Welcome My Technology Blog!: September 2011

Friday, September 30, 2011

Computer Safety

Computers and there Security

CONTENTS

• How to determine whether your computer is infected with a computer virus, a worm, or a trojan

• How to recover from an infection

• How to prevent future infections from a computer virus

What is a computer virus?

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk.

Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail attachment. Computer viruses can be disguised as attachments of funny images, greeting cards
, or audio and video files. Computer viruses also spread by using downloads on the Internet. Computer viruses can be hidden in pirated software or in other files or programs that you may download.

Symptoms of a computer virus

If you suspect or confirm that your computer is infected with a computer virus, obtain the current antivirus software. The following are some primary indicators that a computer may be infected:

• The computer runs slower than usual.
• The computer stops responding, or it locks up frequently.
• The computer crashes, and then it restarts every few minutes.
• The computer restarts on its own. Additionally, the computer does not run as usual.
• Applications on the computer do not work correctly.
• Disks or disk drives are inaccessible.
• You cannot print items correctly.
• You see unusual error messages.
• You see distorted menus and dialog boxes.
• There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension.
• An antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.
• An antivirus program cannot be installed on the computer, or the antivirus program will not run.
• New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs.
• Strange sounds or music plays from the speakers unexpectedly.
• A program disappears from the computer even though you did not intentionally remove the program.

Note : These are common signs of infection. However, these signs may also be caused by hardware or software problems that have nothing to do with a computer virus. Unless you run the Microsoft Malicious Software Removal Tool, and then you install industry-standard, up-to-date antivirus software on your computer, you cannot be certain whether a computer is infected with a computer virus or not.

Symptoms of worms and trojan horse viruses in e-mail messages

When a computer virus infects e-mail messages or infects other files on a computer, you may notice the following symptoms:

• The infected file may make copies of itself. This behavior may use up all the free space on the hard disk.
• A copy of the infected file may be sent to all the addresses in an e-mail address list.
• The computer virus may reformat the hard disk. This behavior will delete files and programs.
• The computer virus may install hidden programs, such as pirated software. This pirated software may then be distributed and sold from the computer.
• The computer virus may reduce security. This could enable intruders to remotely access the computer or the network.
• You receive an e-mail message that has a strange attachment. When you open the attachment, dialog boxes appear, or a sudden degradation in system performance occurs.
• Someone tells you that they have recently received e-mail messages from you that contained attached files that you did not send. The files that are attached to the e-mail messages have extensions such as .exe, .bat, .scr, and .vbs extensions.

Symptoms that may be the result of ordinary Windows functions

A computer virus infection may cause the following problems:

• Windows does not start even though you have not made any system changes or even though you have not installed or removed any programs.
• There is frequent modem activity. If you have an external modem, you may notice the lights blinking frequently when the modem is not being used. You may be unknowingly supplying pirated software.
• Windows does not start because certain important system files are missing. Additionally, you receive an error message that lists the missing files.
• The computer sometimes starts as expected. However, at other times, the computer stops responding before the desktop icons and the taskbar appear.
• The computer runs very slowly. Additionally, the computer takes longer than expected to start.
• You receive out-of-memory error messages even though the computer has sufficient RAM.
• New programs are installed incorrectly.
• Windows spontaneously restarts unexpectedly.
• Programs that used to run stop responding frequently. Even if you remove and reinstall the programs, the issue continues to occur.
• A disk utility such as Scandisk reports multiple serious disk errors.
• A partition disappears.
• The computer always stops responding when you try to use Microsoft Office products.
• You cannot start Windows Task Manager.
• Antivirus software indicates that a computer virus is present.

How to remove a computer virus

Even for an expert, removing a computer virus can be a difficult task without the help of computer virus removal tools. Some computer viruses and other unwanted software, such as spyware, even reinstall themselves after the viruses have been detected and removed. Fortunately, by updating the computer and by using antivirus tools, you can help permanently remove unwanted software.

To remove a computer virus, follow these steps:

1. Install the latest updates from Microsoft Update on the computer.
2. Update the antivirus software on the computer. Then, perform a thorough scan of the computer by using the antivirus software.

How to protect your computer against viruses

To protect your computer against viruses, follow these steps:

1. On the computer, turn on the firewall.
2. Keep the computer operating system up-to-date.
3. Use updated antivirus software on the computer.
4. Use updated antispyware software on the computer.

Hope You Found that Useful Now dont Forget to Comment. Thanks

Wednesday, September 28, 2011

Difference Between 32-bit & 64-bit Windows?

Think of your computer as a series of tubes that can either be 32 or 64 bits wide. When you have the smaller 32-bit size, there is more potential for bottlenecks to occur. Bottlenecks slow down your system because one process has to wait for another to finish before it can begin. But if you want to have 64-bit wide tubes, your computer needs to be thinking in 64-bit so your software and hardware all need to support 64-bit.

If you do not know the difference between 32-bit and 64-bit, I would have told you in the past that you are running a 32-bit version of Windows. But now with Windows 7 I am seeing more and more 64-bit operating systems shipped by default without the end users knowledge. Don’t get me wrong, a 64-bit system is better but you also need to be running 64-bit programs and have a 64-bit processor or else all the trouble of setting up the 64-bit operating system would be worthless.
On a 32-bit operating system, you are restricted to a maximum of 4 gigabytes of RAM. On a 64-bit operating system, you really do not have a limit. Let’s look at Wikipedia and find out the maximum amount of RAM for a 64-bit operating system:

2⁶⁴ addresses, equivalent to approximately 17.2 billion gigabytes, 16.3 million terabytes, or 16 exabytes of RAM.

That is a huge amount of RAM! Normally when you exhaust your physical RAM on a 32-bit system, it has to use virtual memory or hard disk space to pick up the slack. On a 64-bit system, you can install as much RAM as you can to cover your overhead. From here on, 32-bit operating systems will be referred to as x86 and 64 bit operating systems as x64. You can tell what you are running by right clicking on My Computer and choosing Properties. Below is a shot of a 64-bit machine using 12GB of memory.

difference between 32 bit and 64 bit windows

And in this shot, we see a 32-bit machine trying to use 7GB of RAM.. Not going to happen!

