The Video

Over the past week, the news feeds have been jumping all over the notion that North Korea carried out a wave of cyber related attacks against the United States and South Korea. These assertions have mainly come from South Korean investigators and have some merit, for some of the perpetrating computers did originate the attacks from within the borders of North Korea.

However, when you look at the details of the attacks, things just don’t ad up to a North Korea lead offensive. First, the state isn’t claiming responsibility. Kim Jong Il’s regime takes great pride at thumbing its nose at the west, and if they were behind these attacks, why would they suddenly change their modus operandi? Second, there’s the fact that computers from over 59 countries have been identified as receiving data from the attack. Something that a single state-lead attack would not like have as part of its plan. The final reason to suspect a North Korea lead attack, is that in these tense times, it would most likely be seen as an active act of aggression against the US and South Korea – something that would require a firm and decisive response.

I’m not sure who is responsible. Even today, reports from Vietnam security analysts are stating that the attacks may have come out of the United Kingdom. If someone in government jumps the gun and decides we need a regime change in North Korea, my fear is that it would greatly destabilize the area. Not in the sense that there would be a shift in power, but rather because North Korea is so impoverished. The humanitarian aide that would be required would be enormous. Furthermore, the drain on South Korea would strain its economy as well.

Last week my laptop started showing symptoms that it was getting sick. Perhaps a mild head cold, I reasoned. I kept trying to watch my recorded episodes of 16 and Pregnant (oh – did I tell you my computer has a built-in TV tuner? It kind of blows my mind), but every three minutes it would freeze.

So I did what any reasonable computer literate person would do: I watched my show in 3 minute increments and then restarted the shit out of my laptop. And this process was repeated about sixteen times before I finally gave up on learning how Ebony was coping with new motherhood.

Luckily for me, my boyfriend actually is a computer. Any time I have a little computer glitch, he’s always able to immediately tell me how to fix it. He uses words like FTP, ip config, and internet. Meanwhile I daydream about puppies. This sums up our relationship pretty accurately.

So this weekend, I brought my computer to him, fully expecting that within 20 minutes it would be back up to speed, all fixed, ready to be inundated with reality tv. While he checked it out, I went and used his extra desktop computer because I hadn’t looked at Twitter in the past three hours.

La la. I sit down and wait for the computer to boot, check Twitter, check my email, and then the computer froze. Of course it did. Trying not to panic or alert my boyfriend to the fact that I was on a compulsive computer-killing rampage, I simply shut down the computer manually and went on my merry way.

Six hours later, after some mediocre Oggi’s pizza and a game of MarioKart, Jason was still trying to diagnose my laptop. And being the ever-reticent and helpful girlfriend that I am, I decided it was time to go to the other room to check Twitter again. And this is where I need to warn you to hold onto your britches, folks.

When the computer desktop loaded, the picture of the two of us that is normally the background had been replaced with a simple black wallpaper and red letters that said: YOUR COMPUTER HAS SPYWARE. And then something about how my kids and wife were all at risk for something-or-other. I don’t know, while I was trying to ponder who my wife was I was distracted and relieved by an automatic screen that popped up to save the day. It immediately started scannig the computer for the spyware and I kicked back and marvelled at how remarkable computers are.

Jason briefly poked his head in the room, and, well, let’s just say that hindsight is a bitch. He sternly told me to GET UP which is pretty admirable considering I had just nonchalantly installed a virus on his computer. Happy weekend!

Both computers still have the sniffles but seem to be making a speedy recovery (FYI – my computer doesn’t have a virus, just a bad Windows update). But in the meantime, it is probably in your best interest not to let me near your computer.

Well, I’ve done what I said I was going to do. I’ve wiped the hard drive of Hubby’s old laptop. The computer became infected with the Win32/Cryptor virus and every malware remover I tried was disabled by said virus. Very frustrating situation.

