading media whiz, you! Down­load the Ins­tall­Pad Media Pack list, which includes:

• Auda­city (sound editor)
• Azu­reus (Bit­To­rrent client)
• Democ­racy (Inter­net TV player)
• iTu­nes (media player)
• Picasa (photo manager)
• Quick­Time (media player)

VLC (media player)

• Do your­self a favor and give it a try

When is an antivirus really a virus?

Today I recei­ved a call from one of my exter­nal users that was una­ble to access any web­si­tes because some new anti­vi­rus was saying he was unpro­tec­ted and every web­site had mali­cious code.

Since I know that we have McA­fee 8.5 deplo­yed to our users, I knew that this was not a McA­fee issue.  As we dis­cus­sed it a little further he was men­tio­ning that the Anti­vi­rus wan­ted him to purchase the software.

This isn’t the first I have heard of this.  There is a soft­ware com­pany Inno­va­gest 2000 that is pro­du­cing this soft­ware.  They adver­tise it as an antispy­ware appli­ca­tion, but it is the spy­ware.  On some less then savory web­si­tes you will get a pop up that says that your com­pu­ter maybe infec­ted and they offer a free scan.

The fear of being infec­ted moti­va­tes a lot of peo­ple to run this free scan.  Unk­nown to them this appli­ca­tion ins­talls under­neath and now you are stuck.  On that note, I do recom­mend only doing the online scans from repu­ta­ble sites.  I per­so­nally recom­mend the follo­wing: Syman­tec, Panda, and McA­fee.

This appli­ca­tion is extre­mely hard to get rid of.  It rere­gis­ters and ins­talls if it is not com­ple­tely unins­ta­lled correctly.

I hate pro­grams like this.  But it is a fact of life out there.  The modern day snake-oil salesman.

While the pro­gram is run­ning you will see the follo­wing unde­si­ra­ble behavior:

• A “Win­dows Secu­rity Cen­ter” sta­ting that you should purchase Per­so­nal Antivirus.
• Nume­rous alerts sta­ting that your com­pu­ter is under attack or that you have mal­ware run­ning on your com­pu­ter. If you click on these alerts, Per­so­nal Anti­vi­rus will be ins­ta­lled, or you will be brought to the purchase page for the program.
• Your Inter­net Explo­rer brow­ser will be hijac­ked to show secu­rity war­nings when brow­sing the web that stop you from reaching your desi­red page.

As I men­tio­ned before this bug­ger is very hard to get rid off.  But not impos­si­ble.  I found these ins­truc­tions at BleepingComputer.com.

Read more…

New Computer Security Mistakes

I wan­ted to pass on what I see as some of the top com­pu­ter secu­rity mis­ta­kes that most casual com­pu­ters users make when first set­ting up a new computer:

1. Set­ting an non pro­tec­ted newly ima­ged com­pu­ter on the inter­net.  Before ins­ta­lling any com­pu­ter on the inter­net, you will want to ins­tall at least an anti­vi­rus and make sure that the built in fire­wall for Win­dows is ope­ned.  I per­so­nally have a DVD with a lot of first ins­tall appli­ca­tions on it.  This inc­lu­des Comodo Anti­vi­rus, Comodo Fire­wall, Win­dows XP Ser­vice Pack 3 (Net­work Admin Ins­ta­ller), and Vista Ser­vice Pack 2 (Net­work Admin Ins­ta­ller).  As well as a few other odds and ends.  I run these ins­talls before I ever con­nect my machine to the wire­less net­work.  I know the virus defi­ni­tion files for the Anti­vi­rus will be out­da­ted, but that is correc­ted shortly.
2. Not run­ning upda­tes as soon as online. After ins­ta­lling all the appli­ca­tions men­tio­ned above, I get my sys­tem on the net­work and run upda­tes on my anti­vi­rus soft­ware and then run­ning the Win­dows Update.  This is a very impor­tant step.  Just because an anti­vi­rus is ins­ta­lled or the latest Ser­vice Pack applied, it does not mean you are pro­tec­ted.  With more and more vul­ne­ra­bi­li­ties and viru­ses being relea­sed daily, it is a never ending battle to keep your­self pro­tec­ted.  Not only should you worry about the secu­rity soft­ware, but any appli­ca­tion you ins­tall, please run all the updates.
3. Set­ting your pri­mary login ID as an admi­nis­tra­tor.  I know this one is hard, but it has been brought to my atten­tion, and right­fully so, it is not recom­men­ded.  An admi­nis­tra­tor account has unli­mi­ted rights and power on a com­pu­ter.  You can create a sepa­rate user and make is a power user.  For the Admi­nis­tra­tor account, you should rename it from Admi­nis­tra­tor and put a secure pass­word on it.  Also, disa­ble the guest account on your sys­tem for safety measures.

