A new virus and free/sharware software for something internet related

Search the Internet to find a "new" virus. Tell me about the virus, what is does, and more importantly, how to remove it. Don't use technical terms, I can look that up myself. Tell me like you are telling your mother to watch out for it and once she got it, how to remove it.

Also, use the Internet to find a free OR shareware software that is either used for FTP, mail or something Internet related. Give me a link and describe what it does, how you would use it and if you think it is worthwhile.

There was a new virus discovered on November 10, 2008 called Infostealer.Keylog.KU. It is also known as Troj/Keylog-KU. The Trojan attempts to lower security settings by disabling the registry editor and the taskmanager. This virus is a keylogger, what a keylogger can do is allow someone on a remote computer to "see" what you are typing as you type it. These are used by criminals to steal personal information and passwords off of someone elses computers.

This is a "Trojan", a Trojan type virus comes in with something down loaded off the internet like an Mp3 or other software. Emails are also a popular way that Trojans get into your system. You might get an email saying click here for a cute screensaver, the The trojan is embedded into the screesaver program that you downloaded, and once you run the program, it opens and releases the Trojan.

The best way to remove a Trojan is not to ever get one. It is best to have a good virus program that has a real time scan of your internet activity and email server, have your firewall settings set on and disable autoplay so if you accidentally get a virus it wont "self execute." Avast anti virus is one such program and it is free to home users. But if you have already been infected with this or another Trojan, the best way to remove it is to run your anti virus file scanner and allow it to remove it, or if you can use "Restore Point" in Windows 9x and above to restore your computer to earlier settings and then run your virus scan.

Technical stuff from Symantec.com: Infostealer.Keylog.KU

Discovered: November 10, 2008

Updated: November 10, 2008 5:33:31 PM

Also Known As: Troj/Keylog-KU [Sophos]

Type: Trojan (This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted.)

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP

When the Trojan is executed, it copies itself to the following location:
%System%\scvhost.exe

Next, the Trojan creates the following registry entries so that it executes whenever Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runservices\"SCVHOST" = "%System%\scvhost.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"SCVHOST" = "%System%\scvhost.exe"

It may steal confidential information from the compromised computer.

The Trojan attempts to lower security settings by disabling the registry editor and the Taskmanager.
Retrieved November 25 from Symantec.com http://www.symantec.com/security_response/writeup.jsp?docid=2008-111017-2529-99&tabid=2

A nice FREE FTP client/and or FTP server is available from FileZilla.org.
FTP stands for "File Transfer Protocol" An FTP client allows you to upload your files directly to an internet "host", a place to store your web pages or blog or what ever and where ever you see a web page. An FTP server also allows you to upload these files to a host, but they also allow others who know your IP address to down load your files that you have given them permission to, on to their computer.
This program is a must if you have your own website and domain and want fast and direct access for uploading those files. The interface at first looks a little complicated but doesn't take long to get used to. This is really the best FTP program I personally have ever used. There is a screen shot below showing the interface.

The review from CNET's Download.com is below:

"The straightforward interface offers translations in most of the world's major languages. Caching directories speeds up browsing FTP sites, and multiple secure connection options ensure that you can move files around without concern. Bookmarking comes in two flavors: the Site Manager for all your major FTP locations, and QuickConnect for fast switching on the fly.

The program lets you download or upload multiple files at once from and to several servers. If your bandwidth is somewhat limited, you'll appreciate a feature that lets you automatically adjust transfer speeds based on the time of day or date. FileZilla also lets you browse FTP sites mid-transfer. The lack of a task scheduler is compensated for, in our eyes, by a powerful filter so you only see the files you need."

Retrieved November 25, 2008 from Download.com http://www.download.com/FileZilla/3000-2160_4-10308966.html?cdlPid=10898944

From Textbook: Page 836 Answer questions 1, 6, 12, 18, and 27

1)What are the three core components of Windows 9x/Me?

1. The Kernel, which handles basic OS functions such as managing memory, file I/O and loading and executing programs
2. User, (not THE user, but User32.dll and User.exe) which controls the mouse, keyboard, ports, and desktop.
3. GDI or graphics device interface. Draws screens, graphic and lines and manages printing.
   

6)What are the log files Setuplog.txt, Detlog.txt, and Detcrash.log used for?
They are used during the installation process for Windows 9x/Me

1. Setuplog.txt is a hidden text file that Setup uses to recover from a crash during installation. It would have stored the data from how far the system got before the crash.
2. Detlog.txt is a text file that records information so that THE user, can see the record of hardware detected during startup by the computer.
3. and Detcrash.log is a binary file that Setup uses to help recover from a crash caused by a hardware problem.
   

