You won’t make money from W32:Sality.ao

People should be cautious of the making money because there is a variant out there trying to leverage the users into thinking they can make money.

McAfee Says “W32/Sality.ao is a parasitic virus that infects Win32 PE executable files. It infects files (*.exe and *.scr files) on the local, network and removable drives by overwriting code in the entry point of the original file and saving the overwritten code in its virus body. It then appends the virus body to the host file.”

Aliases for this Virus is:

  • Virus.Win32.Sality.y (Ikarus)

  • W32/Sality.AE (Norman)

  • W32/Sality.AH (Panda)

  • W32/Sality.AK (F-Prot)

  • Win32.KUKU.a (Rising)

  • Win32/Sality.AA (VET)

These links should help people understand it it.   You can visit my Malware Resources to help remove this virus.  Something to consider before removing this is to disable your restore points.

Remember there’s no easy to make money, the only real way is to work hard.  According to my research the Anti-virus companies have ways to remove this virus and as long as you update your database.

Using Skype with Cellular BroadBand Modems

If your like me you will want to make sure you have the best possible speed and connection with your broad band modem. Here are a few articles to better help with you get the best possible speed with a broad band modem like a Cricket modem:

Some other things to consider are:

These will start to make it better for you to use a modem and get the best possible speeds from the modem.  You have to realize what your coverage area is.  There are many factors in regards to your modem speed but that is something that you will have to figure out how to get better speeds.

How do you use Skype with your Cellular broad band modem?

Somethings to remembers with your broadband modem is you won’t have a good connection no matter how hard you try.   Most cellular carriers don’t want you to us it with VOIP(Voice of Internet Protocol).   So you will have to pay close attention to how you use the bandwidth and what you are doing while making a VOIP call.

The good thing about Skype is, it comes with some very useful tools to better watch your bandwidth and to help get the best possible connection.  You will want to make sure not to have it be a super-node, to do this you go to:

Tools then;Options

My settings for Skype with Cricket<

As you can see I checked off use port 80 and 443 as alternative incoming connections, I also like to see all the technical information and bandwidth usage per call.  I made sure to use Socks5 to prevent skype from becoming a super-node. I also have it set to not automatically start up when I load windows.  To do that all you have to do is go to the General tab and un-check start Skype when Windows start.   You can use any port you want as long as you use the same on the SOCKs5 setting also.   I just made the port up it can be 0 to 4 numbers long.   If you want to understand what ports are this little document will greatly help you figure out which ports are good to use.  Some other things to remember when you use Skype for long periods of time is if you need to call someone you should try not to use the internet to much for that takes bandwidth also.  It is better to have Skype use all the possible bandwidth you have available.

Signs of a Computer Infection!

So I was thinking this morning what I missed and I totally missed on how you might be able to tell if you have a computer virus. It does me no good to talk about a virus if you don’t know you’re infected. I was thinking of the times I had a client who had trouble but wasn’t what I thought.

So How do you know?

Some people would say it depends on factors but here are what I call clues that make me suspect a virus:[ad#ad2-right]

  1. Slow or Sluggish computers —  Here is what I know if the computer is really slowing down and have a dual core or quad core.  If you are running a system and sees a lot of hard drive activity even when the computer is idle then it might be a virus or it could be a program doing what it is supposed to be doing.  So this is somewhat of an indication but not always.
  2. Slow internet connection on the computer or on the network — Due to the fact that most people have a router that is connected to all the computers and if you internet connection on all your systems are slower than normal then you could have a virus.  I use Speed Test website to help determine this.
  3. Corrupt files or Missing files —  Sometimes you have a text documents or files that are missing and you have to pay to get them back.   It’s an old scheme and usually once your files have been encrypted you can’t get them unencrypted.  So this is why I added this one also because it varies from virus to virus.
  4. Programs don’t work like they used to —  This is also a very common association with a virus because virus makers don’t have time to test it out on a variety.   Most of the time if you get a call that a program is no longer working tat would be the first thing I’d look at, if not check to see what other programs have been installed lately.
  5. In some cases more files are the Hard drive —  This can be a indication of a virus because the virus might be using the system to host files or other such illegal activity.   Although this is happening less and less it can still be a possibility and should be checked out.   I like to use a graphical tree size program to determine if that is the truth.
  6. Pop ups or Browser redirects — this is a common thing along the way.  It’s always the same and saying something like “you have a virus” or “You unprotected and you might have a virus”.  The theme here is to scare the user into buying there product that does not do anything.   It sometimes even looks like a real anti-virus program or spyware program but in truth it is just a scam.  In some cases it will send you to a site because it keeps wanting you to buy the product.
  7. DNS Changes on you — Some hackers like to have you go through there server so they can watch everything you do online.  They are wanting to get the sensitive information of bank account, and other important accounts.  This is really the ones that need to get off your system asap.

