A new virus and free/sharware software for something internet related

Search the Internet to find a "new" virus. Tell me about the virus, what is does, and more importantly, how to remove it. Don't use technical terms, I can look that up myself. Tell me like you are telling your mother to watch out for it and once she got it, how to remove it.

Also, use the Internet to find a free OR shareware software that is either used for FTP, mail or something Internet related. Give me a link and describe what it does, how you would use it and if you think it is worthwhile.

There was a new virus discovered on November 10, 2008 called Infostealer.Keylog.KU. It is also known as Troj/Keylog-KU. The Trojan attempts to lower security settings by disabling the registry editor and the taskmanager. This virus is a keylogger, what a keylogger can do is allow someone on a remote computer to "see" what you are typing as you type it. These are used by criminals to steal personal information and passwords off of someone elses computers.

This is a "Trojan", a Trojan type virus comes in with something down loaded off the internet like an Mp3 or other software. Emails are also a popular way that Trojans get into your system. You might get an email saying click here for a cute screensaver, the The trojan is embedded into the screesaver program that you downloaded, and once you run the program, it opens and releases the Trojan.

The best way to remove a Trojan is not to ever get one. It is best to have a good virus program that has a real time scan of your internet activity and email server, have your firewall settings set on and disable autoplay so if you accidentally get a virus it wont "self execute." Avast anti virus is one such program and it is free to home users. But if you have already been infected with this or another Trojan, the best way to remove it is to run your anti virus file scanner and allow it to remove it, or if you can use "Restore Point" in Windows 9x and above to restore your computer to earlier settings and then run your virus scan.

Technical stuff from Symantec.com: Infostealer.Keylog.KU

Discovered: November 10, 2008

Updated: November 10, 2008 5:33:31 PM

Also Known As: Troj/Keylog-KU [Sophos]

Type: Trojan (This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted.)

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP

When the Trojan is executed, it copies itself to the following location:
%System%\scvhost.exe

Next, the Trojan creates the following registry entries so that it executes whenever Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runservices\"SCVHOST" = "%System%\scvhost.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"SCVHOST" = "%System%\scvhost.exe"

It may steal confidential information from the compromised computer.

The Trojan attempts to lower security settings by disabling the registry editor and the Taskmanager.
Retrieved November 25 from Symantec.com http://www.symantec.com/security_response/writeup.jsp?docid=2008-111017-2529-99&tabid=2

A nice FREE FTP client/and or FTP server is available from FileZilla.org.
FTP stands for "File Transfer Protocol" An FTP client allows you to upload your files directly to an internet "host", a place to store your web pages or blog or what ever and where ever you see a web page. An FTP server also allows you to upload these files to a host, but they also allow others who know your IP address to down load your files that you have given them permission to, on to their computer.
This program is a must if you have your own website and domain and want fast and direct access for uploading those files. The interface at first looks a little complicated but doesn't take long to get used to. This is really the best FTP program I personally have ever used. There is a screen shot below showing the interface.

The review from CNET's Download.com is below:

"The straightforward interface offers translations in most of the world's major languages. Caching directories speeds up browsing FTP sites, and multiple secure connection options ensure that you can move files around without concern. Bookmarking comes in two flavors: the Site Manager for all your major FTP locations, and QuickConnect for fast switching on the fly.

The program lets you download or upload multiple files at once from and to several servers. If your bandwidth is somewhat limited, you'll appreciate a feature that lets you automatically adjust transfer speeds based on the time of day or date. FileZilla also lets you browse FTP sites mid-transfer. The lack of a task scheduler is compensated for, in our eyes, by a powerful filter so you only see the files you need."

Retrieved November 25, 2008 from Download.com http://www.download.com/FileZilla/3000-2160_4-10308966.html?cdlPid=10898944

From Textbook: Page 836 Answer questions 1, 6, 12, 18, and 27

1)What are the three core components of Windows 9x/Me?

1. The Kernel, which handles basic OS functions such as managing memory, file I/O and loading and executing programs
2. User, (not THE user, but User32.dll and User.exe) which controls the mouse, keyboard, ports, and desktop.
3. GDI or graphics device interface. Draws screens, graphic and lines and manages printing.
   

6)What are the log files Setuplog.txt, Detlog.txt, and Detcrash.log used for?
They are used during the installation process for Windows 9x/Me

1. Setuplog.txt is a hidden text file that Setup uses to recover from a crash during installation. It would have stored the data from how far the system got before the crash.
2. Detlog.txt is a text file that records information so that THE user, can see the record of hardware detected during startup by the computer.
3. and Detcrash.log is a binary file that Setup uses to help recover from a crash caused by a hardware problem.
   

