The Conficker worm (aka Downadup) is a Windows worm that can infect your computer, automatically spreading to other computers across a network. To date, the worm has spread to as many as 10 million machines around the world. The worm has an automated update capability and, once it’s installed on a system, it disables anti-virus and Windows updates and attempts to spread to other PCs.How does it work? The worm spreads in three major ways. The first is through a specific Microsoft vulnerability (dubbed MS08-067). It scans for specific hosts—located on TCP port 445—and attacks them once it finds such a host. It can also spread over USB devices using the AutoRun feature, opening file shares by guessing account names and passwords.

Should you be worried?

If your computer is up-to-date with the latest security updates and antivirus software, you likely don’t have the Conficker worm. In February, Microsoft () announced a collaborative effort—called the Conficker Working Group—between Microsoft, global technology industry leaders, and academics, to implement a coordinated, global response to the threat posed by Conficker.

How can you prevent it?

Installing the patch (MS08-067) and keeping your anti-virus software updated is the best prevention. Also, look at rolling out Microsoft’s new tool to disable the AutoRun feature. If you have an infestation, you may have to resort to rolling out a Conficker removal tool, available for free from Microsoft and all major anti-virus companies, to the hosts using a custom update mechanism. Once you do that, you can update AV and Windows. It’s also a good idea to screen USB devices for signs of carrying the infection.

What is it?

The Conficker worm (aka Downadup) is a Windows worm that can infect your computer, automatically spreading to other computers across a network. To date, the worm has spread to as many as 10 million machines around the world. The worm has an automated update capability and, once it’s installed on a system, it disables anti-virus and Windows updates and attempts to spread to other PCs. How does it work? The worm spreads in three major ways. The first is through a specific Microsoft vulnerability (dubbed MS08-067). It scans for specific hosts—located on TCP port 445—and attacks them once it finds such a host. It can also spread over USB devices using the AutoRun feature, opening file shares by guessing account names and passwords. Should you be worried? If your computer is up-to-date with the latest security updates and antivirus software, you likely don’t have the Conficker worm. In February, Microsoft () announced a collaborative effort—called the Conficker Working Group—between Microsoft, global technology industry leaders, and academics, to implement a coordinated, global response to the threat posed by Conficker. How can you prevent it? Installing the patch (MS08-067) and keeping your anti-virus software updated is the best prevention. Also, look at rolling out Microsoft’s new tool to disable the AutoRun feature. If you have an infestation, you may have to resort to rolling out a Conficker removal tool, available for free from Microsoft and all major anti-virus companies, to the hosts using a custom update mechanism. Once you do that, you can update AV and Windows. It’s also a good idea to screen USB devices for signs of carrying the infection.

Previous versions of Windows often swapped threads around cores, which prevented them from entering lower power states and caused cache thrashing as separate cores raced to grab data processed by others. 

The Windows 7 kernel changes this by improving thread affinity, locking threads to particular cores in order to allow unused CPU cores to enter low power C-states when they’re not in use – called thread parking – providing the CPU and motherboard supports this of course. 

Both Intel’s Nehalem and AMD’s Phenom II processors do support per-core low power states, so power consumption should improve (decrease) dramatically when using single or lightly threaded applications. Moreover, in the case of Intel’s Nehalem based chips, it should also mean good things for Turbo Mode.

Turbo Mode enables the processor to optimise its performance based on the workload – if only one core is being used, the CPU can run at a higher frequency without stepping outside of its power envelope – this is all hardware controlled by the Power Control Unit (PCU) on each processor. Intel admitted that turning off HyperThreading can give a fraction more Turbo Mode in certain, limited situations, because less of the core is in use at anyone time meaning less heat, but the PCU is “global” to each CPU and doesn’t monitor sub-sections within the pipeline, making the performance with HyperThreading on generally better.

2. Please know and understand that “fixing” is the No. 1 cause of computer problems. Spend some time reading and asking questions before any do-it-yourself fix or installation job. Only start when you are sure you know what you’re doing.

3. Turning a computer off and restarting it cures most ills. Before you start calling 1-800 help lines, try this. Simply turn the computer off, let it sit, then turn it on again. If it works fine after you’ve restarted it, don’t worry about what went wrong. (This off/on trick also can restore a lost DSL or cable connection. Turn the modem off, let it sit for a moment and turn it back on.)