If you are running 3D modeling systems or AutoCAD systems, you can benefit from a x64 bit architecture but remember, you need to be running ALL x64 applications, print drivers and anything else you are setting up on your system to realize its full potential. Not all programs have been created for x64 yet and you will find yourself installing applications to your Program Files x86 directory. On a x64 machine, you will have two Program File directories — one for 32-bit and one for 64-bit applications.
So after reading through that and you still want to run a x64 operating system, you will need to make sure your processor supports x64. Most new servers and new computers bought this year or beyond will support x64 but you will still need to check. Here are some facts you should know:

Almost all new servers sold within the last two years from AMD or Intel will have x64 capability.
Most mid- to high-end desktop processors from AMD or Intel within the last year have x64 capability.
Some higher-end Semprons have x64; lower-end Semprons do not.
No AMD Durons have x64.
All AMD Opteron processors have x64.
All AMD X2, FX, and Athlon64 chips have x64.
All Intel Pentium D and Celeron D chips have x64.
All AMD Turion notebook processors have x64.
All Intel Core 2 processors (mobile, desktop, and server) have x64.
No Intel Core Duo notebook processors have x64
No Intel Pentium M notebook processors have x64.

If you are running a server that has all its hardware and software certified for x64, then you should install the 64-bit version but beware of device drivers and any 32-bit environments because if I used the word difficult it would be an understatement!

DNS proxying through SOCKS5

This step is optional, but since we are going to be proxying the data over the ssh tunnel then we should also proxy the DNS requests as well. The purpose of this exercise is to get to a site we might not otherwise be able to retrieve or just to anonymize our browsing from your location. If we tunneled our data through ssh and then asked the local DNS server for the ips it would defeat the purpose. So, add a boolean option into the URL "about:config" page in Firefox. Name the entry "network.proxy.socks_remote_dns" and set it to true.
This method will only take affect if you use the SOCKS5 proxy method. If you are proxying using the squid method (HTTP/SSL Proxy) you could always check if you can query another, independent DNS server like OpenDNS.

##Preference Name                 Status     Type      Value
  network.proxy.socks_remote_dns  user set   boolean   true

Making the ssh tunnel

Lastly, we need to start the ssh tunnel. You have two choices depending if you want the packets to be forwarded to squid on the remote machine or not.

Option 1: ssh and direct connect (SOCKS5) : The following line will start the ssh client and connect to username@remote_machine.com. Port 8080 on localhost (127.0.0.1) will listen for requests and send them to the remote machine. The remote machine will then send the packets out as if they originated from itself. The ssh options are in the man page of ssh, but to summarize them in order: Compression, SSH2 only, Quite, Force pseudo-tty allocation, Redirect stdin from /dev/null, and Place the ssh client into "master" mode for connection sharing.
ssh -C2qTnN -D 8080 username@remote_machine.com
Option 2: ssh to squid proxy (HTTP/SSL Proxy) : The following line will also start the ssh client and connect to username@remote_machine.com. Port 8080 on localhost (127.0.0.1) on the current machine will listen for requests and ssh tunnel them to the remote machine. On the remote machine ssh will forward the packets to localhost port 2020. If squid is listening on localhost port 2020 on the remote machine then all requests sent though the ssh tunnel will then be forwarded to squid. You can use squid to block ads and speed up web access. If you need assistance with squid, check out the Calomel.org Squid "how to" page.
ssh -C2qTnN -L 8080:localhost:2020 username@remote_machine.com

Testing the ssh tunnel

Once you execute the ssh line the encrypted and compressed ssh tunnel will be active in the xterm. We used the "quite" options in ssh so there will not be any logging or output to the terminal.
Make sure Firefox is working by checking the proxy is active and then try to go to a web page. You can also try a site like WhatIsMyIp.com to verify the ip you have with the proxy is different than without.
If everything is working then you can be assured that all of your browsing traffic is being encrypted through the tunnel and no one at your current location will be able to see your traffic over the network.
Once you are done with the proxy just exit the ssh xterm or kill this instance of ssh with Ctrl-c. Remember to set Firefox back to "Direct Connection" if you want to directly browse from your location otherwise you will not be going anywhere.

Configure Firefox for the proxy

You need to configure Firefox to use the proxy. Find the section to add a proxy to the browser. On *nix systems of Firefox you will find the settings in File, Preferences, Advanced, Network, Settings. The setting by default is "Direct Connection to the Internet". We need to setup the "Manual proxy configuration".
You have two(2) options to pick from. You can proxy directly to the remote machine and then connect directly to web sites. This is the SOCKS5 method and is the easiest to setup. Or, you could use a Squid web proxy (if available) on the remote machine to accept the traffic from the ssh tunnel. Squid would then request the traffic from web sites. Pick one of the options below.

NOTE: For our example, ssh is going to listen on localhost (127.0.0.1) and port 8080 of the local machine.
Option 1: ssh and direct connect (SOCKS5) : If you are going to use the ssh tunnel with the option "-D 8080" then you need to setup the browser to use a SOCKS5 proxy. Setup the proxy config page with the following entries and leave the rest of the entries blank.

Manual proxy configuration:
  SOCKS Proxy  127.0.0.1  Port 8080
  check the box for "SOCKS v5"

Option 2: ssh tunnel to squid proxy (HTTP/SSL Proxy) : If you are going to use the ssh tunnel with the option "-L 8080:localhost:2020" to connect to the remote machine's Squid proxy then configure the browser to use a HTTP/SSL proxy. Setup the proxy config page with the following entries and leave the rest of the entries blank.