Thankfully, most of Hubby’s data had been backed up prior to the infection and the one document he really wanted to keep he was able to print before I began my disinfectant procedure. That’s really the key, you know, making sure to have backups of data so that you don’t lose everything when there’s a computer malfunction. Backups save acres of heartache and also prevent the blue smoke of swearwords from arising.

Yesterday was the day of the fateful hard drive wipe. I call it this – wiping the hard drive – but that’s not the technical term for what I did. It’s more accurately described as restoring the system, or reformatting the hard drive. When you wipe the hard drive, that’s about eliminating any potential access to the data by using a program to over-write it.

Before I started, that’s kind of what I thought I would be doing; wiping everything off the computer and reloading the operating system. It used to be that when you bought a computer, you’d get disks with the operating system and other necessary software on them, which you could use to bring your computer back to a functioning state when it went kaflooey. Not so anymore.

We bought this Old Laptop (that’s what we’re calling it now) waaaaaay back in 2006. Instead of operating system disks, we got a square piece of tagboard with the image of a disk on it and some key instructions:

“Your new computer does not require an operating system CD or drivers CDs. Instead, if you ever need to reinstall your software, use one of the following methods.”

One method was to use the System Restore feature found in the Control Panel of the computer. This was one of the things I had tried in order to get rid of Win32/Cryptor, but it didn’t work. On to method two …

… using Dell PC Restore to return the computer to the original state it was in when we bought it. The instructions for Dell PC Restore were in the Owner’s Manual on the computer.

Accessing Dell PC Restore was a bit tricky. Once I turned on the computer, I had to press <Ctrl> <F11> as soon as I saw the blue bar at the top of the screen that said “dell.com”. I flubbed this operation several times and had to keep shutting down the computer and restarting it in order to do it right. Other than timing, I think the secret was that I had to push <Ctrl> first and then <F11>, not both at the same time.

Then, it was a matter of following the instructions on the screen. This included accepting a terms of use agreement. Everything went off without a hitch and I was presented with a fresh, unadulterated system. Wheeeeee!

Once the computer was virus-free, I had to load the anti-virus software I prefer, download Mozilla Firefox, and re-load Microsoft Office. I also downloaded Spybot Search & Destroy and Malwarebytes and ran scans of the computer just to be sure. Yep. The Old Computer is clean as a whistle (and hopefully contains less spit).

If you’re having computer issues, you may want to take a look at my previous two posts on the subject:

Beware of Win32/Cryptor

and

Strategy for Tackling a Computer Infection

And, at the risk of sounding like a broken vinyl record, be sure to make regular backups. I know it’s a pain, but if you make it a habit, you’ll suffer so much less stress when your computer gets infected.

Anti-virus experts at Sophos have warned that the malicious software, or “malware”, is spreading rapidly online, around six times faster than its nearest rival.

In the last week alone, almost half of all malware found on websites was identified as the JSRedir-R Trojan, with a new webpage infected every 4.5 seconds.

JSRedir-R embeds itself within legitimate but poorly secured websites, and loads malicious programs from third-party sites on to a user’s computer without their knowledge. This gives hackers and cybercriminals a “back door” in to the machine and presents them with the opportunity to steal passwords, identity details and financial information.

“No-one should be in any doubt that the web is still the main vector of attack for cybercriminals, and this new threat suggests this situation isn’t going to change anytime soon,” said Graham Cluley, a senior technology consultant at Sophos. “The problem is that too many computer users still think there’s no danger in surfing the web, but with legitimate sites often falling victim to these attacks, it’s time to wake up.

“Hackers won’t stop targeting the web as it’s proving a successful way for them to spread their infections. To combat this, it’s essential to scan every website for malicious code before visiting it.”

Security experts have warned web users to ensure their antivirus software is up to date in order to protect themselves against the malware threat.

JSRedir-R Trojan :
Troj/JSRedir-R is a malicious script likely to have been injected into a defaced web page to load remote malicious content when the page is viewed. Analysis of many defaced sites has shown that many examples of Troj/JSRedi-R are buggy and do not work.

