Index Page
If you look at the adverts, please come back by clicking the back arrow at the top
| Index Page |
To view the whole site please click on >>
SITE MAP
Next Page - Spyware
|
|
This page may help you avoid those nasty destructive programs
See also Here for Basic Security
If you are suspicious about a particular file and think it might contain a virus you can forward it to http://www.virustotal.com/ for a thorough report
April 2013 A very useful site by a contact who constantly updates information of malware and associated scams. Have a look at http://deletemalware.blogspot.co.uk/
Jan 2013 The February 2013 Shopper magazine tested a number of anti virus programs. Once again the Microsoft product (Security Essentials) was considered a lightweight, although it did much better than most by not reporting 'false positives' (blocking programs that were NOT a threat). Trend Micro appears to have been ultra cautious. Considering ALL aspects Kaspersky (£32) came out top, with ESET(£44) and Bitdefender(£27) doing very well. Even the purchased AVG (£20) did rather badly and not much better that the free Microsoft product. Windows Defender, the Essentials substitute for Windows 8 was not tested.. Kaspersky (£95) was also rated top for business networks in every aspect, as well as being one of the least expensive.
November 2012 Windows 8 will have significant security improvements. Not only will it load Windows Security Essentials by default (it will be called Windows Defender) and load it i early in the boot up process, it will also check EXE files which you try to load. It will check these with a database on the Microsoft site and either allow them, block them or issue a warning
October 2012 As you will realise I have Google advertisements displayed on each page and 'genuine' clicks on these can pay me varying amounts each month. Although I have donated over £4000 to a charity I do keep most of the advertising revenue. So it was a surprise when I had a message which appeared to be from Google referring to 'Unusual Activity'. I should know better than to click on the link in the email which declared that my Google Account had been suspended. If I had looked at where the email originated I should have known it was not from Google. It was with some relief that I realised my account was not suspended but then began to worry whether I had invited in a virus or worse (yes, there are worse). I set the machine to do deep scans with Superantispyware and Malwarebytes. They only showed the usual bunch of tracking cookies. But until I can find out why that spoof was sent I will not relax and have changed various passwords.
27th August 2012. There is reputable information that says that an 'exploit' of Java software (which many computers use) could open up the PCs to malware. They suggest that it is disabled until the Java people come up with a fix (expected shortly). Let me know if you need to find out how. Java is not essential for the running of Windows but enables certain additional features. For instructions on how the disable Java in the various browsers see http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/ Whatever your browser it would surely stop the malware in its tracks if you take all traced of your Add/remove list from Windows XP onwards
Got a virus and can't even start your PC ? Get onto another PC and have a look at the excellent article by Leo Notenboom HERE You will see that you can download several bootable anti virus programs, save them to disk then start (and clean) your machine with them
7th July 2012 IMPORTANT The DNSChanger virus has infected many computers worldwide. This forced them to connect to the internet via a malware server. The effect of this was to redirect the computer to sites which contained things your didn't want to view, such as advertising or worse. The FBI broke up the organisation and set up a temporary server to enable infected computers to continue to access the net. However, this facility will close on the 9th July, resulting in many computers being unable to access the internet, including government departments, especially in the USA and Canada. The full story, with a link to check if your PC is infected can be found at http://www.cbc.ca/news/technology/story/2012/07/06/tech-dns-changer-virus.html I did the suggested check and got a 'green' showing my PC is not infected. If it was there is a link to some software that would get rid of the virus
October 2011 Total cash stolen from bank accounts online fell by 32 per cent over the last twelve months, thanks to new technology. But experts are now warning that these high-tech safeguards are being cracked by old-school con artists using new and supremely camouflaged viruses. And, worryingly, a leading software tester has told This is Money that even internet banking users with top-level security software like McAfee, Norton or Trusteer's own Rapport download, used by 7million bank account holders are at risk.
Scareware scammers are targeting credit card users with a new run of spam emails falsely warning recipients that their plastic has been blocked. The fraudulent emails, which resemble those more commonly seen in phishing or banking Trojan attacks, are fairly detailed and attempt to trick prospective marks into opening an attached file. This file; which supposedly contains information on why a card has been blocked, executes a program that runs silently on users' PCs, downloading a rogue anti-virus package.
Google's virus warning : Google has begun issuing warnings to millions of people that their PC has been infected with a virus. The malicious code pipes browser traffic through sites that promote the scammers' wares which include fake security programs. Those hit by the virus will be warned with a message that will appear at the top of searches carried out via Google. The search firm estimates that more than two million people have been hit by the infection.
There are literally hundreds of items which may legitimately appear in your Startup list (Start, Run, Msconfig, startup tab) but this is where things like viruses and Trojans may hide, so they load each time you start the machine. If you wish to check what they are see http://www.sysinfo.org/ See also http://www.pacs-portal.co.uk/startup_pages/startup_detail_index.htm But I also recommend installing Soluto for a more thorough analysis.
It is imperative that your computer is made secure against these things. See Help8 for more details about Microsoft's free offerings
If you come across a scam/fraud, get as much detail as you can and report it to http://www.actionfraud.org.uk/
I have just removed the most difficult virus I have ever tackled. It was from antivira. The instructions are at http://www.bleepingcomputer.com/virus-removal/remove-antivira-av There are several steps to take, so print and follow the instructions closely. In particular not that when disabling it with the program Rkill I found it necessary to click on it several times, ignoring the warnings the virus continued to send. The reason that I consider it to be the most difficult is that it disabled Safe Mode, stopped every EXE file from running and even prevented boot of the XP disk from the drive, thus preventing an XP repair. The program constantly amends Internet Explorer so that it only visits a proxy site (and this must be altered (see the notes on the site above) although it didn't affect access to the net by Firefox. The total time to remove this virus was around four hours ! Alternative methods for removal can be found at http://deletemalware.blogspot.com/2011/02/how-to-remove-antivira-av-uninstall.html
March 2011. What is Trusteer Rapport and do I need it ? Trusteer is a company which specialises in software to protect banks (and you) from fraud. Many banks in the UK and USA recommend this software and it is even possible that it will have arrived on your PC just because you have done on-line banking. Rapport produces regular reports which may popup on your bottom line stating how many times it has prevented accesses to your PC which might compromise it. Although I look at these reports I fail to understand what they are preventing and am even assured by the report that the listing does not mean that your machine is infected. The software is trying to prevent accesses which might enable a crook to copy your bank details and password. For a further explanation by Trusteer see a discussion HERE
See a run down on the latest free AVG anti virus program HERE However, AVG has a reputation for finding threats that aren't. If you use it it is quite likely to show a tracking cookie called ATDMT, which is difficult to get rid of. Surprisingly there is a site which enables you to prevent your PC from downloading tracking cookies. I have ticked the lot ! See HERE However, the contact who was bothered by the ATDMT spyware warning says it no longer appeared after he changed his browser from Internet Explorer to Firefox
I recently joined a help site http://ask-leo.com Very useful. If you register he will allow you to download a useful PDF on keeping your PC safe on line.