Manual proxy configuration:
  HTTP Proxy:  127.0.0.1  Port 8080
  SSL Proxy :  127.0.0.1  Port 8080

Do you have any recommended modifications for Firefox in "about:config" ?

Do you have any recommended modifications for Firefox in "about:config" ?

More open proxy connections: When you use a proxy, Firefox limits the amount of concurrent open connections to 8. This is too small for most users as many people open multiple tabs to many sites. When more then 8 connections are made the browser seems to be "stuck" because Firefox will wait till an open connection is closed before making a new one. To avoid this problem it is highly suggested to increase the persistent connections value from 8 to 25.
network.http.max-persistent-connections-per-proxy 25 

Turn off pop-up tips: If you are annoyed by pop up text when your mouse hovers over a web element you can turn that function off.
browser.chrome.toolbar_tips  false 

No animations: Stop all animated gifs and pictures like ads and annoying dancing cartoons characters.
image.animation_mode  none 

No blinking text: Blinking text is annoying. Webmasters should not use it. In case they do, we will disallow the function in the browser.
browser.blink_allowed  false

Parallel connections: An easy way to speed up Firefox is to increase the amount of parallel connections the browser makes to the server. Open up Firefox and type in "about:config" in the URL. Then search for the string "conn" You should see the following entries listed. Modify them as follows:
network.http.max-connections                        25
network.http.max-connections-per-server             25
network.http.max-persistent-connections-per-proxy   25
network.http.max-persistent-connections-per-server  25 

It is _not_ recommended to use more then 25 parallel connections due to abuse of the remote server and concurrency bottlenecks on the local system. Understand that if you have a slow system then more parallel connections can actually slow the browser down considerably. Also, if you try to open too many connections to a server then that server many consider you hostile and block or blacklist you.

Pipelining Enabled: The fastest and most efficient way to implement a browser is to use pipelining. This is where a single persistent connection is used, but instead of waiting for each response before sending the next request, several requests are sent out at a time. This reduces the amount of time the client and server are waiting for requests or responses to cross the network. Pipelined requests with a single connection are faster than multiple HTTP/1.0 requests in parallel, and considerably reduce the number of packets transmitted across the network. Apache supports both HTTP/1.0 keep-alive and HTTP/1.1 persistent connections. Pipelining is implement entirely at the browser end if supported by the remote web server, using persistent connections.

To enable pipelining in Firefox browser goto the url about:config . Then search for "pipe" and set the following:
network.http.pipelining              true
network.http.pipelining.maxrequests  8
network.http.pipelining.ssl          true
network.http.proxy.pipelining        true 

TLSv1 with AES256, AES128 and 3DES 168 Only: When connecting to SSL based servers (https) you only want to use the strongest ciphers available. Most web server admins can setup their servers to prefer weak ciphers over strong ciphers for any reason; sometimes they want a less CPU intensive encryption or perhaps they just configured the server wrong. Even Google's encrypted pages prefer RC4 instead of AES and this is not our idea of good security. We want to make sure that our version of Firefox only uses AES 256 bit, AES 128 bit or 3DES 168 bit ciphers.

Open up a window and type "about:config". Then in the "Filter" bar at the top search for the following. Double clicking on each line will change the value.

tls and set the lines to true.

ssl2 and set every line entry to false.

ssl3 and set every line to false _except_ lines containing the strings "aes_256" and "aes_128".

security.ssl3.rsa_des_ede3_sha and set it to true. This is the weakest cipher and may be needed for some older SSL sites.

Now your browser will _only_ accept the TLSv1 protocol in AES256 bit cipher encryption no matter what previous weaker ciphers a web server prefers. This configuration also makes your browser FIPS 120-2 compliant (year 2030 specs).

Is there any way I can switch proxies faster?

There are add-ons, also called extensions, for Firefox called FoxyProxy or SwitchProxyTool you can use. They offer the ability to setup multiple proxy settings and choose the one you want, or turn them off, using a drop down menu.

I noticed you use compression in the ssh tunnel proxy. Why?

The majority of the data you are retrieving using the browser is text or HTML data. This type of data compresses very well at up to 80%. Using compression in the tunnel will speed up the delivery of the data considerably.

Best Free Antivirus Software

Introduction

Antivirus software provides an essential layer of protection from a multitude of virus, trojan, worm, spyware, adware, dialer, keylogger and rootkit infections. Traditionally antivirus programs just detected viruses and spyware removers just detected spyware but nowadays the boundary between antivirus and spyware removers is unclear. Most current antiviruses have at least reasonably good detection rates of all forms of malware.

Malware includes viruses, trojans, worms, spyware, adware, dialers, keyloggers and rootkit threats that perform malicious activities on a computer. With the huge increase in malware, antivirus software cannot keep up with detecting all of it. But using more than one real-time antivirus uses much more system resources, can cause conflicts and even reduce protection. So I recommend you only choose one antivirus for real-time protection. Instead, you can increase your protection using other security software.
I looked at several free antivirus programs which are vital in protecting your computer from virus threats and other types of malware.

Antivirus List :

Avast! Free Antivirus is my new top pick for the best free antivirus software in light of recent developments. Avast has steadily been improving its detection rates over the past few years and now ranks with the some of the best.
Avast has the most features of all the free antivirus with full real-time capabilities including web, e-mail, IM, P2P and network shields, boot-time scanning, and a behavioural blocker. The new version 6 brings even more features including an internet site ratings plugin, script malware protection and a limited (non-configurable) sandboxing feature. Although the sandbox is a very useful semi-automated security feature, the default settings involves a pop up to ask whether a software should be sandboxed for not - for the typical average user this can be slightly confusing though it can set to sandbox the software automatically. Lastly Avast is also light on resources.