Websites affected with Troj/JSRedir-R may also see detections of Troj/PHPMod-A.

Working copies of Troj/JSRedir-R will redirect users to a Chinese Domain (hosted in Russia) and then via a series of PDF and SWF exploits attempt to install malware detected as Troj/Daonol-Fam.

more information : http://www.sophos.com/security/analyses/viruses-and-spyware/trojjsredirr.html?_log_from=rss

इन दिनों पॉप स्टार माइकल जैक्सन के नाम का एक वायरस लोगों के कम्प्यूटर को करप्ट कर रहा है। समाचार एजेंसी डीपीए के अनुसार जैक्सन के नाम का यह वायरस किसी ई-मेल के जरिए आपके कम्प्यूटर तक पहुंचेगा। उस पर रिमेंबरिंग माइकल जैक्सन संदेश होगा। इस ई-मेल के साथ एक जिप-फाइल होगी, जिसे डाउनलोड करते ही आपका कम्प्यूटर वायरस से संक्रमित हो जाएगा। सोफोज नाम की कम्प्यूटर कंपनी के वरिष्ठ तकनीकी सहयोगी ग्राहम क्यूल के अनुसार यह ई-मेल “सारा माइकलजैक्सन डॉट कॉम” साइट के माघ्यम से आपके कम्प्यूटर तक पहुंच रहा है। आपको बताया जाता है कि इसमें जैक्सन से जुडे फोटो और गानों के वीडियों संलग्न है, लेकिन उन्हें डाउनलोड करते ही आपका कम्प्यूटर खराब होने की स्थिति में पहुंच सकता है।

My older brother just called. His computer has been infected with some sort of malware and he wanted advice on how to get rid of it. I’ve been meaning to write this post for a few weeks, but have been putting it off. Now that the Bro needs help, it’s time to get crackin’.

So, you think you’ve got a computer virus or Trojan horse, or some other malware mucking up your system? (Check out the signs to be sure. Website links that redirect you to “spammy” websites can be one clue.)

While I have found plenty of instructions online for removing specific infections, I have not yet seen a rundown of a mental strategy for dealing with an infection. And, trust me, you will need a mental strategy because computer infections are hair-pulling, f-word-inducing experiences.

The Critical Step

First of all, if you think your computer has an infection, Disconnect It From the Internet!

This piece of advice came from my younger brother, although my older brother said he had done this immediately, as well. The reason you want to do this is so that whatever has gotten into your computer can’t be sending info back to the malware creator (passwords, credit card numbers, etc.) or using your computer as some sort of spam robot (wherein your computer is given instructions to spam everything it comes into contact with). These infections are meant to spread. By disconnecting from the internet, you limit the infection’s ability to cause havoc on other machines.

Decide Whether You Are Able (or Want to) Tackle the Virus

Next, if you do not know anything about the inner workings of a computer, like what the Registry is, or how to find System Restore, or even how to open and run your antivirus program, the best thing you can do is take your computer to an expert, someone who does understand all this stuff, and have him or her fix it for you. You can also choose this option if you do understand computers, but don’t have the time or desire to deal with the infection.

Back Up Your Important Files

If you can, back up any important files on a CD or flash drive. You should be doing this regularly anyway, just in case this sort of thing happens. It will save you from suffering most of the stress of an infection simply to know that you have a backup.

Before loading these files onto a clean computer, you may want to have them tested for the infection because malware can easily hitch a ride onto your files. If you’re having someone disinfect your computer for you, mention that you’d like your backup files checked too.

Plenty of Time & Access to a Second Computer

If you’ve decided to tackle the infection yourself, give yourself a huge chunk of time in which to do the work necessary. I’ve discovered it can take a good half a day. Much of this time will be spent waiting for scans, so have a book on hand or some music to listen to in order to alleviate boredom.