4. The Web is a great place to get help — there are sites that can produce fast and amazingly effective answers to most of your computer problems. The Web also is a horrible place to get help — there are sites filled with cures that don’t work. Before you try a tip from the Web, cross-check it by continuing your search. If several reputable sites agree, your chances of avoiding disaster increase.

5. If a car won’t start, a good mechanic will make sure it isn’t out of gas before rebuilding the engine. It’s the same with computers. The most likely cause of a problem is the most obvious. If the computer won’t start, make sure it’s plugged in. If there’s no sound from the speakers, make sure they are turned on. Computers have the innate ability to make fools of us all.

6. Viruses and spyware are real. They’re also often the scapegoat. Sometimes a problem is caused by a virus, but by blaming these guys too early you avoid considering other possible causes of the problem.

7. There’s no shame in admitting that a problem is beyond your technical ability. Sometimes the best tool for fixing a computer is a credit card. Use it at a reputable repair shop when you’re in over your head.

8. There are too many people in the world who call themselves computer experts. That’s often a dangerous illusion. Many of your friends are willing, downright eager, to work on your computer. View their confidence and passion with caution. View your own confidence with the same skepticism.

9. Read the manuals that came with your computer and software. I realize most manuals are not as good as they should be. But they often offer information that will help you avoid problems.

10. Don’t get in a big hurry when things go wrong. A quick fix often makes for a long repair period.

About 40,000 Web sites appear to have been compromised with rogue JavaScript code that redirects Web surfers to a fake Google Analytics site, after which they get passed onto a site that tries to exploit Internet Explorer or Firefox vulnerabilities to infect that PC with malware, according to a Websense researcher quoted by Computerworld. Just for good measure, if the site can’t find a browser vulnerability, it tries to trick the user into downloading a Trojan.

It’s not clear how the sites were compromised, but Computerworld reported the redirect sites are being hosted in the Ukraine, implying that the Russian Business Network is behind the threat.

Yes, I always advise against running more than one real-time anti-malware product, since there can be conflicts. In particular, I wouldn’t use avast! antivirus 4.8 Home Edition and AVG Anti-Virus Free 8.0 together, since they are both traditional signature-based products with real-time protection. But the free edition of MalwareBytes’ Anti-Malware 1.36 is a scan-only product with no real-time protection, which makes it safer as a companion product for either.

Adding behavior-based protection to your traditional signature-based protection naturally increases your coverage. The behavior-based zero-day threat protection in ThreatFire 4.5 is specifically designed to work alongside signature-based products. Panda Cloud Antivirus also includes behavioral detection, and it keeps its intelligence in the cloud, not on your PC. It’s not as fast or powerful as Prevx, another in-the-cloud product, but it’s a free, lightweight addition.

Free Spam Filtering
Wouldn’t you like some good news for a change? Want free money from a long-lost relative in Nigeria? Hope to win a European lottery that you didn’t even enter? Just check your e-mail! Spammers may well have filled it with messages of hope…false hope, that is. Spam about V!agra and Ci@lis is down; spam about money is up—not surprising these days. And, hey, if “your bank” sends an e-mail about some dire account problem that will send you to the poorhouse, don’t click any links. Navigate directly to the bank site yourself. Of course, a decent antispam app could fix that problem, too.

Maybe you’re one of the lucky ones whose ISP or Web-based e-mail provider includes server-level spam filtering as part of the service. But if spam is reaching your inbox you can rely on the free SPAMfighter Standard to keep it out. Like the highly successful commercial products Cloudmark Desktop andiHateSpam, SPAMfighter is a community-based filter. That means it will let through a small amount of spam (less than most other antispam products), but it will never throw a valid personal message into the spam bin. It inserts a small advertising footer in your outgoing messages, but that’s a small price to pay.

Free Firewall
When old-timers fell on hard times, they’d describe their plight by moaning, “The wolf is at the door!” These days we might say, “The hacker is at the port.” If you don’t have some kind of firewall protection, a hacker or network-based worm could waltz right in through an open port and take control of your computer. Certainly, if you have no other protection, you should make sure the Windows Firewall in XP or Vista is turned on.