Microsoft Security Essentials is a favorite of mine with great detection rates, particularly for rootkits. Even more impressive is that Microsoft Security Essentials has very few false positives, is light on resources and is good at removal of existing malware.
MSE is a great choice for average users because of the minimal user interaction required. It automatically updates and removes threats. No registration is needed, apart from a quick validating of Windows, and there are no nag screens or advertisements.
The main downsides are the slow scan speeds and the lengthy amount of time it takes to quarantine malware, though in my opinion these are rather trivial concerns, as for example a scan just be run overnight. MSE also is not available in certain countries so users there will have to look elsewhere. Note that Microsoft Security Essentials requires a genuine copy of Windows to install.

Panda Cloud Antivirus is Panda's successful attempt to jump on the free antivirus bandwagon. Along with MSE, it is an excellent choice for average users with a simple interface and completely automated features with automatic updating and removal of malware. The detection level is generally very high, but according to the latest test data, detection of zero day threats is slightly lower. PCA uses 'cloud' technology to provide for a much quicker release of updates as all definitions are stored in the cloud and thus the moment Panda updates their blacklist all users of PCA with an internet connection are protected from it.

Panda Cloud Antivirus has a behavioural blocker and web protection, which will certainly increase your security. However as you can simply use one of the other free AV's with a separate behavioural blocker (for further details see our Security Wizard) to achieve possibly even better protection, this is not necessarily an advantage.
One minor reservation I have is that PCA seems to erroneously detect certain browser/system-related applications, for example VideoCacheView, and because of the automatic quarantine this made it a fraction bothersome.

Avira AntiVir Personal Edition is another high quality free antivirus, and formerly the Top Pick. The primary reason I removed it from its status involved the recent controversy of AntiVir including a re-branded Ask toolbar in their installer, and a temporary spate of advertisements promoting a possible 'scareware' company. In spite of the negative press though AntiVir is still a top notch antivirus scanner with outstanding detection rates of malware, higher than almost every other antivirus according to tests. AntiVir is still a good choice for a free antivirus scanner, particularly for high risk users.

However, there are some minor reservations. First, AntiVir does not include web or e-mail scanning capabilities; this is only available in the paid version. The lack of an e-mail scanner is not a disadvantage, it just means that AntiVir won't warn you of infected emails before you open them. But should you open an infected email, AntiVir will still spring into action, so it doesn't mean that you're not protected from email-based infections. Also, AntiVir contains a rather intrusive advertisement every time it updates. Although AntiVir had signature updating problems in the past, this issue seems to be fixed now.

AVG Anti-Virus Free Edition is also a decent choice for a free antivirus. Although this venerable antivirus has had some shaky results in detection in the recent past, it now offers a high level of protection. This is probably due to the inclusion of a fully-fledged behavioural blocker that is the "Identity Protection" protection. This provides a very important additional layer of protection, on the other hand though a similar protection level can be achieved by using one of the free antivirus above alongside a separate behavioural blocker. Unfortunately AVG free has grown considerably in size, has very slow scan speeds and also advertisements (but they can be disabled).

These free antivirus programs are excellent software that provide a real alternative to the major commerical antivirus products.

I'll just give a quick mention of several excellent on-demand antivirus scanners:

I'll also mention several popular free antivirus programs which I considered but did not include in the review because of low detection rates.

You can increase your protection if you run on-demand scans with another antivirus. On-demand scans can be run regularly to check for viruses, trojans, worms, spyware, adware, keyloggers, rootkits and other malware that may have been missed by your main antivirus scanner. If you have a good preventive security strategy in place, however, the extra protection an on-demand antivirus scanner offers is minimal.

Windows 7 system requirements

If you want to run Windows 7 on your PC, here's what it takes:

1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
16 GB available hard disk space (32-bit) or 20 GB (64-bit)
DirectX 9 graphics device with WDDM 1.0 or higher driver

Additional requirements to use certain features:

Internet access (fees may apply)
Depending on resolution, video playback may require additional memory and advanced graphics hardware
Some games and programs might require a graphics card compatible with DirectX 10 or higher for optimal performance
For some Windows Media Center functionality a TV tuner and additional hardware may be required
Windows Touch and Tablet PCs require specific hardware
HomeGroup requires a network and PCs running Windows 7
DVD/CD authoring requires a compatible optical drive
BitLocker requires Trusted Platform Module (TPM) 1.2
BitLocker To Go requires a USB flash drive
Windows XP Mode requires an additional 1 GB of RAM and an additional 15 GB of available hard disk space.
Music and sound require audio output

Product functionality and graphics may vary based on your system configuration. Some features may require advanced or additional hardware.

PCs with multi-core processors:
Windows 7 was designed to work with today's multi-core processors. All 32-bit versions of Windows 7 can support up to 32 processor cores, while 64‑bit versions can support up to 256 processor cores.

PCs with multiple processors (CPUs):
Commercial servers, workstations, and other high-end PCs may have more than one physical processor. Windows 7 Professional, Enterprise, and Ultimate allow for two physical processors, providing the best performance on these computers. Windows 7 Starter, Home Basic, and Home Premium will recognize only one physical processor.

Thursday, September 22, 2011

Types of Viruses

Introduction

There are thousands of viruses, and new ones are discovered every day. It is difficult to come up with a generic explanation of how viruses work, since they all have variations in the way they infect or the way they spread. So instead, we'll take some broad categories that are commonly used to describe various types of virus.

File Viruses (Parasitic Viruses)
File viruses are pieces of code that attach themselves to executable files, driver files or compressed files, and are activated when the host program is run. After activation, the virus may spread itself by attaching itself to other programs in the system, and also carry out the malevolent activity it was programmed for. Most file viruses spread by loading themselves in system memory and looking for any other programs located on the drive. If it finds one, it modifies the program's code so that it contains and activates the virus the next time it's run. It keeps doing this over and over until it spreads across the system, and possibly to other systems that the infected program may be shared with. Besides spreading themselves, these viruses also carry some type of destructive constituent that can be activated immediately or by a particular 'trigger'. The trigger could be a specific date, or the number of times the virus has been replicated, or anything equally trivial. Some examples of file viruses are Randex, Meve and MrKlunky.

