BEWARE OF VIRUSES & PARASITES

By now, most computer users know that they have to protect against viruses. You need a good antivirus support program running on your computer in real time, monitoring and checking as files are accessed, as well as running periodic scans of all files. You need to use an up-to-date virus definition file with this AV program (sometimes these are updated almost every day, so automated updating is preferable). The virus protection on your computer should be so solid that there is rarely any doubt that you are virus-free — the only room for doubt being whether a new virus snuck in before your antivirus software’s manufacturer had a definition file that would catch it. If suspicious, run your AV program to check the system as part of zeroing in on a problem that suddenly develops on your computer. You can also try one or more of the free online virus scanners listed on my Parasites & Other Computer Security Issues page.

But there are also nonviral invaders that have become as big a problem as viruses. In fact (perhaps because people are less aware of these and less mindful of protecting themselves), these parasites may be an even greater risk to your computer’s proper running. Adware, spyware, browser hijackers, automatic diallers, and other forms of nonviral malware — some intentionally if misguidedly installed by the user, some foisted on you without your awareness — are, at least in a few cases, as destructive.

And, since they often are badly written, they commonly announce themselves unintentionally by breaking some functionality on the computer. Therefore, checking for these is an important early step in troubleshooting computer problems, especially if the problems appear suddenly. If there is a serious browser or Windows Explorer/My Computer problem not related to a bad or damaged browser install, failing hardware, or user error, 90% of the time the problem will be the result of one of these parasites. Because Internet Explorer is integrated into the kernel of all Windows versions after Win95, these “browser problems” can manifest as general performance degradation or error conditions in the Windows shell. If you’ve ruled out the obvious in troubleshooting browser failures, the eruption of many error messages, inability to launch programs, or sudden (in contrast to gradual) serious slowing of your computer, checking for parasites should probably be your next diagnostic step.

For an onderly seven-step approach for identifying and removing these parasitic invaders, see Quick Fix Protocol page.

Several of these parasites are intentionally added to the computer by the user because the program looks like a cool toy. For example, Hotbar is a popular browser add-on that causes big problems on most computers. Many people install Gator (now renamed Claria) to manage online passwords. People install the insidious and pernicious IEPlugin to get “faster, smarter web browsing,” and live to regret it. And so forth. Other parasites are snuck onto your computer often without your knowledge. An important early step in all troubleshooting of Windows problems, therefore, is the isolation and removal of such parasites.

Panda Antivirus Pro 2009 now supports Windows 7

Panda Security has launched a beta version of its security solution compatible with Microsoft’s new operating system

This solution leverages all the advantages of ‘cloud computing’ to ensure better protection for users while reducing resource consumption

Computer Security , a leader in IT security, has launched a beta version of Panda Antivirus Pro 2009 compatible with Windows 7. Now all users of the beta version of Microsoft’s new operating system will be able to install the best protection against malware at no cost and with minimal resource consumption. This beta version can be downloaded from:

www.pandasecurity.com/windows7/

Windows 7 is a new operating system from Microsoft which is set to replace Windows Vista. This new system includes a series of improvements in performance and efficiency, an improved interface and better information management. Panda Antivirus Pro provides greater protection against viruses, spyware and hackers, and includes a new engine against identity theft. Similarly, it prevents hackers from getting into the computer, thanks to its built-in Panda firewall.

The beta of Panda Antivirus Pro 2009 for Windows 7 includes, in addition to the award-winning Panda Security scan engine, a powerful heuristic engine for detecting new malware variants and a heuristic system specialized in combating banker Trojans and identity theft malware. The beta also includes new ‘cloud’ detection technology called Collective Intelligence which Panda Security has been building into its products for more than a year, allowing it to rapidly detect new malware. This technology is particularly important in today’s climate, where most infections are caused by viruses that are less than 30 days old. It is therefore crucial to detect these new threats within the first month of their existence and this is why Panda is able to better protect users through Collective Intelligence.

“With the traditional protection model, IT security companies have to receive a new example of malware, analyze and classify it manually then create and distribute the vaccine. This simply takes too long. Collective Intelligence lets us automate these tasks, thereby speeding up the process. Protection from the cloud, on the other hand, lets us provide malware vaccines to our users as soon as we have generated them, protecting them in real-time”, says Pedro Bustamante, Consumer Unit Director.

How to detect boot sector virus

This post provide further information about how to detect and remove virus from boot sector. Boot-sector viruses infect computer systems by copying code either to the boot sector on a floppy disk or the partition table on a hard disk. During startup, the virus is loaded into memory. Once in memory, the virus will infect any non-infected disks accessed by the system. Examples of boot- sector viruses are Michelangelo and Stoned.

Boot-sector viruses are spread to computer systems by booting, or attempting to boot, from an infected floppy disk. Even if the disk does not contain the MS-DOS system files needed to successfully boot, an attempt to boot from an infected disk will load the virus into memory. The virus hooks itself into memory as if it were a device driver. The virus moves the Interrupt 12 return, allowing itself to remain in memory even after a warm boot. The virus will then infect the first hard disk in the system.

Because the virus moves the Interrupt 12 return, the MS-DOS system memory will be 2K (2048 bytes) smaller than normal. This can be verified by running the MS-DOS CHKDSK command.

For example, if your system has 640K, CHKDSK will report:
655360 Total Bytes Memory

If the system is infected with a boot-sector virus, CHKDSK will report:
653312 Total Bytes Memory

Some systems use 1K (1024 bytes) of memory for the BIOS. Other systems use 2K (2048 bytes) of memory for shadow RAM. You must take this into account before CHKDSK can be used as an accurate measure of whether or not a system is infected with a virus. Please refer to the hardware manufacturer to see if the system uses part of the MS-DOS 640K of memory.

Once a system is infected with a boot-sector virus, any non-write-protected disk accessed by this system will become infected. For example, simply doing a DIR command on a floppy disk will cause the disk to become infected with the virus. Note: MS-DOS version 5.0 disks are shipped without a notch; therefore, they are write-protected. The chances of these disks containing a virus are close to none. The MS-DOS 5.0 disk files are compressed, so the actual file sizes are different. You can determine a compressed file by the underscore character (_) that is the last character of the filename extension. To expand a compressed file, use the EXPAND utility on Disk 5 (5.25-inch disk set) or Disk 3 (3.5-inch disk set).