November 27, 2009

China Warns About Return of Destructive Panda Virus

A computer worm that China warned Internet users against is an updated version of the Panda Burning Incense virus, which infected millions of PCs in the country three years ago, according to McAfee.

The original Panda worm, also known as Fujacks, caused widespread damage at a time when public knowledge about online security was low, and led to the country's first arrests for virus-writing in 2007. The new worm variant, one of many that have appeared since late 2006, adds a malicious component meant to make infection harder to detect, said Vu Nguyen, a McAfee Labs researcher.

"It has gotten more complex with the addition of a rootkit," said Nguyen. "It definitely makes it more challenging for users to clean up and even to know that their systems have been compromised."

A rootkit burrows into a system to try to hide the existence of malware.

The first Panda worm gained fame in China for switching the icons of infected files with an image of a panda holding three incense sticks. The same image would also flash across a victim's screen, but the worm's final goal was to install password-stealing Trojan horses. The worm infected millions of PCs, according to Chinese state media. Its author was ordered to write a removal tool for the worm and later sentenced to four years in prison.

China's national virus response center warned about the updated worm earlier this week, but it dubbed the virus Worm_Piloyd.B and did not link it to Panda. The center said it had found a worm spreading online that infected executables and html files. The worm blocked a victim's PC from restoring infected files, turned off active antivirus software and directed the machine to Web sites to download Trojan horses and other malware, the center said. The center urged Internet users to step up defense on their PCs against unknown viruses.

The new worm is unlikely to hit as many PCs as the first one. Chinese companies and Internet users are much more aware of malware than they were a few years ago, partly because of the wake-up call brought by the first Panda worm, said Nguyen.

As in other countries, cybercrime looks increasingly professional in China and labor is often divided along the production chain from virus design to the sale of stolen information. Chinese police are rushing to keep pace and cybercrime arrests have become more common in the country. Police in central Hubei province recently took six suspects into custody for building and selling viruses and attacking victims with a botnet, Chinese state broadcaster CCTV said this week. The group made over 2 million yuan (US$290,000) in about six months from their activities, the report said.

Separately, a Shanghai court this week sentenced a man to six months in prison after his Internet company spent the equivalent of $17,500 to launch a denial-of-service attack on a rival's servers, according to local media. The man's company, iSpeak, paid for the use of a botnet to attack rival Duowan.com, reports said. A botnet is a network of malware-infected PCs that an attacker can order to repeatedly contact a target server all at once, overwhelming the machine with requests for information and essentially shutting it down.

China officially had 338 million Internet users at the end of June, more than the population of the U.S.

October 24, 2009

A small utility inside your Windows OS!

Looking for a utility that gives summary on the hardware/software installed on your PC? from board manufacturer, memory size, hard drive capacity, software information......etc?

Some of us are using Windows XP for so many years now but maybe a few knows that this utility existed within Windows. The utility name is MSINFO32, a useful utility that gives quick overall view of your system.

To launch utility just click Start, click Run, type MSINFO32 in the Open box, and then click OK.

Wait a few seconds and a window appear that displays all the related information!

Happy Weekend!

October 4, 2009

Proper Approach In PC Troubleshooting

Today I will discussed some troubleshooting approach that may help shorten your time in solving/isolating a particular PC problem.

Based on experience, I often encountered problems that seems a major problem when its not.
An example of this is a blackout motherboard only to find out that cmos enable switch is wrongfully set or there is no jumper inserted on the CMOS enable switch.

Another example is that you just transfered your PC in a different location, and when you plug everything you got a non responsive unit or PC on a continues reset, only to find out that PC was wrongfully inserted on the 110V power source, instead on the 220V outlet.

There are other scenarios that you will encounter in troubleshooting a particular problem, but with the right approach you can shorten the time in your troubleshooting.

Listed below are my basic approach in PC troubleshooting,

1.Talk to the user first what he/she noticed before the PC bogged down, often it will perform strangely, it this way you may have a hint to were you start your troubleshooting.

2.Try to establish if the problem cause by a software or a hardware, in this way you can cut half of your time in troubleshooting.

3.Look for minor cause of a particular problem first before digging deeper unto it, you may wrongfully reformat a PC that intermittently resets but later you found out that its just a case of poor memory contact on its slot or a clogged processor heatsink.