Boot Sector Viruses
A boot sector virus affects the boot sector of a hard disk, which is a very crucial part. The boot sector is where all information about the drive is stored, along with a program that makes it possible for the operating system to boot up. By inserting its code into the boot sector, a virus guarantees that it loads into memory during every boot sequence. A boot virus does not affect files; instead, it affects the disks that contain them. Perhaps this is the reason for their downfall. During the days when programs were carried around on floppies, the boot sector viruses used to spread like wildfire. However, with the CD-ROM revolution, it became impossible to infect pre-written data on a CD, which eventually stopped such viruses from spreading. Though boot viruses still exist, they are rare compared to new age malicious software. Another reason why they're not so prevalent is that operating systems today protect the boot sector, which makes it difficult for them to thrive. Examples of boot viruses are Polyboot.B and AntiEXE.

Multipartite Viruses
Multipartite viruses are a combination of boot sector viruses and file viruses. These viruses come in through infected media and reside in memory. They then move on to the boot sector of the hard drive. From there, the virus infects executable files on the hard drive and spreads across the system. There aren't too many multipartite viruses in existence today, but in their heyday, they accounted for some major problems due to their capacity to combine different infection techniques. A significantly famous multipartite virus is Ywinz.

Macro Viruses
Macro viruses infect files that are created using certain applications or programs that contain macros. These include Microsoft Office documents such as Word documents, Excel spreadsheets, PowerPoint presentations, Access databases, and other similar application files such as Corel Draw, AmiPro, etc. Since macro viruses are written in the language of the application, and not in that of the operating system, they are known to be platform-independent they can spread between Windows, Mac, and any other system, so long as they're running the required application. With the ever-increasing capabilities of macro languages in applications, and the possibility of infections spreading over networks, these viruses are major threats.The first macro virus was written for Microsoft Word and was discovered back in August 1995. Today, there are thousands of macro viruses in existence-some examples are Relax, Melissa.A and Bablas.

Network Viruses
This kind of virus is proficient in quickly spreading across a Local Area Network (LAN) or even over the Internet. Usually, it propagates through shared resources, such as shared drives and folders. Once it infects a new system, it searches for potential targets by searching the network for other vulnerable systems. Once a new vulnerable system is found, the network virus infects the other system, and thus spreads over the network. Some of the most notorious network viruses are Nimda and SQLSlammer.

E-mail Viruses
An e-mail virus could be a form of a macro virus that spreads itself to all the contacts located in the host's email address book. If any of the e-mail recipients open the attachment of the infected mail, it spreads to the new host's address book contacts, and then proceeds to send itself to all those contacts as well. These days, e-mail viruses can infect hosts even if the infected e-mail is previewed in a mail client. One of the most common and destructive e-mail viruses is the ILOVEYOU virus. There are many ways in which a virus can infect or stay dormant on your PC.

However, whether active or dormant, it's dangerous to let one loose on your system, and should be dealt with immediately.

Tuesday, September 20, 2011

ALL Manual Internet Settings for Ugandan Mobile Networks.

Orange internet settings

Account name: Orange internet/wap
Homepage: http://m.orange.ug
Proxy address: 10.201.20.4
proxy port: 8080 or 9401 for old versions
Access point name: orange.ug

Warid uganda internet settings

Account name: warid gprs
Homepage: http://google.co.ug
Proxy address: 10.5.27.80
Proxy port: 8080
Access point name: wap.waridtel.co.ug

Mtn uganda internet settings

Account name: wap
Homepage: http://mtn.co.ug or mtn.co.ug/mobile
Proxy address: 10.120.0.138
Proxy port: 8080
Access point name: yellopix.mtn.co.ug
Choose Permanent for session mode if available

UTL internet settings

Account name: utl wap
Homepage: http://wap.google.com
Proxy address: 10.76.101.51
Proxy port: 8080
Access point name: utwap

Zain internet settings

Account name: zain configuration
Homepage: http://portal.zain.com
Proxy address: 192.168.100.10
Proxy port: 9401
Access point name: web.ug.zain.com/wap.ug.zain.com

***You could try playing around with ports you might just hit the jackpot and get a free pass***

Monday, September 19, 2011

Top 10 mobile antivirus for download

The world has come a long way from old-style telephones, which were little more than a speaker, a bell and a microphone connected to a wire. With the invention of Smartphone’s such as the iPhone and Blackberry, consumers are able to gain full access to the Internet and social networking sites such as Facebook and Twitter, as well as download files and applications onto the phone, such as music etc.
However, these trendy and modern phones come with a price, and many of us are not aware of the consequences if our mobile phones are not secured and protected from viruses.

Smartphone’s have become a busy hub for data, packed with its owner’s email details, contact numbers, passwords and sometimes credit card details. And on top of this many phones have global positioning device integrated that beams its location far and wide.
And all this trove of personal information is valuable for legitimate commercial companies and unwelcome intruders which is enough of a reason for you to consider mobile antivirus software. Charles Miller, the principle security analyst at Independent Security Evaluators in Baltimore, stressed that common sense is often the best defense against malicious attacks. “For ten years, people have been told all these things you should do to protect your computer; don’t click on links in emails and only go to sites you trust,” he said. “People tend to forget those when you are on your phone.”
And the solution to this problem is simple. Software companies have developed antivirus software for mobiles and Smartphone’s and the download is as simple as it would be on a PC.
So to give you a helping hand here is the Top Ten anti viruses for mobile phones.

AhnLab Mobile Security is the solution for viruses and worms protection that runs on Windows Mobile, Symbian and Palm OS.

Avast! PDA Edition is an anti-virus protection for PalmOS and Windows CE, Smartphone, and Pocket PC based devices. The package is developed by ALWIL Software Company

Avira AntiVir Mobile is a professional virus and malware protection for your pocket PCs and Smartphone. The software is published by a German anti-virus company, Avira GmbH. Users can get a 30 day free trial.

