How to Disabled Autorun

 Removable USB/thumb drives use the Autorun feature to load files when the drives are plugged into the USB port. Malware exploits the Autorun feature to spread from thumb drive to PC. Disable the autorun feature to prevent malware from spreading.
1.The easiest and most effective means to truly disable autorun can be done via this simple autorun registry hack:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

To use this method, Open Notepad and copy/paste the following into a text file:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

2.Save the file as something.reg. (You have to be sure to change the "Save File as Type" to "All Files" before saving, or Windows will try to save it as a .txt even if you typed in .reg.

Locate the file you just saved and double-click the file to run it. You will receive a prompt asking if you want to add the data to the registry. Click yes to allow the modification.

Read More

How to Remove Sality Virus

 Aliases

• 
  
W32/Sality.B.gen!Eldorado (Command)
• W32/Sality.AT (Avira)
• Win32/Sality.AA (CA)
• Win32.Sector.21 (Dr.Web)
• Win32/Sality.NBA (ESET)
• Trojan.Win32.Vilsel.vyy (Kaspersky)
• W32/Sality.gen.e (McAfee)
• W32/Sality.BD (Norman)
• W32/Spamta.QO.worm (Panda)
• Win32.KUKU.kj (Rising AV)
• Troj/SalLoad-A (Sophos)
• PE_SALITY.BA (Trend Micro)

Alert Level (?)
Severe 

Description:

Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web.

Symptom:

As with many other malware, Sality disables antivirus software and prevents access to certain antivirus and security websites. Sality can also prevent booting into Safe Mode and may delete security-related files found on infected systems. To spread via the autorun component, Sality generally drops a .cmd, .pif, and .exe to the root of discoverable drives, along with an autorun.inf file which contains instructions to load the dropped file(s) when the drive is accessed. The Sality virus joins infected machines to its own P2P network. Updates to the malware are fed via decentralized lists of HTTP URLs.

Remediation:

System changes

The following system changes may indicate the presence of this malware:

• Sudden termination of certain security-related applications, processes or services
• Inability to run Windows Registry Editor
• The presence of the following driver:
  %SystemRoot%\system32\drivers\amsint32.sys
• Failure for certain security-related applications to run due to deletion of installed components such as files with the following extensions:
• .AVC
• .VDB

Installation

When run, Virus:Win32/Sality.AT drops a device driver as the following:

%SystemRoot%\system32\drivers\amsint32.sys - Trojan:WinNT/Sality

The virus creates and starts a system service named "amsint32" to run the dropped driver component. Virus:Win32/Sality.AT communicates with the driver component to restore SSDT.

Spreads via…

File infection

Virus:Win32/Sality.AT injects code into all running processes to load and run the virus and infect Windows executable files with extension ".EXE" or ".SCR". The virus seeks other target files by reading file names found in the following registry subkeys:

HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Virus:Win32/Sality.AT will not infect files protected by SFC or if the file name starts with one of the following strings:

_AVPM.
A2GUARD.
AAVSHIELD.
AVAST
ADVCHK.
AHNSD.
AIRDEFENSE
ALERTSVC
ALOGSERV
ALSVC.
AMON.
ANTI-TROJAN.
AVZ.
ANTIVIR
APVXDWIN.
ARMOR2NET.
ASHAVAST.
ASHDISP.
ASHENHCD.
ASHMAISV.
ASHPOPWZ.
ASHSERV.
ASHSIMPL.
ASHSKPCK.
ASHWEBSV.
ASWUPDSV.
ATCON.
ATUPDATER.
ATWATCH.
AVCIMAN.
AVCONSOL.
AVENGINE.
AVESVC.
AVGAMSVR.
AVGCC.
AVGCC32.
AVGCTRL.
AVGEMC.
AVGFWSRV.
AVGNT.
AVGNTDD
AVGNTMGR
AVGSERV.
AVGUARD.
AVGUPSVC.
AVINITNT.
AVKSERV.
AVKSERVICE.
AVKWCTL.
AVP.
AVP32.
AVPCC.
AVPM.
AVAST
AVSERVER.
AVSCHED32.
AVSYNMGR.
AVWUPD32.
AVWUPSRV.
AVXMONITOR9X.
AVXMONITORNT.
AVXQUAR.
BDMCON.
BDNEWS.
BDSUBMIT.
BDSWITCH.
BLACKD.
BLACKICE.
CAFIX.
CCAPP.
CCEVTMGR.
CCPROXY.
CCSETMGR.
CFIAUDIT.
CLAMTRAY.
CLAMWIN.
CLAW95.
CUREIT
DEFWATCH.
DRVIRUS.
DRWADINS.
DRWEB32W.
DRWEBSCD.
DRWEBUPW.
DWEBLLIO
DWEBIO
ESCANH95.
ESCANHNT.
EWIDOCTRL.
EZANTIVIRUSREGISTRATIONCHECK.
F-AGNT95.
FAMEH32.
FILEMON
FIRESVC.
FIRETRAY.
FIREWALL.
FPAVUPDM.
FRESHCLAM.
EKRN.
FSAV32.
FSAVGUI.
FSBWSYS.
F-SCHED.
FSDFWD.
FSGK32.
FSGK32ST.
FSGUIEXE.
FSMA32.
FSMB32.
FSPEX.
FSSM32.
F-STOPW.
GCASDTSERV.
GCASSERV.
GIANTANTISPYWAREMAIN.
GIANTANTISPYWAREUPDATER.
GUARDGUI.
GUARDNT.
HREGMON.
HRRES.
HSOCKPE.
HUPDATE.
IAMAPP.
IAMSERV.
ICLOAD95.
ICLOADNT.
ICMON.
ICSSUPPNT.
ICSUPP95.
ICSUPPNT.
IFACE.
INETUPD.
INOCIT.
INORPC.
INORT.
INOTASK.
INOUPTNG.
IOMON98.
ISAFE.
ISATRAY.
ISRV95.
ISSVC.
KAV.
KAVMM.
KAVPF.
KAVPFW.
KAVSTART.
KAVSVC.
KAVSVCUI.
KMAILMON.
KPFWSVC.
MCAGENT.
MCMNHDLR.
MCREGWIZ.
MCUPDATE.
MCVSSHLD.
MINILOG.
MYAGTSVC.
MYAGTTRY.
NAVAPSVC.
NAVAPW32.
NAVLU32.
NAVW32.
NEOWATCHLOG.
NEOWATCHTRAY.
NISSERV
NISUM.
NMAIN.
NOD32
NORMIST.
NOTSTART.
NPAVTRAY.
NPFMNTOR.
NPFMSG.
NPROTECT.
NSCHED32.
NSMDTR.
NSSSERV.
NSSTRAY.
NTRTSCAN.
NTOS.
NTXCONFIG.
NUPGRADE.
NVCOD.
NVCTE.
NVCUT.
NWSERVICE.
OFCPFWSVC.
OUTPOST
OP_MON.
PAVFIRES.
PAVFNSVR.
PAVKRE.
PAVPROT.
PAVPROXY.
PAVPRSRV.
PAVSRV51.
PAVSS.
PCCGUIDE.
PCCIOMON.
PCCNTMON.
PCCPFW.
PCCTLCOM.
PCTAV.
PERSFW.
PERTSK.
PERVAC.
PNMSRV.
POP3TRAP.
POPROXY.
PREVSRV.
PSIMSVC.
QHONLINE.
QHONSVC.
QHWSCSVC.
RAVMON.
RAVTIMER.
AVGNT
AVCENTER.
RFWMAIN.
RTVSCAN.
RTVSCN95.
RULAUNCH.
SALITY
SAVADMINSERVICE.
SAVMAIN.
SAVPROGRESS.
SAVSCAN.
SCANNINGPROCESS.
SDRA64.
SDHELP.
SHSTAT.
SITECLI.
SPBBCSVC.
SPHINX.
SPIDERCPL.
SPIDERML.
SPIDERNT.
SPIDERUI.
SPYBOTSD.
SPYXX.
SS3EDIT.
STOPSIGNAV.
SWAGENT.
SWDOCTOR.
SWNETSUP.
SYMLCSVC.
SYMPROXYSVC.
SYMSPORT.
SYMWSC.
SYNMGR.
TAUMON.
TBMON.
AVAST
TMLISTEN.
TMNTSRV.
TMPFW.
TMPROXY.
TNBUTIL.
TRJSCAN.
UP2DATE.
VBA32ECM.
VBA32IFS.
VBA32LDR.
VBA32PP3.
VBSNTW.
VCRMON.
VPTRAY.
VRFWSVC.
VRMONNT.
VRMONSVC.
VRRW32.
VSECOMR.
VSHWIN32.
VSMON.
VSSERV.
VSSTAT.
WATCHDOG.
WEBSCANX.
WEBTRAP.
WGFE95.
WINAW32.
WINROUTE.
WINSS.
WINSSNOTIFY.
WRCTRL.
XCOMMSVR.
ZAUINST
ZLCLIENT
ZONEALARM

Removable and remote drives

Virus:Win32/Sality.AT attempts to copy one of following files to the Windows temporary files folder (e.g. %TEMP%) and infects the copied file:

%SystemRoot%\system32\NOTEPAD.EXE

%SystemRoot%\system32\WINMINE.EXE

The virus copies the infected file to the root of all remote and removable drives as one of the following:

\<random>.pif

\<random>.exe

\<random>.cmd

The virus then writes an Autorun configuration file named "autorun.inf" pointing to the virus copy. When the drive is accessed from a computer supporting the Autorun feature, the virus is launched automatically.

Payload

Prevents booting Windows in safe mode

Win32/Sality.AT recursviely deletes all registry values and data under the following registry subkeys preventing the user from starting Windows in safe mode:

HKLM\System\CurrentControlSet\Control\SafeBoot
HKCU\System\CurrentControlSet\Control\SafeBoot

Disables security monitoring software

Win32/Sality.AT reads the system service descriptor table (SSDT) directly from the NT kernel ("ntoskrnl.exe") and passes the original SSDT to a buffer created by the driver component (Trojan:WinNT/Sality). System API calls to the SSDT are redirected to the clean version stored in the driver component. The behavior may block some HIPS or antivirus on-access detection methods that rely on SSDT hooks.

Deletes security-related files

This virus deletes security data files including security software detection database files or signatures that have the following file extensions found in all drives and network shares:

• .AVC
• .VDB

Terminates security-related services 
Win32/Sality attempts to stop and delete the following security-related services:

Agnitum Client Security Service
ALG
Amon monitor
aswUpdSv
aswMon2
aswRdr
aswSP
aswTdi
aswFsBlk
acssrv
AV Engine
avast! iAVS4 Control Service
avast! Antivirus
avast! Mail Scanner
avast! Web Scanner
avast! Asynchronous Virus Monitor
avast! Self Protection
AVG E-mail Scanner
Avira AntiVir Premium Guard
Avira AntiVir Premium WebGuard
Avira AntiVir Premium MailGuard
AVP
avp1
BackWeb Plug-in - 4476822
bdss
BGLiveSvc
BlackICE
CAISafe
ccEvtMgr
ccProxy
ccSetMgr
COMODO Firewall Pro Sandbox Driver
cmdGuard
cmdAgent
Eset Service
Eset HTTP Server
Eset Personal Firewall
F-Prot Antivirus Update Monitor
fsbwsys
FSDFWD
F-Secure Gatekeeper Handler Starter
FSMA
Google Online Services
InoRPC
InoRT
InoTask
ISSVC
KPF4
KLIF
LavasoftFirewall
LIVESRV
McAfeeFramework
McShield
McTaskManager
navapsvc
NOD32krn
NPFMntor
NSCService
Outpost Firewall main module
OutpostFirewall
PAVFIRES
PAVFNSVR
PavProt
PavPrSrv
PAVSRV
PcCtlCom
PersonalFirewal
PREVSRV
ProtoPort Firewall service
PSIMSVC
RapApp
SmcService
SNDSrvc
SPBBCSvc
SpIDer FS Monitor for Windows NT
SpIDer Guard File System Monitor
SPIDERNT
Symantec Core LC
Symantec Password Validation
Symantec AntiVirus Definition Watcher
SavRoam
Symantec AntiVirus
Tmntsrv
TmPfw
tmproxy
tcpsr
UmxAgent
UmxCfg
UmxLU
UmxPol
vsmon
VSSERV
WebrootDesktopFirewallDataService
WebrootFirewall
XCOMM

