Go Conficker, or How Conficker (Downadup, Kido) Can Change Your Life, plus Help from Secunia PSI and Disabling AutoRun

roadskater's picture
Submitted by roadskater on Wed Apr 1 2009 3:29pm
0

I spent a little time on Conficker today and wanted to share a few links I found interesting or helpful. Nothing much. The biggest tip is to work from sites you trust to get info.

Let's let Conficker change our lives by taking a fresh look at our computers and ourselves in terms of security. And let's be careful with those cute USB key fob flash drives.

The US Computer Emergency Readiness Team has this advice on Conficker...3 things to do, basically, 1 you are possibly already doing...

US-CERT encourages users to prevent a Conficker/Downadup infection by ensuring all systems have the MS08-067 patch (see http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software.
http://www.us-cert.gov/cas/alerts/SA09-088A.html

[...and take a look at this bulletin if you think you don't need to update software...check out adobe reader and mac safari...

http://www.us-cert.gov/cas/bulletins/SB09-090.html ]

If you're not sure what antivirus software to use, here's a comparison...one of many...

http://www.virusbtn.com/news/2009/03_23.xml

I use AVG's free antivirus, but it looks like some other freebies come out a bit better in this one comparison.

I'm not ready to write it up in detail, but I've been using Secunia Personal Software Inspector to keep my laptop and a couple of other people's computers current on software updates (with their help, hopefully). It is pretty cool. It scans your computer and looks for out of date software, especially when there's been a software update in response to a security vulnerability. Secunia PSI gives you links for updates when possible, and information about what to try.

In most cases, you get a link to click to download a solution, then you rescan that program to get the all clear. In some cases, there's not much you can do, or it is difficult (old XP installations or Microsoft Office where you can't find the original discs...but I stopped using MS Office anyway so I just removed the old copies of Word, Excel, &c. as I'm using OpenOffice.org to create all those documents in MS Office format free of charge). 

For those items you don't intend to fix, you can easily have it make a rule to ignore a piece of software. For example, if you want to keep using Windows Media Player version 9 or 10 instead of 11 for awhile longer. You have all the options you had before, but lots more info, and it is really nice to know Secunia PSI is watching your software for you. 

I'm finding Secunia PSI to be very helpful; it's a bit like the Linux/Ubuntu idea of packages and updates, though not as automatic. I am almost certain I'll keep it on my PC and on the ones I help keep going for friends and family.

Read about it here...

http://secunia.com/vulnerability_scanning/personal/

Get it here... Give it a try! It found software on my system I had totally forgotten was there, some of it with vulnerabilities.

http://secunia.com/PSISetup.exe

OK, back to Conficker. Don't catch a nasty trying to avoid a nasty! This might be obvious, but I'd avoid any ads for removal tools. Go to the sites listed in articles on sites you trust, or go directly to the website of the antivirus companies you trust. 

http://www.f-secure.com/weblog/archives/00001639.html

The above link and some others on this page came from this good article...

http://blogs.zdnet.com/hardware/?p=4053&tag=nl.e539

One great piece of news is that Kaspersky and OpenDNS are working together to slow or halt the spread and effectiveness of Conficker. This is good stuff...

http://blogs.computerworld.com/opendns_prevents_the_conficker_worm_from_phoning_home

One interesting aspect of this whole spread is how many hacked copies of Windows might be out there, even in companies, going unpatched to avoid breaking the hacks or being detected. I have worked at places where I was sure they were hacking Windows. It seems easier to use Ubuntu and OpenOffice for free, but I'm sure I'm missing their point, and a few years ago, this might not have been true. I know the next PC I need to get going that doesn't have a usable Windows installation will get Ubuntu Desktop on it, even though I have some valid XP licenses available. 