You will also need a second computer, one that has access to the internet. You’ll see why this is handy momentarily.

Run Your Virus Scanner

Using whatever virus scanner you have loaded onto your computer (you do have one, don’t you?), run a scan of the computer. Sometimes, the scanner will be able to catch the infection and disable it. (If it does, yay! You’re done!) Likely, though, the infection is pernicious and your virus scanner won’t be able to handle it. What you want to discover from this scan is the name of the infection. Is it a virus, a Trojan horse, a worm?

Write down the full name of the infection. If it appears to have more than one name, or you can’t quite identify the name, write down whatever info your scanner gives you in relation to the infection.

Look Up Your Infection Online

Here’s where the second computer with internet connection is necessary. Type the name of your infection into your favorite browser and include the word ‘removal’. You will typically get a number of results that walk you through steps to get rid of your infection.

Read several websites before proceeding. You want to get a sense of what others have tried (did it work, or not?), plus you will need instructions that are clear and complete. Likely, you will find a forum discussion thread that has hashed over the infection. Forums can give you hints that other sites might not. If you don’t understand a set of instructions, either ignore them or read other sites for clarity.

Bookmark any sites you think will be useful so that you can refer back to them.

Use Sneakernet

Many of the instructions you’ll find on infection removal will suggest that you download particular programs and run them on the infected computer. Forgo any versions of software that you have to pay for at first. You’ll probably be too frazzled by the infection to analyze these properly. You can always come back to them after trying free malware removal tools. If you decide to use software you need to pay for, ask your tech friends for suggestions.

When downloading malware removal programs, download them on your second computer (the clean one), save them to a CD or flashdrive and then install them from there onto the infected computer. (This is Sneakernet because you can walk the disc or flashdrive across the room to another computer. Thanks to Younger Bro for that term.)

Follow the Instructions

Follow whatever instructions you’ve been given and allow the malware removal software to run complete scans. Be sure to quarantine and/or heal any infections found. Hopefully by the time you are done with this, your computer will be free of its infection. Congratulations! Now, walk away from the computer and give yourself a much-needed break.

Know When to Give Up & Seek Professional Help

If at any point in the process, things don’t seem to be working properly (infections can disable anti-malware programs), or some step in the instructions seems beyond your skill (for example, editing the Registry), stop where you are, write down all the steps you’ve taken thus far (including the full text of any error messages), and contact someone with the technical skill to assist you.

Recovering

There is no reason to stress yourself out over a computer infection. If you’ve already lost information, take a deep breath and think about ways to recover at least some of it.

Did you email an important document to someone? You may have it in your email sent file, or that someone may still have it and can send it back to you. Did you make any backups at all? Even old ones? Did you print anything out?

If you’re still vibrating over lost information, take another deep breath (or several – just don’t hyperventilate) and realize that this is an opportunity to start anew. Most of what you’ve lost probably wasn’t all that important anyway and the infection has just provided you a quick way to clean your computer’s closet, so to speak. Rejoice in the fresh start.

And remember to back up those files!

—————————————————————

A Few Sites to Get You Started

Major Geeks Malware Removal Guide

WikiHow: How to Remove a Virus

Microsoft Window Malicious Software Removal Tool

WikiHow: System Maintenance & Repair links

I have just been advised that a new virus has emerged and, if you open the email – the damage has already been done – it wipes out all the info on your computer. So, read on and don’t take the risk.
Anyone-using Internet mail such as Yahoo, Hotmail, AOL and so on. This information arrived this morning, Direct from both Microsoft and Norton

Please send it to everybody you know who has Access to the Internet.

You may receive an apparently harmless e-mail titled ‘Mail Server Report’
If you open either file, a message will appear on your screen saying: ‘It is too late now, your life is no longer beautiful…’

Subsequently you will LOSE EVERYTHING IN YOUR PC, And the person who sent it to you will gain=2 0access to your Name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the anti virus software’s are not capable of destroying it.

