Well, if that would have been said to me by my father when I was 2 years of age, I would have understood. But when today, my own computer tells me that when I am 34, I wonder why I spent $1500 on my computer hardware and software just to enjoy the (un-realized) benefits of this great and revolutionary information technology?
Today's cyberspace is hazardous. None of today's PC users can claim that they never had a computer virus issue or a PC security breach. Now, if you count today's number of PC users worldwide, they will soon be 1 billion by 2010 according to analysts. When I see all the computer viruses, infections, trojans, and what not around me, and compare it with the 1 billion innocent computer users around the world, I simply feel sorry not only for those billion users but for myself too. But again, as a common user myself, I must admit it was not all doomsday for the whole industry since 1987 when I started to use computers. So, as a responsible member of this great IT revolution, I must share some of the best tips and tricks that I learned to use to make the minimum room for productivity on my computer.
Please note this is a tutorial for someone who has basic know-how of computer usage. For those who are newbies, I would recommend asking a local expert's help before trying anything out mentioned in this tutorial. In that case, make room for payment from deep pocket. For your own convenience, print this tutorial for step-by-step instructions.
Whenever my computer is infected, I act on any of the following options;
1. FORMAT HARD DISK: I back up all of my data on a CD-Writer if it is still accessible. And then format the whole hard disk drive and re-install each and every application.
2. USE SOFTWARE: I exhaust all anti-virus and other software options. This is usually my first priority as compared to formatting the whole computer hard disk drives.
Now, let me explain both options in detail;
PRE-REQUISITES: Make sure you have a CD-Drive (Writer), empty writable CDs, Windows OS CD (bootable) that contains files such as Format.exe, Scandisk.exe, FDisk.exe, and Attrib.exe files. Microsoft Office CD, Anti-Virus CD, GoldenHawk CD Writing Software in DOS (copy2cd.exe and cdtools.exe), Serial Numbers of your License, Driver CDs of Motherboard, VGA, Network, Sound and Modem devices. Optionally, download (using www.download.com or www.tucows.com) these software from any Internet Caf when your own computer is inaccessible and save it on a CD so that you can use it anytime for security purposes;
Golden Hawk DOS based CD Writing Software
HTech Fireman Windows based CD Writing Software
Driver Genius Pro
Partition Magic
AVG AntiVirus
SpywareBlaster & SpywareGuard
Spybot Search & Destroy
Ad-Aware
IE-SpyAd
ZoneAlarm
HiJackThis & CWShredder
I have intentionally avoided mention of many commercially good and more friendly software's mention here as I wanted everything to do FREE without any additional costs apart from the usual OS licenses. For your own convenience, you can research Google or Yahoo search engines find further information about such commercial software and their availability / pricing.
1. FORMAT HARD DISK
I know it is painful and surgical type of solution, but sometimes, it is the ONLY solution left after exhausting all of our efforts to revive our computer machine after a virus attack. Follow this procedure;
Booting Up: Try booting your computer normally first and see if you can login easily. If you can't or your computer hangs up, try holding F8 key when starting Windows and you will get the Safe Mode. Even if you don't get the Safe Mode, don't worry.
Power up your computer and press DEL key or F2 key to login your CMOS. In CMOS, go to Boot Preferences and make CD Drive as boot drive as your first boot drive and change the hard disk drive as the second boot drive. If you don't see your CD Drive in the boot-up options, your CD Drive is not properly installed. Check the connectors or ask your CD Drive provider for instructions to install the CD Drive. Now, when your CD Drive is ready, insert your Windows OS CD in the CD Drive and restart your computer machine. When prompted, select the option "Boot from CD with CD Option". When you get the prompt, Notice the CD Drive letter that was allocated to your CD Drive when it installed the CD Driver. It is usually D: drive or the last drive letter depending on the number of your partitions. Note it down as it is the actual drive letter where you will have to type a DOS command like d:
You should now be able to run all software utilities such as Format, Scandisk, FDisk or Windows Installation Setup.exe files. Right now, simply make sure they exist by typing a DOS command dir at the CD drive letter. If you don't find it with this simple directory command, use dir/s filename to search the file. For example, to search fdisk.exe file, type dir/s fdisk.exe.
