April 2009

Service Pack 2 is here! Well, Service Pack 2 for Microsoft Office 2007 is here; Service Pack 2 for Windows Vista is on its way. Service packs are large updates that roll together all the little updates that have been released before them, and usually include added security and functionality. You can download Microsoft Office 2007 Service Pack 2 here. Microsoft Windows Vista Service Pack 2 should be available for download soon, hopefully early May, here.

Most wireless routers that you can pick up in a store do not have any wireless security features enabled by default. If you just plug it in and start using it, you are providing anyone within range not only with free Internet access but also access to any computers in your house that are connected to your Internet connection, wired or wireless. Unfortunately wireless security is far from a simple task to anyone not familiar with the inner workings of a router. PC Magazine’s @Work blog has some ideas on what you can do to secure your wireless network here and here. Think of it as leaving your front door open for anyone to wander in: not only can they just walk in the front door, but they can then access any room in the house.

AVG is now providing its LinkScanner product free to download. LinkScanner will scan web pages as you surf and warn you if a page you visit is trying to install malware or is compromised in some way. It’s a good idea to use it, considering that the web is the most popular way to deliver malware these days. You can read a quick overview of the product here and download it at http://linkscanner.avg.com. There is free support available from AVG at http://freeforum.avg.com.

This article is from the April edition of our business newsletter, with some updated content:

Do you work on multiple computers (home, office, maybe even a laptop too)? How do you keep your files synchronized across all those machines? There are several options for working on multiple machines: you can remotely access your office machine, you can remotely access your office network , or you can use an online service to synchronize files on all the machines you use. The first option, remotely accessing your office machine, is the simplest. Your files reside in only one place (which is hopefully being backed up) and you want to access that machine when you’re not in the office. This can be done through remote control software such as LogMeIn or GoToMyPC. Both companies offer paid versions that allow you to move files between computers, and print files from your remote machine to the printer connected to the machine that you are sitting at. LogMeIn also offers a free version that doesn’t include the file transfer or remote printing capabilities. The second option, remotely accessing your office network, is a little more complicated but is a good solution if you share a computer with other people in your office and don’t have an extra machine to remotely control, or don’t want to leave that machine on when you’re out of the office. There are several routers that offer what is called a VPN connection; this essentially lets you connect to the router from anywhere you have an Internet connection and access files as if you were in the office. The third option, synchronizing files between all your machines using an online service, is best for people that have files on several computers that they use on a daily or weekly basis and would like to have access to the correct version of all files without copying to USB drives or emailing copies around. One service in particular, Dropbox, offers 2GB of storage free or 50GB for $99.95 per year and allows you to keep your files updated across as many computers as you use. It also keeps all the old versions of your files (as long as you have storage space) so that you can go back or find deleted files. The only downside to Dropbox is that it only synchronizes a single folder that it creates when it’s installed. Another synchronization service is SpiderOak. It allows you to choose which folders you want synchronized. It also encrypts the upload and download of data, as well as the data stored on their servers. Both services allow you to share files with friends even if they are not signed up for the service. Which solution you choose depends on what your needs are and how you are currently set up. If you have questions or would like help setting up one of these solutions, feel free to contact us.

It looks like all that updating Conficker did on April 1st and in the past few days had a reason: to push rogue anti-spyware software. According to several security software vendors, Conficker is dropping a program called SpywareProtect2009 on infected machines. The purpose of rogue anti-spyware programs is to scare users into paying for the software to clean up infections that the software itself has downloaded to the machine. Typically these programs will besiege the user with large pop-up windows proclaiming, in big red letters, that the computer is infected with hundreds of pieces of malware. If you receive any of these so-called warnings, don’t click on any of them. Run your security software (Norton, McAfee, Trend Micro, etc) to remove the threat. You can also go to any of the security vendors’ websites to get free removal tools for Conficker or any of the rogue anti-spyware programs. Check out our previous blog posts here for more information on Conficker and how to check for and remove it.

In an earlier post I mentioned how people are wondering if their files will transfer to Mac from an existing Windows machine. In that post I talked about running Windows on a Mac if you needed access to a Windows-only program. PC Magazine has a great article on the different methods to accomplish this, if you are comfortable doing it yourself. You can read the article here.