The virus has been created by a hacker who calls himself ‘life owner’.

PLEASE SEND A=2 0COPY OF THIS E-MAIL
TO ALL YOUR FRIENDS, And ask the m to
PASS IT ON IMMEDIATELY!

THIS HAS BEEN CONFIRMED BY SNOPES.

Http://www.snopes.com/computer/virus/mailserver.asp

No new word count for me today. When I sat down at my computer early this morning, I discovered that my automatic scan had picked up a virus, a trojan horse, to be exact. Yay! (read that with dripping sarcasm)

So, my story had to wait while I banished the damn virus from my harddrive, and as I’m kind of ignorant about these things, that took a good few hours.

The good thing is, it reminded me to backup my work. I hadn’t backed up the manuscript for my first book since I had finished it. It would have been terrible to lose everything. I shudder just thinking about it.

I also hadn’t ever done a backup of my new book, and that’s 7,000+ words I don’t want to lose.

So, when I saw that trojan horse in my scan list, the first thing I did was get a thumb drive and transfer the most recent files. I got a virus on my computer a few years ago and had to wipe the whole computer. I did manage to save some of my files that time, but it’s something you don’t want to take a chance on.

I don’t backup my work nearly as often as I should, so this should be a good reminder. And, a precaution, don’t backup work to another folder or drive on the same computer. Get a good thumb drive or a few, and/or an external harddrive and backup to that to make sure it’s safe if anything happens to your computer. Backup to all of them, and date your backups, just in case one something goes wrong with one of your backups too.

When I was in college, I started writing my first novel. I got to about 10 chapters or so, then my really old computer had a fatal error and died. The last time I had backed up my novel was around chapter 6 or 7. I never had the heart to re-write what I had lost and didn’t finish the novel. (It wasn’t very good, but that’s another story.)

What’s your worst computer breakdown story?

Write On and Backup!

I would like to issue a warning for computer virus, UPS/FedEx/DHL Delivery Failure Virus.

DELETE ANY SUSPICIOUS E-MAIL.

http://www.snopes.com/computer/virus/ups.asp

The better part of my Wednesday was spent trying to cure my computer of what appeared to be a virus.  I am one of those dinosaurs that uses McAfee for virus protection and when I tried to scan for said virus, I was informed that McAfee was one of the programs it had infected and that, because it was calling in sick as a result, McAfee could not scan.

So, finally giving up FOR GOOD on McAfee, I uninstalled the program and am now using Avast, which I have heard good things about.

Wow.  Did I seriously just spend that long talking about computer woes?

Yes.  Yes I did.  And that is because there is nothing on the writing front to discuss.  Due to the computer malady, I got nothing done yesterday.  As June rolls to a close, I fear that my Oz story will go unfinished and that July will be spent in a frenzy to finish editing Darklights.

Anyway, I’m going to shut up for now.  Yesterday’s journey through the black hole of computer crap set me slightly behind in work.  So off I go….

Computer Security for Schools and Small Businesses

For a small-to-medium enterprise like a business or library, protection of its computer network is not easy.  Hackers are constantly concocting new ways to infect the network (with viruses and other malware) by way of the web pages that network users visit.  Although the enterprise can choose from an array of tools to protect its network, those tools can be expensive and cumbersome.  No tool or combination of tools is perfect.  Finding the right mix of cost, effectiveness and easy of use is a problem.

To answer this problem, CyberPatrol has developed a smart service for steering network users away from dangerous web sites.  Known as SiteSURV, the service relies on CyberPatrol’s SiteCAT system, which constantly crawls (spiders) the web to assess and categorize web pages.  The service provides two layers of filtering.  One layer examines sites according to their content and purpose, and then blacklists those that appear to be dangerous.  The second layer specifically analyzes files and downloads from each site to ascertain whether they contain signatures for known malware.

