Skype Targeted With Worm

Skype, the VoIP (Voice over Internet Protocol) is considerably less secure than traditional telephone lines. Many people have switched to using Skype because of the savings they can make, and many have abandoned their traditional telephone lines altogether.

Skype was founded in 2002 and was bought by ebay in 2005 for US$2.5 billion. It has seen a steady rise in the number of subscribers to its service.

However, it still has many pitfalls, including the latest Worm called ‘W32/Ramex.A’.

It spreads through the peer-to-peer instant chat utility and is activated when a user clicks on a link within an instant message asking recipients to download a file.

It is very cleverly disguised within a jpeg image of soap bubbles, one of Windows default built-in wallpapers which has been embedded with a malicious executable code.

This code installs Spyware that can easily steal passwords and other personal information. It may also block users from visiting certain websites and stop programs from running or responding. It also connects to a remote server to download additional malicious code.

It is often titled ‘really funny’ or ‘look at this crazy photo sent to me’ with a clickable link. Once clicked, users who continue to download the file then have the risk of their machine becoming infected, and it then uses Skype’s application program to access files on the infected machine. The worm then attempts to replicate itself and then send out messages to recipients on the users contact list.

Ensure your anti-virus is up-to-date, windows updates are downloaded and installed, especially The Windows Malicious Software Removal Tool, which was last updated September 11^th 2007. To remove the worm and its variants go to the link below and Download the file, save it to your Desktop (or location where you store downloaded files) and once the download is complete, select Run and the program will install.

You then have the option of a Quick Scan, Full Scan or Customized Scan.

Select Quick Scan and if any Malicious Software is found you will be prompted to run a Full Scan which may take several hours depending on your machines hard drive capacity but it’s worth it for the safety and security of your PC.

Download Here

More Email Dangers

The email Trojans are back in full swing.

Many of these will be titled ‘Office Antics’, ‘It Takes Guts to Say Jesus’, ‘Free Web Tools’ and many other eye catching subjects.

DO NOT open these emails as they contain a Trojan Downloader and if the link contained in the body is clicked a new window will open and you will be prompted to download a file.

Only trust emails from trusted sources, but also ensure that you have real-time anti-virus running. Even trusted sources can innocently pass on trojans and malicious code.

Virus Name: JS/Psyme also known as HTML/Mht@exp

Spreads through Web Browsing, Downloads Code from the internet, Exploits your system and/or Software vulnerabilities, and in extreme cases it can wipe your hard drive of all data.

Ensure your anti-virus is up-to-date. I recommend AVG Anti-Virus (freeware) which catches these Trojans and opens a ‘Threat Detected’ window.

If you are infected with this update your virus definitions file and reboot into Safe Mode, scan with anti-virus and also scan with ad-aware.

Email will read similar to this, with some variations:

Welcome Member,

We are so happy you joined ************

Member Number: 6257277682314
Your Temp. Login ID: user3795
Your Password ID: eq708

Please Change your login and change your Login Information.

Use this link to change your Login info: ******** (link removed)

Welcome,
***********
***********

These emails all follow the same format with a clickable link…….DO NOT click.

Email Danger - Free Web Tools

Hot on the heels of the ‘Postcard From A Friend’, there is a new trend starting.

Below is a copy of an email I received - several copies of it too.

DO NOT open this email as it contains a Trojan Downloader, just Delete it
Virus Name: JS/Psyme also known as HTML/Mht@exp

Spreads through Web Browsing, Downloads Code from the internet, Exploits your system and/or Software vulnerabilities.

Ensure your anti-virus is up-to-date. I recommend AVG Anti-Virus (freeware)which catches these Trojans and opens a ‘Threat Detected’ window.

If you are infected with this update your virus definitions file and reboot into Safe Mode, scan with anti-virus and also scan with ad-aware.

Email will read similar to this, with some variations:

Welcome Member,
We are so happy you joined Free Web Tools.

Member Number: 6257277682314
Your Temp. Login ID: user3795
Your Password ID: eq708

Please Change your login and change your Login Information.

Use this link to change your Login info: Free Web Tools

Welcome,
Internet Support
Free Web Tools

eCards and Postcards from Friends

From: BlueMountain.Com ufp@btconnect.com

Subject: You’ve received a postcard from a School mate!

Hi. School mate has sent you a postcard.
See your card as often as you wish during the next 15 days.