It’s been in the news recently, and we’ve talked about it here in previous posts and newsletters. The Conficker worm came to life yesterday according to TrendLabs, Trend Micro’s blog. It apparently downloads a file from other infected machines via P2P, similar to how file and music sharing services like Limewire work. From the TrendLabs blog:

Trend now detects this new Conficker variant as WORM_DOWNAD.E. Some interesting things (well at least in our perspective) found are:

1. (Un)Trigger Date – May 3, 2009, it will stop running
2. Runs in random file name and random service name
3. Deletes this dropped component afterwards
4. Propagates via MS08-067 to external IPs if Internet is available, if no connections, uses local IPs
5. Opens port 5114 and serve as HTTP server, by broadcasting via SSDP request
6. Connects to the following sites:
   • Myspace.com
   • msn.com
   • ebay.com
   • cnn.com
   • aol.com

It also does not leave a trace of itself in the host machine. It runs and deletes all traces, no files, no registries etc.

A particularly nefarious piece of malware has been in the news a lot lately: Conficker. Also known as Downadup and the April Fools worm, it is very sneaky and difficult to detect. Fortunately, because of its popularity, there has been a lot of research done to figure out ways to stop it from spreading and to remove it from machines that have been infected. The easiest way to determine if you have been infected with Conficker is to use the Conficker eye chart (available here). Part of Conficker’s programming is to block access to well-known security software vendors’ websites, such as Symantec and Trend Micro. The “eye chart” has a legend that explains what you should see if you don’t have Conficker, and also what you see if you do have Conficker. If the chart appears normal, then you most likely haven’t been infected; if there are some images missing, then you probably have Conficker. Don’t panic though, it can be fixed. You can access a list of steps to remove Conficker here, or you can give us a call. Even if you don’t have Conficker, make sure you have the latest version of your preferred security software and that it’s up-to-date. We recommend Norton Internet Security 2009 (available here).

Do you backup? Should you? Backing up ensures that your information is not affected should anything happen to your computer’s hard drive. It can be as simple as copying your files to an external hard drive once a month, or you could use an online backup service that automatically backs up changed and new files every night. Let’s put it this way: If something were to happen to your computer and you lost everything on it, what files would you absolutely have to have? Professional data recovery services usually start around $1,200 and increase exponentially based on the size of your hard drive. What information on your computer would you be willing to pay that much to get back? Read the rest of this entry »

The email problems that some Comcast customers experienced this past weekend were apparently caused by power problems in its data center, a giant warehouse of servers. Apparently they also had to restore several email databases, which is why the outage lasted so long. The Comcast blog post is here.

A lot of people have been considering Apple for a new or replacement computer. The most common question is "Will my files transfer?". The answer, in almost all cases, is yes. Pictures, music, Word and Excel files, and even email can usually be transferred without problems. If you are worried about specific programs, you can always check the manufacturer’s website to see if they have a version for Apple. In some cases, mostly where you’re working from home, you may need access to a Windows-only program such as Internet Explorer. In that situation, it’s ok, you can still switch; we can install a copy of Windows on the Mac so that you have access to any Windows programs you need (it’s difficult to explain, but you can actually use Windows and Apple software simultaneously on a Mac). Just don’t forget that you will need to think about security software for your new Mac at some point. Luckily it’s not at the same level as Windows machines, but it’s moving in that direction. And of course we can still help you with your Mac if you have trouble.

Comcast email servers experienced some technical problems this weekend, resulting in its email service being down for better part of Saturday, or the entire weekend, depending on what part of the Northeast you are in. It appears to be working again now, but if you were without email for the weekend, you can sound off on Comcast’s Twitter page at comcastcares.

So April 1st is here, and the end of the world has not been brought about by the Conficker worm… as far as we know. However, Conficker is still around, and if you are not sure whether or not you have it, it’s better to be safe. PC Magazine has put together a checklist of steps to make sure your machine is not infected; it’s available here. If you just want to download the scanning and removal tools, you can get them from the Conficker Working Group site here. And make sure you have installed the latest Windows updates and any updates for your security software (you DO have security software right?!?!?).

PS- This is NOT an April Fool’s joke.