Thats all for now folks, I hope this particular topic help enhance your troubleshooting skills!

September 19, 2009

Just another LAN problem with a twist

Its another busy week, one problem I encounter that I want to post here is about a LAN connection problem on a problematic RJ45 connection.

The problem indicates a no connectivity even if LAN cable is inserted(take note that this is a previously working connection), on the first look of the situation there are possible scenarios that may have caused it, it maybe cause by problematic LAN cable or RJ45 connection,a LAN card problem or perhaps a software problem.

The first thing I did is checked and re-crimped(without replacing the connector) both ends of the LAN cable(visually connection looks fine) but problem still the same. I go ahead on replacing a different LAN card(PC is using a PCI LAN card), when I rebooted the system it detects the new hardware and load the corresponding driver but still a no connectivity exist. What else is left, a cable or a software problem? this will requires a lot of work if I will replaced either of the two, so I look for other ways to confirmed the problem.

Before I continue, I just want to add more info about this particular problem, the problem occurs after the two PC has switched location.The reason I include this fact because this will be bring twist to the problem. I re-inserted that problematic cable to another PC, it's actually the one being previously switched and to my big surprise the connection did work fine.

I re-insert both PCI LAN card to the other PC, still no connectivity exist. The LAN device used on the particular PC where the particular connection work is on board(strange?), I replaced both RJ45 connectors on the problematic connection and connectivity backs to normal.

Conclusion
A not so good RJ45 connection exists from the very beginning the LAN cable was installed its just it works on the original PC which is using an on board LAN, the problem was only discovered when the user switched PC.

September 12, 2009

PC cannot establish network connectivity!

I just want to discuss a particular network problem I encounter just recently, it's actually an additional connection to the router, the cable is just newly bought and crimped from the store.

The problem encountered is when you plugged the cable, network icon indicates a limited connectivity and shows an exclamation point. It took me sometime to trouble shoot the problem, but later I found out that CAT5 cable is not crimped based on standard configuration.

The hard part in identifying the problem is that LAN cable is newly purchased so it's the least you suspect.In case you encounter similar problem described above, try to inspect the connector visually or adjust network connection properties to 10 mbps full duplex(default setup is auto), if PC established network connectivity then it's confirmed that connector was not crimped in accordance to standards.

It is important than you observe proper cable configuration when crimping new connections to ensure a problem-free network.

Standard CAT5 LAN connector configuration:

August 29, 2009

My Favorite Anti-Virus Programs(Software Freebies)

From my previous post,I note the importance of having a good anti-virus on one's system,I now post my favorite anti virus programs based on performance and its a 3 program download.

After installing any of the program make sure to update the virus pattern, then full scan your system. Regular full scanning of one's PC is recommended at least once a month, sometimes malware, trojan, rootkits, slip on one's system unnoticed and will activate when certain conditions exist.

Enjoy!

Click link to download!
Anti-Virus1

Anti-Virus2

August 22, 2009

One way to stop viruses/worms propagation in one's PC!

As hardware and software advances in the last couple of years so was the crooks who are creator of hard to detect and delete viruses in one's PC, and as the internet is very much affordable as ever it only give this criminals easy way to propagate their evil wrongdoings.

As technical support for the last decade I witnessed some of the variety of viruses that bring damage to one's PC and believe me containing some of those viruses is getting harder everyday.

One of most easy way this worms/viruses propagates is via a USB Flash drive,when you insert a device via usb connector your system perform an autorun function prompting you to choose an options what to do next.This is were this viruses attempt to infect your system and if your anti-virus software is not good enough to detect such an attempt your system will be infected in an instant, making your PC to perform slow or your PC to hangup.That's why choosing a good anti virus software is also an important key to combat such an attack and I will discuss this topic on my future post.

Disabling autorun on your system and FD(Flash Drive)is one way to help prevent stop virus propagation,disabling autorun on your system can be done manually but if you are an end user it maybe unsafe to open the system configuration and some are afraid to do it for the reason that they might do it the wrong way.

The easy way to disable autorun on one's system is to use a small utility software, there are lots on the net and its available for free, the one I used is from a reputable anti virus company, if you want to download it you can click the link below.

Note:Make sure to disable autorun feature both your PC and your USB Flash Drive to lessen the risk on infection.