BACKING UP YOUR DATA: Before formatting your hard disk drive, please make sure you have proper back up of your critical data files such as Microsoft Word, Excel, Powerpoint, etc files on a CD or any other media for backup that you have access to. In this tutorial, we assume you have a CD-Writer installed for taking backups on Writeable CDs. Their capacity is usually 700MB or less. Here, you should seriously consider using Zipping software like WinZip or WinRAR.
VIA WINDOWS: If you can luckily login to your Windows OS, you should run the CD-Writer software such as HTech Fireman to back up all of your data on an empty CD. If you don't know how to do it, read their user manual for detailed instruction set. If you can't access your Windows OS, read on.
VIA DOS: Some of the files that you wish to make back-up, may be hidden. To un-hide them, use attrib *.* +r +s +h.
Now, use the software from Golden Hawk file named as copy2cd.exe to backup your data files or directories on a writeable CD. Before using this command, make sure you are in an appropriate path on the computer such as E:/ where the actual file copy2cd.exe file resides;
Copy2cd c:data*.* f:
Here we assumed that f: is a CD Writer drive. Now, repeat the same for all of your files to back up. When finished, run cdtools.exe command i.e. cdtools f: to finish by selecting option "Disc Finalization".
If you can't back up your data using the above-mentioned procedure, either ask an outside expert's help personally or via internet. If all fails, forget your data forever and carry on installing a new OS as mentioned in this tutorial.
Backing up Your Drivers: An interesting tool to mentioned here is a software that automatically backs up all of your drivers of CD, modem, sound card, vga, usb, printer or just about anything that is currently installed on your system. But this software works only in an operational windows OS, and not in DOS. It is a good and time-saving practice to keep a backup of all of your drivers on a CD by using such a software. Its name is Driver Genius Pro and it is commercial software, not a freeware.
USING FDISK: You may skip this option and go straight to Formatting Hard Disk option, if you wish to use other useful partitions that may contain your data. Before going ahead with this option, Make sure there is no useful data left on your computer to be backed up. This option will delete all of the computer partitions and create new ones.
i) Boot up your computer using Windows OS CD.
ii) Run this command fdisk
iii) Press option 3 to delete all current partitions.
iv) To create a new partition, select option 1 and select Y to answer the maximum size question by the program.
v) Next, select option 2
vi) Press Esc key to quit and restart your computer to
See the URL http://www.compguystechweb.com/troubleshooting/fdisk/fdisk_scr.html for detailed instructions alongwith screenshots. Now, that you have created the primary partition, you can continue to format the newly created partition. There is a very user-friendly but commercial software called Partition Magic by PowerQuest to manage your partitions easily after installation of Windows.
FORMATTING HARD DISK: Now that you have created new partitions, It is time to format them so that you can start installing Windows. This is how you make your C: drive usable by your Windows OS for installation. Boot up your computer with Windows CD and type format c: command at the prompt. When prompted for maximum size, press, YES. After complete processing you will be presented with the successful report about the formatting of the C: drive. Select your new drive name and press ENTER to finish.
INSTALLING WINDOWS: Microsoft has made it very easy for a newbie to install a completely new OS on a newly formatted partition. It is all wizard based and you simply have to click NEXT each time whenever asked a question. Boot up your computer from the Windows CD and select Start with CD Option. When on DOS prompt, change to the CD Drive that it just created which is usually d: if you have only one partition C. Now type command setup.exe to start the windows installation process.
During installation, make sure you properly name your PC as per your preferences and select your regions and Time zone. When finished, the computer will re-boot and during next re-boot it may ask some drivers of your Sound Card, VGA, Network, or other devices attached. Provide the requisite driver CDs and locate the paths of the appropriate drivers. If you are not sure, leave it like that and press NEXT to ignore. When your windows installation is complete, you can install Microsoft Office, setup internet connection and start using it as normally as you would. Please make sure you install all the security software such as anti-virus, anti-spyware, adware, and other software as mentioned in the next section.
