Hidden Danger

November 26, 2008 at 10:39 am | Posted in Computers, Internet, Security, Software | 3 Comments

The computer Virus problem just ain’t what it used to be. Nowadays, you can wander by a celebrity or even apparently legitimate web site and pick up a virus through unpatched media players, like Flash and Quicktime. Not only do you get an unexpected infection without even needing to do anything, the infection may be hidden from you and your security suite.

The issue is what is known as rootkits, viruses that infect hidden areas of your system, outside of the operating environment. They are much trickier to see and remove yet can capture things like your banking information and pass it on.

Woody Leonhard discusses one of the worst, the Sinowal virus that’s evolved into Mebroot.
The issue explained:
http://www.windowssecrets.com/2008/11/20/03-Dont-be-a-victim-of-Sinowal-the-super-Trojan

Tools that might help:
http://windowssecrets.com/2008/11/26/03-Antivirus-tools-try-to-remove-Sinowal-Mebroot/?n=story1

Some key points:
– don’t play in bad neighbourhoods
– Have a free browser plugin to warn you off of sites with a bad history, like:
WOT or SiteAdvisor
– keep your system patched with the latest free updates.
Microsoft update for MS software
Secunia PSI for other programs. (there’s an onlne scanner too but it checks far fewer programs)
Woody suggests you run PSI after you get the routine monthly MS updates.
– check for existing infections with something recommended like
F-Secure’s Blacklight. (download link near the bottom)
About rootkits and Blacklight

Vista is more secure due to it’s oft-complained about User Account Control.
David

3 Comments »

RSS feed for comments on this post. TrackBack URI

  1. This issue has been increasing over time. While keeping your system patched and secured is not difficult, enough people don’t to allow viruses to get on board. The recent Gumblar infection has dramatically increased the number of infected web sites – even many legitimate ones.

    Like

  2. WOT has been selling user data to third parties and is now blocked in Firefox. Their web site mentions nothing about it and their home page is blocked by a pop-up pushing the tool for mobile – even if you’re not on a mobile. Not recommended anymore.

    Like

  3. SiteAdvisor has become a different thing since being bought by McAfee.

    Like


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.
Entries and comments feeds.