-noscere…

Today, suddenly my computer won’t boot up the operating system. I use Windows XP as my operating system and last night there is nothing wrong with my PC. At first it boots normally, just when the welcome windows shows up, suddenly it shows a blue screen for about a split second, and then restarts. After that, Windows shows the boot option whether I start the Windows normally, or use a last good configuration, or using a safe mode. I’ve tried all of the option, but nothing seems works.
When this kind of thing happen, usually I use my Windows Emergency Boot CD, with the Windows Pre-Installed Environment but unfortunately, my EBCD is not with me right now, my friend borrowed that CD to repair her laptop operating system. Pooh, I thought my day would be miserable all day long because I can’t use my PC to do my task. I have another option, which is to repair my Windows using the installation CD, well, so I tried to do that. But how unlucky I am, when I want to repair it, my primary hard disk partition somehow “unidentified”, it only shows my data and document partitions. Oh great, now I think my last option is to format it. However, before I format it, I try to accessed my primary partition using Linux Knoppix (live CD), and actually I can mount it in Knoppix, and save some important things to another drive/partition. Oh well, then I think that maybe I don’t have to format my primary partition after all. So, I try to boot again using my Windows installation CD, and try to repair it from Recovery Console. First thing is that I try “chkdsk” to find some errors in my disk file structure. It went well, and when I try to list directory in my active partition, it went well too.
Finally, after all that stuff (and worrying that I have to buy a new hard disk) I exit the Recovery Console and restart my PC. When it comes to the booting option, I chose to start Windows normally, and Thanks God, finally it boots successfully. I just hope it won’t crash again for some weeks ahead because I’m in a deadline for my project, and I really need my PC most. Wish me luck for my project.

In a quick review, I think there are some positive and negative sides of both products. Let me explain it for both of the product:

1.avast! Home Edition (version: 4.8, free license)
a. Positives
-Freeware
-Various protection against:
a).Internet mail
b).Instant messaging
c).Network attack
d).Incoming and outgoing email (using Outlook/Exchange)
e).Peer-to-peer (P2P)
f).Computer virus
g).Malicious web (web scanning)
-Can schedule a boot-time scan.
-Configurable. You can configure the scan mode (quick, standard, and thorough), the resident scanner sensitivity (disabled, standard, and high), and many more, depends on what you need.
-Interesting user interface (simple, skin support, etc)
-Has anti-spyware and anti-rootkit edited

b.Negatives
-Offline update file is quite big to download (last checked on update site is 13.76 MB)
-There is no task scheduler for virus scanning.
-You can’t store the scan result, so if you want to scan, you must do it until it finished.
-There is no blocking for malicious web script.

2.AVG Free Edition (version: 7.5, free license)
a.Positives
-Freeware
-You can schedule a virus scan (scheduled tasks).
-Offline update support (you can download the virus database into you computer first and run the update manager, the size depends on the updates).
-Stop and resume capabilities in scanning virus.
-Quite fast scanning for files, using heuristic.

b.Negatives
-Only protects against:
a).Computer virus
b).Incoming and outgoing email (using Outlook/Exchange)
-There is no anti-spyware and firewall protection installed. I hear that AVG 8 has an anti-spyware bundled with the anti-virus program installer.
-There is no anti-rootkit also
-There is no blocking for malicious web script.
-Standard user interface.
-Standard configuration for scanning files.

Overall these two antivirus programs is good, it only depends on what your computer needs. For example, if you always connected to the internet, do many activity in the internet, you might choose to use avast! for your PC anti-virus, or if you are rarely going online, AVG might be the best for you (considering the offline virus database update support). For me, both of this antivirus is fine, as long as it’s free hehehe…

PS: This is only my opinion as a user

Recently I found this blog of Mr.Bill Mullins giving his list of 10 free security software for your computer. The list itself contains various kind of program, start from anti-virus, firewall, anti-spyware and other programs. The interesting part is that the program is free, some of the program maybe need registration online, but the registration itself is also free. Some of the program is in my anti-virus or anti-spyware list, but there are other program that I think quite interesting to try and installed. Right now I’m trying avast! anti-virus beside my AVG free edition. Let me tell you the difference in this two program later.

10 last installed program in my pc:
1. avast! antivirus home edition
2. Buildalot 2 Town of the Year
3. Pidgin chat client
4. Virtual Farm
5. StoneLoops of Jurassica
6. Platypus
7. FreeMind
8. GPRS Counter
9. PCMAV RTP-Scan
10.Sony Ericson Themes Creator

Trojan/Trojan horse

Definition:

The wooden horse that the Greeks reputedly used during the siege of Troy has been applied to malicious code that allows its creator to execute an unauthorized command or set of commands on a computer infected by the code. Simply put, a Trojan horse is not a computer virus; it does not propagate by self-replication but relies heavily on the exploitation of an end-user.

Trojan horses are both problematic and a basic type of malicious code designed primarily to give hackers access to system files. This gives hackers the ability to change file settings, steal files or passwords, damage files, or monitor user activities on other computers on a network.

The six main types of Trojan horse payloads are:

• • Remote Access
  • Data Destruction
  • Downloader
  • Server Trojan (Proxy, FTP, IRC, Email, HTTP/HTTPS, etc.)
  • Security software disabler
  • Denial-of-service attack (DoS)

How to handle:

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually (safe mode is recommended). Normally, anti-virus software is able to detect and remove the trojan automatically. If the anti-virus cannot find it, booting the computer from alternate media (cd) may allow an anti-virus program to find a trojan and delete it. Updated anti-spyware programs are also very efficient against this threat.