The zdnet article above includes several links for conficker removers, and I tried a couple from companies I trust.

http://data2.kaspersky-labs.com:8080/special/KKiller_v3.4.1.zip

http://www.bdtools.net/

More on the disabling of autostuff in Windows...

http://www.us-cert.gov/cas/techalerts/TA09-020A.html

http://nick.brown.free.fr/blog/2007/10/memory-stick-worms

http://blogs.computerworld.com/the_best_way_to_disable_autorun_to_be_protected_from_infected_usb_flash_drives

OK. Enough of all that. I hope this helps someone. Now go skate.

‹ Help Needed: How to Loosen or Lube Notebook Hinges on HP Pavilion dv4340us dv4000 Laptop Series to Open and Close More Easily Open-back old-time 5-string banjo ›

Search & shop for anything to help Roadskater.net!

Comments

roadskater's picture

Free Antivirus Software, Plus Windows XP Cleaning and Defragging

Submitted by roadskater on Thu Apr 2 2009 12:14am.
There are two sites I use for reliable downloads...download.com and snapfiles.com. In this case, there's a handy page to snag some free a-v on download.com... http://download.cnet.com/windows/security-software/ Again, I like AVG and have been using it, but Avira Antivir is rated a letter-grade better at recognition and a letter-grade faster in scan speed, and it is apparently truly free for home use. Alwil Avast! is a letter-grade higher on recognition and two letter-grades better on scan speed, but it looks like free registration is required within 60 days and they only promise a year of use. I've tried both before but settled back on AVG once AVG reversed its decision to end their free product. I may try one or both again, probably starting with Avira. I'll let you know, and I welcome your knowledge here too. Also, I like the advice from majorgeeks and I recently helped out with a couple of strange connection error messages on two separate computers at different locations by going through most of the steps below. This included installing the software mentioned there, including Malwarebytes Anti-malware and SUPERAntiSpyware. Here are the three links I used for the cleaning method... Careful with the downloads pages not to accidentally hit an ad, unless you just want to make majorgeeks some pennies for their hard work. A list of rogue tools that are not for cleaning but for infecting, or at least are dubious... http://forums.majorgeeks.com/showthread.php?t=79754 Some basic notes, and mentions of two programs I already loved, CCleaner and the awesome background defragger, IObit Smart Defrag http://forums.majorgeeks.com/showthread.php?t=106650 A good step by step Windows XP cleaning procedure. Afterward, don't forget to turn off system restore, reboot, then turn on system restore, per the instructions there (if any malware was located). http://forums.majorgeeks.com/showthread.php?t=139313 Again, I hope this helps!
Bryan's picture

Wow, that Winders thing

Submitted by Bryan on Sun Apr 5 2009 10:09pm.
Wow, that Winders thing sounds like a lot of work. Not sure I have time for that sort of commitment.
roadskater's picture

Oh Snarly One! Leenux and Makintawsh Has Der Inconveeenyunses

Submitted by roadskater on Tue Apr 7 2009 6:36am.
I think Windows XP is a good product, and Vista has some security features that will eventually be appreciated. Vista is considered a bit less easy to hack than Mac OS for now, though the next version should catch up. Still, with fewer Macs and 'nix boxes and more moneymaker opportunities for botmasters at present, Windows will remain a target. When a lot of consumers start to have their PCs or second PCs running a 'nix flave, I bet we'll see some quality attacks (sad to say). Aside from that, I'm glad that Windows XfP and Microsoft Office were available while waiting for Ubuntu Desktop and OpenOffice and other necessaries were to be ready for prime time. Hardware recognition and driver quality and availability have been issues for many who thought it'd be just as easy or easier than using an XP box. As for commitment, learning Linux command line requires a bit, as does learning Ubuntu Server (or MS-DOS for that matter) or even getting Ubuntu Desktop set up to do all your XP machine does (if you have one). I think security on any platform takes a large commitment. I'm very happy we have Linux flavors in the world, but imagine my Windows XP server setup as secure as my Linux server setup, if not more. I'm not sure about it though, and hope never to become so. Secunia requires a bit of follow up, but so does apt-get update, apt-get upgrade and such. I think I fell for flame bait, but that's fun anyway.
Syndicate content Syndicate content