He has a lovely reply to a lady who despairs of her teenage kids infecting her PC with viruses. See http://ask-leo.com/my_computers_infected_with_a_virus_how_do_i_clean_it_up.html? Oh! how I sympathise !
November 2010 Panda (an antivirus company) reports that the following are the top FAKE anti virus programs this year with percentage of infections:
6th September. The latest scareware program is introduced to users by a screen that looks like a normal browser warning (IE, Firefox,Chrome etc) and even mimics Windows Security Essentials warning screen. It suggests that you download a program called Win7 AV to clear the viruses but, in fact, infects you further. Watch out for this clever one.
20th August A friend who had a virus infection writes "After cleaning my PC with AVG and Spybot, I also cleaned with Spyware Terminator, Superantispyware and Malwarebytes (as you recommended) and in that order. Surprisingly Malwarebytes discovered what the others didn't. This illustrstrates that depending on a single virus remover, even one as popular as AVG, is not wise.
1st August 2010. A new method of spreading scareware has been devised. See the F-secure blog at http://www.f-secure.com/weblog/archives/00001997.html before updating your Firefox browser.
Had a phone call (July 29th) saying that I have a problem on my computer. This is a scam, originating from call centres in India but controlled by people in the UK. They try to convince you that you have a virus by suggesting that you look at certain files. They then suggest to the gullible that they pay £90 to download a program (which is actually free) to clear the virus. Once hey have your card details they are home and dry ! This is the second call I have had, so this scam is quite prevelant
There is NO REASON these days to be without virus protection !
http://www.microsoft.com/security/portal/
is the Microsoft centre for research into Malware. It gives great detail
on new threats and methods of removal. Microsoft Adware Removal Tool is
incorporated in later Microsoft programs but is still on the net. Do not
download
Windows Defender, formerly known as Microsoft AntiSpyware, is a software
product from Microsoft to prevent, remove and quarantine spyware in Microsoft
Windows. It is included and enabled by default in Windows Vista and Windows
7, and is available as a free download for Windows XP and Windows Server
2003.
Microsoft Security Essentials provides real-time protection for your
home PC that guards against viruses, spyware, and other malicious software.
It is a free download from Microsoft that is simple to install, easy to use,
and always kept up to date so you can be assured your PC is protected by
the latest technology. It is easy to tell if your PC is secure. When yours
is green, your computer is OK If it is orange you need to click it
and follow the instructions. It runs quietly and efficiently in the background
so that you are free to use your Windows-based PC the way you want without
interruptions or long computer wait times. See
http://www.microsoft.com/Security_Essentials/
Microsoft SpyNet is the network of Windows Defender and Microsoft
Security Essentials users that help determine which programs are classified
as spyware. The signatures created for any submitted programs by the users
of the product are available to all users, displayed as a bar graph that
shows the percentage of people who have allowed, blocked, or removed an item.
This method of spyware classification allows rare, unknown, or new spyware
to be categorized as most people choose to send their data.
A good article discussing the merits of Windows Security is at http://lifehacker.com/5401453/stop-paying-for-windows-security-microsofts-security-tools-are-good-enough. It concludes that you don't need anything else and that includes the Windows own firewall (Advanced mode)
29th June. How good is Microsoft Security Essentials ? Can I get rid of my other anti virus /anti adware programs ? See Bob Rankin's write up at http://askbobrankin.com/microsoft_security_essentials.html
If you installed Microsoft Windows Defender on your PC it will be automatically turned off when you install Security Essentials. So, you might as well delete it
23rd Jun 2010. In a worrying trend Symantec did 30,000 searches using a variety of words and found that around a third of them led to sites which (in their words) were 'compromised'. They had been 'got at' and seemed likely to contain links which led to malware sites. Most of this is done with the intention of infecting you PC with 'scareware' and usually asks you to click something to fix the problem. It doesn't and, when you have got seriously worried they suggest a program that will clear the problem as long as you pay anything between $35 and $75. They get your cash and your credit card details and continue to infect your PC. Ooooh nasty ! Mcafee Site Adviser attempts to check all sites and shows various coloured ticks regarding their relative safety. But Symantec has gone even further with Norton Safe Website Lite and this shows a little shopping trolley which tells you whether they feel the site protects your privacy, whether transactions are safe and whether it has 'annoyances'. Although this program is still in 'beta' (under development) I was impressed. However, please note that neither of these showed up in Google Chrome and I had to download McAfee Site Advisor again specifically for Internet Explorer. Both Site Advisors are free and I would recommend that you get at least one of these.
16th May I had a low threat malware infection on my main PC. The first I have had since limiting my anti malware programs to the new Microsoft one. I believe I got it because I used a program called FaceinHole that granddaughter had used. I noticed that it invited me to accept a program called Mywebsearch. I remember many of the names of malware and Mywebsearch is a Trojan. I carefully unticked the item. But, guess what? it installed anyway. I found it in my Startup and unticked it. But it gets well into the register, so it found its way back. THE CURE : I first ran Ccleaner to get rid of temporary files and cookies. Then I ran Spybot Search and Destroy in Safe Mode (F8 at startup), which found Mywebsearch and some other rubbish it had invited in. But it marked it 'not cleaned' with the hope that it would do it on a restart. No sign in Startup but I then ran Malwarebytes quick scan. This found several entries still in the register which I cleared. I am still not convinced I have got rid of all traces and will check the register and run Superantispyware. If one searches for Faceinhole there is nothing on the net which says it is a baddie. In fact Norton gives it a load of green ticks. Which sums up my feelings about Norton. I am not yet blaming the Microsoft Essentials. I am just suffering from teenagers !
Looking around the web I found that Mywebsearch is associated with SmileyCentral, myfuncards, Mywebfacesetup and a program called Grman00.exe.. I also found an infection by trojan w32dloader. A friend then Recommended using the free Norman scan found at http://www.norman.com/support/support_tools/58732/ Whilst this did not discover any further infection by Mywebsearch it DID find other suspicious items including Driveimage XML, which was recommended by Computer Active. BEWARE free software !