I asked Chris Overton, VP of CyberPatrol, to explain these two layers of protection.  First, he highlighted the security achieved just by keeping users away from sites of questionable content:  “Certain types of sites tend to deliver malware more than others.  Along with adult and XXX sites, “parked domains” and “warez” sites are more likely to deliver malware than other site categories.  We know this because files pulled from these sites have a higher percentage of malware infection than files from other sites.  So, we can infer that preventing access to these dangerous site categories will advance the fight against malware infections.  Preventing access to a dangerous site protects against all the malware at that site, regardless of whether anyone has developed signatures to detect any or all of the different malware there.”

Chris further described what SiteCAT does when it crawls a web site:  “SiteCAT’s algorithms analyze a web site based on several factors – content, structure, link count, link references, and so on.  Based on this analysis, our system decides which pages/files to download from that site.  Typically we’ll download the main index page of a site and analyze it; then our algorithms decide how much deeper to dig.  All files we want to analyze are pulled by the crawler and saved into our analysis archive.  Then the files feed into a malware detection engine, which looks for the signatures of malware such as a virus or a worm.  If we detect any malware when we crawl the site, we can blacklist it and prevent all of the malware the site might deliver, even malware that we have not specifically detected.”

In other words, SiteSURV allows an enterprise to adopt a conservative, one-strike-and-your-out approach toward web sites.  If a site either contains suspicious content or manifests one instance of infection, the enterprise can block it entirely.

–Ben Wright, advisor to CyberPatrol

Library, School, Church and Hotel Network Security

Want to avoid viruses, botnets and trojans in workplace computers?  A key strategy is to prevent users from surfing to adult web pages.   According to Chris Overton, VP at Cyberpartol:   ”Pornography sites are one of the major distributors of viruses and other malware.   To quote from the CyberSharks book we’re about to release, ‘Websites offering adult content are the single most significant security threat for Internet users, comprising 31 percent of dangerous websites.  Adult and XXX sites account for the largest percentage of web sites from which viruses are spread.  (Web of Trust, 2008)’  This means that companies can go a long way toward protecting their networks from malware simply by blocking pornographic sites.  SiteSURV can provide this protection.”

–Ben Wright, advisor to Cyberpatrol

Microsoft has released service pack 2 for Windows Vista as a critical update this month.  The update will take about 30 minutes to an hour to install.

So. I feel like a complete idiot. Like my friend MJ said, I got a cyber wedgie. I’d venture a step further and say I got a cyber wedgie by walking up to the bully and saying, “Please, sir, could I have a wedgie? An atomic one? Let me wait here while you gather the tools and the other bullies you’ll need.”

Because it was all my fault.

It turned out fine, however, and all is well. But yesterday, I wasn’t so sure.

I was feeling pretty good about myself, doing my Superior Dance, because despite being very busy, in the last few days I had caught up on all my emails and had tackled Facebook. I hadn’t been on Facebook lately but a couple days ago I was jonesin’ for some status updates from my ridiculously clever friends. So I read all 492 and vowed to keep up with future updates because they really are a bright spot in my day. For instance, if I hadn’t caught up, I wouldn’t have heard stories (yes, multiple) of how my friend Lynda — my adult friend Lynda — gets her underwear on wrong — really wrong. I wouldn’t have known how my friends handled the tornados and other bad weather thrown at them. I wouldn’t have heard how book signings/birthday parties/job searches/trips went. And so on.

Yesterday when I hopped on Facebook, before I read any status updates, I saw I had a message from a friend I had recently corresponded with. She said something like, “This is funny. You’ll like it.” It made perfect sense because we had been talking about something funny, so I clicked on the link … like a dope … and was taken to a sex site. D’oh. I wasn’t worried, though, because I’m on a Mac and use Firefox as my browser which is excellent at blocking unwanted stuff. But I immediately clicked out of the sex site and went back to Facebook, reading status updates.

