Antivirus Blog

The Storm Trojan first got its name after sending out a spam email in January of 2007 with the subject line reading ‘230 dead as storm batters Europe‘. This email was distributed coinciding with a very real storm event in Europe that caused several fatalities. Obviously, since it was a very hot topic at the time, many people were provoked to open it. Other urgent sounding headlines have been used in the past to spread the Trojan, including ‘British Muslim Genocide‘, ‘Fidel Castro dead‘, ‘Chinese missile shot down by Russian Satellite‘, and many more. Much more recent subject lines used to spread this dangerous Trojan include:

• John Mccain Taps Osama Bin Laden As Running Mate
• Earthquake in California destroys Schwarzenegger house
• Obama caught with pants down
• Queen Elizabeth abducted in Tibet
• Yankee Stadium demolished
• Pope killed by assasin in Vatican City
• Angelina Jolie dies in miscarriage
• Coral reefs found extinct
• New York Yankees team killed in bus crash

As you can see, the subject lines range from vague to just plain absurd. However, they still manage to get the attention of thousands. This tactic is commonly used to spam unsuspecting email users. Once Trojan spam is opened, there is usually a link to a site that will load the Trojan onto the user’s computer, or there is an attachment containing the Trojan in the email itself.

Sometimes the subject lines are a bit less extreme, and therefore are more likely to get the attention of those that know better than to open emails with hard to believe subject lines such as the previous examples. These subject lines will instead be based on some current event or news story, like ‘Cell phone radiation risks uncovered‘. They may also coincide with entertainment news, posing as links to articles about whatever film or television show is popular at the time.

Once an unfortunate user is duped into downloading the Trojan onto their computer, they may very likely become a host for the Trojan. Their computer and internet connection will then be manipulated by the infection to send out similar Trojan spam to everyone that is in their address book. As you can see, this gives Trojan spam incredible potential to spread like wildfire. So, how do you make sure you’re protected from this type of attack?

First and foremost, never open emails from an un-trusted source, no matter what the subject may be. Even if you do, do not download any attachments or follow any links contained within the email. Using your own diligence is your first line of defense against virus attacks.

Second, if you aren’t already, you need to be running an up to date antivirus application. The more elaborate the protection, the better. Some companies like McAfee, Trend Micro, and Norton offer total security suites that offer protection for just about everything the internet can try to throw at you. Even if you do slip up at some point and allow some type of malware such as a Trojan to invade your computer, a quality security utility will immediately detect it and then take the necessary steps to remove it. In some cases, the security software will detect the harmful program before it is even allowed to be saved to your computer. Do your own research and weigh your options when selecting a security solution. You certainly have a lot to choose from.

The windows registry is basically a directory that stores all of the setting and options for the Windows operating system. It also contains information pertaining to hardware settings, OS (operating system) software settings, computer users, non-OS software, PC preferences, and more. Any time changes are made to any of these items, the windows registry is updated.

Keeping your windows registry clean and free of any errors is crucial in maintaining the performance of your PC. A poorly maintained registry may result in system instability, with program crashes being one of the most common side effects.

The registry is a centralized hierarchical database that is used to store computer configuration information. Windows needs this information in order to properly run your system, including all of your installed applications as well as hardware devices. The windows registry does not only save the location and file path of these items, it also saves other details that are used by the processor to locate programs and hardware devices efficiently, which in turn decreases the overall processing time.

The windows registry keeps records of each and every item present, including details on:

• Installed applications
• User profiles, settings, and preferences
• Property settings for applications as well as folders
• Installed hardware devices
• Ports in use
• System policies
• File associations

When do Registry Problems Occur?
Recent estimates state that about 94% of all computers have corrupt and potentially harmful files. Each PC will on average have bout 150 or more errors due to missing or corrupt registry entries.

If your system is relatively new, you will probably not need to make any changes to your registry. However, as time goes by, your registry will grow and collect more data as you add and remove software as well as hardware. These accumulated changes to the registry will eventually cause it to become fragmented, and very likely corrupted.

Some Common Errors:

• Missing, abandoned, broken or bad application/Windows paths, links and shortcuts.
• Unused Start Menu items
• Unwanted browser objects
• Missing/corrupt application IDs
• Corrupt Active X/COM Objects
• Unused files and drivers
• Several more

Whenever you remove software from your system, it is very likely that residuals from that software are still present on your hard drive and in your registry. The more software that is added and removed, the more this effect is compounded. The end result is frequent error messages, slowed startup, declining system performance, applications freezing/crashing, and in some cases, even a total inability to start Windows altogether.

Backing up the Registry
Before you attempt to edit your registry, it is imperative that you back it up, just to protect your system in case you make an error. To do this, you can use the built in Windows backup utility to back up the System State data. You can also use third party backup software such as WinBackUp.

Registry Booster
If you’re like most people, the idea of editing your Windows registry sounds like a daunting task. This convenient application makes it easy to optimize your registry and cure any possible problems. It also contains a backup feature, so everything you need to safely repair your registry is included within the software.

A common question asked by computer users is, ‘If I have antivirus and antispyware software installed, and I keep my Windows OS up to date, and I also use a firewall, how come I still get computer infections?‘
This question has riddled both computer users and antivirus software developers alike since the widespread use of high-speed internet first occurred. In this article, we’re going to take a look at the two main methods used by hackers to infect a home PC.

First, we’ll discuss the two main factors that contribute to this problem that security software has the greatest time dealing with: reverse engineering and social engineering.

Reverse engineering is the process of picking apart software by studying its means of detection in an effort to find a security flaw or to create a way around it. This method of bypassing antivirus security has been used by hackers for quite some time and is particularly effective against computers that are running outdated antivirus software. Therefore, the best way to protect yourself from reverse engineering tactics is to keep your antivirus software up to date.
An even easier way for hackers to bypass your antivirus security is by using social engineering, a process that exploits the human element to access the computer.

The most typical methods of social engineering are:

• Fraudulent emails
• Email attachments that claim to be very important
• Free offers that contain hidden programs
• Web sites discretely load software onto your machine when you click on a link

Of all the different types of computers that are online, the average household computer with a high-speed internet connection is by far the most targeted for attack. Teenagers are a very high risk group, since they are known to visit just about any website without hesitating. Teenagers are also the biggest users of file sharing software such as Limewire, KaZaa, and torrent clients, where infected files are constantly being distributed.

Additionally, teenagers spend a great deal of time on social networking sites like MySpace and Facebook, which are notorious for being targeted by hackers. ‘Phishing’ is the method of tricking the user into revealing personal information such as usernames and passwords. One popular phishing method is to direct unsuspecting users to an imposter site designed to look like a trusted site where they may already have an account and prompting them to enter their username and password. The information is then collected and relayed to hackers who may have several malicious uses for it. This is a particularly significant threat for those who do banking online or use sites that deal with currency exchange such as PayPal.

Residential computers, in general, tend to have a higher level of virus as well as spyware infections, primarily to do the way that they are used.
If you are running up to date antivirus software and your system still manages to contract infections, it may be due to a ‘liveware’ problem, which means someone that has access to your computer is using it for high-risk activity that may be allowing viruses to bypass basic antivirus detection. Educating everyone in your household about the dangers of using the internet and explaining to them how to go about their business online safely may likely prevent any future infections from occurring.