Terminates security-related processes

Win32/Sality attempts to terminate the following security-related processes:

_AVPM.
A2GUARD.
AAVSHIELD.
AVAST
ADVCHK.
AHNSD.
AIRDEFENSE
ALERTSVC
ALOGSERV
ALSVC.
AMON.
ANTI-TROJAN.
AVZ.
ANTIVIR
APVXDWIN.
ARMOR2NET.
ASHAVAST.
ASHDISP.
ASHENHCD.
ASHMAISV.
ASHPOPWZ.
ASHSERV.
ASHSIMPL.
ASHSKPCK.
ASHWEBSV.
ASWUPDSV.
ATCON.
ATUPDATER.
ATWATCH.
AVCIMAN.
AVCONSOL.
AVENGINE.
AVESVC.
AVGAMSVR.
AVGCC.
AVGCC32.
AVGCTRL.
AVGEMC.
AVGFWSRV.
AVGNT.
AVGNTDD
AVGNTMGR
AVGSERV.
AVGUARD.
AVGUPSVC.
AVINITNT.
AVKSERV.
AVKSERVICE.
AVKWCTL.
AVP.
AVP32.
AVPCC.
AVPM.
AVAST
AVSERVER.
AVSCHED32.
AVSYNMGR.
AVWUPD32.
AVWUPSRV.
AVXMONITOR9X.
AVXMONITORNT.
AVXQUAR.
BDMCON.
BDNEWS.
BDSUBMIT.
BDSWITCH.
BLACKD.
BLACKICE.
CAFIX.
CCAPP.
CCEVTMGR.
CCPROXY.
CCSETMGR.
CFIAUDIT.
CLAMTRAY.
CLAMWIN.
CLAW95.
CUREIT
DEFWATCH.
DRVIRUS.
DRWADINS.
DRWEB32W.
DRWEBSCD.
DRWEBUPW.
DWEBLLIO
DWEBIO
ESCANH95.
ESCANHNT.
EWIDOCTRL.
EZANTIVIRUSREGISTRATIONCHECK.
F-AGNT95.
FAMEH32.
FILEMON
FIRESVC.
FIRETRAY.
FIREWALL.
FPAVUPDM.
FRESHCLAM.
EKRN.
FSAV32.
FSAVGUI.
FSBWSYS.
F-SCHED.
FSDFWD.
FSGK32.
FSGK32ST.
FSGUIEXE.
FSMA32.
FSMB32.
FSPEX.
FSSM32.
F-STOPW.
GCASDTSERV.
GCASSERV.
GIANTANTISPYWAREMAIN.
GIANTANTISPYWAREUPDATER.
GUARDGUI.
GUARDNT.
HREGMON.
HRRES.
HSOCKPE.
HUPDATE.
IAMAPP.
IAMSERV.
ICLOAD95.
ICLOADNT.
ICMON.
ICSSUPPNT.
ICSUPP95.
ICSUPPNT.
IFACE.
INETUPD.
INOCIT.
INORPC.
INORT.
INOTASK.
INOUPTNG.
IOMON98.
ISAFE.
ISATRAY.
ISRV95.
ISSVC.
KAV.
KAVMM.
KAVPF.
KAVPFW.
KAVSTART.
KAVSVC.
KAVSVCUI.
KMAILMON.
KPFWSVC.
MCAGENT.
MCMNHDLR.
MCREGWIZ.
MCUPDATE.
MCVSSHLD.
MINILOG.
MYAGTSVC.
MYAGTTRY.
NAVAPSVC.
NAVAPW32.
NAVLU32.
NAVW32.
NEOWATCHLOG.
NEOWATCHTRAY.
NISSERV
NISUM.
NMAIN.
NOD32
NORMIST.
NOTSTART.
NPAVTRAY.
NPFMNTOR.
NPFMSG.
NPROTECT.
NSCHED32.
NSMDTR.
NSSSERV.
NSSTRAY.
NTRTSCAN.
NTOS.
NTXCONFIG.
NUPGRADE.
NVCOD.
NVCTE.
NVCUT.
NWSERVICE.
OFCPFWSVC.
OUTPOST
OP_MON.
PAVFIRES.
PAVFNSVR.
PAVKRE.
PAVPROT.
PAVPROXY.
PAVPRSRV.
PAVSRV51.
PAVSS.
PCCGUIDE.
PCCIOMON.
PCCNTMON.
PCCPFW.
PCCTLCOM.
PCTAV.
PERSFW.
PERTSK.
PERVAC.
PNMSRV.
POP3TRAP.
POPROXY.
PREVSRV.
PSIMSVC.
QHONLINE.
QHONSVC.
QHWSCSVC.
RAVMON.
RAVTIMER.
AVGNT
AVCENTER.
RFWMAIN.
RTVSCAN.
RTVSCN95.
RULAUNCH.
SALITY
SAVADMINSERVICE.
SAVMAIN.
SAVPROGRESS.
SAVSCAN.
SCANNINGPROCESS.
SDRA64.
SDHELP.
SHSTAT.
SITECLI.
SPBBCSVC.
SPHINX.
SPIDERCPL.
SPIDERML.
SPIDERNT.
SPIDERUI.
SPYBOTSD.
SPYXX.
SS3EDIT.
STOPSIGNAV.
SWAGENT.
SWDOCTOR.
SWNETSUP.
SYMLCSVC.
SYMPROXYSVC.
SYMSPORT.
SYMWSC.
SYNMGR.
TAUMON.
TBMON.
AVAST
TMLISTEN.
TMNTSRV.
TMPFW.
TMPROXY.
TNBUTIL.
TRJSCAN.
UP2DATE.
VBA32ECM.
VBA32IFS.
VBA32LDR.
VBA32PP3.
VBSNTW.
VCRMON.
VPTRAY.
VRFWSVC.
VRMONNT.
VRMONSVC.
VRRW32.
VSECOMR.
VSHWIN32.
VSMON.
VSSERV.
VSSTAT.
WATCHDOG.
WEBSCANX.
WEBTRAP.
WGFE95.
WINAW32.
WINROUTE.
WINSS.
WINSSNOTIFY.
WRCTRL.
XCOMMSVR.
ZAUINST
ZLCLIENT
ZONEALARM

Additionally, Virus:Win32/Sality.AT kills processes which have following modules loaded:

DWEBLLIO
DWEBIO

Modifies Windows settings

Virus:Win32/Sality.AT modifies the registry to disable Windows Registry Editor:

Sets value: "DisableRegistryTools"
With data: "1"

Under subkey: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system

The virus modifies the registry to prevent viewing files with hidden attributes.

Sets value: "Hidden"
With data: "2"
Under subkey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer

Lowers computer security

Virus:Win32/Sality.AT modifies the registry to bypass the Windows firewall.

Sets value: "<virus file name>:*:enabled:ipsec"
With data: "<virus file name>"
Under subkey: HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\List

The virus modifies other registry data that lower the security of the infected computer. Virus:Win32/Sality.AT modifies the following registry data to change Windows Security Center and Windows Firewall settings.

Sets value: "AntiVirusOverride"
with data: "1"
Under subkey: HKLM\SOFTWARE\Microsoft\Security Center

Sets value: "AntiVirusOverride"
with data: "1"
Under subkey: HKLM\SOFTWARE\Microsoft\Security Center\Svc

Sets value: "AntiVirusDisableNotify"
with data: "1"
Under subkey: HKLM\SOFTWARE\Microsoft\Security Center\Svc

Sets value: "FirewallOverride"
with data: "1"
Under subkey: HKLM\SOFTWARE\Microsoft\Security Center\Svc

Sets value: "FirewallDisableNotify"
with data: "1"
Under subkey: HKLM\SOFTWARE\Microsoft\Security Center\Svc

Sets value "EnableFirewall"
with data: "0"
Under subkey: HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

Downloads arbitrary files

Virus:Win32/Sality.AT attempts to download files from remote servers to the local drive, then decrypts and executes the downloaded files. We have observed the virus to connect to the following servers:

www.klkjwre9fqwieluoi.info
kukutrustnet777888.info
klkjwre77638dfqwieuoi888.info
89.119.67.154
kukutrustnet777.info
kukutrustnet888.info
kukutrustnet987.info

At the time of this writing, retrieved files were identified as the following:

• TrojanProxy:Win32/Pramro.F
• TrojanSpy:Win32/Keatep.B
  Despite the fact the Microsoft strives to make Windows operating systems as secure as possible, malware threats might still breach the computer security and infect the PC. Depending on the type of malware, various tools can be used. One of them is Win32/Sality Remover, an application developed by AVG for eradicating a specific Windows virus.
  
  Win32/Sality.AM is a variant of polymorphic file infectors targetting Windows executable files featuring .SCR or .EXE extensions. Win32/Sality.AM can run a damaging payload deleting files with specific extensions while also killing security-related processes and services.
  
  The benefit of using such a utility over a dedicated security solution is that removal tools specialize in detecting and removing specific viruses that might not be included in the virus definitions of the existing antivirus.
  
  Win32/Sality Remover does not need to be installed onto the target computer as it runs out-of-the-box, simply by double-clicking its file. It automatically starts scanning the PC yet users can stop the process when needed. During this scan, one can view the total number of analyzed files, the infected ones, as well as the removed ones.
  
  If any of the scanned files cannot be accessed because it is used by the operating system or by another program, Win32/Sality Remover can schedule the scan and clean for the next OS restart, so that it is no longer interrupted by any disturbances.
  
  This software can be run from the command-line, and depending on the parameters, it can be used to scan and disinfect a certain file, an entire folder or a drive. Needless to say, it is best if this action is performed by an expert, familiarized with Windows commands.
  
  Although Win32/Sality Remover is efficient in detecting and removing Win32/Sality.AM variants, one should not rely exclusively on this application for ensuring PC security. A full-featured antivirus solution is essential for keeping the computer malware-free.
    

 You can Download Sality REMOVAL

click Here

Read More

Ultrabook

From Wikipedia, the free encyclopedia

Asus UX21 ultrabook

An Ultrabook is a higher-end type of subnotebook defined by Intel.^[1] Intel claims a trademark in the name Ultrabook.^[2] Ultrabooks are designed to feature reduced size and weight and long battery life while retaining strong performance. They use low-power Intel CULV processors with integrated graphics, solid-state drives for fast loading times, and unibody chassis to fit larger batteries into smaller cases.^[3] Because of their minimal size, the ability to have many ports (USB, HDMI, VGA, ethernet, etc) is limited.

By this marketing initiative and an associated $300 million fund, Intel hopes to influence the slumping PC market against rising competition from tablet computers, which are typically powered by competing ARM-based processors.^[4]

Hardware requirements

Three phases of Ultrabooks are planned to align with the release of low voltage Sandy Bridge, Ivy Bridge, and Haswell processor models.

First phase (Q4 2011)

• Thin – less than 21 mm (0.8 inch) thickness^[5]
• Lightweight – less than 1.4 kg (3.1 pounds)^[6]
• Long battery life – 5 to 8+ hours^[7]
• Mainstream pricing – around $1,000 USD ^[8]
• May use flash-based SSDs^[9]
• Use CULV (17 W TDP) Intel Sandy Bridge mobile processors
  • Core i5-2467M (1.6 GHz)
  • Core i5-2557M (1.7 GHz)
  • Core i7-2637M (1.7 GHz)
  • Core i7-2677M (1.8 GHz)
• Use Intel's graphics sub-system HD Graphics 3000

Second phase (Q2 2012)

• Use CULV Intel Ivy Bridge mobile processors
  • Core i5-3427U
  • Core i5-3320M^{[citation needed]}
  • Core i5-3360M^{[citation needed]}
  • Selected i7 chips.
• Intel is targeting up to:
  • 30% increase in integrated graphics performance over Sandy Bridge
  • 20% increase in CPU performance over Sandy Bridge
• USB 3.0, PCI Express 3.0

Larger Screen Sizes

Though not a "requirement" per se, more 14 and 15" screens can be expected later on into 2012. At a presentation at the Consumer Electronics Show, an Intel Manager stated that market analysis revealed that screen size motivated some of the reluctance to switch to 13" Ultrabooks. As a result, Intel is planning to ensure, through cooperation with manufacturers, a 14 or 15-inch screen on 50% of the 75 Ultrabooks that will likely come to market in 2012. ^{[10] [11]}

Third phase (2013)

• Use CULV Intel Haswell mobile processors
• New advanced power saving system – power consumption half of early 2011 chips^[12]
• Use 15 W TDP processor (multi-chip package, like Westmere)^[13]

List of models

Because of the novelty of the Ultrabook, many manufacturers been unable to meet all of Intel's requirements in their initial models. These deviations (especially cost overruns) are expected to decline as manufacturing processes for Ultrabooks mature. Sections in bold indicate an area where the model fails to meet Ultrabook requirements.

First phase (Q4 2011, Q1 2012)

Brand - Model1	Price of Base Model2	Release Date	Intel Processor of Base Model	Base RAM Capacity	Base Drive Capacity	Minimum / Maximum Thickness3	Weight	Battery Life	Display Size Resolution
Acer Aspire 3951[14]	$900	October 2011	Core i5-2467M (1.6 GHz)	4 GB	320 GB HDD + 20 GB SSD4	13.10 mm / 17.50 mm (0.51 in / 0.69 in)	1.35 kg (2.98 lbs)	36 Wh, ~6 hours	13.1" (1366×768)
Acer Aspire 3951	$1,200	November 2011	Core i5-2467M (1.6 GHz)	4 GB	256 GB SSD	13.10 mm / 17.50 mm (0.51 in / 0.69 in)	1.35 kg (2.98 lbs)	36 Wh, ~6 hours	13.1" (1366×768)
Acer Aspire 3951[15]	$1,300	November 2011	Core i7-2637M (1.6 GHz)	4 GB	256 GB SSD	13.10 mm / 17.50 mm (0.51 in / 0.69 in)	1.35 kg (2.98 lbs)	36 Wh, ~6 hours	13.1" (1366×768)
Asus Zenbook UX21[16]	$1,000	October 2011	Core i5-2467M (1.6 GHz)	4 GB	128 GB SSD	16.76 mm (0.66 in)	1.10 kg (2.43 lbs)	35 Wh, ~5 hours	11.6" (1366×768)
Asus Zenbook UX31[16]	$1,100	October 2011	Core i5-2557M (1.7 GHz)	4 GB	128 GB SSD	17.00 mm (0.67 in)	1.30 kg (2.90 lbs)	50 Wh, ~5 hours	13.3" (1600×900) (Glossy)
Dell XPS 13 [17]	$1,000	February 2012	Sandy Bridge i5 at first, then later Ivy Bridge.	4 GB	128 GB SSD	6-18mm; 12mm or 0.47in average	1.36 kg (3 lbs)	47 Wh, ~8 hours	13.3" (1366×768)
HP Folio 13[18]	$930	December 2011	Core i5-2467M (1.60 GHz)	4 GB	128 GB SSD	18.00 mm (0.7 in)	1.49 kg (3.3 lbs)	59 Wh, ~9 hours	13.3" (1366×768)[19]
HP Spectre (HP Envy 14)[20] [21]	$1,400	February 2012	Core i5-2467M (1.60 GHz)	4 GB	128 GB SSD	20.00 mm (0.8 in)	1.8 kg (3.95 lbs)	~9 hours	14" (1600×900)
Lenovo IdeaPad U300S[22]	$1,000[23]	November 2011	Core i5-2467M (1.6 GHz)	4 GB	128 GB SSD	14.99 mm (0.59 in)	1.34 kg (2.95 lbs)	30 Wh, ~8 hours	13.3" (1366×768) (Glossy)
Lenovo IdeaPad U300E [24]	$800	February 2012	Ivy bridge		500 GB HDD + 32 GB SSD4			~8 hours	13.3" (1366×768)
LG X-Note Z330[25]	₩1,700,000 ($1475)	December 2011	Core i5-2467M (1.6 GHz)	4 GB	120 GB SSD	14.7 mm (0.58 in)	1.21 kg (2.67 lbs)	~6 hours	13.3" (1366×768)
Samsung Series 5 13"[26][27][28]	$900	January 2012	Core i5-2467M (1.6 GHz)	8 GB max	128 GB SSD / 256 GB SSD / 500 GB HDD	14 mm / 17.6 mm (0.55 in / 0.69 in)	1.38 kg (3 lbs)	~6.4 hours	13" (1600×900)
Samsung Series 5 14"[26][27][28]	$1,100	January 2012	Core i5-2467M (1.6 GHz)	8 GB max	128 GB SSD / 256 GB SSD / 1 TB HDD	20.9 mm (0.82 in)	1.84 kg (4.06 lbs)		14" (1600×900)
Samsung Series 9 13" (2012) [29] [30]	$1,400	February 2012 Refresh	Core i5-2537M (1.4 GHz)	4 GB (8 GB max)	128 GB SSD	12.7mm (0.5in)	1.1 kg (2.5 lbs)	47 Wh, ~7 hours	13.3" (1600×900) (Matte)
Samsung Series 9 15" (2012) [29][30]	$1,500	February 2012 Refresh	Core i5-2537M (1.4 GHz)	4 GB (8 GB max)	128 GB SSD	15.74 / 16.25 mm (.62 in / .64 in)	1.59 kg (3.50 lbs)	47 Wh, ~7 hours	15" (1600×900) (Matte)
Toshiba Portege Z830[31]	$900	November 2011	Core i3-2367M (1.4 GHz) (i5, i7 models exist)	4 GB	128 GB SSD	16.00 mm (0.63 in)	1.11 kg (2.45 lbs)	47 Wh, ~8 hours	13.3" (1366×768) (Matte & Glossy models)
Toshiba Portege Z835-P330[32]	$800	November 2011	Core i3-2367M (1.4 GHz)	4 GB	128 GB SSD	16.00 mm (0.63 in)	1.11 kg (2.45 lbs)	47 Wh, ~8 hours	13.3" (1366×768)

