Total protection of PC
Hello friends. I am here to discuss about some solutions for total protection of PC.Recently, i visited one of my friend's house and checked out his computer.When i started his PC, it loaded really fast and i was feeling very comfortable working on it. I asked him how his PC had such good performance.He said that it was due to the new software that he has loaded on his PC.The product was Uniblue's Power Suite which consisted of Registry Booster,Speed up my PC and Driver Scanner,all combined into one package.He also told me that along with it he had bought Uniblue's Spy Eraser 2.With these two packages,he told me that his PC was performing at it's peak.'Another advantage of buying product from Uniblue' -he said 'is that Uniblue is a Gold Certified Partner with Microsoft'.
So, i have also decided to give this product a try.
But, I would like all you friends who will be reading this post to comment on this if this product is a good choice or if there are other better alternatives.
I will be waiting for comments.
With best Regards,
Virusfreeworld.
Posted by virusfreeworld at 12:45 PM 0 comments
A big threat nowadays,the storm worm virus
Saturday, September 6, 2008
This is a piece of information i have got from http://en.wikipedia.org/wiki/Storm_Worm.
The Storm Worm (dubbed so by the Finnish company F-Secure) is a backdoor[1][2] Trojan horse that affects computers using Microsoft operating systems,[3][4][5] discovered on January 17, 2007.[3] The worm is also known as:
Small.dam or Trojan-Downloader.Win32.Small.dam (F-Secure)
CME-711 (MITRE)
W32/Nuwar@MM and Downloader-BAI (specific variant) (McAfee)
Troj/Dorf and Mal/Dorf (Sophos)
Trojan.DL.Tibs.Gen!Pac13[3]
Trojan.Downloader-647
Trojan.Peacomm (Symantec)
TROJ_SMALL.EDW (Trend Micro)
Win32/Nuwar (ESET)
Win32/Nuwar.N@MM!CME-711 (Windows Live OneCare)
W32/Zhelatin (F-Secure and Kaspersky)
Trojan.Peed, Trojan.Tibs (BitDefender)
The Storm Worm began infecting thousands of (mostly private) computers in Europe and the United States on Friday, January 19, 2007, using an e-mail message with a subject line about a recent weather disaster, "230 dead as storm batters Europe".[6] During the weekend there were six subsequent waves of the attack.[7] As of January 22, 2007, the Storm Worm accounted for 8% of all infections globally.[8]
Contents
1 Ways of action
1.1 Botnetting
1.2 Rootkit
1.3 April Fool's Day
2 Feedback
3 Notes
4 External links
Ways of action
"During our tests we saw an infected machine sending a burst of almost 1,800 emails in a five-minute period and then it just stopped." Amado Hidalgo, a researcher with Symantec's security response group.[9]
Originally propagated in messages about European windstorm Kyrill, the Storm Worm has been seen in the wild also in emails with the following subjects:[10]
A killer at 11, he's free at 21 and kill again!
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
British Muslims Genocide
Naked teens attack home director.
230 dead as storm batters Europe.
Re: Your text
Radical Muslim drinking enemies's blood.
Chinese/Russian missile shot down Chinese/Russian satellite/aircraft
Saddam Hussein safe and sound!
Saddam Hussein alive!
Venezuelan leader: "Let's the War beginning".
Fidel Castro dead.
If I Knew
FBI vs. Facebook
When an attachment is opened, the malware installs the wincom32 service, and injects a payload, passing on packets to destinations encoded within the malware itself. According to Symantec, it may also download and run the Trojan.Abwiz.F trojan, and the W32.Mixor.Q@mm worm.[10] The Trojan piggybacks on the spam with names such as "postcard.exe" and "Flash Postcard.exe," with more changes from the original wave as the attack mutates.[9] Some of the known names for the attachments include:[10] According to Joe Stewart, director of malware research for SecureWorks, Storm remains amazingly resilient, in part because the Trojan horse it uses to infect systems changes its packing code every 10 minutes, and, once installed, the bot uses fast flux to change the IP addresses for its command and control servers.:[11]
Postcard.exe
ecard.exe
FullVideo.exe
Full Story.exe
Video.exe
Read More.exe
FullClip.exe
GreetingPostcard.exe
MoreHere.exe
FlashPostcard.exe
GreetingCard.exe
ClickHere.exe
ReadMore.exe
FlashPostcard.exe
FullNews.exe
NflStatTracker.exe
ArcadeWorld.exe
ArcadeWorldGame.exe
Later, as F-Secure confirmed, the malware began spreading the subjects such as "Love birds" and "Touched by Love". These emails contain links to websites hosting some of the following files, which are confirmed to contain the virus:
with_love.exe
withlove.exe
love.exe
frommetoyou.exe
iheartyou.exe
fck2008.exe
fck2009.exe
Botnetting
Main article: Storm botnet
The compromised machine becomes merged into a botnet. While most botnets are controlled through a central server, which if found can be taken down to destroy the botnet, the Storm Worm seeds a botnet that acts in a similar way to a peer-to-peer network, with no centralized control.[7] Each compromised machine connects to a list of a subset of the entire botnet - around 30 to 35 other compromised machines, which act as hosts. While each of the infected hosts share lists of other infected hosts, no one machine has a full list of the entire botnet - each only has a subset, making it difficult to gauge the true extent of the zombie network.[7] On 7 September 2007, estimates of the size of the Storm botnet ranged from 1 to 10 million computers.[12] Researchers from the University of Mannheim and the Institut Eurecom have estimated concurrent online storm nodes to be between 5,000 and 40,000.[13]
Rootkit
Another action the Storm Worm takes is to install the rootkit Win32.agent.dh.[7] Symantec pointed out that flawed rootkit code voids some of the Storm Worm author's plans. Later variants, starting around July 2007, loaded the rootkit component by patching existing Windows drivers such as tcpip.sys and cdrom.sys with a stub of code that loads the rootkit driver module without requiring it to have an entry in the Windows driver list.[14]
April Fool's Day
On April 1, 2008, a new storm worm was released onto the net, with April Fools-themed subject titles.
