COMPUTER SECURITY - Printer Friendly Version

Q - What do I need to know about the April Fool's Virus ( aka Conficker Worm )?
A - What is the name of the virus?

Generally called the April Fool’s Virus or the Conficker Worm.
Trend Micro identifies it as … WORM-DOWNAD.A, WORM_DOWNAD.AD, WORM_DOWNAD.KK ; other variations of this name may be detected as well
Also known as Win32/Conficker.A, KIDO and DOWNADUP.

Warning, before you do anything …

• Windows Updates generally download and install properly but not always.  Sometimes these updates do not work right and can cause minor or major problems for you.
• Windows Updates generally work well with your existing software but not always.  Sometimes your software might not work after installing an update.  Many programmes are only supported to a certain level – for example Windows XP Service Pack 2.  Therefore, you should always check with your Software Vendor and Technical Advisor before updating Windows.
• Business customers may be specifically vulnerable as they usually use a wide variety of software.
• If you are not sure you can deal with the consequences of anything mentioned here - don’t do it.

April Fool’s Virus Summary:

1. Largely preventable if you apply the all of Microsoft’s Critical Security Updates before it strikes you.  Specifically important is the “Vulnerability in Server Service Could Allow Remote Code Execution (958644)”.
2. Infections come from the Internet, infected computers on your network, Removable Media such as a USB Thumb Drive.
3. The infection has not yet caused any damage as I write this but if you have the infection you may be vulnerable to a Hacker running programmes on your computer remotely. 
4. Like all viruses it will have many variations that produce a variety of behaviour – this may go on for months or even years. 
5. Its main goal is to reproduce and propagate through the Internet, your Network or any Removable Device you connect to your computer.
6. There is a Removal Tool that works on ‘known’ variations of the infection.

Trend Micro Users:

• An Updated, Full Scan with Trend Micro should allow you to detect and remove the infection.
• You must install all Microsft Windows Security Updates to keep it from reinfecting

How can I prevent it?

A. Proactive Approach:

• do this first, start with your most important computer

1. Install All Microsoft Security Updates.  Warning: this can cause issues with software that is not compatible with all of the latest Windows Updates. 

However, if you don’t fully update your system it may become infected again and again.

2. Update your anti-virus software and then disconnect the computer from your Router or Modem.  Run a full virus scan on all of your hard drives.  Remove all infections.  Restart your computer and re-run the scan.  You want to ensure that your system finds no infections on the ‘final’ scan.
3. Disable the Auto-Run policy in Windows.  I recommend you ask a professional for help with this step.
4. Do not use any removable drives such as USB Thumb Drives and external hard drives, Digital Cameras and Memory Cards may also be vulnerable.

B. Damage Control:

• for users on infected computers or networks
• prevent the spread of the infection

If you are not sharing files or printers on your network turn off file sharing.  Warning: this will prevent your computer from networking with other computers. I recommend you ask a professional for help with this step.

Signs Your Computer Is Infected?

A. Basic Symptoms:

1. Your Computer is slower than normal to startup or use when fully loaded.  You find it really slow getting email or any time you are connected to the Internet.
2. You are unable to Run, Update or Scan using your Anti-Virus software.
3. You are unable to access or use the Microsoft Windows Update Site ( http://windowsupdate.microsoft.com ).  Many users find they cannot install Microsoft’s Update called the “Malicious Software Removal Tool”. 
4. Your entire Network is slow which will mean Internet Connections are slower.
5. Unable to log onto your computer. 

B. Specific Symptoms:

• there are variations of the infections and so you may have some, none or all of these issues

1. When you insert removable media ( USB Thumb Drive, CD, etc.) you may find an extra “Auto-Play” option that says something like “Open folder to view files, Unpublished” 
2. Important Services are disabled such as BITS, Windows Error Reporting, Windows Security Center, Windows Auto Update Service, etc.  This can be viewed in Control Panel, Administrator’s Tools, Services.
3. Your Anti-Virus detected infections on your Network’s file shares, a Removable Device or any Vulnerable computer on your Network.
4. The infection attempts to make numerous connections on your Computer, Network and the Internet searching for (a) Vulnerable computers (b) Open File Shares (c) Removable Media ( ex. USB Thumb Drive ) (d) Weak Passwords
5. Port 445 has been used by some variations of this infection to propagate.
6. Specific Windows files such as svchost.exe and services.exe are infected.

BASICS - Printer Friendly Version

Q - What do I need to startup my pc?
A - In order to start your computer you will need to plug in the computer’s power cord, your mouse, your keyboard and your monitor.  Once this is done make sure the monitor is plugged in and turned on.  Click the power button on the front of your computer.  After a few seconds you may see some white text on a black screen ( this is the BIOS ).  After a few moments you should see the Windows XP Splash screen which has Windows XP written over a black background.  You will then see the users on the computer, select yours to begin.  Some user account have passwords that must be typed in to go forward.  In some cases, your computer will automatically load to the desktop screen.

