A Spyware is any technology or software that gathers personal information of a person or the confidential information of a organization. A Spyware is a malicious application that is installed in the computer with or without the knowledge of the user. The Spyware, as its name suggest perform the function of a spy. It collects several information from the computer and send the information to the attacker. Some spywares allows the user to configure the victim's computer to his needs. The spyeare may be installed in to the computer without the knowledge of the user through the drive by download or by clicking the link on the pop-up window. But there are spywares available in the market which help the parents to track the sites visited by their children. As you may know that the browser stores the information about the sites you visited in the cookies. If the personal information about you are stored in the cookie, then cookie can be considered as a spyware. In the beginning stage the function of the spyware is just monitering the user. But as the time passes, more powerful spyware were introduced. There functions are not just limited to the simple monitering the user. It can not only collect the browsing habts of the user but can also install the software that will interfere with the normal operation of the computer. You may someetimes noticed that you cannot access the internet, but the data transfer occurs between your computer and the internet without your permission. That may be because of the spyware. Some people asks through the sites like yahoo answers, ibibo.com etc about the problem of the spyware redirecting the website. Even if they entered the correct website address, they are redirected to another site. This shows that your browser has compremissed with the spyware installed. As you may know, any personal information that is collected without the knowledge of the user by any means is a crime. Similarly the creaton and uasge of spyware that collects the personal information about the other people or organization is a crime. Many countries have made strict laws to prevent the spyware. Yet there are people creating the spyware, challenging the laws of their own nation.
Powered By BidVertiser
Friday, June 26, 2009
Spyware (Part - 1)
Wednesday, June 24, 2009
Microsoft Malicious Tool For Computer Virus Removal
You may know that Microsoft releases the patches for the new computer viruses and the bugs they found. They also releases some viral removal tools such as Rootkit Revealer for the Windows users. The arrival of these tools as well as the applications for keeping the computer away from the attack of the malicious programs proves their concern about the security of the computers running on Windows. Microsoft is spending splendid resources including time for the Windows Users. They want Windows to be the secure Operating System. You may be noticed that the new Operating Systems that the Microsoft releases are having far good security than its older versions. Some releases even threatened the anti virus software firms. But the virus makers found the loop holes in the security measures and creats the virus that exploits the loop hole to its maximum extend.
There are several softwares available in the Microsoft's website for the computer security. Millions of people have downloaded and installed these softwares. The people who do not download these software may due to the lack of internet connection or due to unawareness or they are using the pirated version of the Windows fearing that they would be caught if they connect to the Microsoft's website. Dont worry about that, you can download it from other trusted websites like Brothersoft, CNET, filehippo etc.
Microsoft has released a malacious removal tool which is a freeware and can be downloaded from the internet. The tool is ment for Windows Vista, XP, 2000, 2003 Windows Server. This Malacious Software Removal Tool can remove any malacious software that is running behind the process tree. For running the application you have to download the application. Then install it in your computer. You can install the application only if you are accessing the computer with your administrator account. After installing the application you can run the software and perform the scan. It will remove all the malacious software running in th process tree. You can use it along with the other anti virus softwares.
The application to be download is 8.4 MB in size. The file name is "windows-kb890830-v2.11.exe". You can download it from:
Crazy Boot Computer virus
Crazy Boot is a computer virus that is capable of infecting the computers running on Windows. It spreads through the floppy disks. When a host computer is booted from a floppy disk infected by the Crazy Boot virus, the virus starts infecting the host computer. However it does not cause any physical damage or direct loss of information. It is a boot virus. It infects a computer only when the computer is booted from an infected disk. When a computer is booted from an infected floppy, then Crazy Boot infects the Master Boot Record. It reads the highest memory location from the RAM and reside in the highest memory location. Once it gets in to the memory, it starts infecting files that are not write protected.
Crazy Boot virus is a stealth virus. If you try to examine the infected boot sector, it displays the correct boot sector information. It also displays the message:
OTHERWISE YOU WILL GET IN 'DEEP, DEEP' TROUBLE!. . .
CRAZY BOOT VER. 1.0
There is a very low chance for a computer get infected bu the Crazy Boot virus today since the era of floppy disk is almost over and due to the security measures included in the Windows available today in the market. It is very risky to disinfect the boot sector using the FDISK/MBR. It is because Crazy Boot virus will not place the MBR in its correct location. But the location is known to Crazy Boot virus. It is better to use a proper antivirus to remove the virus.
Tuesday, June 23, 2009
The Latest Computer-Virus Victim - Macromedia Shockwave
You may be familiar with the .swf files. They are created using the Macromedia Flash. They are used to create animations. I have also created some small flash movies. The swf file contains some audio and video data that deals with the animation. The file is very compact that they can be used in many web based applications. Several websites including those owned by the multinational companies uses flash animations to make their website more attractive and user interactive. One of the example is the esnips.com. the site uses the flash file to allow the user to upload the files. You can also see an attractive animation that involves good user interaction in the website of the company Hero Honda. More over flash allows one to create small applications. The flash gives a lot of functions for the user to create the applications very easily and can accomodate complex functions. The applications created using the flash is more attractive than created using java or cpp. The usage of the flash in the website is considered more secure than including video. But the recent reports by the Kaspersky anti virus firm proves it to be wrong. SWScript.LFM, which is the first malicious program that infects the popular multimedia format, Macromedia Shockwave.For spreading, this malicious program requires several important conditions, whose simultaneous execution is highly unlikely. First of all, LFM requires a PC that has been installed with a full program version that executes Macromedia Shockwave files - special plug-in versions installed on Internet Explorer and Netscape Navigator by default are not enough for the virus to operate. Secondly, a user has to manually download the infected SMF file to his computer and start it up. Thirdly, fortunately LFM is only capable of infecting SMF files located in the same directory as the file-carrying virus. Kaspersky Labs considers the possibility of an epidemic outbreak caused by the LFM virus to be very unlikely. May be this starts the new era in the computer virus which can spread more than other virus since many websites uses flash based applications.
Defense procedures against LFM have already been added to the Kaspersky Labs daily anti-virus database update as of January 8, 2002. You will get a more detailed information about this malicious program is available in the Kaspersky Virus Encyclopedia.
Sunday, June 21, 2009
Commwarrior Mobile Virus
Commwarrior is a mobile worm developed to infect the mobiles running on the Symbian OS. It was first discovered in Russia. It uses Bluetooth and MMS as the medium for spreading. Commwarrior.A checks the system cloack and decides which application can be used for the spreading. But Commwarrior does not use this method. The worm reads the mobile numbers from the address book of the infected mobile and sends out the virus files via Bluetooth and through MMS. Normally if a virus starts spreading, the users can be warned against the virus if the name if the infected file that the virus will sent to the other mobiles. The Commwarrior cannot be prevented by this manner. It can name the infected files with different names as the parent names his child. Since the different infected files have different names, the users cannot be warned aginst receiving the infected file. Usually the multimedia files are send through the MMS. So the users have the feeling that the files received through the MMS are more secure since the images and video have a minor probability to be a virus. But unfortunately the Symbian installation files can be sent through the MMS. This feature (may be loop hole) is used by the worm for infecting the other mobiles. So be carefull about the files you received in the mobiles. Always check whether the file is sent with the knowledge of the person from whose mobile you received the file.
Spreading through Bluetooth
Commwarrior spreads through bluetooth using the SIS files that have different names. The SIS file contains the worm main executable commwarrior.exe and boot component commrec.mdl. The SIS file contains autostart settings that will automatically execute commwarrior.exe after the SIS file is being installed.
When Commwarrior worm is executed it will start looking for other bluetooth enabled devices. If a device is found, it send a copy of itself to each of these phones one after another. If target phone goes out of range or rejects file transfer, the Commwarrior will search for another phone. The Commwarrior worm will look for new targets after sending itself to the first target, thus it is able to contact all phones in range.
Replication over MMS
Spreading though MMS:
Commwarrior spreads through the MMS by sending MMS messages that contains the infected SIS file to other users whose mobile numbers were in the address book of the infected mobile. The MMS messages contain variable text messages and Commwarrior SIS file with filename commw.sis. Unlike in bluetooth spreading, the SIS file name is constant, otherwise the SIS file is identical to the one sent in bluetooth spreading.
Disinfection:
The easiest way for disinfection is the use of the anti virus software for the mobile phone and it will remove almost all the viruses in your mobile phones. Several companies like F-Secure are providing softwares for the removal of the mobile phone viruses. For downloading the software, open the browser in your mobile and navigate to : http://mobile.f-secure.com. Click on the link "Download F-Secure Mobile Anti-Virus" and then select your phone model. Then download the file and then install it. After installing go to the menu and open the antivirus and scan the mobile phone for virus. The software will detect the viruses and removes it. But to kill the running Commwarrior process, the mobile phone must be restarted. You will get a detailed description about the manual removal from:
http://www.cell-phone-viruses.com/1124211683-commwarrior-virus-manual-removal.html