Good Day and Happy Weekend!

Disable Autorun Utility
USB Vaccine

August 16, 2009

Internet giants should make the move!

Good day, today I want to discuss adult qualification requirements when registering a website, especially social networking website such as Yahoo, Friendster and others alike.

The reason I brought this topic because I was monitoring my kid(a 6th grader) browsing activity lately and I notice the he is hook too much in this social networking websites.Well some may say so what, almost everybody is doing it? I don't argue on it,that's the IN thing nowadays, but what I do disagree with is the way this websites conduct adult qualification check on their applicants.

If you notice when you register on this websites(ex: Yahoo, Friendster, Facebook,etc.)you can easily falsify your personal information especially the age category, the implication to this is that there will be a lot of kids which is below 18 years old that can easily get around the age requirements and become members to this websites.The moment minors will become members to this websites they will be exposed to things that are not appropriate on there age bracket.

Of course the parents can do their share in monitoring their child internet browsing activity but parents can't monitor their kids all the time. This is were this websites play a very important role in tightening the age requirements of an applicant, they are the last line of defense against younger kid pretending to be adult.

But, the question is are these websites willing to implement a registration filtering system that will somehow works against their growth? that's a big question that only them can answer.But to me this websites has social responsibility to help make the internet a safer place for the kids and all of us.

They(Owner) already make millions($) from their websites,it is now time for them to do the right thing in making the net(world) a safer place to browse for all of us, especially the younger generation.

August 8, 2009

Software Freebies Part 4

Everyday on the net we stumble on a lot of many PC utilities that promise to speed up one's system but came short once you install it,but today I will share a very useful software that will really help speed up things on your PC.

Its a 4 program package and you have to install it separately, the program designed is very user friendly and its best for users who are not really familiar in manual tweaking.

It defrags, clean registry, look for missing drivers,clean unwanted files and many more.

Here's the link guys, Enjoy!

SpeedUpMy PC

August 5, 2009

Another PC Mind Boggling Problem!

Every day at work I used to experience unusual problem, just yesterday I encountered such a problem. The unit is a P4 CPU, the only problem of the unit is it cannot connect the net, it always indicate a limited connectivity. I tried all the basics to fix the problem, but still does'nt work.

The network device was tested good in other unit,And I suspect that it maybe a software problem so I decided to install a different harddrive with a fresh installed OS, to check if it can connect to the net with no problem and it did. With that I decided to replace the OS to restore its internet connectivity. I install back its original harddrive and started the system, but I decided to check its internet connection again before fresh installing the whole drive and to my surprise the connection was restored.

It may leave so many questions in me, but I was happy though that network connection was restored with less effort.

August 4, 2009

Tribute to a great leader!

Today I will go off topic, to give last respect of woman who play a significant rule in restoring democracy in our country and become an inspiration to every nation who loves democracy.

Farewell President Cory Aquino!

To learn more about President Cory Aquino! click link below

Cory Aquino

August 2, 2009

Different Virus Description & Characteristic Part 3

Continuation...........

MALICIOUS UTILITIES

These utilities are designed specifically to inflict damage.However, unlike other malware programs, they do not perform malicious actions immediately as they are run and can be safely stored and run on the user's computer.Such programs have functions used to create viruses, worms and Trojan programs, arrange network attacks on remote servers, hacking computers or other malicious actions.

There are many types of malware utilities with different functions.

Their types are described in the table below.
Click to download table in PDF form

POTENTIALY UNWANTED PROGRAMS

Potentially unwanted programs, unlike malware programs, are not intended solely to inflict damage.However they can be used to breach the computer's security.

Potentially unwanted programs include adware, pornware and other potentially unwanted programs.

ADWARE

Adware programs involve display of advertising information to the user.They display ad banners in other program's interface and redirect search queries to advertising websites.
Some adware programs collect and redirect to their developer marketing information about the user, for example, which sites he or she visits or which search requests he or she performs (unlike Trojan spies, these programs transfer this information with the user's permission).

PORNWARE

Usually, users install such programs themselves in order to search for or download pornographic information.

Intruders also can install these programs on the user's computer in order to display ads of commercial pornographic sites and services to the user without his or her permission.