Feedback
The list of antivirus companies that can detect the Storm Worm include Authentium, BitDefender, ClamAV, eSafe, Eset, F-Prot, F-Secure, Kaspersky, McAfee, Sophos, Symantec, Trend Micro and Windows Live OneCare.[15] It should be noted that the Storm Worm is constantly being updated by its authors to evade antivirus detection, so this does not imply that all the vendors listed above are able to detect all the Storm Worm variants. An intrusion detection system offers some protection from the rootkit, as it may warn that the Windows process "services.exe" is trying to access the Internet using ports 4000 or 7871.[9] Windows 2000, Windows XP and presumably Windows Vista can be infected by all the Storm Worm variants, but Windows Server 2003 cannot, as the malware's author specifically excluded that edition of Windows from the code.[9] Additionally, the decryption layer for some variants requires Windows API functions that are only available in Windows XP Service Pack 2 and later, effectively preventing infection on older versions of Windows.
Peter Gutmann sent an email[16] noting Storm comprises between 1 and 10 million PCs depending on whose estimates you believe. Although Dr Gutmann makes a hardware resource comparison between the Storm botnet and distributed memory and distributed shared memory high performance computers at TOP500 exact performance matches were not his intention - rather a more general appreciation of the botnet's size compared to other massive computing resources. Consider for example the size of the Storm botnet compared to grid computing projects such as the World Community Grid.
An article in PCWorld [17] dated 21 October, 2007 says that a network security analyst presented findings at the Toorcon hacker conference in San Diego on 20-Oct-07, saying that Storm is down to about 20,000 active hosts or about one-tenth of its former size. However, this is being disputed by security researcher Bruce Schneier[18], who notes that the network is being partitioned in order to sell the parts off independently.
Posted by virusfreeworld at 7:46 PM 0 comments
Finding out the best antivirus software
From the recent antivirus software review of 2008,the top ten antivirus softwares have been listed as follows:
1)BitDefender
2)Kaspersky Anti-Virus
3)ESET Nod32
4)AVG Anti-Virus
5)F-Secure Anti-Virus
6)Trend Micro
7)McAfee VirusScan
8)Norton AntiVirus
9)CA Antivirus
10)Norman Antivirus and Antispyware
The information has been given in the website http://anti-virus-software-review.toptenreviews.com/.
But, if someone asks me which antivirus i would choose ,then i would always go for ESET Nod32.Its not because i am some kind of a brand ambassador of Nod32 but only due to the fact that its protection level is very high combined with the fact that a person can use it very effectively also in a PC of lower configuration.It does not make your PC slow.When you start your PC for the 1st time,it loads very quickly.Many of the antiviruses which are big names in the market have this problem of loading slowly when you start the PC.Antivirus softwares are meant to keep your PC not only free from threats but also to make your PC respond quickly when you give a command.
A few days ago my brother-in-law bought the BitDefender antivirus for his PC,the reason being that it's the no.1 antivirus software as per reviews.His PC has a low configuration.It has a celeron processor.After installing the antivirus on his machine,his system got very slow and he was having difficulty in opening pages,even those of Microsoft word.So he unistalled the antivirus and installed Nod32 and his system was back to business.
Also, i have seen McAfee and Norton Antivirus which take a lot of time in loading when your PC starts.The logo of the company would hang out there in the screen for a good amount of time.
I haven't used Kaspersky and AVG antivirus so i cannot comment on that.
Protection wise for PC's and laptop's,i think BitDefender,Kaspersky and Nod32 are almost the same but Nod32 according to me stands out in the crowd due to its flexibility of working nicely in various configurations.
Friends,if you have any valuable suggections on this topic,please comment.I will be waiting.
With Best Regards,
Virusfreeworld.
Posted by virusfreeworld at 1:52 PM 0 comments