Q – How do I connect to the Internet?
A - Once your computer is up you will want to connect to the internet.  This can be very easy or fairly complicated depending on your Internet Service Provider ( ISP ). 
Scenario 1: If you have a functioning router ( see picture ) simply plug a network cable from the router to the back of your computer.  Restart the computer and open Internet Explorer to make sure you are connected on the internet. 
Scenario 2: If you do not have a router but have high speed you are probably subscribed to Cable service ( Rogers ) or ADSL ( Bell , etc. ).  If you have Cable simply follow step 1 above.  If you have ADSL you will need to create a PPOE connection.  In order to create a PPOE connection you will need the username and password from your ISP ( usually Bell ) to connect to the internet.  For example: user = b1xxxxx, password = abc123.  Please follow the steps in Microsoft’s article “How to create a PPPoE connection in Windows XP”:  http://support.microsoft.com/kb/283070/en-us 
Scenario 3: If you have a dial up connection you will need to create a Dial Up Connection.  You will need to have the internet access phone number, username and password.  Please follow the steps in “How To Configure and Use Dial-Up Connections in Windows XP”: http://support.microsoft.com/kb/310410/en-us

Q – Where do I plug in my devices?
A - Please note that your mouse and/or keyboard may have circular ( ps/2 ) or rectangular ( USB ) connectors.  If you have ps/2 mouse or keyboard please remember that the mouse goes into the green port ( it just have am engraved  symbol of a mouse ) and your keyboard goes into the purple port. For the most part, plugging your external devices ( mouse, keyboard, printer, digital camera, etc ) is fairly easy as most can only fit properly into one type of port.  All USB devices connect into thin rectangular ports.

HELP ME INSTALL MY ...

Q – How do I install my USB device ( Digital Camera, iPod, Printer, Scanner, Mouse, Keyboard, etc. )?
A - The key to this task is to install the software BEFORE plugging the device in ( regardless of which USB device you have ).  Often the software will ask you to connect the device during the final phases of the software install.  Once the software has been installed you may need to restart the pc and then plug in the device.  Either way, once the software has been properly installed you should simply plug in your USB, power it on and notice that windows is installing your device.  It may prompt you to “Install Anyway” because the “driver has not been certified by Microsoft”.  If you do not choose to “Install Anyway” the device will not install.  Sometimes you will notice that 2, 3 or more ‘devices’ will be installed by windows.  This is especially true for “All In One” devices.  I recommend you test the USB device once it is successfully installed.  If you turn on your device and finds that the computer does not seem to notice you will need some troubleshooting help.  Some USB devices do need further configuration before they work ( Game pad, Digital Camera, All In One fax, etc ).

Q – How Do I Install My Wireless router
A - Installing a wireless router requires some advanced knowledge or a willingness to learn your way through it.  There are a number of  scenarios to mention:
1. Cable Modem with a standard Router
2. Modem/Router combination device.
3. ADSL Modem with a standard Router
4. Satellite Receiver with a Router
5. Dial Up connection requires a Router that can do dial up ( very rare )
The only scenario that works easily is (1), but only if you have a Cable connection ( Rogers ) and do not need wireless to work.
Step 1: Power off your Cable modem
Step 2. Plug the power cord for your router in.  Turn on the router.
Steps 3: Locate the network cable plugged directly into your modem.  Make sure the network cable is plugged into the Modem and then unplug the other end ( usually plugged into your computer or old router ). 
Step 4: Plug the cable coming out of the Cable modem into the Router in the special port that says ( WAN or sometimes Internet ). 
Step 5: Plug another network cable into one of the free ports on the Router ( they are usually number, ex. 1 to 5 ). 
Step 6: Plug the other end of this network cable directly into your computer.
Step 7: Power on the Cable modem. 
Step 8: Restart your computer.
Step 9: Open Internet Explorer to ensure you are connected on the internet.  To make sure the connection is “live” and not “cached” go to Google.com and do a search on something odd like muffins.
*** The above explanation works with Rogers cable, some Cable Modem ISPs may require further steps ***
If the above steps do not work I recommend you callus so we can help you out.

Q - How Do I install My PCI Card ( video card, network adapter, modem, etc. )?
A - Installing a PCI Card means that you open up your computer.  Only do this if you are comfortable with it and have had some past experience.  Make sure the power plug is unplugged from the back of the computer.  The first thing you need to do is locate your PCI Slots and determine if any are free.  Please refer to this link to see what PCI slots look like: http://en.wikipedia.org/wiki/PCI_slot  .  If you do not have any free PCI Slots you may be able to remove an unused PCI Device.  If you look at the back end of the computer you will see what ports each PCI Device has.  Two phone jacks indicates a modem.  There are a wide variety of PCI Devices but if nothing is plugged into it you are likely not using it.  Normally, you simply unscrew a single screw and pull the old PCI Card out.  PCI Cards only go in one way and make sure you have a small gap on the PCI Card lined up with the same gap on the PCI Port on your computer system board ( Motherboard ).  Once the PCI Card is in place fasten it in with a screw.  Close the computer, plug it in and turn it on.
You will notice that windows will try to install the device when it starts up.  Make sure you have the Driver CD in the computer and allow windows to install it.  Windows should see the driver file on the CD and install the device.  If this does not happen I recommend you call us for help.