Common anti-trojan (check the anti-virus and anti-spyware post)

- Free

TrojanScan (online scanner: http://www.windowsecurity.com/trojanscan/)

Resource:

http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29

Other various resources found from the internet

Spyware

Definition:

The term spyware is used to describe any computer technology that gathers information about a person or organization without their knowledge or consent. Spyware can be installed on a computer through several covert means, including as part of a software virus or as the result of adding a new program. Note that the terms spyware, stealware, and adware are sometimes used to describe the same or similar types of malicious code.

Spyware is used to gather information such as recorded keystrokes (passwords), a list of Web sites visited by the user, or applications and operating systems that are installed on the computer. Spyware can also collect names, credit card numbers, and other personal information. It is usually placed on a computer to gather information about a user that is later sold to advertisers and other interested parties. The information gathered by spyware is often combined with other databases to create profiles of individuals, families, work groups, or even entire companies.

Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses; however, spyware—by design—exploits infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.

How to handle: using anti-spyware

Common anti-spyware

- Commercial:

Lavasoft AdAware (full version)

PC Tools’ Spyware Doctor (full version)

- Free:

Spybot – Search & Destroy (all features free for non-commercial use)

Grisoft AVG Anti Spyware

SpywareTerminator

Microsoft Windows Defender

Lavasoft AdAware (limited functions)

Resource:

http://en.wikipedia.org/wiki/Spyware

Other various resources found from the internet

Computer Worm

Definition:

A worm is a malicious program that originates on a single computer and searches for other computers connected through a local area network (LAN) or Internet connection. When a worm finds another computer, it replicates itself onto that computer and continues to look for other connected computers on which to replicate. A worm continues to attempt to replicate itself indefinitely or until a self-timing mechanism halts the process. Unlike a virus, it does not need to attach itself to an existing program. Worms usually cause harm to the network, if only by consuming bandwidth, whereas viruses usually corrupt or modify files on a targeted computer.

How to handle:

Worms spread by exploiting vulnerabilities in operating systems. All vendors supply regular security updates (see “Patch Tuesday”), and if these are installed to a machine then the majority of worms are unable to spread to it. If a vendor acknowledges a vulnerability but has yet to release a security update to patch it, a zero day exploit is possible. However, these are relatively rare.

Anti-virus and anti-spyware software are helpful, but must be kept up-to-date with new pattern files at least every few days. The use of a firewall is also recommended.

Common anti-worm: (check the anti-virus and anti-spyware post)

Resource:

http://en.wikipedia.org/wiki/Computer_worm

Other various resources found from the internet

Sometimes we confuse between virus, trojan, worm, and spyware. Let me explain it in a simple way for each part. Let’s start with computer virus.

Computer Virus

Definition:

A virus is a computer program that initiates an action on a computer (infects it) without the user’s consent. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer.

Viruses generally have the following components:

- A replication mechanism that allows reproduction and enables the virus to move from one computer to other computers

- A trigger that is designed to execute the replication mechanism or the task of the virus

- A task or group of tasks that execute on a computer to destroy or alter files, change computer settings or configurations, or otherwise hinder or impede the operations of a computer or networking device

How to handle: using anti-virus software/program, using system restore on windows, reinstalling the operating system.

Common anti-virus

- Commercial:

Symantec Antivirus/Norton

McAfee

BitDefender

TrendMicro PC Cillin

Kaspersky

Norman

- Free

Grisfot AVG Free

ClamAV/ClamWin for Windows

Avast! Antivirus

PC Media Anti Virus (PCMAV) – Indonesia (pcmav.biz)

ANSAV – Indonesia

AVIRA

- Online scan

Norton/Symantec

Panda Antivirus

BitDefender

TrendMicro PC Cillin

Kaspersky

Resource:

http://en.wikipedia.org/wiki/Computer_virus

Other various resources found from the internet

There are some points in using Windows System Restore (in Windows XP, I haven’t checked it in Vista). I have divided it into two parts, the first part is creating a restore point, and second is restoring from a previous restore point. System Restore is located in the Start Menu Program. You can access it through these steps, click on your “Start” menu à “All Programs” à “Accessories” à “System Tools” à “System Restore”. Alternatively, if you want to execute the program directly from windows explorer, you can find it in “%SystemRoot%\system32\restore\rstrui.exe” (for example if you installed your Windows Operating System in C drive, it will point to “C:\WINDOWS\system32\restore\rstrui.exe”).

1. Create a restore point
   1. Open the system restore menu.
   2. There will be three options, choose “Create a restore point” and then choose “Next” button.
   3. After that, you can enter the restore point description for your computer at that time and then choose “Create” button.
   4. Windows will create your restore point. Choose “Close” button if you want to close System Restore, or choose “Home” button if you want to do something else.
2. Restore from a previous restore point
   1. Open the system restore menu.
   2. There will be three options, choose “Restore my computer to an earlier time” and then choose “Next” button.
   3. Now you will see some kind of calendar page consisting restore points that you/your computer have created.
   4. Choose the date if you want to restore your computer to previous state (if your computer has an error on May 4^th, and you want to restore it before it has an error, for example in April 29^th, you can choose the date from the calendar). Choose “Next” button if you already finished.
   5. Confirm your restore point selection in the next window, and if it is right, you can choose “Next” button, and Windows will restore your computer to previous state.
   6. If that restore action still can’t fix your computer state, you can choose another date, or you can choose “Undo my last restoration” from system restore main window, and choose “Next” button.

Common questions about Windows System Restore

Q: Will system restore changed my documents too?

A: No, system restore just like it’s name, just restore the system and not the documents you have created after the restore point.

Q: How can I set the system restore? Are there any options for it?

A: You can change the setting for system restore in the main/first window of system restore. You can change the setting of system restore by clicking on “System Restore Settings” on the left part of the window.