12)Explain the purpose of the System Configuration Utility. How would you use it in troubleshooting? The System Configuration Utility (Msconfig.exe) reduces the startup process to the bare minimum essentials. By using this utility to add start up items back one at a time until your computer occurs again, the source of the problem will be related to the last item you added back on. You can then focus on finding your problem with that item and fixing it.

18)List the five phases of the Windows 9x/Me boot process and give a short description of each.
Phase:

1. Startup BIOS Bootstrap and POST: BIOS begins by performing POST (power on self test) then it examines the devices on the system to determining which ones are PnP compliant, it enables the devices that are not and then gives the remaining resources to the ones that are. It looks to permanent RAM to see if information about the PnP's are stored there and saves it for Windows to use later on for hardware configuration. BIOS then looks for a device with the OS, hard drive, floppy etc. Then the Bootstrap loader program is executed and it looks for the initial hidden file of Windows Io.sys to load it.
2. DOS drivers and TSRs are loaded, Io.sys creates a real-mode operating system environment. It checks Msdos.sys for boot parameters then Io.sys loads the drivers Himem.syus, Ifshlp.sys, Setver.exe, and Drvspace.bin.
3. Real mode VxDs are loaded and then Io.sys gives control to the Virtual Machine Manager (VMM) the VxDs, or virtual device drivers, create and manage virtual machines to provide access to hardware for software running in the VM.
4. Protected mode switchover and PnP configuration. Vmm32.vxd switches to protected mode and loads Configuration manager, it configures legacy and PnP devices. It uses any information that PnP BIOS might have left for it and loads the 32-bit dynamic device drivers (VxDs) for the PnP devices.
5. Loading the remaining components. With Wmm32.vxd still in control, the three core components are loaded, then the fonts and other associated resources are loaded, Win.ini is checked and commands stored there are executed to allow backward compatibility, the shell and user desktop are loaded and finally any processes stored in startup are preformed.
   

27)Name two ways to end an application that is hung without rebooting the PC.
You can press ctl +alt+del to bring up the close program dialogue box, click on the program that is not responding and click then click on "end program", if that doesn't work you can use the end program box to shut down everything else running on the computer to free up resources. Sometimes you can also manage to right click on the program's icon in the task bar and click close, this will bring up the "this program is not responding" message and allow you to click on "end task" from there.

Resesach as to why ME was such a bad OS and what some of the problems were.

Many users of Windows ME or "Millennium Edition", complained about frequent system crashes and freezes. There were lots of problems reported with the system restore also. It would sometimes restore viruses that had been removed by the user and it had a bug that if you created a system restore point after September 2001, it couldn't always find it and would cause System Restore to fail.
Many users also complained that Microsoft removed access to real mode DOS and DriveSpace Support for hard disk drives.
Researched at Wikipedia.org:
Windows Me: New and Updated Features

PC World.com ranked Windows ME as the 4th worst technical product ever in their list of the 25 worst:

"# 4 This might be the worst version of Windows ever released--or, at least, since the dark days of Windows 2.0. Windows Millennium Edition (aka Me, or the Mistake Edition) was Microsoft's follow-up to Windows 98 SE for home users. Shortly after Me appeared in late 2000, users reported problems installing it, getting it to run, getting it to work with other hardware or software, and getting it to stop running. Aside from that, Me worked great.

To its credit, Me introduced features later made popular by Windows XP, such as system restore. Unfortunately, it could also restore files you never wanted to see again, like viruses that you'd just deleted. Forget Y2K; this was the real millennium bug."
Retrieved from:
PC World 25 Worst Tech Products Of All Time

Some of the features from ME that we still use in XP and Vista are:
* System Restore function
* A new TCP/IP stack
* Windows Media Player 7 (11 now)
* Internet Explorer 5.5 (7. something, LOL, I use firefox)
* Movie Maker application for recording, editing, publishing, and organizing audio and video content

The Question this week is "What is Linux and who would use it?"

Linux is a "user friendly" version of the UNIX operating system.
UNIX was originally developed about 30 years ago and was used primarily as a research operating system in universities, as companies in the 80's began developing high powered work stations, they each developed their own versions of UNIX. This made a unified sale of UNIX hard. Microsoft developed Windows NT to answer this problem. NT offered most of the same features of UNIX but was compatible with all Windows applications. Windows became the leader in the OS world so to speak.
Linux was developed by Linus Torvalds based on UNIX but more user friendly. It is an open source operating system that is free, unlike Windows which can be expensive and had a lot of bugs until the XP verision, LOL. It seems Vista does too. Open source means you can get into the code and modify things yourself, as well as being free.