BitDefender Mobile Security provides permanent antivirus protection for mobile devices running Symbian or Microsoft Windows Mobile. Relying on the valuable BitDefender experience in fighting computer threats, BitDefender Mobile Security is a light, easy to use instrument that will keep your mobile device on the move.

BullGuard Mobile Antivirus is an easy-to-use and reliable solution that protects Pocket PCs and Smartphone’s from malicious programs, such as viruses, worms and Trojans, that target mobile platforms. Users get a 14 day free trial.

Dr Web Mobile Security Suite is an anti-virus security solution for Pocket PC that runs on Windows Mobile operating system. The package can be downloaded via the site and users can request for a free demo.

F-Secure Mobile Security is a completed mobile security software package which includes anti-virus, anti –spyware, a firewall and a remote control anti-theft feature for protection of the Smartphone and pocket PC. The package is a commercial version developed by F-Secure Corporation. Users can receive a 30 day trial period for free.

Kaspersky Mobile Security is a complete protection package for the Smartphone. The package includes anti-theft protection, virus protection, firewall and anti-spam for SMS, EMS and MMS.

Norton Smartphone Security is a well known antivirus package which includes anti-spam and firewall for Smartphone protection. The package is offered by Symantec.

ESET Mobile Antivirus, A fully integrated real time protection package against any malicious attacks to your Smartphone. Its On-Demand Scanning includes scanning of principle memory and portable memory media, full memory and running processes scan.

Specific folder scanning is also possible. Advanced On-Access protection offers effective scanning of all created/used files with enhanced virus detection capabilities and access time. Scanning of files incoming via wireless connections is covered (Bluetooth, Wi-Fi, Infrared). Like others it also provides SMS spam protection and a user friendly activity log.

Whatever mobile antivirus you go for a few extra tips to protecting your phone is to never accept any content on Bluetooth if you do not know the sender. Be very cautious when installing third party softwares such as games, ringtones, wallpapers, or theme-packs.

Wednesday, September 14, 2011

Short Poems By Ebiau Daniel 2011

Poem

Beautiful moon in the sky

Beautiful moon in the sky
When you go i feel like i wanna cry
Don't worry i will keep my eyes dry
I know when tomorrow comes you will still fly

Beautiful moon in the sky
Love come to my heart and i can not lie
You make my wishes come true though i don't know why
Today i will keep my head high
I will look you straight in the eye

Beautiful moon in the sky
Don't you ever pass me by
I may not look up everyday but you know i try
Not that am a spy
But the feeling is good and no other knows but I

Beautiful moon in the sky
Beautiful Moon in the sky
Day time comes and you are shy
Some times i talk to you and wish your reply
Beautiful Moon in the sky

Poem
The Morning Sun.

Early in the morning

You Splash Beautiful rays unto my face
You let me know there is so much I have got to chase
I get ready for everyday begins a new race
How i wish i could thank you with a Vase
Yesterday is gone and there is nothing I can Erase
So I will raise my head up high and take my place
Thanks to you The Morning Sun

Morning sun, Morning sun, morning sun
Today you have awaken me and I will make it fun
I will take everything slow and won't run
I know everything is will be better for you shine a ton
Every time you come I realize a new day has Begun
You are my number one
Morning sun, morning sun, morning sun

Thursday, September 8, 2011

CREATE ANTI VIRUS WITH NOTEPAD

There are simple ways to clean viruses in our computers. We can make your own antivirus with software built using the Windows named Notepad. Apart from minor product files, notepad can save files to a variety of other applications programs, such as html, java script and so on.

However, the virus that can be eliminated by our anti-virus is only a low level as macro viruses and an equal. For heavy virus, would have to use anti-virus that is more powerful. However, these tutorials can teach you the basic knowledge about how the anti-virus works.

Type the following code into Notepad:

@ echo off
echo off turn off the active virus
taskkill / F / IM virusname1.exe / IM virusname2.exe
echo Deleting all of viruses based on size
for / RC: \%% a in (*. exe) do if%% ~ za 157,184 equ del / A: HSRA "%% a"
echo deleting hidden virus
echo for drive c and subfolders
for / R C: \%% a in (*. doc.exe) do del "%% a"
echo for drive d and subfolders
for / R D: \%% a in (*. doc.exe) do del "%% a"
echo Unhide Document
cd / d c: \
echo for drive C and subfolders
*. doc attrib-H-S-A / S
cd / d d: \
echo for drive D and subfolders
*. doc attrib-H-S-A / S
exit

Save the file with bat extension, For example antivirus.bat. then go to command prompt and run the Notepad file

Monday, September 5, 2011

How To Secure Your Facebook Account In 5 Seconds

Want to keep your Facebook account safe from hackers? A little known feature in Facebook will help you stay on top of your Facebook account and everyone who’s accessing it. The feature, provides you with notifications every time a person accesses it from a new computer. You can receive both email and SMS notifications about the access. It’s a feature that Facebook doesn’t heavily broadcast, but it’s definitely useful. Here’s how to secure your account in 5 seconds.

Step 1

Log in to Facebook and simply click on the “Account” drop down in the top right corner of the site. Then click on “Account Settings” as pictured in the image below.

Step 2

After you are in your account settings, simply click on the “change” link directly next to “Account Security” toward the bottom of the page (as shown in the image below). From there you will be able to turn on notifications for each login that takes place from a new device.

You’re Done!

