In an official announcement, Senator The Hon Helen Coonan, Minister for Communications, Information Technology and the Arts, states that the Australian Communications and Media Authority (ACMA) will work with five participating ISPs to help eliminate networks of infected computers used for malicious purposes, such as sending vast quantities of spam.

The plan is for ACMA to inform the ISPs of any zombie (infected) computers on their network. The notified ISP will in turn notify the owner of the infected PC and work with them to clean their computer.

“Computer owners are often unaware that their computers are being controlled by others and used for malicious purposes,” the Minister said. More concerning is that these Zombies can then be ‘collected’ in their thousands by hackers to form ‘botnets’ – which can then be used to launch large scale attacks or release huge amounts of spam. “The risks from zombie computers and botnets was highlighted by the arrest in the US last week of a hacker who had assembled a network of up to 400,000 computers which was then on sold to hackers and spammers,” Senator Coonan said. Government Acts to Zap Zombies — Sen. The Hon. Helen Coonan

Good to see that there’s actually some effort being put into a reasonably realistic (albeit difficult) solution. However, the biggest hurdle is always actually helping those who know little about their computers to remove the offending malware. That’s the hard bit.

Whether it works in practice is yet to be seen, but if it cuts out only 10% of useless traffic it might just be worthwhile.

Blessings, Steve

References

• Government Acts to Zap Zombies (Media Release 125/05), Department of Communications, Information Technology and the Arts, 7 November 2005

[Listening to Cartoon, Ovine/Bovine — Cow ]

I turned on our home computer to find that Windows Update had downloaded a new update. Nothing unusual there. Expected a patch for something. Anything. Just give me some patches…

Anyhoo, it turns out that the new update is called the Malicious Software Removal Tool. After accepting its licence agreement, it installs and… seems to do nothing. Yay for Microsoft.

What the tool actually does is scan your PC for a bunch of nasties, removes any it finds and then removes itself from your system. The parasites it removes are as follows:

• Berbew — steals passwords
• Blaster, DoomJuice, Zindos — try to kill Microsoft websites
• Gaobot (Agobot) — tries to kill your antivirus program
• Mydoom — tries to kill your network/internet
• Nachi (Welchia) — tries to kill Blaster but kills your network/internet instead
• Sasser — slows down your system

The tool is also able to be run online from the Microsoft site if you’re not sure it ran, or if you’d like to run it again. Please note that it will probably only run when using Internet Explorer.

The list of parasites it removes is very limited, but I guess it’s a start.

Blessings, Steve

FYI, The update was released on the 11th of January, but we’re still on a dialup connection at home, so we’re a bit behind…

[Listening to James Brown, Star Time — Papa's Got A Brand New Bag]

Nearly everyone who buys a new PC these days gets at least some free trial of a popular antivirus program, whether it be Norton AntiVirus, McAfee’s VirusScan or any other software in existence. The supplied program is invariably installed when the computer is first set up and everything is well and good. A year passes, the user’s annual subscription to the software’s updates has expired, and the software is left impotent against newer and more virulent threats. Unfortunately, this is the state in which the software remains for the term of its (un)natural life. The program is left to rot in a state of limbo, only mildly less useless than having no protection at all.

Unfortunately, most users only realise that their antivirus software is not working when their computer is infected and has become a tool of the evil one.

Gah! I think I already have a virus

Don’t Panic! Go and visit Trend Micro for a free online scan, or download the free avast! Virus Cleaner to check your computer for viruses. One of these emergency measures should clean up most viruses from your PC.

If you’re still having problems, it may be that you have spyware/malware on your PC rather than a virus. In this case, go and download Ad-Aware and SpyBot (install them, update and scan) to catch most nasties.

If you’re still having grief, try the SpywareInfo forums for some expert advice.

What was that about software recommendations?

OK, down to the software.

Pretty much all the reviews I’ve seen lately have rated Trend Micro PC-cillin Internet Security as being the best all-round antivirus package currently on the market. This is commercial software that currently sells online from Trend Micro for $89.95 (AUD), and includes. Like all other commercial antivirus software, make sure you allow for the cost of an annual subscription after the first year.

For those who can’t afford this kind of money, a good alternative is avast! 4 Home Edition, a well-regarded antivirus solution that’s free for home (non-commercial) users. In case you’re thinking this is too good to be true, their software updates are free too! Grisoft have a similar solution with their AVG Anti-Virus Free Edition.

Note: When installing avast! 4 Home, you are required to enter a free registration for the software. Currently, registrations need to be re-entered after 14 months. Read more about avast 4 Home free registration.

Please be aware that NO antivirus solution will stop every virus — they’re all trying to hit a moving target. Antivirus programs are also not very good at detecting other kinds of nasties, such as spyware, adware, trojans and other forms of computer parasite.

I’ll be posting further on these other nasties in the future.

Blessings, Steve

[Listening to Dave Matthews Band, Listener Supported (Disc 2) — Two Step]