12th May. If your PC wont accept Microsoft updates BEWARE. One reason could be that it is infected by a Rootkit (glos.) virus which can steal important details. Do a thorough check.
22nd March 2010 Twitter users are once again under attack from a phishing scam that attacks the direct messaging service. The new scam sends a direct message to users containing phrases such as "You're on here?" or "you should change ur photo u took here", along with a link to a rogue site. Users are asked to enter their Twitter username and password on the landing page, in a none-too-subtle bid to steal their login details.
1st March 2010 Beware of searching for Security Essentials. Rogue software Security Essentials 2010 will plant malware on your PC, block access to anti malware sites and even charge you for 'clearing' the malware it falsely reports. And if you pay with your credit card it will probably cost you even more !!! Microsoft Security Essentials is what your need. It is free from HERE. I have looked at various reviews and all agree that Microsoft have done well. Get it. I will probably run alongside your existing AV program but you will probably be able to dispense with these entirely.
January 10 BEWARE ! Privacy Center is not Microsoft software. It is a new form of fake anti-malware software (also known as rogue security software) that pretends to help protect your computer, but is really a new form of spyware. It can slow down your computer and damage your files. Most anti-malware products will remove it e.g. Microsoft's security essentials
December 10 Naturally, Microsoft's introduction of an anti virus program was closely followed by virus called Ms-antivirus.net (functionally similar to Ms-antivirus.microsoft.net). People searching for the Microsoft program could easily fall for this and finish up getting the false virus remover, which makes things worse and costs them cash. The author is Antivirus Live Inc. and this sounds as if it is from the same stable as the Scareware mentioned below. Although I have seen instruction how to remove this I would personally first try Malwarbytes and Superantispyware, both good products. See below, April and January 09
October 09 Microsoft has developed its own security protection for XP and Vista users and you can download it here http://www.filehippo.com/download_security_essentials/
October 09 It is getting scary. According to http://blog.trendmicro.com/firefox-addo-spies-on-google-search-results/ what looks like an update for Flash turns out to harbour malware - or at least a program that substitutes its own adverts and tracks your searches.
October 09 Microsoft has released the final version of its free-of-extra-charge anti-malware scanner. The application, Microsoft Security Essentials or MSE (formerly Morro), is designed to provide consumers with basic protection against Trojans, computer viruses, spyware and rootkits. The product lacks the personal firewall, backup and PC tuning features found in OneCare, the paid-for consumer security software discontinued by Microsoft back in June. To get this go to http://www.microsoft.com/Security_essentials/
September 09 Rootkits. One of the most difficult viruses to eliminate is called a Rootkit. For a full explanation (and what to do) see the Bob Rankin page HERE
August 09. Scareware again. A
program called System Security is around. SystemSecurity usually makes its
way onto compromised Windows PCs via fake video codec installations.
Users normally install the bogus code (actually a Trojan horse malware) after
following links in spam emails ostensibly inviting them to view video
clips.
It seems that the problem some people encounter with not being able to run
videos or DVDs persuade them to download free CODECS. These are
infected. But many other searches can lead to malware: The top 10
most dangerous terms to search for in the UK: Screensavers (34%); Bebo (33.3
per cent risk of exposing web users to malware); Friv (22.2 per cent risk);
Hotmail (20 per cent risk) ;Yahoo Mail (20 per cent risk)
In my own experience searching for free Video converters is just as
dangerous ! I have had installers sitting on my PC for ages before
my antivirus program declared them to be malware.
More Scareware
A clone of HomeAntivirus2010 has now been released. The fraud-tool
is named PCAntispyware2010 this time. AntiVirusSystemPro is also scareware
22nd July 09 Google's Engineering Director has promised that Chrome OS will see 'the end of malware'. Wow ! That would really be something. Shame it is not until next year
July 09 I think one of the most serious threats these days comes from an infection of Scareware i.e your PC suddenly starts doing a check for viruses, shows a long list, then suggests you register their program to will cure the problem. As it is difficult to stop this rubbish on your screen you may be tempted to 'register' it for anything between $39 and $79. Apart from making the thieves rich you are probably giving them access to your credit card, which will certainly make them rich ! Not only that the program they sell you will, not doubt, plant other viruses on your machine. I have found that these scareware programs even block access to the first lines of defence - Safe Mode, Msconfig and Restore. They are extremely difficult to get rid of. Each year people fall for these programs, usually called things like antivirus2009 or something similar. Beware ! Let me know. I may be able to help you. If you want the full story of the 2008 version, which emanates from Russia or the Ukraine, click HERE There are 8 pages of it!
There are a couple of Youtube videos on the subject of virus removal, Heavily Asian accented but they seem to help others. See HERE and HERE
6th July Latest update Online games sites hosted the most number of Trojans, followed by Zbot variants W32/Zbot.M and W32/Zbot.V, which climbed to second and third place, respectively. The Zbot malware spreads keylogging and data-siphoning Trojans through e-cards sent via e-mail, directing users to malicious sites. Another commonly used malware redirecting visitors to infected sites was the JS/PackRedir.A, which moved up 36 positions on the list to fifth position, said Fortinet. In a separate release Monday, antivirus company Symantec released an alert warning of another Trojan, Infostealer.Bancos, which attempts to steal passwords after by enticing users to click on infected PDF files. Infostealer.Bancos has most recently been seen in PDF files sent via e-mail messages that purport to reveal Elvis Presley's whereabouts, said Symantec.
26th June 09 One
of the fastest ways to become infected is to do a search of the Internet
and follow the links blindly. Mcafee has summarised the searches that most
commonly led to sites harbouring viruses. Mcafee has a free Site
Advisor, which rates sites (but with some inaccuracies - a suspicious
site can appear and disappear in a day)
But, although there is much talk of 'drive by' infections the most common
method is suggesting you download and run a program. If you do, make sure
you check it with your anti virus program.
26th May 09. After Conficker comes 'Gumblar'. This is caught merely by opening infected websites. The virus then redirects Google Searches to fraudulent websites and also recruits your PC into a Botnet
10th May 09. Trend Micro are saying that Conficker infected PCs will show 'scareware' adverts for Spyware Protect 2009 and displaying warning messages saying that the computer is infected and offering to clean it up for $49.95, Worse than that they will get your credit card details !