I didn’t get scared until I saw the multiple messages from this same friend who sent me to the link saying she’d been hacked or virused or otherwise cyberly attacked. That’s when I slammed shut both Facebook and Firefox and started kicking myself in the butt. Not literally, of course, because I’m not that limber.

Then I went downstairs where my poor, beleaguered husband was drinking his coffee and reading the paper.

Here’s how that conversation went….

Me: Um … how bad do you think it is if I clicked on a link I shouldn’t have?
Him: [sigh] What exactly did you do?
Me: [channeling Lucy Ricardo] Waaaaaaaaaaa!

Okay, maybe it didn’t go exactly like that, but that’s how I felt. However, since our business depends on computers working all day, every day, we have a Computer Guy On Retainer so hubbie offered to talk to him when he got to work.

I frantically tried to think of who I might have unwittingly dragged into this mess. I screwed my courage to the sticking place and got back on Facebook, sending a status update to everyone, hoping, unlike me, they’d see it before they got a message from me saying, “This is funny. You’ll like it.” Then I sent an email message to folks who aren’t obsessed with Facebook like I am and might, therefore, miss my frantic ALL CAPS WARNING. Then I called my kids, because, of course, they’ll open anything I send them because they love me and why would mom try to infect them with a computer virus?? Of course, my phone call woke up my daughter so I had to tell her 87 times, “Don’t click any links from me.”

I suspect she didn’t completely process the information till after lunch. “Weird. I had a dream last night where my mom called and told me, ‘Don’t flick any dinks from me.’ Then she said, ‘Don’t lick any minks from me.’ And THEN she said, ‘Don’t pick any sinks from me.’ Even in my dreams she’s weird.”

My kids have heard a million times that they shouldn’t click on any links from someone they don’t know. But now these cyber bullies are figuring out that you will click on links from friends, thus hijacking your ‘friend lists’ and your email addresses. And that’s why my hubbie told me not to feel like an idiot. But I still do.

I’ve always used Macs so I know they’re much safer than PCs in this regard, but I also know that neither Apple nor Steve Jobs can save you from yourself. Our Computer Guy On Retainer has a zillion layers of security on all our vulnerable PCs, but has always told us, “you don’t need to worry about your Macs as long as you don’t click on something you shouldn’t.” D’oh.

But for any of you Mac lovers, this is what he told us ….

“It’s probably ok. Unless she typed in an admin password, nothing could affect the system. There are no viruses for OS X and few trojan horses … so far anyway. Some of the Word Macro viruses are cross platform but are usually nothing more than an annoyance on the Mac.

If you want to check it out, download ClamXAV: http://www.clamxav.com/index.php?page=dl

Clam is an open source anti-virus application. It watches for suspicious activity and can catch Windows viruses in email and on disks even though they are harmless to the Mac.

Running antivirus software can’t hurt generally. If you set Clam’s Folder Sentry in the Preferences to watch the desktop and the Downloads folder it might catch an infected file before it was passed on to an unsuspecting Windows machine.

So far the only real malware for OS X that I’ve heard of is a trojan horse embedded in pirated copies of iWork ‘09 and Adobe CS4 available on some Bit Torrent sites. If one were to download such a thing and run the installer, it would ask for the admin password as usual. But the installer has a nasty zombie net payload that lets the controllers direct and spy on your Mac from afar. Avoiding such things and being aware of what the application is asking when you are prompted for an admin password will protect you from all known threats right now.”

So we installed the Clam software and everything turned up clean, to my extreme relief. At that point, I knew I wouldn’t have any more ‘splainin to do about my dopeyness.

But here’s what I learned, proving again that every horrible experience is yet another chance to get smarter.