To be installed, they use vulnerabilities of the operating system or web browser, Trojan downloaders and Trojan droppers. There are three types of pornographic nature distinguished based on their functions.

These types are described in the table below.
Click to download table in PDF form

OTHER RISKWARE PROGRAMS

Most of these programs are useful programs used by many users. They include IRC clients, dialers, file downloading programs, computer system activity monitors, utilities for working with passwords, FTP, HTTP or Telnet service internet servers.

However, if an intruder obtains access to these programs or install them to the user's computer, such intruder can use some of their functionality to breach the security. Other riskware programs are classified depending on their functions.

Their types are described in the table below.
Click to download table in PDF form

Until on my next post!

August 1, 2009

Different Virus Description & Characteristic Part 2

Continuation...........

TROJANS

Unlike worms and viruses, trojan programs do not create copies of themselves. They sneak into a computer, for example, via e-mail or using a web browser when the user visits an "infected" website. Trojan programs are launched by the user and start performing their malicious actions as they run.

The behavior of different trojan programs in the infected computer may differ. The major functions of Trojans are blocking, modification and erasing of data, disruption of the operation of computers or computer networks. Besides, Trojan programs can receive and send files, run them, display messages, access web pages, download and install programs and restart the infected computer.

Types of trojan programs and their behavior are described in the table below.

Click to download table in PDF form

July 29, 2009

Different Virus Description & Characteristic

Everyday new viruses is being spread over the net and most of this viruses are difficult to neutralize in one's PC.So, I was thinking to run description summary in some of the characteristics of this malicious programs(viruses) for you to have better understanding.

Viruses are categorize into two, these are the Potentially Unwanted Programs and Malware Programs.I will focus more in the malware programs category since this is that bring most damage to one's PC.

Potentially Unwanted Programs-are created not intended solely to inflict damage. However they can be used to breach the computer's security, includes adware, pornware and other potentially unwanted programs.

Malware Programs
-are created with the purpose to damage a computer and its user, for example, to steal, block, modify or erase information, disrupt operation of a computer or a computer network.It is further divided into three subcategories: viruses and worms, Trojans programs and malware utilities.

1.Viruses and worms can create copies of themselves which are, in turn, capable of creating their own copies. Some of them run without user's knowledge or participation, others require actions on the user's part to be run. These programs perform their malicious actions when run.

2.Trojan programs do not create copies of themselves, unlike worms and viruses. They sneak into a computer, for example, via e-mail or using a web browser when the user visits an "infected" website. To be launched they require user's actions and start performing their malicious actions as they run.

3.Malware utilities are created specifically to inflict damage. However, unlike other malware programs, they do not perform malicious actions immediately as they are run and can be safely stored and run on the user's computer. Such programs have functions used to create viruses, worms and Trojan programs, arrange network attacks on remote servers, hacking computers or other malicious actions.

Viruses and Worms Sub-Category

A classic virus infiltrates into the system, it infects a file, activates in it, performs its malicious action and then adds copies of itself into other files.It reproduce only on the local resources of a certain computer, they cannot independently penetrate other computers. They can penetrate other computers only if it adds its copy into a file stored in a shared folder or on a CD or if the user forwards an e-mail messages with at infected attachment.

Code of a classic virus can penetrate various areas of a computer, operating system or application. Based on the environment, there is a distinction between file, boot, script and macro viruses.

Viruses can infect files using various methods. Overwriting viruses write their own code replacing the code of the file they infect and after they destroy the content of such file. The infected file stops working and cannot be disinfected. Parasitic viruses modify files leaving them fully or partially operating. Companion viruses do not modify files but create their duplicates. When such infected file is opened, its duplicate, that is the virus, will be run. There are also link viruses, (OBJ) viruses that infect object modules, viruses that infect compiler libraries (LIB), viruses that infect original text of programs, etc.

Worms - After it penetrates the system, the code of a network worm, similarly to the classic virus code, gets activated and performs its malicious action. The network worm received its name due to its ability to tunnel from one computer to another - without the user's knowledge - to send copies of itself through various information channels.

The major method of proliferation is the main attribute that differentiates various types of worms. The table below lists types of worms based on the method of their proliferation.

Click to download table in PDF form


To be continued...............

July 28, 2009

System takes time when opening the save path drop down list!