See: http://computer.howstuffworks.com/question246.htm for more details

The "who" would use it can include: people who want to experiment with their operating system, or need a great deal of control over their operating system and people with PC's who have personal problems with Microsoft and their dominance over the operating system world.

Below is a screenshot of a workstation using Linux

Pick your favorite Registry key (you do have one don't you?) and describe it's importance in detail.

HKEY_CURRENT_USER would have to be my personal favorite registry key. It is the one that lets me tweak the way my computer looks, acts and is the most fun to change. Actually the other registry keys should pretty much be left alone to avoid serious problems with your computer, unless you really know what you are doing. From HKEY_CURRENT_USER, I can rename desktop system icons, sort favorites menu alphabetically, enable/disable window animations, customize Windows Media Player title bar, it can change the default settings for the way things display of just about everything on my computer. One good thing is it only changes things on my log in, leaving the other user's user's settings alone. This key contains user-specific settings that are built from information in the HKEY_USERS key during the logon process. You should always back up your registry before changing anything to it so if you make a mistake you can restore your old settings.

Chapter 10, page 489 - 490. Choose 5 terms to describe in detail.

The five terms I have choosen are:

Array: A group of hard drives using RAID is called an array. RAID stands for Redundant Array of *Inexpensive Disks (*or Independent Disks)
--> picture of "LaCie Biggest S2S 5TB RAID array"

CDFS stands for Compact Disk File System. It is a 32 bit program that runs in protected mode (other applications can't access this memory). It also uses the VCACHE driver which gives smoother playback. VCACHE is a 32 bit driver, that can change the size of the disk cache depending on available disk space and application needs.

Drop Height, is the height the manufacture states that you can "safely" drop a removable hard drive without losing data, say if it falls off the desk.

Fault Tolerance "is a computer's ability to respond to a fault or catastrophe, such as a hardware failure or power outage, so that data is not lost." You can, and should, also protect your data by backing it up either to a second hard drive installed on your computer, an external hard drive, tape drives, flash drives or by using an online back up company.

SIMD stands for "single instruction, multiple data." It is programmed into the CPU so that the CPU can perform the same action (i.e. retrieve, calculate, or store) at the same time on two or more pieces of data instead of calling the same instruction each time. It was developed with better multimedia applications in mind.

Chapter 8 Hands On Project

I am late, and I know it.

I needed to use the Internet to research floppy drives.
I went to Tiger Direct:

What is the price of an internal floppy drive? The price ranged from $14.99 to $29.98

What kind of connection do external floppy disk drives use? They use an IDE cable.

What is the price of an external drive? Both models were offered at $19.99

Why do you think external drives cost more than internal drives? I don't think they do anymore. While the one internal was less expensive, the other three cost either the same or more.

What are the advantages of external drives? The advantage would be portability. You can connect to your desktop and move it to your laptop. Or take it to work and back. If you are an IT tech, you can use it on newer computers that don't have a floppy drive installed to run the set up or restore disk.

Internal drives? OK, on a modern home computer, almost none. On a business computer you may want one to run some back up disks and also store small files like Word files or Excel workbooks.

Chapter 7 Thinking Critically Questions 1 -4

1.) If my motherboard supports DIMM (dual in-line memory module) memory, will RIMM (Rambus in-line memory module) memory still work on the board?

No, RIMM uses a different technology than DIMM. You must always use the type of memory your motherboard was built for.

2.) If my motherboard supports ECC SDRAM (error-correcting code - synchronous dynamic random access memory) memory, can I substitute SDRAM(synchronous dynamic random access memory) memory that does not support ECC? If my motherboard supports buffered SDRAM memory, can I substitute unbuffered SDRAM modules?

You can substitute non-ECC memory for ECC memory. You cannot use unbuffered SDRAM on a motherboard designed for buffered memory, the notches on the DIMMS are different.

3.) I have just upgraded memory on a computer from 64 MB to 128 MB by adding one DIMM. When I first turn on the PC, the memory count shows only 64 MB. Which of the following is most likely the source of the problem? What can I do to fix it?

1. Windows is giving an error because it likely became corrupted while the PC was disassembled.

2. The new DIMM you installed is faulty.

3. The new DIMM is not properly seated.

4. The DIMM is installed in the wrong slot.

The new DIMM is not properly seated. Turn off the PC and reseat the DIMM. Check that the DIMM is standing in the slot at the same height of the other DIMMs installed.