SEEING YOUR CARD

If your email software creates links to Web pages, click on your
card’s direct www address below while you are connected to the Internet:

http://**.***.***.**/?e3ca036e47840d8e117868911e6c3

Or copy and paste it into your browser’s “Location” box (where Internet
addresses go).

We hope you enjoy your awesome card.

Wishing you the best,
Webmaster,

BlueMountain.Com

At present there are millions of these being mass mailed on a daily basis, from ’schoolmates’, ‘friends’, ‘family members’, ‘your mate’ and many more.

Ensure that your Anti-Virus is up to date, and all system security patches have been downloaded.

NO Greeting Card company will ever ask you to DOWNLOAD anything, ecards are viewed online through a link in an email, but the links contained in these ‘cards’ prompt you to download.

In this particular case, if you click the link you are PROMPTED to DOWNLOAD or informed that your DOWNLOAD will start shortly.

It is important that you just delete these mails, many contain a Trojan Script…..but they will not zero your drive or boot sector as the rumours are saying.

As with all emails, if you don’t know the sender DELETE it.

How to ruin your PC

Fighting off Viruses

Virus Protection from AVG - Tutorial included

Protecting your computer from a virus is getting harder and harder each day. While it may border on the paranoid, it goes without saying that you can’t leave your guard down for one second. Even corporate giant Microsoft has found its own systems compromised on more than one occasion.

Because new viruses erupt daily, it is important that you regularly update your antivirus software. Become familiar with the software’s real-time scan feature.

Make it a habit to always scan all new programs or files no matter from where they originate.
Perform regular backups in case your system is corrupted. It may be the only way to recover your data if infected.

I suspect a lot of people get virus infections because they download random files off the internet. Kazaa/eMule and other peer-to-peer are great places to download infected items. It is important that if you use such programs that you have one dedicated folder to download too, and before opening or running anything scan it first with an anti-virus program. I recommend that people who want to exchange files over the internet (including entire folders of files) do so using encrypted solutions (and only with friends or people they know). A great new application is GigaTribe, it encrypts all exchanges, no files size limits, and is free from any spyware/adware.
Their website is http://www.gigatribe.com

AVG Anti-Virus Free Edition is a free downloadable antivirus program that has received high marks for its reliability. In the past, free downloadable antivirus programs have been viewed skeptically because of issues relating to its reliability.

However, AVG from Grisoft, remains one of the best-known free anti-virus programs available. While AVG cannot be installed on a server operating system and there is no technical support, it still makes a good choice for many home computer users.The best part is that it is free for both Windows and Linux and it checks for updates on a regular basis.

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.

Get yours here:http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Save the program to a folder which is easily accessible, I created one on my desktop and renamed it Downloads, this is where I download all of my utilities etc. so I have them in one easily accessible location.

Once installed AVG loads at startup and sits in your system tray.It will carry out a complete scan on a daily basis, but you can schedule it to do this at a time convenient to you. When it has completed its scan a small window will pop up with the results.

You also have the added benefit of real-time scanning as it runs in the backgound and will warn you if something you are downloading is infected.

You can also left click any folder or an item within a folder and scan it with AVG.

Important: Do NOT use more than one Anti-Virus programas it will give you false readings.

http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Windows Media Player Tutorial - Click Here

Securing Windows XP

With its default configurations, Windows XP is not very secure. However, by making some simple changes,you can secure your system and data from attackers and viruses.

Automatic Updates
Keeping your system up-to-date is crucial to maintaining security. Microsoft releases security updates and makes them available for download on the Windows Update web site.
Using the Automatic Updates feature, Windows XP can be configured to download and install updates for you automatically at a time that suits you.

Scheduling this task is very simple. In Windows XP, use the following steps to enable this feature:
1. Right click My Computer and select Properties.
2. Click the Automatic Updates tab from the System Properties box.
3. Select the option to Automatically download the updates, and install them on the schedule that I specify.
4. Select the day and the time when you want the updates installed.
5. Click Ok.

Windows Firewall
Windows XP includes the Internet Connection Firewall service. In Windows XP Service Pack 2, the ICF is renamed to Windows Firewall and it is enabled by default. It is designed to protect your computer from intruders while it is connected to the Internet.

Note: if you are setting up a home network, do not enable Windows Firewall on your LAN (Local Area Network)connection. Only enable it on the Internet connection. If you enable it on your LAN connection, it will block File and Printer Sharing.

Important NoteIf you are using Zone Alarm Free Firewall DO NOT enable the Windows Firewall.