1. Pass­word, Pass­word, Pass­word, and did I men­tion pass­word?  I know this is your home com­pu­ter and you won­der who would get into it.  Well, since the com­pu­ter has become so inte­gra­ted in our lives, we store everything on there.  From bank infor­ma­tion, impor­tant docu­ments, Tax infor­ma­tion, fami­lies infor­ma­tion, on and on.  If your com­pu­ter gets sto­len, someone else now has all of that infor­ma­tion.  If you do not have a secure pass­word (see ear­lier pos­ting) then it’s easy for them to get in.
2. Disk Encryp­tion.This is a topic I will dis­cuss more in depth in the next few days.  There are many free drive encryp­tion appli­ca­tions avai­la­ble that are very very good.  The rea­son for this encryp­tion is so that if someone comes in and just grabs your drive out of your com­pu­ter (less then 3 minu­tes for the most part) your data is secu­red.  See item 4.
3. Wire­less Net­work Secu­rity. Again another topic I will get into later, but for the most part I can sum it up quickly.  If you get a brand new wire­less rou­ter, the defaults are the same.  The same IP address, the same root pass­word, the same SSID (Net­work name).  With this infor­ma­tion anyone in your area can get into your net­work.  There are some things you can do to pro­tect your­self and I plan on dis­cus­sing it later, inc­lu­ding what some recom­men­ded set­tings are.  So please check back.

I hope that you found this use­ful infor­ma­tion.  Ques­tions, com­ments and feed­back is always welcome.

Online Backup

A few days ago, I dis­cus­sed a bac­kup tool named Cobian and I pro­mi­sed to look into online space for off­site storage.

While loo­king around a I found quite a few, but focu­sed on three.  I will go over some of my ini­tial impres­sions, and direct links to the site (so the FTC doesn’t chase me down for get­ting something for giving my opinion).

The three I will be tal­king about are iDrive.com, Mozy.com, and Humyo.com.  Now the first thing that’s impor­tant to ever­yone is, how much space do I get.  iDrive and Mozy both have 2 gigs for free, but this link (I pro­mise I get nothing) will get you a 250 MB upgrade on Mozy.  Humyo might as well be called Humon­gous giving you a whop­ping 10 GB online sto­rage.  Now this is all FREE.

Of course, if you find you are run­ning out of space, you can pay for upgra­des.  For $4.95 a month you get expand to 150 GB on iDrive, Mozy gets to be a bit more expen­sive, using the pay as you go model at $3.95 a month per 500 MB.  My opi­nion on that is if you are paying that, pay for hos­ting.  In the odd case that you will need more then 10 GB for bac­king up your most cri­ti­cal data on Humyo it will run you $6.99 a month to get 100 GB.

So besi­des space, I am sure there are pro­bably other things to con­si­der.  Let me think…

How do I get my data from my com­pu­ter to my sto­rage place.  Well all three have a client that you can ins­tall on your com­pu­ter.  Though Humyo requi­res you have a paid account to use the client.  It does, howe­ver, have a web con­sole you can drag and drop into a java upload client.

The clients are nice and small, quick easy down­loads, so I won’t get into that.  Some of the things that I noti­ced on the client.

For the Mozy client, it auto­ma­ti­cally gives you a recom­men­ded bac­kup set, inc­lu­ding Thun­der­bird data.  Since I use Thun­der­bird, that is handy to have.  It also gives you two options of data encryp­tion.  If you push have VoIP pho­nes, or band­width issues in gene­ral, you can throttle the appli­ca­tion as well as sche­dule your bac­kups for slow net­work times.

iDri­ves’ client is not as fully fea­tu­red (at least not to the naked eye).  The ini­tial bac­kup set is your docu­ments and set­tings fol­der.  With some dig­ging around you can setup band­width thrott­ling also.  But it does have a synch option (quick delete if you erase a fol­der and want it pulled out of your bac­kup) and con­ti­nuous bac­kup.  Though I am not sure how often it checks.

Since you have to have a paid account for the Humyo client, I will not review it.

Ok.  We have now bac­ked up all the data and sure enough, we have to refor­mat or our machine, boooo.  Or we just got a new com­pu­ter and we want to get our docu­ments back, yeah!

How do we get it back.  Of course for both iDrive and Mozy you can use the client and res­tore. But… I want more.  It’s free, I want it all.

For Mozy you have a two options: You can use a vir­tual drive (crea­ted when the client is ins­ta­lled) and drag and drop or pay for a DVD to be crea­ted and FedEx to deli­ver the disk.

With iDrive, you can go to the site and login.  Going into the res­tore area you can use a Java applet to down­load your files.  Or you can get a second down­load to create a vir­tual drive and go through your Win­dows Explorer.

Well Folks.  I hope that helps a bit.  Remem­ber, bac­kups are important…Before the sys­tem crashes.