Second phase (expected release Q2 or later 2012)

Brand - Model1	Price of Base Model2	Release Date	Intel Processor of Base Model	Base RAM Capacity	Base Drive Capacity	Minimum / Maximum Thickness3	Weight	Battery Life	Display Size Resolution
Acer Aspire "S5" [33] [34]	No Data	Q2 2012	Ivy Bridge	8GB	SSD	14.9mm (0.59 in)	1.35 kg (2.97 lbs)	~8 hours	13.3" (1366×768)
Lenovo Thinkpad T430u[35]	$850	Q3 2012	No Data	4 GB	128 GB SSD or 1TB HDD	20.3mm (0.8 in)	1.77 kg (3.9 lbs)	~6 hours	14" (1366×768) (Glossy)
Lenovo IdeaPad "Yoga" [36]	$1,200	Q3 2012	Ivy Bridge	No data on base model	256 GB SSD	17mm (0.67 in)	1.4 kg (3.1 lbs)	~8 hours	13.3" (1600×900) (folds into tablet)
Lenovo IdeaPad U310 [37] [38]	$700	May 2012	No data	4 GB	64 GB SSD or 500 GB HDD	18mm (0.71 in)	1.7 kg (3.75 lbs)	~8 hours	13.3" (1366×768)
Lenovo IdeaPad U410 [37] [38]	No Data	May 2012	No Data	4 GB	64 GB SSD or 500 GB HDD	21mm (0.83 in)	1.9 kg (4.2 lbs)	~8 hours	14" (1366×768)

Notes:
¹ Only base laptops are shown here.
² Pricing announced (in USD and on the US market, unless specified) by manufacturer or at time of product release.
³ Some Ultrabooks have a uniform Thickness.
⁴ These models include two drives. The SDD is pre-configured to store only hibernation data (for faster S4 resume).

Read More