4.) My motherboard supports dual channeling and I currently have two slots used in Channel A on the board. I want to install an additional 512 MB of RAM. Will my system run faster if I install two 256 MB DIMMs or one 512 MB DIMM? (explain my answer)

Your system will run faster if you install two 256 MB DIMMs. Dual channeling works because the memory controller can communicate with two DIMMs at the same time, (if they are installed in the same slot designation i.e. both in the slots A or both in the slots B if you have 4 slots), doubling the speed of memory access. If you have a pair of matched DIMMs in slots A, and one in slot B, it can only access slot B at the normal rate. The pair of DIMMs in a channel must be equally matched in size, speed, and features. And it is recommended that they come from the same manufacturer as well.

Things are really busy now!

As it is getting closer to mid-term, things are heating up in all of my classes. I have a report due in my English 107 class in two weeks, I have a big fat report due in early November for Poli-Sci and I am finally getting my labs done for this class! I am 26 days ahead in Algebra and that is wonderful. I intend to stay that way too. Math has never been my strongest point, but it has to become a very strong point, as I intend to be a good computer programmer! I have been studying like crazy in it and I think that after all these years I am finally truly learning it. I am even finding there are parts of it that I am actually very good at. WOW!
I think that having all my courses on-line this semester has been a blessing. My work has been much busier than in past years at this time, and I have had to work a lot of overtime. I love the flexibility that the Web College allows. The one class I think I am missing something from is my Poli-sci class. I miss being able to debate with the other students about current events in person. We have a forum, but we mostly express our ideas and read others, so far, there hasn't been any replies from other students and honestly, I don't want to be the first one to do so. People can get so touchy sometimes, LOL. In person there is less room for insulting someone as they can see that you only disagreeing or agreeing with their ideas. It can be tricky to do that in a forum style.
I am very happy so far with most of my performace, I know that web-based courses can be hard to stay on top of. My sister Kathy is a Professor at Oklahoma State, and she gave me the advice to stay organized and at least log in everyday, that way it is a habit, and don't get distracted. I am distracted a little tonight as the Phillies are playing the Dodgers in the NLCS! GO PHILLIES!!!!!

Chapter 6 Thinking Critically 1-4

• Why does a motherboard sometimes support more than one system bus speed? One of the reasons is for "backward compatibility" with older expansion cards, programs, etc.
• Why don't all buses on a motherboard operate at the same speed? I think because different components of a computer run at different speeds and synchronizations with the processor, the system bus needs to be able to handle these differences.
  
• When you turn off a computer at night, it loses the date, and you must reenter it each morning. What is the problem and how do you solve it? Your battery that supplies power to the CMOS RAM is either disconnected or has failed. You need to make sure the battery is fully set to its connectors or replace the battery if it has failed.
  
• Why do you think the trend is to store configuration information on a motherboard in CMOS setup rather than by using jumpers or switches? Setting up the old jumpers and/or switches left too much room for human error, it was also inconvenient to get into your computer case to change the settings if needed, especially for things like power settings etc.
  

Definitions from chapter 5 A+ Guide to Managing & Maintaining Your PC

This week I define the following four terms:

Word Size: "Word size, also know as the internal data path size, is the largest number of bits the processor can process in one operation." A bit is the smallest piece of information a computer can understand, 8 bits = 1 byte. Most of Intel's processors today can handle a word size of 32 bits for personal PC's or 64 bits on newer servers. AMD offers a 64 bit processor for PC's and notebooks. The word size doesn't need to be as large as the external data path, called just the data path, because the processor can receive more bits than they can process at one time.

Data Path: Is also known as the external data path size. In the newer processors the data path is 64 bits wide. It can send 64 bits at a time.

Overclocking: is forcing a CPU (the processor) to run at a higher clock rate (more clock cycles per second) than it was designed for or was designated by the manufacturer, in order to increase the performance of a computer. You can overclock by overriding the default frequencies by changing the CMOS settings in Setup if your CMOS allows you to set the processor frequency higher than the default frequency. This can result in over heating your processor and damaging it.
CMOS screen shot (from Wikipeidia) of a system that allows overclocking:

SRAM: is a memory cache referred to as static Ram or SRAM. In earlier computers the SRAM was a chip on the motherboard and could be upgraded, modern computers have the SRAM enclosed and embedded inside the processor housing and cannot be upgraded.
The SRAM is much faster than the other types of RAM like dynmic RAM (DRAM). It doesn't need refreshing and can hold its data as long as there is power supplied to it. When the processor requests data, the memory controller will try to anticipate the next logical request and will store it in SDRAM. The memory controller it seems, guesses about 90% of the time right, it can then access the data from the SDRAM, instead of the slower DRAM. It is an effective way of speeding up memory access. Having more SDRAM cache available on your processor is a good thing to look for when buying a new computer.

