Category: slow internet connection

Some current Threats in December

Paul

Win32/Mydoom.R

[ad#ad2-left]

Win32/Mydoom.R is an e-mail worm for Microsoft Windows systems. Its file is approximately 28 kilobytes long, compressed by UPX. After decompression, its size is about 40kB.

Upon execution the form copies itself in the %windir% using the name java.exe. It also saves a file called services.exe there. This file is a backdoor component, that operates on TCP port 1034.

The following Registry entries are set to point to worm executables:

HKEY_LOCAL_MACCHINE\Software\Microsoft\Windows\CurrentVersion\Run\JavaVM
HKEY_LOCAL_MACCHINE\Software\Microsoft\Windows\CurrentVersion\Run\Services

The first entry contains path to java.exe, and the other points to services.exe.

According to the information on all the website in order to fix this you must use some anti-virus software.

[ad#ad2-right]

WORM_AGENT.AHQV [Trend Micro], Dropper/Xema.189952.B [AhnLab], Dropper.Small.LQ [AVG], Trojan.Crypt.Delf.AC [Bit Defender], Worm.W32.Agent-1 [ClamAV], IRC.W.W32.ClickIt.D [Otros], W32/Trojan3.AS [Authentium], I-Worm.Agent.ez [Quick Heal], Win32.HLLM.MyDoom.134 [Doctor Web], Trojan:W32/Agent.GCK [F-Secure], W32/Basine.C [Fortinet], Trojan.Crypt.Delf.AC [G DATA], Trojan.Crypt.Delf.AC [Ikarus], Email-Worm.Win32.Agent.js [K7 Computing], Email-Worm.Win32.Agent.js [Kaspersky], Worm:Win32/Mytob.SD [Microsoft], Win32/Injector.BZ [ESET], W32/P2PWorm.AAK [Norman], Trojan.Delfinject.Gen.3 [PC Tools], Backdoor.Win32.IRCbot.apj [Rising], Mal/Basine-C [Sophos], Dropper.Delf.26624.B [Hauri], Email-Worm.Win32.Agent.js [F-Secure], Backdoor/W32.IRCBot.28160.C [Otros], AGENT.ARQB [PerAntivirus]

According to the information on all the website in order to fix this you must use some anti-virus software. This one is a variant and should be dealt with as if it it the actual worm.  It seems to be spreading through P2p and Email fooling the person into running programs.  So be careful out there.


Signs of a Computer Infection!

Paul

So I was thinking this morning what I missed and I totally missed on how you might be able to tell if you have a computer virus. It does me no good to talk about a virus if you don’t know you’re infected. I was thinking of the times I had a client who had trouble but wasn’t what I thought.

So How do you know?

Some people would say it depends on factors but here are what I call clues that make me suspect a virus:[ad#ad2-right]

  1. Slow or Sluggish computers —  Here is what I know if the computer is really slowing down and have a dual core or quad core.  If you are running a system and sees a lot of hard drive activity even when the computer is idle then it might be a virus or it could be a program doing what it is supposed to be doing.  So this is somewhat of an indication but not always.

  2. Slow internet connection on the computer or on the network — Due to the fact that most people have a router that is connected to all the computers and if you internet connection on all your systems are slower than normal then you could have a virus.  I use Speed Test website to help determine this.

  3. Corrupt files or Missing files —  Sometimes you have a text documents or files that are missing and you have to pay to get them back.   It’s an old scheme and usually once your files have been encrypted you can’t get them unencrypted.  So this is why I added this one also because it varies from virus to virus.

  4. Programs don’t work like they used to —  This is also a very common association with a virus because virus makers don’t have time to test it out on a variety.   Most of the time if you get a call that a program is no longer working tat would be the first thing I’d look at, if not check to see what other programs have been installed lately.

  5. In some cases more files are the Hard drive —  This can be a indication of a virus because the virus might be using the system to host files or other such illegal activity.   Although this is happening less and less it can still be a possibility and should be checked out.   I like to use a graphical tree size program to determine if that is the truth.

  6. Pop ups or Browser redirects — this is a common thing along the way.  It’s always the same and saying something like “you have a virus” or “You unprotected and you might have a virus”.  The theme here is to scare the user into buying there product that does not do anything.   It sometimes even looks like a real anti-virus program or spyware program but in truth it is just a scam.  In some cases it will send you to a site because it keeps wanting you to buy the product.

  7. DNS Changes on you — Some hackers like to have you go through there server so they can watch everything you do online.  They are wanting to get the sensitive information of bank account, and other important accounts.  This is really the ones that need to get off your system asap.

[ad#ad2-left]These are the signs I’ve seen in the past that would indicate a virus but as with any problem.  You will need to check for all the possibilities.   It is always going to be an issue with people because most people don’t know about the signs, now you do and you can now be a better computer user.  It is you who can only fight viruses by knowing all the possible system and only you can defeat a virus.  In the next article I will talk about the tools to help you find and defeat a virus.   This will be a big blog post because I have so much to teach and explain.   If you like these post by all means leave a comment and help spread the word.