Spammers and hackers today are very sophisticated when it comes to covering their tracks. Instead of sending spam or using their own computers to attack an orginization or individual they now employee Botnets.

 A Botnet is a collection of computers (that have been hacked and taken over) which a remote user can use to execute operations such as spam, DOS attacks and other types of mailicious activities.

To quote another article I recently read: “Joe St. Sauver, manager of security programs at the Internet2 networking consortium and the University of Oregon, said there are 5 million to 5.5 million botnets in active rotation at any time.”

Article: Botnets Running Rampant Neal Weinberg, Network World care of PC World

The best way to help prevent this from occuring for an end user is to keep your operating system up to date; Always have an updated virus software running (with a scheduled scan enabled weekly); Employee a good firewall.

I understand many of the computers that are part of Botnets are generally not an end user machines, but rather machines hosted in a public environment such as libraries, campuses and other public domains. Is there no IT staff available to monitor these networks?

Generally speaking the case is that the IT department is so understaffed, overworked, and under budgeted they simply don’t have the time or the money to implement the proper equipment which can detect and prevent this from occuring. That is if they have an IT department at all.

Look…We all know how to prevent most of this from occuring. I am by no means saying it will ever stop, because anything that can be secured can be hacked (it’s all a matter of time), but lets atleast try to secure our own computers.

If you would like more information on how you can secure your computer please follow this link to a previous article over best security practices I previously wrote. I hope it helps.

Last seen in 2006 another virus known as “Ransomeware” is trying to extort US $300 from users. The virus apparently encrypts your personal files.

After your files have been encrypted the virus then copies a file named read_me.txt  to the PC. This text file simply contains a ransom note which demands the user buy their software for $300 in order to decrypt the files.

The virus states that it uses a RSA-4096 algorithm with a 4,096-bit key. This is surely just a ply to extort money, but apparently the files do have some sort of encryption.

As well the virus seems to only have a limited shelf life from July 10 to July 15, but knowing the past actions of the hackers that create of these viruses it is likely we will see another variant.

Apparently Kaspersky is working on a decryption scheme to save these files. If you are ever infected by such a variant remember it is vary unlikely that paying the ransom will get the hackers to release your files.

Always keep your virus software up to date and run a frequent full system scan. Backing up your data to a secondary location can save your files as well. 

I previously reported on an incident where an automatic update provided by Symantec for their Norton Antivirus program identified two system files in the Simplified Chinese edition of Windows XP as malware, and quarantined them.

Symantec decided to provide free upgrades of their software to the affected users. Of course I would always be weary of accepting a free software license for a program title which already compromised my system. Symantec did not see it my way though.

Symantec’s upgrade offer was widely criticized by the Chinese press when it was first announced.

As of late Symantec has declared the compensation offer a success, but they declined to identify how many users had accepted their offer. Considering they only offered the compensation for two and a half weeks starting from June 27 .

Symantec has extended its offer for individuals who could not or did not access the upgrade. Of course this offer is on an individual basis. Each incident must be reviewed and approved to extend the upgrade offer.”After this date anyone who missed the registration date should contact Symantec Customer Support or email symantec.authorised.support.cn@clts.com and we will give consideration to extending the date for that individual customer.”

Considering it was their blunder from the beginning I would think they would bend over backwards to satisfy the affected customers. At least thats what I would do.

Does anyone else find it hard to pick up work after vacationing? Having completed a weeks worth of vacation I am back to the grind….well….sort of.

I am using this day to read up on new stories and technologies for new content on the site. Please bare with me while I compose myself and get my head out of the vacation cloud. Of course this is not easily done…

As you can see from the last post we are now taking posted questions to better serve our users. As well I would like to add if there is a new technology or concern you would like for me to address please post a comment to this blog. I would be happy to research and address topics for our users.

After all….It is you the end user for which we create the content.

Has anyone else heard the news of the update provided by Symantec which seemed to cause havoc for the chinese version of Windows?

Apparently on May 18th Symantec authorized and update for one of their programs which it turns out identified two system files as malware and subsequently quarantined them. The issue apparently effected somewhere in the neighborhood of 50,000 Pc’s.

Symantec says this issue seems to be caused by an automated process. Hmmm!

Users who lost data due to Symantec’s faulty update demanded compensation. I cannot say that I blame them.

After at least two lawsuits were filed Symantec saw fit to respond. Symantec decided to offer license extension and product upgrades for the blunder. If it were me…well I would not want to continue use of a program which has already put a halt to productivity and damaged my operating system.

Symantec has been nice enough to have alloted just a couple of weeks for effected users to accept there upgrade offer as well.

I wonder if this will effect their credibility in other regions?

Windows Live One Care is a utility designed by Microsoft to scan your computer for several different issues. Live One care scans your computer for unnecessary temporary files, invalid registry entries, open ports, malware, and even checks your hard drive to see if defragmentation is necessary.

The service is free for ninety days after which time there is a required yearly fee of $49.95 to maintain a subscription. Microsoft has deployed this utility to help users maintain security and functionality of their computers.

If you decide to acquire use of this utility they do require you uninstall any third party virus or firewall applications. If you have already purchased one of these types of applications this can be problematic as you will lose the use of the paid subscription to the third party service.

Overall this utility seemed to work well. Unfortunately there does not seem to be any detailed information as to what the scan has found. When trying to review the registry entries that were flagged as errors I could not locate any detailed information on the entries and what they may relate to.

Microsoft seems to counter this by stating if you have any undesirable effects to use system restore which will reverse any registry changes. This seems to be counter productive.

Before deciding to use this service you may want to read the installation requirements document by clicking here.

Windows live One Care may be a useful utility if you do not own software that already performs these functionalities. To review more detailed information concerning this product you may visit the Windows live One Care web site by clicking here.

Virus protection is a must in todays computing environment. Many people who own virus protection software make mistakes that can allow an infection. Here are a few things to remember when purchasing or configuring virus software.

1. Insure your virus software has complete functionality such as script blocking, Internet worm protection and is compatible with the instant messenger service you currently use.

2. Always insure that your virus protection is configured to receive automatic updates. These updates include virus signatures which allow the program to search for the latest viruses. With out these updates your virus software will not recognize new viruses.

3. A simple way to prevent viruses from obtaining access to your system is to update any Microsoft products that you have installed. Windows and office products are commonly used as ways of entry. Microsoft frequently publishes security updates to prevent these types of entry. These updates can be obtained by visiting www.microsoft.com and using either the Office or Windows update option.

4. Another entry point for viruses is sometimes through Spy ware or Ad ware software. Most virus scanners have implemented Spy ware scanning capabilities, but not all. Be sure your computer is protected against these types of entry.

Note: Some viruses can hide or be backed up to the Windows restore folder in which most virus software cannot scan. Due to the compression on this folder most virus software cannot scan this folder. In these cases please review the recommended actions provided by your virus software support personnel or documents.

It is best to remember even with the best virus software and all Microsoft updates applied it is still possible for you to infected by a virus. New viruses are written constantly, and the writers are always coming up with new ways of infiltration into your system.