That’s it! You will now receive notifications every time someone logs in to your account from a new computer. Thanks a million for visiting my Blog feel free to leave a comment. Stay Blessed

Saturday, September 3, 2011

What do all these words mean? (seeding, uploading, share rating, etc.)

torrent: Usually this refers to the small metadata file you receive from the web server (the one that ends in .torrent.) Metadata here means that the file contains information about the data you want to download, not the data itself. This is what is sent to your computer when you click on a download link on a website. You can also save the torrent file to your local system, and then click on it to open the BitTorrent download. This is useful if you want to be able to re-open the torrent later on without having to find the link again.; In some uses, it can also refer to everything associated with a certain file available with BitTorrent. For example, someone might say "I downloaded that torrent" or "that server has a lot of good torrents", meaning there are lots of good files available via BitTorrent on that server.
peer: A peer is another computer on the internet that you connect to and transfer data. Generally a peer does not have the complete file, otherwise it would be called a seed. Some people also refer to peers as leeches, to distinguish them from those generous folks who have completed their download and continue to leave the client running and act as a seed.
seed: A computer that has a complete copy of a certain torrent. Once your client finishes downloading, it will remain open until you click the Finish button (or otherwise close it.) This is known as being a seed or seeding. You can also start a BT client with a complete file, and once BT has checked the file it will connect and seed the file to others. Generally, it's considered good manners to continue seeding a file after you have finished downloading, to help out others. Also, when a new torrent is posted to a tracker, someone must seed it in order for it to be available to others. Remember, the tracker doesn't know anything of the actual contents of a file, so it's important to follow through and seed a file if you upload the torrent to a tracker.
reseed: When there are zero seeds for a given torrent (and not enough peers to have a distributed copy), then eventually all the peers will get stuck with an incomplete file, since no one in the swarm has the missing pieces. When this happens, someone with a complete file (a seed) must connect to the swarm so that those missing pieces can be transferred. This is called reseeding. Usually a request for a reseed comes with an implicit promise that the requester will leave his or her client open for some time period after finishing (to add longevity to the torrent) in return for the kind soul reseeding the file.
swarm: The group of machines that are collectively connected for a particular file. For example, if you start a BitTorrent client and it tells you that you're connected to 10 peers and 3 seeds, then the swarm consists of you and those 13 other people.
tracker: A server on the Internet that acts to coordinate the action of BitTorrent clients. When you open a torrent, your machine contacts the tracker and asks for a list of peers to contact. Periodically throughout the transfer, your machine will check in with the tracker, telling it how much you've downloaded and uploaded, how much you have left before finishing, and the state you're in (starting, finished download, stopping.) If a tracker is down and you try to open a torrent, you will be unable to connect. If a tracker goes down during a torrent (i.e., you have already connected at some point and are already talking to peers), you will be able to continue transferring with those peers, but no new peers will be able to contact you. Often tracker errors are temporary, so the best thing to do is just wait and leave the client open to continue trying.
downloading: Receiving data FROM another computer.torrent
uploading: Sending data TO another computer.
share rating: If you are using the experimental client with the stats-patch, you will see a share rating displayed on the GUI panel. This is simply the ratio of your amount uploaded divided by your amount downloaded. The amounts used are for the current session only, not over the history of the file. If you achieve a share ratio of 1.0, that would mean you've uploaded as much as you've downloaded. The higher the number, the more you have contributed. If you see a share ratio of "oo", this means infinity, which will happen if you open a BT client with a complete file (i.e., you seed the file.) In this case you download nothing since you have the full file, and so anything you send will cause the ratio to reach infinity. Note: The share rating is just a number that is displayed for your convenience. It does not directly affect any aspect of the client at all. In general, out of courtesy to others you should strive to keep this ratio as high as possible, of course.
distributed copies: In some versions of the client, you will see the text "Connected to n seeds; also seeing n.nnn distributed copies." A seed is a machine with the complete file. However, the swarm can collectively have a complete copy (or copies) of the file, and that is what this is telling you. Referring again to the "people at a table" analogy (see What is BitTorrent?), consider the case where the book has 10 pages, and person A has pp.1-5 and B has pp.6-10. Collectively, A and B have a complete copy of the book, even though no one person has the whole thing. In other words, even if there are no seeds, as long as there is at least one distributed copy of the file everyone can eventually get a complete file. Meditate on this, the Zen of BitTorrent, grasshopper.
choked: This is a term used in the description of the BitTorrent protocol. It refers to the state of an uploader, i.e. the thread that sends data to another peer. When a connection is choked, it means that the transmitter doesn't currently want to send anything on that link. A BT client signals that it's choked to other clients for a number of reasons, but the most common is that by default a client will only maintain --max_uploads active simultaneous uploads, the rest will be marked choked. (The default value is 4 and this is the same setting that experimental client GUI lets you adjust.) A connection can also be choked for other reasons, for example a peer downloading from a seed will mark his connection as choked since the seed is not interested in receiving anything. Note that since each connection is bidirectional and symmetrical, there are two choked flags for each connection, one for each Tx endpoint.
interested: Another term used in the protocol specification. This is the corollary to the choked flag, in that interested refers to the state of a downloader with respect to a connection. A downloader is marked as interested if the other end of the link has any pieces that the client wants, otherwise the connection is marked as not interested.
snubbed: If the client has not received anything after a certain period (default: 60 seconds), it marks a connection as snubbed, in that the peer on the other end has chosen not to send in a while. See the definition of choked for reasons why an uploader might mark a connection as choked. The real function of keeping track of this variable is to improve download speeds. Occasionally the client will find itself in a state where even though it is connected to many peers, it is choked by all of them. The client uses the snubbed flag in an attempt to prevent this situation. It notes that a peer with whom it would like to trade pieces with has not sent anything in a while, and rather than leaving it up to the optimistic choking to eventuall select that peer, it instead reserves one of its upload slots for sending to that peer. (Reference)
optimistic unchoking: Periodically, the client shakes up the list of uploaders and tries sending on different connections that were previously choked, and choking the connections it was just using. You can observe this action every 10 or 20 seconds or so, by watching the "Advanced" panel of one of the experimental clients.

Friday, September 2, 2011

How to recover re-partitioned drive(s)? What is partition?

How to recover re-partitioned drive(s)?
What is partition?

To divide memory or mass storage into isolated sections. In DOS systems, you can partition a disk, and each partition will behave like a separate disk drive. Partitioning is particularly useful if you run more than one operating system. For example, you might reserve one partition for Windows and another for UNIX.

