Posts tagged ‘Conficker C’
Our Geeks on Call customers often tell us that one of the most difficult decisions they face is the decision whether to “repair” a PC that is giving them problems or simply replace it. This decision has been made more difficult in recent years by the dramatic decline in the price of PC’s. Every day, on their websites and through the mail, the “big box” consumer electronics stores are promoting deals that seem almost too good to be true.
Furthermore, the cost of “repairing” a PC problem, which usually reflects primarily labor, has not declined commensurately, and in fact has risen during this period of price declines for hardware.
People say to me and to our Techs all the time, “I can get a brand new computer for $400, so why would I spend $250 or $300 fixing this ‘older’ one?”
As with any other business decision you face, it is important to gather all of the relevant information that might influence your ultimate choice, and to seek advice from someone who is knowledgeable and whom you trust.
Recently, a customer who is also a good friend contacted me regarding what she referred to as an “older Dell PC” that was taking a long time to boot up and, more recently, had been showing signs of having a virus infection. She wanted to know approximately how much it would cost to repair this PC, and commented that if it was going to be more than $200 or so, she would probably just buy a new computer. She ended her message by asking what I would advise her to do.
Generally I don’t like it very much when I ask someone a question and they respond by asking me a question. In this case, however, that is exactly what needs to happen. Indeed, I sent her a list of quite a few questions, asked her to send the answers back to me, and told her that I would then make an informed and somewhat educated recommendation.
Here are the questions I sent to her. For the most part, they are applicable to just about any such “repair or replace” decision:
- How old is this “older Dell desktop” exactly?
- What operating system is it running? (Windows XP Home Edition, Windows XP Pro, Vista, etc.)
- How much RAM does the computer have? (256 MB, 512 MB, 1,024 MB, etc.)
- What size is the hard drive? (20 GB, 40 GB, 80 GB, etc.)
- How much of that space is free?
- Are there application programs on that desktop that you would have to replace if you bought a new computer? (The most common one is MS Office, which has Word, Excel, Outlook, etc., but you may also use programs such as Photoshop, Adobe Acrobat, QuickBooks, etc.)
- If yes, do you have the original installation CDs for these application programs, with their installation or validation keys? (Especially important for any Microsoft product, like Office, which can be expensive to replace depending on the version you need.)
- You seem to suggest that it was running very slowly and taking a long time to boot up even before it became infected with a virus. Is that correct?
- What exactly makes you think that the computer has contracted a virus?
- Is there or was there a virus protection program on the desktop, and if so, was it regularly updating virus profiles and was it actually running at all times that the computer was connected to the Internet?
- Is this computer used by someone to access email? If so, are they accessing email by going out to their Web-based accounts only (Yahoo, Hotmail, Gmail, etc.,) or are they actually downloading emails using a POP account in an email client such as Outlook or Outlook Express? If the latter, what email client are they using?
- Assuming the computer will at least boot (albeit slowly,) have you tried running a virus scan?
- Have you tried self-help performance enhancers such as disk cleanup, disk defragmenter, deleting temporary files, etc.?
- Do you have a backup of the user data on this PC (documents, pictures, spreadsheets, etc.?) (If you use a USB drive – commonly called a jump drive, flash drive, or thumb drive – to backup these files and you suspect that you may have a virus, do NOT insert that USB drive into any other computer. Viruses can be inadvertently transferred from one computer to another by doing that.)
- Are you happy with the monitor and printer that are connected to this computer, or would you take the opportunity to replace either or both of them if you were to get a new computer?
- Assuming this computer is connected to your home network using a cable that is plugged into a the wall, would it enhance your user experience if the computer had wireless capability so that it could be moved to a different location, including one that is not wired for network attachment.
- And perhaps the most important question of all — Has there been any significant change in the way in which you use this PC since it was first acquired? For example, do you spend much more time on the Internet now, or are you operating a business using the PC whereas you were not before?
The significance of some of these questions to the “repair or replace” decision should be obvious. The point is, there is no right or wrong answer that applies in all cases. Some people just like having the latest and greatest and replace their PC’s every couple of years as they might do with a new car. Others are more resource constrained, and the opportunity to save $150 or $200 or more is significant. For these folks, the older computer was meeting their needs just fine before it started acting up, and they would love to get another year or two out of it.
Whichever camp you are in , it is useful to point out that most people significantly underestimate what it would cost to completely replace a PC, including transferring all user files from the old PC and reinstalling third party programs such as those mentioned in one of the questions above. (For the most part, programs — unlike user data — cannot simply be copied over from the old PC.)
People see those “big box” ads that seem to suggest that you can get a really nice new PC for $400. Well, you can, but all it has on it is the Operating System, and it won’t, of course, have any of your applications (unless you order and pay for those separately when you order the computer). Nor will it have any of your user files, so those will have to be copied and transferred over to the new computer.
Because the “new” PC has been sitting on a warehouse or store shelf for a while, there will need to be updates downloaded and applied to the operating system. Some of the “junk” or promotional software and trial versions that were installed by the manufacturer should probably be removed or at least updated before activation.
Are you prepared to do these things yourself? If not, be sure to factor in the cost of paying a Technician to set up your new PC and perform the data transfer.
It is not a given that repairing your older PC and/or restoring or enhancing its previous level of performance will necessarily cost a lot of money. If a computer is badly infected, that’s one thing. But if it just needs a tuneup and perhaps a memory upgrade, you can get those things taken care of for less than half the cost of a new PC.