• Nasty people that give you cyber wedgies make you feel really bad about yourself.
• When you’re on Facebook, always check status updates first.
• When I send a link I will ALWAYS say something specific about what it is. Like “watch this funny video about when David is all loopy after his dental visit” … or “here’s me at age 8 tap dancing and twirling batons of fire — how did that get on YouTube?!” … or “click here to be sent to a sex site.”
• When I get a link from a friend with cryptic or generic language, I will grill them … “where did you get this … what’s it about … am I in it?” before deciding to view it.
• I will continue to ignore links from people I don’t know.
• And maybe most importantly, taking a day off from your computer is, dare I say, lovely. I might try it every Wednesday. But without the cyber wedgie as a catalyst.

Have you ever received a cyber wedgie? How ’bout a real one?

Service for Blocking Porn and Viruses

SiteSURV is Cyberpatrol’s Internet filtering service for small-to-medium organizations, like businesses.  Using a technology called SiteCAT, it filters web sites by inspecting (also known as crawling or spidering) their content and categorizing them according to their apparent purpose.  Categories include malware, pornography, drugs and so on.  User organizations can choose to filter selected categories.

I asked Cyberpatrol VP Chris Overton to discuss how SiteSURV stacks up for user organizations in terms of efficiency, effectiveness and resource requirements.  Chris said:

“Since SiteSURV is a completely in-the-cloud product, it takes up no system resources on the computers it’s protecting.  The only caveat to this is that customers with a dynamic external IP must run our Dynamic IP tool on a single computer behind their access point.

“As far as bandwidth, all the filtering decisions happen at our SiteSURV server, so we’re not using any more of the user’s bandwidth than they’d already be using to browse the web.

“The setup for SiteSURV is very simple, but our online configuration portal gives users the ability to tailor their protection to their needs.  Users that want a set-and-forget product can leave the default settings in place.  Users that want more control can adjust the filtering to their specific needs.

“Filtering the web is hard work because the web is so big and ever-changing.  Our SiteCAT technology holds many advantages over its competitors.  Notably, the categorization results from one user get applied to other users.  For example, if one user of our system tries to browse to a site that SiteCAT has never seen or analyzed, the SiteCAT crawler immediately starts analysis of that site.  The results support all users of our SiteCAT system.  This means that we’re able to find new sites somewhat faster than other systems that rely purely on spidering the web.”

–Ben Wright, advisor to Cyberpatrol

Hubby’s laptop was recently infected with a computer virus. The virus disrupted the computer’s browsers (Mozilla Firefox & Internet Explorer), causing any search links that were returned from Google to be redirected to spammy websites when they were selected. The only way Hubby could get to a website he wanted was to type the URL in the address bar at the top.

Another feature of the virus was that it had disabled most of the anti-virus/anti-spyware software we had installed. (I know, I know. The techies in the audience are saying, “But you’re not supposed to have more than one type of anti-virus software on your computer at a time. They fight with each other.” The programs on the laptop were ones installed as part of a process to clean up a previous virus, a process that is outlined in a Malware Removal Guide from Major Geeks.)

An AVG Free virus scan identified the virus as Win32/Cryptor. While we were able to scan with AVG and remove some instances of the virus, the program could not remove all of the infection.

As I made my way through the Major Geeks’ Malware Removal Guide, I discovered that no matter what I did to clear the infection, Win32/Cryptor managed to disable every anti-virus program I tried. When I did a little research on Win32/Cryptor, I found out that this was one of the features of the virus and that whoever was behind it managed to keep changing the virus so that it would overcome any attempts to beat it. An evolving computer virus. How nice.

In the end, Hubby and I decided to purchase a new laptop. The virus was only part of the reason for our decision. His laptop had seen daily use for three years. The battery was worn out; the buttons under the finger pad were no longer working; and we couldn’t keep the power cord plugged into the back of the machine.

I’m sure there is some way to lick Win32/Cryptor, some program out there designed to kill it. In the meantime, I’ve always wanted to try wiping the harddrive of a computer. Now I have my chance.

Keep on top of those virus scans, people! (You, too, Hubby!)