User Accounts
Windows XP includes various built-in user accounts. There are certain steps that you should take to ensure they are not compromised.

Disable the Guest Account. The guest account has always been a huge hacker hole and should remain disabled if it is not required.

Require passwords for all user accounts. Obviously, blank passwords are a bad idea if you care about security.Make sure you assign passwords to all accounts, especiallythe Administrator account and any accounts with Administrator privileges. All passwords should be a minimum of eight characters in length.

In Windows XP Home Edition all user accounts have administrative privileges and no password by default.Make sure you close this hole as soon as possible.

Rename the Administrator account. By renaming the administrator account hackers will have to guess the password and the name assigned to the account.

Don’t make it easy for hackers, renaming the Administrator account will stop some hackers in their tracks, and will deter the more determined ones. They won’t know what the group permissions are for an account, so they’ll try to hack any account they find and then try to hack other accounts toimprove their access. If you rename the Administrator account, try not to use the word Admin in its name. Pick something that won’t make it easy for others to guess.

Remote Desktop
Windows XP Professional’s Remote Desktop allows users to connect remotely to your computer.Although it can be useful for obtaining remote assist with troubleshooting problems, it is also an open door for intruders. Remote Desktop should always be disabled and only enabled when it is needed.
To disable Remote Desktop right click on My Computer, select properties then click on the Remote tab and untick the check box beside Allow Remote Assistance invitations to be sent from this computer.

Anti-virus Software
Anti-virus software is a program designed specifically to detect and remove viruses, making it an essential application to install. Once you install anti-virus software,it will scan your computer and clean any viruses it finds.

Some of the more popular antivirus software programs are listed below, though I refuse to pay for these as mentioned below you can get the same protection for free.
1. Trend Micro
2. McAfee
3. F-secure
4. Symantec
5. Computer Associates
6. Panda Software
Most anti-virus software must be purchased or it may be included with the purchase of a new computer for a limited time.

I highly recommend the use of AVG-AntiVirus available fromhttp://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

I have covered this with a tutorial athttp://cotojo.wordpress.com/2007/04/27/avg-anti-virus-installation-guide/

Important note: DO NOT use more than ONE anti-virus program on your pc as this will cause conflicts.

I prefer to use AVG which scans daily and also runs in the background continuously. On a monthly basis I use Trend Micro housecall online.

Screensavers
Ok, so you are sitting at your desk, or left it for a while and suddenly, a nice image appears on your screen. Ok it’s your screensaver. However, screensavers can serve a much more important purpose other than providing us some cool images, and preventing screen burn.

Enabling a screensaver can increase the security on your computer.
Use a password protected screensaver, this stops others from accessing your computer.
You can configure a screensaver to start when your computer has been idle for a specific amount of time (eg: 5minutes). By password protecting the screensaver, the computer is locked when the screensaver starts. This is a simple idea for additional security. You will need to enter the correct password to resume using your pc.
So once a password protected screensaver has been enabled,you can walk away from your computer knowing thateverything is secure. In Windows XP, you can use the steps outlined below to enable a password protected screensaver.
1. Right click a blank area on your your desktop and click Properties.
2. From the Display Properties dialog box, select the Screensaver tab.
3. Use the drop down arrow to select your screensaver of choice.
4. Change the Wait value to specify how long the computer can remain idle before the screensaver is started.
5. Select the On resume, password protect option. If you do not select this option any activity will cause the desktop to appear.

Give your pc a quick tune-up at http://pcpitstop.com
Run the Full Tests from the menu on the left of the page after creating a user account and password.

Go to http://www.belarc.com/free_download.html
The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes,anti-virus status, CIS (Center for Internet Security) benchmarks,and displays the results in your Web browser. All of your PC profile information is kept private on your PC and is not sent to any web server. I would recommend that you print off the results page as it contains details of your Drivers and Software License Keys, useful if you have to perform a format.

Scan for any viruses at http://housecall.trendmicro.com/

Check to see if your ports are Open, Closed or in Stealth mode athttps://www.grc.com/x/ne.dll?bh0bkyd2

Check your internet connection speed at
http://www.abeltronica.com/velocimetro/pt/?idioma=uk&newlang=uk
Click the green arrow beside the flag on the top right of the header and select your language. Scroll down to Speedometer and click on Test Now.

Remember to always back-up your system or create a restore point before making any changes.

Safe surfing everyone
cotojo