28th April 09 Conficker News. The Conficker worm is slowly being activated according to security experts, weeks after being dismissed as a false alarm.Conficker, also known as Downadup or Kido, is quietly turning thousands of PCs into spambots and installing spyware, they claim. We are likely to see an increase in Spam and also 'scareware' (false anti-malware programs). Despite international efforts to thwart Conficker it seems impossible to know whether one's machine is infected, although earlier reports indicated that normal good security measures should prevent this. But it can still spread via USB memory keys. My guess is that the machines most likely to be infected are the millions who run non copyright Windows programs, which includes the majority in China, India and Russia. Perhaps, for the sake of the world internet Microsoft should allow security updates even on such machines ?
8th April 09 While the Conficker virus turned out to be an April Fool joke (nothing appeared to have been triggered on the 1st April) it is probably still resident in millions of computers - hopefully not yours. There are various tests you can carry out to make sure. If your PC has been acting in any peculiar way run one of the free cleanup tools. The Conficker-specific tools are McAfee's Stinger, Eset's Win32/Conficker Worm Removal Tool, Symantec's W32.Downadup Removal Tool, and Sophos' Conficker Cleanup Tool.
In a recent report from Microsoft it was found that spam as a percentage of emails can be as much as 80 or 90%. Whereas this seems high to me I am surprised that virus infection is as low as the quoted figures which were around 8.6 per thousand. In the UK it is lower, at 5.7 per thousand. Brazil and Russia are the most badly affected. In the main, if one keeps up with updates from Microsoft, your anti virus program and things like Acrobat (PDF Reader) you have a good chance of infections being spotted and cleared. 'Scareware', i.e. downloads that try to scare you into buying software to clear what often turns out to be harmless 'tracking cookies' is quite common and a good earner for the perpetrators. Nevertheless, known losses from illegal credit card use and bank account accesses amount to HUNDREDS OF MILLIONS (£) per year but one wonders how much people and banks are prepared to admit - so it could be higher still.
5th April 09 Recently called to a PC that was showing an error message about a missing DLL file. I discovered there was a program of the same name which was ticked to start in the Startup (go Run, Msconfig, Startup). But it also turned out that the machine had an infection with the Vundo Trojan, which can wreak all kinds of mischief on a machine... Blue screens, restarts, turning off the Microsoft Updates and preventing access to your anti virus programs. I used Malwarebytes to clear it and, although it took two hours it found all the four Vundo entries and cleared them. The Restore file was also infected, so I stopped that temporarily to clear it then restarted it. Job done ! FULL MARKS to Malwarebytes.. a free program
30th March 09 Security experts have made a breakthrough in their five-month battle against the Conficker worm, with the discovery that the malware leaves a fingerprint on infected machines which is easy to detect using a variety of off-the-shelf network scanners. But still no-one knows what the affect will be on Wednesday. Personally it will be my day of rest and I would advise others to take time out and watch for TV reports to see if there is havoc in the airways (if the satellites still work)
18th March 09. People know that I am keen on Avast anti Virus program but I did not realise that it could be beefed up (until friend Bert told me how) If you use the program left click on the blue ball on the bottom line. You will see that you can increase the sensitivity of the program. Also, there are numerous programs listed on the left, including Internet Mail. Having clicked on that, click Customise Looking at each tab in turn you will find that you can put a tick in to insert messages in sent mail (to indicate that the mail has been scanned. It will also insert a message in any mail that it considers to be infected. Worth doing.
A new one... I spent a long time getting rid of a supposed anti virus program on someone's laptop. It was called Antivirus 2009, though there was a similar one called Antivirus 2008 and now an Antivirus 2010. Although they list any viruses on your PC and offer to get rid of them for a price, using them only infects your further. The best program for clearing them is the genuine Malwarebytes, which is free. However, with a new twist, the same rogues are managing to redirect you to a fake CNET Download.com page. If you click on many of the links you are correctly redirected but if you click on Download you just get infected further ! See BBC Article on this at http://news.bbc.co.uk/1/hi/technology/7907635.stm And this is not a fake link... HONEST !
25th February 2009. Last night I had an apparent call from a contact using Live Messenger. The message contained a link (blue underlined) which included my Hotmail address. I thought it strange and asked them about it. It seems that their machine had been infected as they had received something similar and had, unwisely, clicked on the link. This then sent the same link to every one of their contacts, so spreading the thing like wildfire! Repeated messages came through to me every few seconds! I told them to go off line and do an anti virus check. This appears to have cleared it.
18th February 2007 Microsoft has admitted that there have been continuing attacks via its Internet Explorer 7 (IE 7) and suggest that everyone who is using it MUST get the latest patches fro http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx choosing the one appropriate to your Operating System (XP/Vista etc). The most recent attack is via a spammed email with a Word (doc) attachment. It is expected that attacks will become more sophisticated and will steal information from PCs
1st February 2009 Ran Superantispyware on my laptop. It found only two problems and one was a simple cookie. However the other mentioned Vundo. It removed this on reboot. But I decided to look up Vundo and it is more than just the usual spyware. More credit to Superantispyware. Worth my contribution.
January 2009 Had a real struggle disinfecting a friend's laptop. It had no anti virus program so was full of malware. Worse than that they had loaded Antivirus 2009, which is a very serious scareware program. As well as pointing out the viruses and demanding cash for their removal it cleverly prevented me from installing all my favourite security software. In the end I found something that could be installed from www.malwarebytes.org. That cleared about 50 malware and enabled me to get on the net, install AVG, Spybot search and Destroy, Hijackthis and Superantispyware. I did thorough checks with each of them and they each found a little bit more. But finally it was clean and running smoothly. But, in all, it must have taken about six hours. The only good thing is that I have made yet one more discovery in how to beat these nasties. Full marks to MalwareBytes. I will send them a contribution. Lastly I was bothered that the laptop would not close down unless I shut down a program called Sample.exe. After going up a blind alley about the Nimda Trojan I discovered that it is loaded in the startup (Msconfig) in the form of zcfgsvc.exe and/or ifrmewrk.exe programs. These are Intel utilities intended to run the wireless function. They are not required (as the Microsoft software does the job) so one can happily untick them by Running Msconfig and looking down the Startup list.
January 15th. F-Secure have said that the latest version of the Worm virus, Downadup (or Conficker), first found in November 2008 is infecting unprotected computers at a rapid rate. This will turn all the infected computers into a large 'Botnet' under the control of the malware authors. The noticeable effect would be a slowing computer as files are downloaded. Both F-secure and Symantec have removal tools.
The Conficker virus has opened a new can of worms for security experts. Drives such as USB sticks infected with the virus trick users into installing the worm. The "Autoplay" function in Vista and early versions of Windows 7 automatically searches for programs on removable drives. However, the virus hijacks this process, masquerading as a folder to be opened. When clicked, the worm installs itself.
If you find a file which you suspect is malware you can submit it to Sunbelt who will test it in an on-line 'sandbox' (secure area of their computers) and let you know the result
Virus writers are getting more sophisticated (and are selling their wares to crooks, who are out for your hard earned cash. Unless we keep ahead of them they are sure to infiltrate onto your computer in one way or another. Guru Bob Rankin has some good advice for you on this subject. See http://askbobrankin.com/how_to_mess_up_your_computer.html
January 09. If you are replacing Norton with another AV product you should uninstall the Norton with their own uninstall program. Make sure you choose the right version
December 08 Facebook's 120 million users are being targeted by a virus designed to get hold of sensitive information like credit card details. 'Koobface' spreads by sending a message to people's inboxes, pretending to be from a Facebook friend. It says "you look funny in this new video" or "you look just awesome in this new video". By clicking on the link provided they're then asked to watch a "secret video by Tom". When users try and play the video they're asked to download the latest version of Adobe Flash Player. If they do, that's when the virus takes hold and attacks the computer. It can then get card details when you order something (a 'keylogger') or has the ability to read Cookies when you have ordered something in the past.
November 08 RSA FraudAction Research Lab reports that a single criminal gang has used a Trojan to gather login information for 300,000 online bank accounts and 250,000 credit card accounts, t. The information was harvested over the last three years using the Sinowal Trojan, which is typically found on gambling or porn sites. The worm triggers when a user visits one of 2,700 banking URLs, and initiates a HTML injection attack that creates legitimate looking fields on the website, prompting the user to enter a national insurance number, or other piece of personal information. "Only rarely do we come across crimeware that has been continually stealing and collecting personal information and payment card data, and compromising bank accounts as far back as 2006. Sinowal has also been evolving at a dramatic pace - its rate of attacks spiked upwards from March through September of this year," the blog adds. The lab claims the Sinowal Trojan was once associated with the infamous Russian Business Network, but may now be under the control of a new gang.
October 08 There is an even greater need these days to be alert to the possibility of viruses and Trojans. In a recent report one security company said "People think not clicking on a pop up or an attachment means they are safe. What people don't realise now is that just visiting an infected website is good enough to infect them." The company said it is co-operating with banks and financial institutions the world over to tell them about Sinowal (the Trojan) It has also passed information about the virus to law enforcement agencies. Keep checking your bank statements closely and report any unusual withdrawals to the bank. One way to check whether a site is reasonably safe is to install the Mcafee Site Advisor. But even this is not 100% They do a Site Advisor Plus (£14.99 per year) which is more thorough. Although they work with Internet Explorer and Firefox (get the add-on), so far it doesn't appear to work with Google Chrome.
August 08. A flurry of e-mails entitled CNN has been arriving. Clicking on ANY of the links to stories in the email will infect your PC with the old Storm virus or one of its derivatives. Your PC will then form part of a massive Botnet and be capable of all kinds of mischief (without you being aware). See next paragraph
August 08 What is a Botnet ? The term "botnet" is short for "robot network" .It is a collection of ordinary home and office computers (like yours) that have been compromised by rogue software. Computers that have been caught up in a botnet have been effectively taken over, and can be used to perform almost any task by the people who control the botnet. Botnets are controlled by criminals and other miscreants whose motives include selling products, operating financial scams and crippling websites through coordinated attacks.
July 08 An unpatched PC is likely to last just four minutes on the internet before been attacked and compromised. The time it takes for a PC to get itself 'owned **'varies by operating system and what activities a user engages in - but even allowing for this, putting an unpatched Windows PC directly onto the net in the hope that it downloads patches faster than it gets exploited give you "odds that you wouldn't bet on in Vegas", warns Lorna Hutcheson, a researcher at the SANS Institute's Internet Storm Centre (ISC). **"Owned" means taken over by another person or robot software that plants software on it so it can be accessed by others or used as a 'zombie' to send spam or viruses to other computers.
Another July 08 report says that, because there is so much competition from selling credit card and bank details on line the price has come down to as little as £5. The criminals selling the information may even give a guarantee (!) that the information is up to date.
June 08 Protecting your computer is not just a nerd's thing. If you don't do it you may be liable for losses. The Banking Code, says banks should provide protection for consumers in cases where their accounts have been misused but also says you must use up-to-date anti-virus and spyware software and a personal firewall... then later if you act without reasonable care, and this causes losses, you may be responsible for them. While the burden of proof's on the bank to prove you didn't act with care... its best to be safe.
In my (humble) view, using a computer with a dialup connection (i.e. not Broadband) is no longer a realistic option. This is because the number and SIZE of the downloads necessary to stay protected is now so great that many people just put it off if they are on a slow connection. One NEEDS a regularly updated anti virus program. Mine updates at least twice a week. You NEED a firewall. The minimum program is the Windows XP firewall. These days you would also be wise to run an anti spyware program . Apart from these one NEEDS to have Windows Updates turned on and there are several other forms of protection offered by individual ISPs. Make no mistake there are criminals out there who are creaming off millions from unsuspecting internet users.
March 08 One of the latest threats to computing come from websites which have been tampered with and which, when clicked on download malicious software to your PC. The sites which do this are known to security software companies. Mozilla, have updated their browser, Firefox so it can detect such sites and prevent surfers from being infected. It is therefore preferable to use Firefox, certainly u
Google reports that 10% of websites are infected with links that, if clicked, could load malware into your PC. See http://news.bbc.co.uk/1/hi/technology/6645895.stm "Drive-by downloads are an increasingly common way to infect a computer or steal sensitive information. They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website " (which may be unknown to the website author). I trust that none of my links (or adverts) lead you to this sort of hassle.
These days I would hesitate to connect to a site which did not have Mcafee Site Advisor approval. It is a great, free ,tool and I would recommend it to everyone. It works well with Internet Explorer but for folks who prefer to 'browse' the net with Firefox they should get the version from http://www.siteadvisor.com/download/ff.html
DrWatson Postmortem Debugger is a generation of the DrWatson tool, originally used by Microsoft to find bugs within their software. Today, this tool plays a major part in the Windows 2000/XP operating systems. It reports bugs to Microsoft if you choose to send the Error. It is NOT a virus, although at one time it did disguise one.
My Avast anti virus program has been reporting
a number of suspicious emails lately, all containing " A Card for you" (or
reporting some disaster) type messages and with EXE attachments. Open
these at your peril.
Norton have sent out a belated warning about it - it started in January and
is called Trojan.Peacomm (also known as the Storm Trojan). If
you fall for it your machine will become a 'Zombie' and be used (with thousands
of others) to spam people with those stupid penny stock boosters.
Well, that is the least it will do. There can be much worse
consequences from having a wooden horse in your camp.
Spyware
and Anti-virus Programs
For the top ten virus threats see
http://www.sophos.com/security/top-10/
One kind friend who seems to suffer more from 'Malware' than most has told me about Prevx1, which cured one of his problems rapidly and at no cost. Prevx1 from http://www.prevx.com/security.asp is a 12Mb download. It will check your machine for any nasties on there and clear them, free. If you find the program effective you are invited to buy it at £14.50. The Prevx site is approved by Mcafee Site Advisor as being safe.
Before developing Windows Security Essentials Microsoft developed their own 'malware' protection program called Windows Live OneCare, which cost dollars. In view of the competition they soon dropped that. I still find it remarkable that it took M'soft 20 years to see the light!
Jan 07 Had a call out from someone whose machine was said to be infected. I found the program Winstall.exe in his startup. Winstall is one of those programs which make exaggerated claims about a computer being infected in order to sell a program such as Drivecleaner. Both Winstall and Drivecleaner are therefore suspect. My Avast AV was unable to clear the memory- resident Winstall on the first run. I unticked it in Startup and rebooted, then re-ran the AV program which then quarantined it. Symantec also reports that it is associated with Spysheriff.com. Here is an example of why people are scared into purchasing this rubbish. It is difficult to know whether this should be classed as a virus, adware, spyware or just a plain scam. Beware.
People who use AVG (Free) are concerned by AVG popups that indicate it will no longer be free in the 2008. Computer Active No 229 (Page 7) clearly states that this is NOT the case. The latest version will still be free but wont have 24 hour support.
Also be warned that if you lose your mobile phone, laptop or Personal Digital Assistant (PDA) you should try to get it back. If it ends up in unclaimed lost property it may be auctioned off complete with all the details necessary for someone to impersonate you. However it is easy to stop calls being made from your mobile phone by getting in touch with your phone provider. It is best if you can give them your serial number.
Guru Fred Langa uses an anti virus program called NOD32, which he rates above Mcafee and Symantec. There is a trial version and then the purchase price is £23 or half that for non profit making organisations and students. See http://www.eset.com/index.php.
According to a study by Sophos, the anti virus company, there was a dramatic reduction in viral email traffic, indicating that malware authors are looking for other methods of infection. The firm warned that, while hackers are turning away from mass-mailing viruses and worms, they are instead turning to "more insidious" Trojan horse targeted attacks aimed at smaller groups of users, spamming out links to malicious websites, and attempting to steal money and identities.The study identified 3,715 new threats in July, bringing the total of malware protected against to 184,007. The majority of the new threats (87 per cent) were Trojan horses, while just 13 per cent were worms or viruses. In fact VNUNET indicated that there was a massive release of phishing e-mail at the beginning of August. Click Here for more detail.
Microsoft releases new software patches on the second Tuesday of every month. If you want to stay safe watch for the yellow marker on the bottom line and , at least, install the recommended updates. Check out this article on how to protect your legacy Windows operating system from future attacks. http://www.netsquirrel.com/articles/securing_win9x.html
Guru Patrick Crispen recommends that, if you continue to use Win 98, you should be sure to have good security protection such as anti virus and firewall. He also adds that, in his view Internet Explorer will continue to be a vulnerable Browser and recommends that you change to Mozilla Firefox.
The Internet Storm Centre at http://isc.incidents.org estimates that an unprotected PC will be infected with a virus within five minutes of connecting to the net ! So, it is vital that a new machine is set up with Anti Virus and Firewall software even before it is connected. Doing a recent count I found I have installed 9 security programs on my PC plus what is provided by Microsoft and NTL. NTL Broadband has a free security suite now.
For lots of information of threats and what you can do about them visit Microsoft's http://safety.live.com/site/en-US/default.htm
N.B. When removing a virus all Windows XP and ME users are told to turn off Restore. Go Start, Help and search on the word Restore and follow the instructions. A good explanation can be found in the www.symantec.com site
Just to keep us on our toes, Kaspersky, that reputable Russian security company (well, retired KGB experts have to find something to do) reports that the lines between Adware, Trojans and Viruses have become blurred and existing Adware blockers are failing users For information about Spyware click Here (next page).
You are advised to download the latest patches for Internet Explorer to prevent hackers from getting access to your computer. Please click on www.microsoft.com/security/
Pav.sig If your antivirus program reports this 'virus' ignore it. It is merely the Panda anti virus program's virus signature list. In my case it must have been downloaded when I used Trendmicro Housecall.
The Kama Sutra, Blackmal, Blackworm, Nyxem
virus (different names, same infection) was said to delete all Word, Excel,
PDF and Powerpoint files. This could be very damaging, especially to
companies. If you suspect that you have this virus get the cleaning
tool from www.symantec.com and follow
the instructions.
A regular threat is a version of the Sober Virus. It comes attached
to an e-mail purporting to be from The FBI or CIA claiming that you are visiting
illegal websites. Just delete it.
A virus hidden inside a pop-up advert that appears on screen without warning. Clicking on the 'close' button to get rid of the advert prompts the virus secretly to install itself on the computer. The bug then waits until the user begins logging on to their Internet bank account, where it tries to steal personal details, such as passwords, before the information reaches the bank. The Web site created to gather the information has now been closed down, but Internet security firm Symantec, which has monitored the virus, is warning that computer users remain at risk. If I saw such a popup screen I would switch off the computer immediately. But if you think you were caught you should change your bank password(s).
Another Trojan exploits WMF (Windows Metafile graphics) which are the ones which Word uses. Opening a Word file with a WMF graphic may result in a Trojan infection. Microsoft subsequently not issued a protective patch for Internet Explorer for this. Other browsers may be affected but, at least, they do ask whether you wish to open a WMF picture.
Microsoft has a suite of programs called One Care Live which it offers on a subscription basis to protect Windows computers See http://beta.windowsonecare.com/ Microsoft has also a new, and very thorough, anti Spyware program. Download it (free) from www.microsoft.com/athome/security/spyware They also can check your XP computer for malicious programs. See http://www.microsoft.com/security/malwareremove/default.mspx#run
There is a particularly thorough external virus checker at http://support.f-secure.com/enu/home/ols.shtml. It is a 6 Mb download, so dialup folk will find it will take quite a while to do. For a useful site to ask questions about viruses and spyware click on : Spyware and Anti-virus Programs
What is a Firewall ?
For a complete description of this essential security element see
http://www.askbobrankin.com/do_i_need_a_firewall.html
Most people know that XP has its own Firewall. Unfortunately it
is not completely effective (doesn't check outgoing calls) and it is advisable
to add another such as Comodo
The other famous free firewall is Zone Alarm from Zonelabs. Lately I have found that their newest version has selectively caused problems with (1) NTL e-mail collection (2) Avast anti virus updates and (3) Google Earth. So I gave it the heave-ho and used Sygate for a while. But I found that Sygate was letting everything through and I have returned to Zone Alarm. The easiest way is to get Zone Alarm is to click on www.computeractive.co.uk/downloads/ A Firewall is a program which tries to warn you and prevent unwanted intrusions but, like a lot of medicines, they can have side effects. At first you will have to tell about each program which you wish to be able to access the Internet. Even Internet Explorer. You may have to set the Security level of Internet access to Medium. I recently found mine had gone up to High and I was unable to access any web site !
For a nice explanation of Zone Alarm click on http://download.zonelabs.com/bin/media/flash/clientTutorial/overview.html Or download the Vista version HERE
** It is very difficult to find a free firewall that will work with Windows 98 and ME
If you have a firewall.... and you SHOULD have... do you know whether it actually stops your computer accessing the internet without your permission. There is a small program called the Leaktest from http://www.grc.com/lt/leaktest.htm that will check this. But your firewall may be doing this outward bound check. Certainly Zone Alarm does. So, if you use Leaktest, the correct result is that your firewall should BLOCK it when it tries to access the net
It really is about time all ISP's woke up to their responsibility to protect their customers from malware. A friend has been seriously inconvenienced in this respect and, after getting a second new machine in under a year, this one has become infected with a Trojan, probably as a result of being inundated with popups shortly after he got on the net. His Norton has said there is no problem but there clearly is and he is now completely off the air. It really is not fair of Tiscali to let him down like this and it is costing him dear in cash and worry. There is no good reason why an ISP should let through 1) viruses 2) Spyware 3) Popups 4) Spam. Mine doesn't and there is no excuse. Once again I suggest that anyone who is bothered by these things despite heeding all the warnings and installing all the requisite protection they should CHANGE THEIR ISP.
Good alternatives to AVG
are Clamwin, Antivir from
www.free-av.com and Avast! from
www.avast.com, which is my favourite.
At one stage the US Government suggested we don't use Internet Explorer (!!!)
to browse the net as it was so full of holes! Alternatives are Opera and
the latest favourite Firefox, free from Mozilla. See the link at the
top of the page on Web surfing. It is the one I use
in preference to Internet Explorer. Unfortunately even these Browsers are
vulnerable.
Lately I have found that people are getting infected
by simply clicking on a website or clicking on a message which has appeared
on their screen. It says click here to do ...(various things).
Whether you click Yes or No you still get infected. My advice
would be to go off line immediately, even if you have to pull the plug out
of the wall or the modem. Keeping your PC clean of viruses is important,
not only for you but for the rest of the Internet system. Your PC
may be among those being hijacked to send the emails and spam! Such PC's
are termed 'zombies'. As well as proliferating the problems the method is
used to prevent the rogues being traced. .
It is now possible for any idiot hacker to get hold of
"Phishing" software, which will 'spoof' you bank's
heading and lead you to click on a link aimed at getting your account details.
So, think before your click links in email messages, even if those email
messages are from friends, family or companies. This is especially true for
links in email messages from Amazon, AOL, eBay, PayPal, your bank, your credit
card company, or any other company you normally do business with. If any
web site, financial company, or commercial entity sends you an email asking
you to click on a hyperlink in that email to update your account information,
DO NOT CLICK ON THAT LINK. This only applies to hyperlinks in email messages
and web pages, not addresses you manually key in to your browser's address
bar. So,to be really safe, if you need to access your account information
at Amazon, AOL, eBay, PayPal, your bank or financial institution, your credit
card company etc and manually enter the address.
Software is also available to view and hear you through your webcam, so be sure you are properly dressed !
SIMPLE SECURITY RULES
:
(1) NEVER download an attachment to an e-mail (even from a know address)
if you are unsure what it is. Infected attachments most commonly end in Pif,
Scr, Exe, Com and lately may be Zip(ped- compressed versions )of these
(2) Keep your email and web browser programs up-to-date; get the latest updates
from Microsoft from
Http://windowsupdate.microsoft.com
.
(3) Get and keep up-to-date an anti virus program.
(4) Install a Firewall program.
(5) Occasionally run an up-to-date anti Spyware program.
(6) If an e-mail says "Pass this warning on", don't bother, it will be a
hoax.
(7) If you are suddenly invited to 'click here', win cash or take an IQ test,
don't. Go off line and get back on again. See below for free
programs that can help.
(8) If you use music file sharing software, expect to get virus
infections.
(9) If you get a spam email then DO NOT CLICK ON ANY LINK in it, even one
which say you can unsubscribe with it. It is possible that the link
will lead to a website which will send you a VIRUS ! This is called
V-SPAM
If you want to know how to avoid viruses look at the following page http://uk.trendmicro-europe.com/ It is also the home of the Housecall free virus checker.
A general site for virus information is www.f-secure.com And PLEASE check with them that the scary message you are forwarding is not a hoax. Many of them are, (see list below). You can also check for hoaxes on www.vmyths.com. See also www.getvirushelp.com/.
Another nice explanation is at http://www.securityfocus.com/columnists/220
What to do if you get a virus infection
Obviously, if you have an anti virus program you should do a full scan. However, no anti virus software is completely effective and many are out of date, so you should also run another anti virus program from the net e.g. http://housecall.trendmicro.com
When I get a request about a problem that I suspect
is a virus I immediately search the Internet for the main word e.g. "Sober"
or "Bagle". Inevitably I am led to helpful 'Forums' or Anti virus companies
that are having to deal with similar problems. If you get problems, such
as regular unwanted pop-ups I suggest that you do a search of the Internet
in this way and look for links to sites that appear to be dealing with the
problem. You may find a simple cleaner : There are a number of small programs
that will clear groups of viruses and there are also tools issued by anti
virus companies to clear specific viruses: see their sites e.g.