The unit is actually a Pentium Dual Core Processor with 1 GB DDR2 Memory, the system actually runs normally except when you try to save or save_as a file(particularly in Word and Excel), the saving path takes some time to appear(around 2 min) and that the user becomes impatient especially if he is in a hurry in his work.

I troubleshoot the problem, I tried everything from replacement of application program to virus check up, I even suggested that we will reformat it, but the user insist that reformatting should be the last option since they have a very important application that is difficult to restore.

I spent a little more time in troubleshooting the problem and I found out that the cause of it all is a non existing network drive,what happen is that application tries to locate the missing network drive causing it to stack for a while when you click the Save path drop down button as seen it the picture.I remove the non existing network drive in the system and everything backs to normal.

Next time you encounter same or similar problem make sure to check if there is a dead network drive mapped in your system, it may solve the problem.

God Bless!

July 25, 2009

Bad CMOS Battery may cause unusual Windows problem

The units are Pentium III and a Pentium IV, both units has drained CMOS battery. The problem I encountered is that Windows XP hangs up at start up if you just bypass the CMOS bad error by pressing F1 upon turned on.

It took me sometime to figure out what is the problem, I even mistaken it as a software problem, but later I discovered this thing happen if you bypass CMOS setup at startup without particularly setting up the date, I don’t really know exactly what cause it, maybe BIOS has problem interacting with Windows if date is not properly set.

I just love my work, it's full of surprises!

July 23, 2009

System restart when CD/DVD disk is inserted on the player

Have you ever encounters a system that restarts whenever you insert a CD/DVD disk on its player? If not then this solution might help you solve the problem right away.

The situation is that the unit functions normally, except when you insert a disk on the player, at first you suspect that it’s a problematic OS, the CD/DVD player is problematic or the system is infected with a virus.

Before you spent hours in troubleshooting the problem, I suggest that you try replacing the power supply of your system, I have encounter a few problems of this kind that point to a problematic power supply unit(on other cases Windows hang-up or system keeps on resetting), especially if it is a not a branded one.

The explanation maybe to the problem, is that power supply unit cannot meet the needed current supply of the CD/DVD player, when it tries to initialize. That is why I mentioned on my other post regarding how valuable to spent a few bucks in purchasing a branded a power supply unit for your CPU

July 22, 2009

LAN connection is ok, but cannot browse the net

Just recently I encounter a system that cannot browse the internet. It was a tricky problem because LAN connection status is ok and it responds properly when you ping the router.

The system is not infected with a virus; I even try to install another Mozilla web browser but the problem still the same. The next thing comes on my mind is that Windows has problem and that hard drive has to be reformatted to restore its internet browsing capability.

But reformatting one’s hard drive is a tedious task when you have important data and applications installed on it. So I tried to find another way to solve the problem by installing another LAN card on the system, hoping that it’s just a problematic one, and true to my suspicion the system can now access the net.

But the story did not end there, because the original LAN card device that I thought is problematic is not really problematic, I tried to remove/uninstall the LAN device on the device manager, redetect it and reload a new driver, system now browsing the internet properly. Maybe, it is just a problematic device driver that causing it all. Whatever the cause it maybe, I am happy because I was able to save the hard drive from reformatting.

July 21, 2009

A problematic PCI slot

I was installing an old but working internal MODEM card on a new Pentium 4 LGA775 CPU unit, the brand of the motherboard is an ECS with 2 PCI slot. When I installed the MODEM card on the first slot Windows did not detect it, I turned off the unit and unplugged the MODEM card and re-socket it again on the same slot, and still Windows was not able to detect the new device.

I started to suspect that the MODEM card is defective considering that it was not new. And to prove my suspicion I install the MODEM card on the other PCI slot and to my surprise the device was now detected by Windows and it functions normally. My suspicion was wrong for it was cause by a problematic PCI slot.

Unusual problems in one’s PC occurs sometime, just be patient in troubleshooting a particular case, once in a while a particular PC problem came from a less expected device or software.

Until on my next post!

July 20, 2009

" It's good to be back "

After more than a year of inactivity of my blog, I am officially announced my comeback, my readers will now continue to know different solutions in solving one's PC problem plus I will post some general information on different IT related stuff.The readers can now discover some of the unusual PC problems I encountered at my work ,I hope you will be a regular visitor on my blog.