[ad#ad2-left]These are the signs I’ve seen in the past that would indicate a virus but as with any problem.  You will need to check for all the possibilities.   It is always going to be an issue with people because most people don’t know about the signs, now you do and you can now be a better computer user.  It is you who can only fight viruses by knowing all the possible system and only you can defeat a virus.  In the next article I will talk about the tools to help you find and defeat a virus.   This will be a big blog post because I have so much to teach and explain.   If you like these post by all means leave a comment and help spread the word.

Inside understanding of win32.netsky.q

Netsky.Q is a worm that spreads through e-mail. It is distributed as a 28,008 byte Win32 executable, compressed with PEtite, which drops a 23,040 byte DLL file. It also distributes itself inside ZIP archives.

I saw this on on the net and through we should talk about and let people know how you could get that the worm off your computer. It seems to be a self-replicating worm, it will continue to send out fake messages to people with the subject lines Like:
[ad#ad2-left]

  • Delivery Error
  • Delivery Failure
  • Delivery
  • Mail Delivery failure
  • Mail Delivery System
  • Mail System
  • Delivery
  • Delivered Message
  • Error
  • Status
  • Failure
  • Failed
  • Unknown Exception
  • Delivery Failed
  • Deliver Mail
  • Server Error
  • Delivery Bot

And with each message there is the reciepts email address at the end.  This worm seems to be spreading like wildfire today.   It is because people have not install

Microsoft Security Bulletin (MS01-020)

[ad#ad2-right]Now how do you get rid of it.  It seems that most of Anti-Virus software would get it done.  All you would need to do is scan for this virus with the latest updated virus databases and will go away.   According E-Trust Anti-Virus they say they can remove it.   This is a really old virus, according to my sources this was first seen in 2004.   In order to prevent this in the future I’d suggest installing a free anti-virus and using it.    This is one smart little worm according to CA IT.

If you have quite a few Desktops in your Office and want to update all of them to the newest patch all in one swoop, I’d suggest downloading Clone of Autopatcher and making an ISO image so you can go around to each computer and install the patches quickly and easily.  Prevent yourself from getting that virus and some others in the future.   This is a friendly tip for all those hard working IT workers.

Internet Explorer still has a Vulnerability after Tuesday Patch!!

I just read this on several blogs and thought I’d share the details with you, it seems that Microsoft didn’t know there was a problem with this Bug/Vulnerability.   Computer world has a great article and  says this:

[ad#ad2-right]“The updates Microsoft released yesterday do not address this possible vulnerability,” a Microsoft spokesman said today in an e-mail reply to questions, “but I can tell you that Microsoft is investigating these new public claims of a possible vulnerability in Internet Explorer.”


[Via ComputerWorld]

I can only hope that Microsoft fixes this Vulnerability soon, I would take a guess that they will try to get this out on the patch cycle if not they will push it out after.   Some things to remember with IE(Internet Explorer) is only use it with Microsoft Updates.   I also Suggest downloading FireFox and checking out my Anti-virus and Anti-Spyrware Page for ways to prevent from getting a virus.