Free third-party personal firewalls ZoneAlarm 8.0 and Comodo Firewall Pro 3.0 do more than the built-in, though. Naturally they block hack attacks, masking your computer’s ports so they’re completely invisible from the outside. But they also protect against betrayal from within by limiting which programs are allowed to connect with the Internet. Initially they can be noisy, popping up a flood of queries asking whether this or that program should be allowed access. After a while, the pop-ups diminish. Comodo does automatically configure access for many programs, which may cut down on pop-ups. ZoneAlarm reserves automatic configuration for its paid versions.—Next: Free Parental Control and More >

Anti-Malware

avast! antivirus 4.8 Home Edition

Its virus protection isn’t far behind that of the top antivirus products. It removes spyware nearly as well as the top antispyware, and its resident protection against new infestation is excellent. This is some seriously impressive protection, considering that it’s free for personal use.

AVG Anti-Virus Free 8.0

AVG Anti-Virus Free 8.0′s protection is nearly as good as that of the top for-pay antivirus and antispyware products. Scanning of search links for dangerous pages is an added bonus. And as long as it’s for your personal home use, it’s free!

Malwarebytes’ Anti-Malware 1.36

Malwarebytes’ Anti-Malware does a good job of cleaning up malware, especially those annoying rogue security programs, though it’s not effective against commercial keyloggers or rootkits. And the real-time protection in the extra-cost Pro edition isn’t worth the money. But be sure to add the free edition to your security arsenal.

Panda Cloud Antivirus 0.9 Beta

This lightweight, attractive, free anti-malware tool uses no signatures. All malware detection occurs online. Some snags I hit in testing indicate that Panda still has a little work to do on this beta. But even now it’s effective at protecting a clean system.

ThreatFire 4.5

Your standard signature-based anti-malware utility catches most things that attack your computer. ThreatFire offers supplemental protection against zero-day attacks that are too new to have a signature. It’s a fine, free addition to your security arsenal—I use it myself.

Antispam

SPAMfighter Standard

If you need free spam filtering and don’t mind having an advertising footer added to all your outgoing messages, this is a great solution. It’s nearly as effective as the best community-based filters. If you need the features of the $29 Pro edition, though, I’d suggest looking at iHateSpam ($19.95) or Cloudmark Desktop($39.95) instead.

Firewall

Comodo Firewall Pro 3.0
 
Comodo Firewall Pro 3.0 aces all the basic personal firewall tasks. Its Defense+ module protects critical system areas. Yes, Defense+ flags both good and bad programs, but Installation mode can cut down the hassle factor. Best of all, it’s totally free for personal or professional use.

ZoneAlarm 8.0

ZoneAlarm 8.0 offers effective basic personal firewall protection at a fantastic price—free! But if you want advanced features like automatic program control configuration, exploit prevention, or behavior-based operating-system protection, you’ll have to upgrade to the paid version.

Parental

K9 Web Protection 4.0

This parental-control utility lacks many features found in the competition, most notably the ability to define different settings for different users. But what it does, it does well. If you can live within its limitations it’s a good, free choice.

OnlineFamily.Norton

This free Web-based product has everything you’d expect in a parental-control system, and more. It blocks bad sites, controls time on the computer, supervises chat, and even watches social network use on all your PCs and Macs. Settings are stored in the cloud, making remote configuration and reporting simple.

Password Management

LastPass 1.50
 
LastPass is a free, feature-rich password manager and Web form filler. It has almost every software feature found in any competitor, plus some unique features of its own. Numerous mobility options mean you can use it wherever you are.

Utility

AppRemover 1.5

AppRemover aims to clean up traces of old security products that keep you from installing a new one. It doesn’t support uninstallation of every product and doesn’t successfully clean out all those it does support. Still, give it a try if you’re vexed by “stuck” security. It’s free, it’s lightweight, and it couldn’t hurt.

Its not clear how many sites Gumblar has infected, but security firms seem to agree that it accounts for about 40 percent of all new malware infections right now. According to ScanSafe in just the first two weeks of May over 3,000 Web sites were compromised and spreading the worm. Most sites have been quick to clean up the infections as best they can, but, even if all the infected pages were removed, Gumblar would still have an army of infected PCs (see botnet) to inflict further damage. Already infected PCs could be used to hijack even more Web sites, by searching out logon information for Web servers and uploading their malicious payload. Compromised PCs can also be instructed to installTrojans that steal data and passwords.

The danger posed by Gumblar is so great that ScanSafe suggests a full reformat and reinstallation of Windows to clean out an infection. It also suggests changing all of your passwords and usernames after securing your PC.

Detecting an infection is complex, and not fool-proof. According to ScanSafe the best way to find out if your PC has been hijacked by Gumblar is to follow CNET’s well laid out steps: