Archive for May, 2012


As the number of spam emails if going down, the numbers of messages with infected attachments are on the rise. This, according to Bitdefender, means that spamming becomes more dangerous even if it is not so predominant as in the past.

In the first month of the year, the attachments containing malicious software had a 4% increase from the same period last year, no matter that overall the spam emails were reduced with more than 16% in the first three months of 2012. From the 264.6 billion spams received daily, 1.14% contained attachments, and around 300 million were harmful.

The attachments found in this spam email vary from phising forms that try to fool users and make them type their credit card informations to packs of malware that contains worms, Trojans and viruses that will give headaches to unwary users.

Engineers from Bitdefender are interested in finding out what kind of malware hits the users inbox, so here is a “top five” of the most frequent attached malware found in spam emails:

MyDoom, first seen in 2008 is a mass mailer worm that is still received in the email inboxes. After the text of the email convinces the user to run the attachment, the worm will send an email containing itself to every adress it founds on the system with different subjects and body tags.

This worm, the MyDoom will also deploy a backdoor so that a remote attacker can take full control of the infected computer. In the same time it will update a list with corrupted IP`s, so that every system that was infected gets in a database. This worm was used a lot in DDOS attacks targeting software producers and antivirus developers.

The second on the list is the generic Javascript downloader that take  form of a JS inside a HTML attach. If the user opens the HTML file the javascript will run itself and innoculate an iiFrame in the HTML page  it resides in. Than, the iFrame will download compromised content from various servers that will infect the system.

On the third place we find Netsky, another mass mailer that just like MyDoom, will email itself to all the  adresses on the computer and will also replicate via P2P, shared files of FTP. It has also a lot of subjects, created to fool the victim into opening the message. If the attachment is run, the worm will show a message that looks to be from the installed AV solution telling that no virus was found on the host.

It is very interesting that Netsky will never send itself to adresses that contain words like antivirus or security.

Found on the fourth spot is Mytob, a worm that will disallow users from hooking up with lots of antivirus vendors websites. In the same time it will open a backdoor for cybercriminals.

In the fifth place is the Bagle worm that is another mass mailer. It gathers email adresses and will send itself to all of them and will also download more adresses from a list found online. In order to get pass by the antivirus it will terminate the processes related  to the security solutions. After that it will download and execute various files from underground websites.

Advertisements

TCAT Shelbyville - Technical Blog

NTOP is a great network monitoring tool used primarily with Linux based system.  However, in 2006 NTop released NTOP-XTRA which was designed for Windows XP.  This excellent tool works with Windows 7 and can be used to monitor your network.  Not as detailed as the Linux versions of NTop today, NTOP-XTRA for Windows is still an excellent graphical program.  NTOP-XTRA must be ran with firefox.

Note:  If you find and download the software below for Windows, you will start the OPENXTRA Commander services and open Firefox’s browser to http://127.0.0.1:3000

Because NTOP-XTRA installs Winpcap, you may elect to NOT install their version and download the lastest version here.

NTop_XTRA_3_18_0.exe

 

Minor correction: NTop didn’t release NTop-Xtra, Openxtra did. Hence, Commander being OPENXTRA Commander

View original post

Running out of hard drive space on your virtual OS?  Here’s how you can increase the size.

(VirtualBox Version 4+)

From the command line, you will need to navigate to the VirtualBox folder under program files. and type the following-

“VBoxManage.exe modifyhd “your.vdi” –resize 25000(new size in mb)

Note: your.vdi may be Windows.vdi substitute the word your with the name of your vdi.

Example :-

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe modifyhd “C:\VM\Windows 7\Windows 7 .vdi”  – -resize 25000

You should see a progress line-

0%…10%…20%…30%…40%…50%…60%…70%…80%…90%…100%

This will increase your hard drive by the size that you specify.

 

Enjoy 🙂 🙂

TCAT Shelbyville - Technical Blog

Most of these tops work for Windows 10.