For Bugbear get a fix from
http://securityresponse.symantec.com/avcenter/FxBgbear.exe
For a tiny virus cleaner for Bagle, Bugbear, Netsky, Sasser, Bispy,
Zafi, download the remover vcleaner.exe from
www.grisoft.com.
Avast also do an effective free anti virus program.
Network Associates (Mcafee) provide another excellent 750k program
(Stinger) which will check your machine for 30 recent
viruses. Download it from
http://vil.nai.com/vil/stinger.
Windows ME and XP users, when clearing viruses, should temporarily turn off Restore (go Start, Help, and search for Turn off system restore). If you do not do this you are in danger of re-infection and your anti virus software will also continue to report an infection. Turning it off (see XP Help) will clear all previous restore points, so make sure you restore RESTORE after you have cleaned up.
Often the problems are caused by, not one
but, a number of 'foreign' files in the computer and one technique to get
rid of these things invariably involves downloading a program called
Hijackthis from
www.download.com. When run on your
computer this program shows a list of the programs (good and bad) that are
running in the background so a forum expert can advise which are the nasty
ones and how to get rid of them. They usually also advise the running of
the latest versions of programs such as Ad-aware and Spybot and external
virus checkers such as the one offered by Housecall (see above). But the
Hijackthis log will mean very little to the average computer user and has
to be analysed by an expert.
**************
Dialers or Dialers. Recently I have been
called on to disable a number of these programs. It is difficult to know
how they arrive on people's computers but they can have rather unpleasant
results. One of them constantly contacted a pornography site and others have
been know to dial very expensive premium numbers without the knowledge of
the person using the computer. In two cases the person had responded to a
pop-up, which had invited them to take an IQ test. This connected them to
a premium number which remained connected even after the test was completed.
Dialers can cost a great deal of money in phone bills and this is not discovered
until your next bill arrives. I have heard that the IQ test person,
Neils Jalbo in Denmark, is STILL doing it and has recently ripped
off one person for £60. Rogue dialers cannot affect people on Broadband
.
A friend got a virus as a result of downloading an attachment to a very official looking email purporting to be an update from Microsoft. So watch out ! Microsoft NEVER send out updates. You either have to go and beg for them or your machine may be scheduled to automatically update. The symptoms of the virus were an error message about memory problems and a disabled anti virus program (which prompted the memory error at Startup). This was followed by over 90 emails, mainly bounced from non existent addresses and a few which told him he had the virus (Worm Swen A). I cleaned it by downloading www.housecall.antivirus.com then installed an up to date anti virus program and did a second scan.
Msblast is a common worm (virus)
It doesn't affect Windows 95, 98 or ME but can hit Windows XP. It is
not received via email but through a weakness in XP's armour. You are unlikely
to get it if you have a Firewall active or if you have downloaded
the latest XP patches. It is not destructive in that it does not delete
files but may cause your machine to 'boot' over and over again, which makes
it difficult to remove. In order to remove this virus please search your
PC for msblast.exe (usually found in system32 folder) Delete it. Then
Click Start and select Run, Type msconfig & click OK. Select the start-up
tab. Disable msblast. Reboot machine and enable your firewall and
anti-virus software. As an added precaution, perform the next 2 steps: Disable
Client for Microsoft Networks ; Disable File and Printer Sharing. Once you
have done the above, get a Patch from an Anti Virus program supplier such
as
http://securityresponse.symantec.com
If you are unable to get on-line, then the file is small enough to download
from another PC on to a floppy disc, to install on your PC at a later time.
Definitions :
One very silly 'virus', which may show up on your computer is Clickme. This shows as an icon on your desktop which, when clicked, moves to a different place. Not damaging but very annoying and difficult to remove as, like many of these programs, it is working in the background and you cannot remove a file which is in use. It is often necessary to start your machine in "Safe Mode" in order to do anything about it.
Excel and Word macro vulnerabilities discovered ! What's new about that ? ! Microsoft is encouraging users of their Office suite to download patches that will fix a problem discovered in both Word and Excel. Affected Windows versions include: Excel and Word 2000 and 2002, Microsoft Office XP. Get the details and patches from Microsoft.
A friend asked me to speed up his Word program, which had slowed suddenly. Printing took for ever. I didn't suspect a virus as he had PCCillin and Norton on the machine. But they were out of date and a virus is what it turned out to be. I never thought that a virus would just affect one program but it did.
IMPORTANT : To prevent accidental re-infection with a virus you should delete infected mail from your Inbox and your Deleted folder. I suggest the following method. First make sure that your e-mail Display Panel is OFF. Then right click and Delete all suspected emails (with attachments).
When you have cleared a virus always restart
your computer because it is very likely to still be in
memory
***************
HOAXES. Almost as bad as viruses and Spam for blocking
up the system are hoaxes. They almost all have dire warnings and advise
you to pass the message on to everyone you know.
A site which lists Internet hoaxes and myths is www.vmyths.com. They are pleased to receive any hoaxes so that they can track the occurrence of these. You should forward them to HoaxFYI@vmyths.com Also see www.snopes.com
Please don't delete the file Jdbgmgr.exe, even if some e-mail tells you to. It is a HOAX. The file relates to Windows Java Debug Manager. And it is quite normal for the file to show a small teddy bear icon by the side of it. If you have already deleted the file you can get it back by going to the Microsoft knowledgebase article Q322993 for instructions how to restore your system: http://support.microsoft.com/ But your PC wont collapse if you don't. HOWEVER, if you receive an email with an attachment called Jdbgmgr.exe you should not (of course) download it and run it because some crafty soul has confused the whole issue by using it to disguise a virus ! On my XP machine the file Properties shows the genuine one to be dated May 2002 and is 15,120 bytes, though hovering over the file says 14.7k.
Similar is the Sulfnbk.exe hoax. Please note that your computer SHOULD have the program Sulfnbk.exe, which is a Long File name utility (it stands for Set Up Long File Name Backup) So, you should NOT remove it. But, no more panic notes about it please !
Typical Hoax Names
Before circulating these (and blocking up the web) please check with www.snopes.com. Some may be real threats. Most are not.
Backup methods :
For small amounts of data you can still use floppy disks. But with today's hard disk sizes they are getting to be a bit useless.
Other possibilities include
Site Navigation Links :- Please click on SITE
MAP
| Index
Page |
Top of Page | Next
Page |