12)Explain the purpose of the System Configuration Utility. How would you use it in troubleshooting? The System Configuration Utility (Msconfig.exe) reduces the startup process to the bare minimum essentials. By using this utility to add start up items back one at a time until your computer occurs again, the source of the problem will be related to the last item you added back on. You can then focus on finding your problem with that item and fixing it.

18)List the five phases of the Windows 9x/Me boot process and give a short description of each.
Phase:

1. Startup BIOS Bootstrap and POST: BIOS begins by performing POST (power on self test) then it examines the devices on the system to determining which ones are PnP compliant, it enables the devices that are not and then gives the remaining resources to the ones that are. It looks to permanent RAM to see if information about the PnP's are stored there and saves it for Windows to use later on for hardware configuration. BIOS then looks for a device with the OS, hard drive, floppy etc. Then the Bootstrap loader program is executed and it looks for the initial hidden file of Windows Io.sys to load it.
2. DOS drivers and TSRs are loaded, Io.sys creates a real-mode operating system environment. It checks Msdos.sys for boot parameters then Io.sys loads the drivers Himem.syus, Ifshlp.sys, Setver.exe, and Drvspace.bin.
3. Real mode VxDs are loaded and then Io.sys gives control to the Virtual Machine Manager (VMM) the VxDs, or virtual device drivers, create and manage virtual machines to provide access to hardware for software running in the VM.
4. Protected mode switchover and PnP configuration. Vmm32.vxd switches to protected mode and loads Configuration manager, it configures legacy and PnP devices. It uses any information that PnP BIOS might have left for it and loads the 32-bit dynamic device drivers (VxDs) for the PnP devices.
5. Loading the remaining components. With Wmm32.vxd still in control, the three core components are loaded, then the fonts and other associated resources are loaded, Win.ini is checked and commands stored there are executed to allow backward compatibility, the shell and user desktop are loaded and finally any processes stored in startup are preformed.
   

27)Name two ways to end an application that is hung without rebooting the PC.
You can press ctl +alt+del to bring up the close program dialogue box, click on the program that is not responding and click then click on "end program", if that doesn't work you can use the end program box to shut down everything else running on the computer to free up resources. Sometimes you can also manage to right click on the program's icon in the task bar and click close, this will bring up the "this program is not responding" message and allow you to click on "end task" from there.

Resesach as to why ME was such a bad OS and what some of the problems were.

Many users of Windows ME or "Millennium Edition", complained about frequent system crashes and freezes. There were lots of problems reported with the system restore also. It would sometimes restore viruses that had been removed by the user and it had a bug that if you created a system restore point after September 2001, it couldn't always find it and would cause System Restore to fail.
Many users also complained that Microsoft removed access to real mode DOS and DriveSpace Support for hard disk drives.
Researched at Wikipedia.org:
Windows Me: New and Updated Features

PC World.com ranked Windows ME as the 4th worst technical product ever in their list of the 25 worst:

"# 4 This might be the worst version of Windows ever released--or, at least, since the dark days of Windows 2.0. Windows Millennium Edition (aka Me, or the Mistake Edition) was Microsoft's follow-up to Windows 98 SE for home users. Shortly after Me appeared in late 2000, users reported problems installing it, getting it to run, getting it to work with other hardware or software, and getting it to stop running. Aside from that, Me worked great.

To its credit, Me introduced features later made popular by Windows XP, such as system restore. Unfortunately, it could also restore files you never wanted to see again, like viruses that you'd just deleted. Forget Y2K; this was the real millennium bug."
Retrieved from:
PC World 25 Worst Tech Products Of All Time

Some of the features from ME that we still use in XP and Vista are:
* System Restore function
* A new TCP/IP stack
* Windows Media Player 7 (11 now)
* Internet Explorer 5.5 (7. something, LOL, I use firefox)
* Movie Maker application for recording, editing, publishing, and organizing audio and video content

The Question this week is "What is Linux and who would use it?"

Linux is a "user friendly" version of the UNIX operating system.
UNIX was originally developed about 30 years ago and was used primarily as a research operating system in universities, as companies in the 80's began developing high powered work stations, they each developed their own versions of UNIX. This made a unified sale of UNIX hard. Microsoft developed Windows NT to answer this problem. NT offered most of the same features of UNIX but was compatible with all Windows applications. Windows became the leader in the OS world so to speak.
Linux was developed by Linus Torvalds based on UNIX but more user friendly. It is an open source operating system that is free, unlike Windows which can be expensive and had a lot of bugs until the XP verision, LOL. It seems Vista does too. Open source means you can get into the code and modify things yourself, as well as being free.

See: http://computer.howstuffworks.com/question246.htm for more details

The "who" would use it can include: people who want to experiment with their operating system, or need a great deal of control over their operating system and people with PC's who have personal problems with Microsoft and their dominance over the operating system world.

Below is a screenshot of a workstation using Linux