Partition your HDD to improve performance.  Web Server Example.

Do you have a SSD Drive?  Here’s the optimization tips.

Test Your Hard Drive Speed With Windows 7’s Device Manager – You can test your hard drive speed by going to the Device Manager, Expanding the Hard Drive Controllers, select the Port and Click on the Test button.  Make it Faster with (Free – See our Review) DiskMax and Defrag with Auslogics.

How about Roadkil.net’s Disk Speed?   A nice little program if your hard drive test isn’t listed under the device manager.

Also check your computer’s hard drive with CheckDiskGUI.

Parkdale


Measure your hard drive speed using Winsat

leave a comment »

When tweaking your computer, you can use typical utilities found in one of our most active posts or you can use Winsat.   Winsat will not give you fancy…

View original post 1,781 more words

Here’s way to release the mouse from VirtualBox..

You need to do is : Hit the Right Control Key.

 

Enjoy 🙂 🙂

TCAT Shelbyville - Technical Blog

When tweaking your computer, you can use typical utilities found in one of our most active posts or you can use Winsat.   Winsat will not give you fancy graphs but it will give a Windows rating and a time to complete specific tests.  This can be a way of measuring your drives between tweaks.

At a command prompt run the following tweak as an administrator:

winsat disk -drive c                 (you can substitute c with the drive letter of your choice)

View original post

TCAT Shelbyville - Technical Blog

DiskMax is one of the best utilities I’ve used in a long time.  It’s ability to clean your computer at different levels is an excellent way to keep your computer running efficiently and like new.   With its ability to scan other users accounts, this feature allows the cleanup without logging in as another user.   (UPDATE – How to enable the new DiskMax Deep Scan)

DiskMax offers the following features:

  1. Automatically cleans the recycle bin
  2. Cleans Temporary Internet Files include the major browsers, cookies, history, windows explorer’s thumbnail cache any error logs.
  3. Clears out Windows cache to include debugging information, internet logs, help center log (caches) any dll caches and temporary files.
  4. Cleans up Service Pack information in Windows Vista
  5. Removes registry entries MRUs.
  6. Clears out Windows event logs.
  7. Removes all files of type log, old, prv, chk, swp, bak, gid, wbk, tmp and dmp.
  8. Defrags your hard…

View original post 106 more words

TCAT Shelbyville - Technical Blog

If you have a connection to Microsoft’s SQL, there are several things you can try-

First ~

Disable auto tuning level of the TCP. Please follow below steps:
1) Open command Prompt with admin right (Run as Admin)
2) Type “netsh interface tcp set global autotuninglevel=disabled”
3) After running above command restart the machine.

You can also try this next tip which seems to work best ~

Finally found a small problem with Windows 7.  After upgrading, we have discovered that Windows 7 was responding slow to our SQL Server 2005.  What we discovered is below.

Slow response times in Windows 7 to a SQL Server can be due to the LLMNR protocol.  This may be resolved by turning off the LLMNR protocol.

LLMNR is a protocol that allows both IPv6/4 computers to perform name resolution for the NetBIOS names of other computers without requiring a DNS server.

IPv4 hosts…

View original post 292 more words

TCAT Shelbyville - Technical Blog

Should we live in fear and distrust or should we be cautious and diligent with the protection of our data?  We worry about American companies taking away our privacy and tracking our every move.   What should we really worry about?  Everything.

With consumerization growing and our need for toys, we go about our daily lives forgetting that threats are real.   We forget that every day our computers, tablets, phones, servers, laptops, TVs, Blurays and every device that touches the web is being hit.   Hit by what?  Hackers, script kiddies and viruses.   As we move into a digital world at a breathtaking speed, we throw our hands in the air and ride the internet as though it is a roller coaster.  We forget that the enjoyment we have may come crashing down at any time and we are not at a theme park.

There’s a balance that…

View original post 400 more words