My general recommendation is, if the computer is basically sound and just needs a virus removal and/or performance tuneup, then go with that. If it needs a full Operating System reload and some hardware upgrades are needed (such as a larger or additional hard drive or more RAM,) then you might be better off just getting a new one. Each case is unique. There is no right or wrong answer. However, one of our Techs or any computer technologist whom you trust can help you make the decision that is best for you.
Be careful about seeking this advice from someone who actually works in one of the “big box” stores. Remember, the people they work for are ultimately measured on how much new hardware they sell. If I may paraphrase one of my favorite Shakespearean metaphors, “A Geek by any other name may give advice that doesn’t smell all that sweet.”
Call us today 1-800-905-GEEK (4335) or visit us online www.geeksoncall.com
If you have trouble reading this post simply click the link below to be taken to the Geeks On Call website view.
By LOLITA C. BALDOR, Associated Press Writer Lolita C. Baldor, Associated Press Writer
The powerful attack that overwhelmed computers at U.S. and South Korean government agencies for days was even broader than initially realized, also targeting the White House, the Pentagon and the New York Stock Exchange.
Other targets of the attack included the National Security Agency, Homeland Security Department, State Department, the Nasdaq stock market and The Washington Post, according to an early analysis of the malicious software used in the attacks. Many of the organizations appeared to successfully blunt the sustained computer assaults.
The Associated Press obtained the target list from security experts analyzing the attacks. It was not immediately clear who might be responsible or what their motives were. South Korean intelligence officials believe the attacks were carried out by North Korea or pro-Pyongyang forces.
The attack was remarkably successful in limiting public access to victim Web sites, but internal e-mail systems are typically unaffected in such attacks. Some government Web sites — such as the Treasury Department, Federal Trade Commission and Secret Service — were still reporting problems days after the attack started during the July 4 holiday. South Korean Internet sites began experiencing problems Tuesday.
South Korea’s National Intelligence Service, the nation’s principal spy agency, told a group of South Korean lawmakers Wednesday it believes that North Korea or North Korean sympathizers in the South were behind the attacks, according to an aide to one of the lawmakers briefed on the information.
The aide spoke on condition of anonymity, citing the sensitivity of the information. The National Intelligence Service — South Korea’s main spy agency — said it couldn’t immediately confirm the report, but it said it was cooperating with American authorities.
The attacks will be difficult to trace, said Professor Peter Sommer, an expert on cyberterrorism at the London School of Economics. “Even if you are right about the fact of being attacked, initial diagnoses are often wrong,” he said Wednesday.
Amy Kudwa, spokeswoman for the Homeland Security Department, said the agency’s U.S. Computer Emergency Readiness Team issued a notice to federal departments and other partner organizations about the problems and “advised them of steps to take to help mitigate against such attacks.”
New York Stock Exchange spokesman Ray Pellecchia could not confirm the attack, saying the company does not comment on security issues.
Attacks on federal computer networks are common, ranging from nuisance hacking to more serious assaults, sometimes blamed on China. U.S. security officials also worry about cyber attacks from al-Qaida or other terrorists.
This time, two government officials acknowledged that the Treasury and Secret Service sites were brought down, and said the agencies were working with their Internet service provider to resolve the problem. The officials spoke on condition of anonymity because they were not authorized to speak on the matter.
Ben Rushlo, director of Internet technologies at Keynote Systems, said problems with the Transportation Department site began Saturday and continued until Monday, while the FTC site was down Sunday and Monday.
Keynote Systems is a mobile and Web site monitoring company based in San Mateo, Calif. The company publishes data detailing outages on Web sites, including 40 government sites it watches.
According to Rushlo, the Transportation Web site was “100 percent down” for two days, so that no Internet users could get through to it. The FTC site, meanwhile, started to come back online late Sunday, but even on Tuesday Internet users still were unable to get to the site 70 percent of the time.
Web sites of major South Korean government agencies, including the presidential Blue House and the Defense Ministry, and some banking sites were paralyzed Tuesday. An initial investigation found that many personal computers were infected with a virus ordering them to visit major official Web sites in South Korea and the U.S. at the same time, Korea Information Security Agency official Shin Hwa-su said.
Associated Press writers Hyung-Jin Kim in Seoul, South Korea; Andrew Vanacore in New York; and Pan Pylas in London contributed to this report.
Conficker-C Worm Solution / Solution / Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Please see below for a few of those sites. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:
Tomorrow — April 1 — is D-Day for Conficker, as whatever nasty payload it’s packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type — passwords, credit card numbers, etc. — and send that information back to its masters?
No one knows, but we’ll probably find out soon.
Or not. As Slate notes, Conficker is scheduled to go “live” on April 1, but whoever’s controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there’s less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C — the latest bad boy — will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there’s no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.
Conficker’s a nasty little worm that takes serious efforts to bypass your security defenses, but you aren’t without some tools in your arsenal to protect yourself.
Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.
But if Conficker’s already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss — try booting into Safe Mode, which Conficker prevents, to check — you should run a specialized tool to get rid of Conficker.
Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec’s Conficker (aka Downadup) tool, Trend Micro’s Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don’t have Conficker.)
As a final safety note, all users — whether they’re worried about an infection or know for sure they’re clean — are also wise to make a full data backup today.
What won’t work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out.
Yahoo Tech News - Tue Mar 31, 2009
Need More Assistance?
Call 1-800-905-GEEK (4335) Today
Mention Promo Code: APRIL25
and Receive $25.00 Off New Service
A new virus may be set to target computers on April Fool’s Day.