In addition, partitioning on DOS and Windows machines can improve disk efficiency. This is because the FAT/NTFS system used by these operating systems automatically assigns cluster size based on the disk size: the larger the disk, the larger the cluster. Unfortunately, large clusters can result in a wasted disk space, called slack space. There is an entire sector of the software industry devoted to building utilities that let you partition your hard disk, such as Fdisk, Partition Magic, EaseUS Partition Master.
Explanation

Use partition tools ( such as Fdisk, Partition Magic, EaseUS Partition Master) to repartition hard drives is a common occurrence but please take care if it is done incorrectly or problems on the hard disk exist, data will be lost.
Symptoms

Frequently when a repartition is attempted, the program will not terminate correctly, crash before it finishes. Due to corruption of the logical disk structure, this can be physical problems (e.g. bad sectors on the hard disk), incorrect software installation etc. Such as Partition Magic in the wrong operation, unexpected termination in resizing partition or program crash due to power error or more problems of the hard disks (e.g. due to bad sectors etc.). Where previously the computer would boot and be usable, systems often refuse to start and may produce the following error messages: (these errors are frequently displayed on a black screen with white text)

    No boot device
    Operating System not found
    Primary Hard Disk not found. Press F1 to Continue
    Master Boot Record Not Found
    Invalid or corrupt FAT
    Invalid partition table entries
    Invalid sector
    Cannot find file or program
    Invalid command.com
    Primary/Secondary Hard disk failure
    Non system disk
    Disk error

To recover re-partitioned drives please follow this procedure:

Recovery of data from re-partitioned hard drives is often complicated and time consuming.
To recover lost files from a Re-partitioned drives, follow these steps:

Tips: If you cannot boot the computer, please use data recovery bootable disk or connect the hard drive to another computer as slave to recover lost data.

1. Download EaseUS Data Recovery Wizard, install it and launch it. Click the "Partition Recovery" button on the main window of Data Recovery Wizard.

data recovery software

2. Select the file types you want to recover. Tick 'Search all lost files automatically' to find all lost file types. Tick 'Ignore bad sectors' to skip bad sectors when scanning.

Select file types

3. You can see the list of physical device(s) found on your computer.

4. Select the physical disk that contains the re-partitioned drive.

repartition recovery software

5. Click the "Next" and Data Recovery Wizard will automatically run Partition Recovery.

6. Data Recovery Wizard would start Quick Partition Searching to scan on the hard disk for all the lost partitions and would present the list of found partitions.

7. If Data Recovery Wizard could not find the partition that you want to recover, please tick the "Full Scan (If the partition is not found, please check it and click NEXT)" to scan the device again.

8. Ignore all the known or existing partitions and select the older partitions.

9. Click "Next" to begin building directory.

10. Select the file or directory that you want to recover and press the "NEXT" button.

11. Select the directory or file and press the "NEXT" button to save the data.

Caution: Saving file(s) to the partition or drive where you are recovering data, for it may result in overwriting data and permanent data loss!

Thursday, September 1, 2011

How to use a Proxy Server

How do I use a Proxy Server?

Please be aware that the use of proxy servers without the express permission from the owner of the proxy server may be illegal in some states and/or countries. Use at your own risk.

Use your favorite search engine and search for 'proxy server list'. You'll find many sites with lists of proxy servers, their IP address, the port they listen on, and usually what country they are in. Write down a few of them.

Proxy Types

You may see references to four different types of proxy servers:

Transparent Proxy

This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used for their ability to cache websites and do not effectively provide any anonymity to those who use them. However, the use of a transparent proxy will get you around simple IP bans. They are transparent in the terms that your IP address is exposed, not transparent in the terms that you do not know that you are using it (your system is not specifically configured to use it.)

Anonymous Proxy

This type of proxy server indentifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users.

Distorting Proxy

This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers.

High Anonymity Proxy

This type of proxy server does not identify itself as a proxy server and does not make available the original IP address.

Please make sure to read about anonymous proxy risks before using a proxy server.

If you need further assistance using proxy servers please post a Comment (question)

Browser Settings

The following are instructions to configure various browsers to use an http proxy server.

Internet Explorer 6

Netscape 8

Opera

Instructions for Internet Explorer 6.0

On the Tools menu in Internet Explorer, click Internet Options, click the Connections tab, and then click LAN Settings.
Under Proxy server, click to select the Use a proxy server for your LAN check box.
In the Address box, type the IP address of the proxy server.
In the Port box, type the port number that is used by the proxy server for client connections (by default, 8080).
You can click to select the Bypass proxy server for local addresses check box if you do not want the proxy server computer to be used when you connect to a computer on the local network (this may speed up performance).
Click OK to close the LAN Settings dialog box.
Click OK again to close the Internet Options dialog box.

Instructions for Firefox 3.0

Select the Tools Menu
Select Options
Select the Advanced Icon
Select the Network tab
Under connection select Settings
Under Settings you can chose "Auto-Detect Proxy setting for this network" or "Manual Proxy Configuration"
If choosing "Manual Proxy Configuration" Enter the IP address for the HTTP proxy server
Enter the port of the HTTP proxy server
Click Okay

Instructions for Netscape

Select the Edit Menu
Select Preferences
Maximize Advanced
Select Proxies
Choose Manual proxy configuration
Enter the proxy server's IP address in the HTTP Proxy field and the proxy's port into the corresponding Port field.
OK your way out

Opera 8.5

Select the Tools Menu
Select Preferences
Select Advanced Tab
Select Proxy Servers
Check the box next to HTTP
Enter the proxy server's IP address in the first box and the proxy's port in the box after "Port"
OK your way out

Safari 2.0.3

Select Preferences
Select Advanced
Select Proxies: Change Settings
Check the box next to Web Proxy (HTTP)
Enter the proxy server's IP address in the first box and the proxy's port in the box after the ":"
Select Apply Now