Computer Tips -Tech Info

Incidents.org is reporting this as well…

A new Beagle variant is making the rounds. It comes in an almost empty email, as a ZIP attachment containing the worm as an EXE. The attachment name, email subject and sole text content of the email all seem to be male or female surnames. Keep your eyes peeled, especially if your users are reading their mail over webmail, as it seems to take another couple of hours until the AV vendors have their patterns lined up.

   Send article as PDF   

This is related to MS05-054… According to Incidents.org it’s possible that this will not install (user submission of this). They also have a user submitted workaround…

Read the rest of this entry »

The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version of the worm didn’t work fully, but this second one does. It installs a keylogger.

Read the rest of this entry »

Ok, the first two entries thus far, hardware firewalls and software firewalls have been fairly operating system independant. A hardware firewall is best, but if that’s not possible a software firewall will do until you get a hardware firewall setup. This next item is (currently) a must have for Windows users. However, Mac and Linux users may see the day soon when it is an essential part of security for those systems as well. These days I am stunned to see PC’s that don’t have an antivirus program installed.

Read the rest of this entry »

Ok, the last post got a bit long with the hijackthis log, but I wanted to include the whole picture. I put a few comments in, but thought it might be useful to include the notes I took at the time. For starters I leave it unplugged from the network. (There is no network card in this machine.) It’s important when working on an infested PC to leave it isolated so that it can’t continue to spread viruses or spam or whatever it may be doing. Assume if it’s infested with something that it could be spewing out bad stuff. If you must, isolated it and prevent it from routing to the outside world… the safest is usually to leave the cable unplugged for the initial look over.

Read the rest of this entry »

Sunbelt has this warning about yet another fake security site. This one is laid out a bit different than the others we’ve seen in recent days. It’s not quite the same spoof of the Windows Security Center, but it makes use of Microsoft’s security logo. (And it does say Security Center at the top of the page along with “Help protect your pc”.) From sunbelt…

For your block lists:
amaena[dot]com

Read the rest of this entry »

Beta news is reporting that Internet Explorer 7 will use the same Icon for RSS feeds that Firefox currently uses. What’s more they say they’ll continue to work with Mozilla on consistency between the browsers….. All right, I’m going to be watching for the pigs flying next. No, seriously it’s great to see Microsoft warming up and not acting like they want to take over and crush the competition.

Read the rest of this entry »

I had someone call and start by saying she bet me a dollar I’d never heard of this before…. She said she was doing something (adjusting font size?) and all of a sudden everything on her screen went upside down and nothing will bring it back. I’ve actually heard this before, not too long ago and the last time I figured it had to be a key combination (the user said they were trying to do a combination of keys but couldn’t recall what they had hit.)

Read the rest of this entry »

I’m writing this from the laptop. Having run Mandriva 2006 without any real significant bumps for a couple weeks I’ve come to a point where I’m ready to take the plunge on the desktop. The desktop is my primary workstation. The laptop get’s occasional light use and is the one I’m more likely to play with when it comes to possibly losing configuration information or scripts (because I’ve got things copied to the desktop and server.)

Read the rest of this entry »

This is the first in a several part series documenting the cleaning of an infected PC. The only real noteworthy item is that it was a dial-up only connection and was rather infested for that. (On par with some of the broadband connected pc’s I’ve seen. It’s also an interesting counterpoint to the network security series.)

Read the rest of this entry »