Tag: command

What is a Virus and Why do I have one

Paul2 Replies

After seeing more and more the updates coming from the net.  I wanted to talk about what a Computer Virus or Trojan is and how you get it.   So how did  you could of gotten a Virus in the first place.   So here are some information to consider:

The vulnerability of operating systems to viruses

So what does that mean to you?  Most of the times when you get a virus you have a vulnerability in some place in your Operating system and it is either something that has not be known by Microsoft, Apple, and Linux or is know as a Zero-day Exploit. [ad#ad2-right]

A zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or patchfree computer application vulnerabilities. The term Zero Day is also used to describe unknown or Zero day viruses.

[Via Wikipedia]

This is one of the most used because if it is an unknown exploit by the Operating System creators then they have a longer to us the exploit.  Most of the time hackers like to use this because that means there is a possibility of finding even more vectors to infect other systems.  You see if they can get on one system they can then find ways to get on other systems.

In the Old days, you’d ask

How Did I Get This Virus, Anyway?

You get a virus when you copy infected files to your computer, then activate the code inside by running the infected application or opening an infected document. How you copy the infected files is irrelevant: Viruses don’t care if you get them as an e-mail attachment, a download, or via a shared floppy disk, though e-mail attachments are the most prevalent (and easiest) mode of transport.

[via PcWorld] (Dated Oct 13, 2000 11:00 pm)

That was before hackers wanted to infect for more personal gains.   There is a list of things that hackers want to get when they Infect a system and it is usually very few things.   In the Old days they wanted the fame but now they want money and to take control over the internet.  They usually want to infect for Money or to have computers become botnets.  Now We aren’t talking about the Movie, I Robot.   Once a system becomes a bot it doesn’t think for itself but follows a line of command from the Command and Control center.  So lets say we have  several hundred bots on one net, and the hacker blacked mailed a server saying if they didn’t pay up they’d get DoS attacked.  With enough bots going to one site at one time can slow or even bring down a site, that is how A hacker sometimes uses a virus or trojan to get into a system.

Viruses & Trojans try to Avoid detection

So you have a virus, it wouldn’t do a virus any good to be detected right after getting onto a system.   More and more, viruses are trying to avoid being seen and heard.  Most hackers who program are wanting to infect more than one system so they have to make really sure that you don’t find out your infected.    So with that said there are several ways  and I won’t try to explain them because I think the link talks about it better than I could.   It however will give people something to think about.

In the next few days there will be another post on How you will be able to figure out if you have a virus.  I had to talk about this first so people could understand how to figure out if you have in the next post.  So stay tuned for more

Avg detected Trojan Horse Generic 12.htc?

Paul2 Replies

Just got a warning from AVG about, trojan horse generic 12.HTC, haven’t heard of it, anyone out there hear if this one? apparently it infects explore.exe, and after months of explore.exe crashing I’d say it’s a legit virus.

[Via Answer Bag]

Some tricks and tips to remove this little virus is quite simple. It is embedded in your system so how do you remove this threat? Easy follow these steps and you will have a better chance of getting rid of the virus:

  1. Find out all you can on the virus — Finding out the extent of where the virus lays is really a good idea.  Just because you found one place doesn’t mean it isn’t also hiding some other place.  Some good ways to figure out where it might be is to download Hijackthis and Then onces you download it and install.  Run it, and when you get the LOG file you will want to go to HijackThis Log Analysis Site 1 and HijackThis Log Analysis Site 2, and see what it says.

  2. See if you can remove the Hidden Virus — After you find out what the extent of virus may lay.  You will need to download these programs.  Run whichever ones you like to see if you can locate and delete the virus.  You may also consider using one of the several onine services to see what they might suggest or see if they can find this virus.

  3. Check your services and reboot sequence — After you think you’ve gotten rid of the virus, reboot and do a rescan.  Usually the Virus will respawn after you reboot, some of them have a command in the reboot sequence.   You may want to check your reboot sequence, by check with MSCONFIG.  Sometimes it is hidden but if you check through the MSCONFIG for any files that might not need to load.  Also check the services tab and see if there is any services that may not be needed.  The best bet is to google search each service or program that is in there and see if that might fix the problem.

  4. Might be time to re-install Windows — Although this is the hard for people, this can sometimes fix the most challenging virus.  You need not have to loose your important data.  The only thing to remember when you back up is when restore you data after you re-install windows.  Just remember one thing, if it is  an .EXE, .COM, .BAT, and .MSI extensions than that might risk you getting the virus all over again.  Although remember that you will need the other tools I talked about on #2 to keep from getting the virus again.

These are some tricks I use to get rid of a virus and now I’ve shared them with you and now it is up to you do the work.  If you have any tips or tricks to get rid of a virus leave a comment.

Bandwidth Tools For Monitoring your bandwidth

Paul

<<See Previous Post

So I’ve done some looking around for bandwidth programs.  So here’s what I found so far.  The programs I’ve got listed are not test and are therefore your responsible for any and all use of the programs.

[ad]

  • FreeMeter Bandwidth Monitor For Windows – Monitor network bandwidth (C#.NET 2k/XP+). Desktop and Systray graph. Configurable connection speed, update interval, color, transparency. Monitor any or all network interfaces. Ping/Trace/UPnP utilities. Email notifier (POP/IMAP). Requires .NET 2.0.

  • Pipelog – Windows Bandwidth Meter — Pipelog is a Windows bandwidth meter that gives live statistics of accumulated bandwidth usage. It is written in C# and runs on the .NET Framework.

  • Windows Service Monitor — Monitor and automatically restart Windows Services with this small Win32 command line utility. Windows Service Monitor (WinSMon) can monitor several services, restart services that stop/fail and limit the number of restart times.

  • iptotal — iptotal is an IP traffic monitor. It listens to a network interface in non-promiscuous mode, and measures IP bandwidth usage. After the specified number of seconds, the average throughput is printed at total, input and output usage.

  • Bandwidth Vista 1.0.0.8 — Bandwidth Vista is modern, informative and intuitive to use. Whether you are looking for network problems or simply want to check the speed of your Internet connection Bandwidth Vista is for you. Bandwidth Vista monitors all your connected interfaces at once and holds a history of transfers, which can be viewed down to the minute. This dynamic application also indicates the countries of remote computers con.

  • Bandwidth Monitor 2 — An ideal tool for the bandwidth conscious, Bandwidth Monitor enables you to keep a close eye on the amount of bandwidth accumulated over the current hour, day, week, month, or even year! Advanced logging tools make it easy to view your bandwidth usage and make alterations to bandwidth logs. Clean up old data at the touch of a button, and import your bandwidth data from our predecessor Bandwidth Monitor 1.0. Version 2 adds Vista compatibility.

  • Axence NetTools 3.2 — NetWatch – network monitoring with e-mail alerting, real-time & historical charts of response time & packet lost. WinTools lists exhaustive system information from Windows computers: running processes & services, registry, event log, disk, memory & CPU information. Port scanner checks for all open ports and running services.

  • BitMeter 3.5.7 — BitMeter 2 is a bandwidth meter, it allows you to visually monitor your Internet connection by displaying a scrolling graph that shows your upload and download speed over time. Features include: Graphical and numerical displays of historical data, Web interface, alerts, stopwatch, calculator, transparent/float/click-through modes, 36-page help file, audio notifications, configurable color-schemes and many other options. Version 3.5.7 offers minor fixes and feature enhancements.

[ad]

These are just a few that I could find to better keep track of your bandwidth.  These haven’t been tested but should get your started in the right directions.  If you have any good suggestions by all means let me know!!