Muthusrinivasan's Blog

Once executed, the worm copies itself as the following file:

%System%\[RANDOM FILE NAME].dll

Next, the worm deletes any user-created System Restore points.

It creates the following service:

Name: netsvcs

ImagePath: %SystemRoot%\\system32\\svchost.exe -k netsvcs

Then the worm creates the following registry entry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netsvcs\Parameters\"ServiceDll" = "[PathToWorm]"

The worm connects to the following URLs to obtain IP address of the compromised computer:

 

1. http://www.getmyip.org

2. http://getmyip.co.uk

3. http://checkip.dyndns.org

 

Next, the worm downloads a file from the following URL and executes it:

[http://]trafficconverter.biz/4vir/antispyware/loada[REMOVED]

The worm then creates a http server on the compromised computer on a random port, for example:

http://[EXTERNAL IP ADDRESS OF INFECTED MACHINE]:[RANDOM PORT]

The worm then sends this URL as part of its payload to remote computers.

Upon…

Continue reading about New Worm W32.Downadup

Avira antivirus Update tricks.

Avira antivirus got the rank 1 in detecting viruses and trojans with minimum false positives. But it updates once in 24 hour interval.

You cannot create the update schedule less than a day. Here is the way to tell your updater to check for new updates.

1) Open the Avira antivirus main window and select scheduler

2) Right click on the scheduler window or press ins to create a new job

3) Enter the name of the job and description as you like

4) A new window will ask you to select the job type

Select Update job in the list…

Continue reading about Avira Antivirus Update tricks

 More often than not, after windows start-up, my PC was getting too slow and unresponsive. When i saw the task manager, I noticed that there were quite a few instances of scvhost.exe process and CPU usage was nearly 100% due to them.Svchost.exe is actually a system process belonging to the Microsoft Windows Operating System which handles processes executed from DLLs. Some time ago, Microsoft started moving all of the functionality from internal Windows services into .dll files instead of .exe files for the sake of better re-usability. However, this created a little problem as a .dll file cannot be executed…

Continue reading about How to Fix svchost.exe Memory Hogging Issue?

If you spend time working at the Command Prompt, you know how frustrating it can be to navigate between different folders using the Change Directory (CD) command. For example, if the folder name contains multiple words, you must remember to enclose the name in quotes. And, if there’s even one typo in the folder name, you have to start all over. Fortunately, you can use the Command Prompt history feature to easily correct typos without having to type the entire command from scratch.

However, you can save yourself from ever having to type folder names at the Command Prompt simply…

Continue reading about Speedy directory navigation at the Command Prompt in Windows XP

Windows XP is a good operating system, but getting it to perform at peak capacity can sometimes be a frustrating affair. You have so many options when it comes to tuning the system that sometimes it’s hard to figure out where to begin. That’s where a product like NitroXP comes in handy. With it you can fine tune Windows XP on your workstation and squeeze a few more drops of performance out of it. Here’s how it works.

What’s NitroXP and how do I get it?

NitroXP is a shareware offering from RoadSide Software. It provides an easy way to optimize several…

Continue reading about Turbocharge Windows XP with NitroXP

One of the many features of Windows XP’s Start Menu is the most frequently used programs list. When it comes to configuring this feature, Windows XP provides you with only two controls: the ability to completely clear the list and the ability to specify the maximum number of programs that can appear on this list at any one time. However, there is one other thing that would be nice to be able to control and that is preventing certain applications from appearing on that list.

For example, you probably don’t need to have often-used but inconsequential applications such as Calculator or Notepad…

Continue reading about Manage the most frequently used programs list on your XP Start Menu

alias    Create an alias

apropos  Search Help manual pages (man -k)

awk      Find and Replace text, database sort/validate/index

break    Exit from a loop

builtin  Run a shell builtin

bzip2    Compress or decompress named file(s)

cal      Display a calendar

case     Conditionally perform a command

cat      Display the contents of a file

cd       Change Directory

cfdisk   Partition table manipulator for Linux

chgrp    Change group ownership

chmod    Change access permissions

chown    Change file owner and group

chroot   Run a command with a different root directory

cksum    Print CRC checksum and byte counts

clear    Clear terminal screen

cmp      Compare two files

comm     Compare two sorted files line by line

command  Run a command - ignoring shell functions

continue Resume the next iteration of a loop

cp       Copy one or more…

Continue reading about A-Z Linux Commands