Finding the time

The past two weeks have been much busier for me with school and work. I have been moved to swing shift at work, to train some people on my main account. This has kind of upset not only my sleep but my study habits. YIKES, lol, I had a nice set schedule and a monkey wrench got thrown in! I have adjusted finally, I think, but at first it felt like treading water. I never realized how important routine was to working and going to school, but now I know my mother was right all those years ago! I only have one more week of this schedule then I go back to days and hopefully the re-adjustment will be easier.
I went in this morning to do one of my computer labs, but hit enter too soon and set up no partition at all, I couldn't find the Fdisk option, then I ran out of time trying to re-do it and will get my act together and finish it next weekend. LOL, I felt like a complete idiot if you must know.
When I go back on day shift, I am going to have to spend a week in the afternoon labs to catch up. It will be nice to catch up on some sleep too!

Assignment Blog 4 Key Terms from page 176

My assignment this week is to choose 5 key terms from chapter 4 page 176, I have chosen 5 to describe that I didn't know before reading this chapter. I have tried to put them in my own words, but I am just not that technical yet......so I will cite A+ Guide to Managing & Maintaining Your PC, Andrews; 6th ed. as my primary source and have linked to Wikipedia's joule page.

1. Joule: According to Wikipedia, a joule (pronounced "jewel") is the work done to produce power of one watt continuously for one second; or one watt second. A kilowatt hour is 3,600,000 joules or 3.6 megajoules. A surge suppressor used to protect electrical equipment including computers, is rated by the amount of joules it can expend before it fails to protect the circuit from a power surge. The higher the joule rating the better the protection. I think the joule rating would be a good thing to find out before buying a surge suppressor.
   
2. Backplane system: A computer system that doesn't use a true motherboard. There are two types of backplanes, a passive backplane that contain no circuitry themselves, but use a "mothercard" also known as a CPU card. The photo on the right shows a passive backplane with a CPU card plugged in. These systems are not used in personal computers but are used for industrial rack-mounted systems and high-end file servers. Active backplanes contain no circuits other than bus connectors and some buffer and driver circuits.
3. Intelligent UPS: UPS stands for uninterruptible power supply, a device that provides backup power in the case of a black out. An intelligent UPS, also called a smart UPS, can be controlled by software from the computer. It can check for a weak battery, monitor the quality of electricity received, close all servers down during a blackout and many other things to protect your system from electrical damage.
   
4. Sags: A sag is a temporary voltage reduction like a "brownout". If you have a power conditioner, it can raise the voltage to your system if a sag or brownout happens.
   
5. Rectifier: A rectifier converts alternating current (AC) to direct current (DC). Direct current travels in only one direction, and it the type of power computers and other electronic devices require. I think I now understand what the "black box" on my computers power cord is. LOL
   

Questions from A+ Guide to Managing and Maintaining Your PC

From Page 136 Questions 1,3,5,6,10,11,13,18,24:

1) What is the difference between a hard boot and a soft boot? A hard boot is when you use the power (or on/off) switch to start your computer. A soft boot would be starting your computer from "restart". The soft boot is the best way to start your computer because it doesn't cause a large surge of electricity through the equipment.

3) FFFF0h is the memory address assigned to the first instruction in the ROM BIOS start up program.

5) The program needed to locate the beginning of the OS on a drive is called the Master Boot Record or MBR for short.

6) The three types of information contained in a hard drive's partition table are: How each partition is divided into logical drives, which partition contains the drive to be used for booting the computer and where each logical drive begins and ends.

10) During boot up if you have a blank screen but heard a single beep, you can assume the video card is working.

11) During boot up if you have a blank screen but heard a single beep, you should check your monitor first. See if it is plugged in, turned on, and are the cables plugged in to the computer.

13) Five of the possible questions to ask the computer user about a problem they are having would be: "What error message did you see?" "What program were you working on when the error happened?" "Have you made any software or configuration changes recently?" "When did the problem first start?" "Can you show me how to reproduce the problem?"
And one you might want to ask but shouldn't "YOU DID WHAT?????"""

18) To dispose of a battery pack from a note book computer you should return it to the dealer to dispose of, or take them to a recycling center, they can contain many heavy metals and are considered toxic waste. Check with your local county or environmental agency to dispose of a monitor. Make sure to discharge the monitor before disposing of it.
Return your toner cartridges to the dealer or manufacturer to be recycled.

24) Three of the tools you can use to prevent ESD (electro static discharge) are: A ground mat, a static shielding bag and a ground bracelet.