impact of kido virus

kido is a worm, A worm is a type of virus that replicates by resending itself as an e-mail attachment or as part of a network message. Unlike a regular computer virus, a worm is self-contained and does not need to be part of another program to duplicate itself. A worm hides in active memory and performs malicious acts, such as using parts of the computer’s system resources. Worms are usually invisible to the user and are designed to affect the computer’s performance. A worm take control of remote systems without any help from the users and can delete files, send documents via email, or encrypt files.

once you infected with kido the following things can happen

• compromise your privacy by transmitting your personal information and downloading popup advertisements.
• It can tracks which websites you visited or what terms you’ve typed. Spyware uses your information to deliver targeted ads to you. Also, data of your surfing activities may be sold to third parties.
• Slow computer performance. A sluggish computer is one of the easiest signs that you have been infected with Kido. Kido and other unwanted sofware use your computer’s resources to do its nasty tasks such as displaying popups or tracking your surfing activities. If you see your computer is slowing down dramatically or crashing a lot, you may be infected with an unwanted software.

Sings of network infection

• Network traffic volume increases if there are infected PCs in the network, because network attack starts from these PCs.
• Anti-Virus product with enabled Intrusion Detection System informs of the attack Intrusion.Win.NETAPI.buffer-overflow.exploit
• It is impossible to access websites of the majority of anti-virus companies, e.g. avira, avast, esafe, drweb, eset, nod32, f-secure, panda, kaspersky, etc. (and the list keep go on)

Termination of services

• Windows Security Center Service (wscsvc) – notifies users of security settings (e.g. Windows update, Firewall and Antivirus)
• Windows Update Auto Update Service (wuauserv)
• Background Intelligence Transfer Service (BITS) – used by Windows Update to download updates using idle network bandwidth
• Windows Defender (WinDefend)
• Error Reporting Service (ersvc) – sends error reports to Microsoft to help improve user experience
• Windows Error Reporting Service (wersvc)
  

Short description of the Net-Worm.Win32.Kido family

• It creates files autorun.inf and RECYCLED\{SID<....>}\RANDOM_NAME.vmx on removable drives (sometimes on public network shares)
• It stores itself in the system as a DLL-file with a random name, for example, c:\windows\system32\zorizr.dll
• It registers itself in system services with a random name, for example, knqdgsm.
• It tries to attack network computers via 445 or 139 TCP port, using MS Windows vulnerability
• It tries to connect to the sites of http://www.getmyip.org, http://getmyip.co.uk, http://www.whatsmyipaddress.com, http://www.whatismyip.org, http://checkip.dyndns.org, in order to learn the external IP address of the infected computer (recommended action is configuring a rule to monitor connection attempts to these sites it network firewall)

Note - if you cant access website due to kido infection, there is a small thing to try to access webistes, follow these steps

• open miscosoft services window (start>run>type services.msc>press enter)
• in the services find DNS Client service
• now stop the service (right click on the service>click stop)
• now try to open website (hope this helps, it really works for me in a kido infection case study)
  

how to create scheduled shutdown for your pc

This article talks about how to create a scheduled shutdown for your pc, to do that we need a special software (freeware) called "poweroff", actually you can do even more things like schedule a shutdown/reboot/logoff/poweroff/Standby/Hibernate/Lock/Wake-On-LAN at a certain time with this handy software.this small program is support for Win95/98/NT/W2K/XP.to create schedule shutdown follow these steps.

• first download poweroff (download here)
• then start poweroff
• under select computer select "local computer"
• in the actions select shutdown
• now click schedule
• in the schedule window select your appropriate field like " fixed day, daily ,day of month ,or after "
• for example - select daily , then select days and weeks
• now you have to specify time for a schedule shutdown
• in the schedule window (in upper left corner) specify time for shutdown
• review selected fields and click ok

now you have to put a service for a shutdown process

• in the main window of poweroff click service from the menu
• then click create service (note - some antivirus prompts alert when you perform this, just ignore them you will be fine)

thats all, you are just created scheduled shutdown with "poweroff". more informations available at publisher site, to read more informations click here

disk read error after uninstall vista and install xp

have you received "disk read error" after you remove windows vista and try to install windows xp. did you think your hard disk might faulty, don't worry you don't have to replace your hard disk, this is a most common error after removal of vista and try to install xp. the problem occurs after initial files are copied to hard disk and restart pc.

to solve this problem you have to re-partition your hard disk, first you need to take a backup of your data to another pc or hard disk, then while installing xp you can delete all partitions and re-partition hard disk again, or you can just delete C: partion and create partion again, no more disk read errors, enjoy installing windows.

repair your system with kaspersky 2010

kaspersky antivirus 2010 users, i have good news for you, you know that there is a feature called "microsoft windows settings troubleshooting" this feature can automatically scan your system and prompts if there is problems caused by a viruses or malware.

for example - if your systems registry or folder options disabled by a virus, its dispaly in a windows called "system restore wizard" (after the scan complete), then you can select the problem by clicking check box and proceed with repair, then kaspersky antivirus will automatically do the repairs for you, this is great feature avialable in latest kaspersky version of 2010 (ver 9.0)

here is a step by step guide how to repair system with kaspersky antivirus.

• first open kaspersky antivirus (double click from task bar in bottom right corner)
• in the left pane click security+ button
• now click microsoft windows settings troubleshooting
• then select search for problems related to malware activity
• after completion of scan results are displayed in a window called system restore wizard
• now select appropriate action (eg- disable folder option) by clicking check box
• proceed with system repair
  

foxconn motherboard driver installation

are you using foxconn motherboard? then this news is for you, when you install motherboard drivers first you must install chipset drivers, after installation complete then you must restart computer (dont just click restart later and continue with other driver installation)

i,m gonna tell you if you dont restart your pc and continue with other installation, your sound driver wont work, after that there is no way to resolve the issue, the only solution is reinstallation of windows, so dont get lazy, follow the correct order and save your valuble time.