2. USE SOFTWARE
Installing Anti-Virus: Download free AVG Antivirus software and install it. Make sure you get its free key from their website by registering. This software is not auto-updated for critical viruses and for an auto-update version, you will have to pay. If you wish to pay, we would recommend world's most popular brands Symantec, McAfee and Trend Micros instead. No matter what Anti-Virus software you install, make sure you enable its Auto-Protect feature for automatic protection of your computer's resources and in-coming or out-going emails from any virus attack. Some software even allow you to setup silent detection and destruction without any disturbance to your work. Further, they are auto-updated via internet at the regular interval that you setup. Hence, you can rest assured that whenever a security threat is spread all over the world, your software will automatically download the requisite updated version and install its defense on your computer.
BROWSER SECURITY: To setup your browser (Internet Explorer on Windows) for maximum security against the usual threats, follow this procedure;
i) Start up your browser
ii) Go to IE > Tools > Windows Update > Product Updates, and selected Security Updates to be automatically updated. Microsoft releases patches and security patches from time to time to make sure your system's security is up-to-date.
iii) Now, go to Internet Options/Security/Internet, press 'default level', then OK. Now press "Custom Level." In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'. Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.
If you use another browser such as Firefox or Netscape, see their documentation on how to securely set it up against any such internet threats.
Installing Anti-Spyware: Spyware, adware, browser hijackers, and dialers are some of the fastest-growing threats on the Internet today. By simply browsing to a web page, your computer may become a victim. You can install SpywareBlaster and SpywareGuard to effectively guard your computer from such internet threats.
It includes Fast Real-Time Scanning engine for known spyware and heuristic/generic detection capabilities to catch new / mutated spyware and Download Protection along with Browser Hijacking Protection in real-time.
Simply download the software (free) from their website and install it on your system. Make sure you download its latest update too or enable its Auto-Update feature to be updated automatically in the background. Now, when you are ready, run the software to check the spyware on your computer. When spyware are found, it reports accordingly. Press "select all", then press option "kill all checked". Although it won't protect you from 100% spyware, But it is a very important extra layer of protection.
Next, install another software that is called Spybot Search & Destroy. It works exactly like SpywareBlaster, but it never hurts to have a double layer of spyware detection alongwith Spybot R&D.
Installing Anti-Adware: Adware is a common term used to describe potentially dangerous websites and scripts that do data-mining, aggressive advertising, Parasites, Scumware, selected traditional Trojans, Dialers, Malware, Browser hijackers, and tracking components. There is a very good software called Ad-Aware available to scan and remove such nuisances from your system.
To start using it, simply visit Lavasoft USA website and download its free non-commercial version of Ad-Aware Personal Edition. Run its setup program and install it. When prompted, ask it to scan your computer. If there are any adware found, it is detected and removed automatically by Ad-Aware. Run this software on a weekly or daily basis, if possible to keep your system clean.
In addition to the Ad-Aware, Internet Explorer comes with a very handy tool that allows you to block specific sites that may carry well-known advertisers, marketers, crapware pushers to the Restricted sites Zone. If you had to input 50000+ of such sites manually yourself, it would takes years. Luckily, there is a software that does it all automatically and it is called IE-SPYAD. Once you merge this list of sites and domains into the Registry, the web sites for these companies will not be able to use cookies, ActiveX controls, Java applets, or scripting to compromise your privacy or your PC while you surf the Net. Nor will they be able to use your browser to push unwanted pop-ups, cookies, or auto-installing programs on your PC. It is not an ad blocker. It will stop top unwanted crapware from being installed behind your back via "drive-by-downloads"; prevent the hijacking of your home page.
This Restricted sites list is based in part on info from: discussions in the SpywareInfo Forums and other forums that specialize in crapware removal major crapware reference sites: doxdesk, cexx.org, Kephyr.com, PestPatrol and SpywareGuide.
To start using it, simply download it from their website and run its install.bat file. Make sure you run its update as well soon after its installation.
INSTALLING FIREWALL: A firewall software acts as a defense shield against hackers, intruders, and blocks access attempts to your computer. ZoneAlarm is a professional firewall software that works in a stealth mode automatically and makes your computer invisible to anyone on the Internet.
Download it from ZoneLabs website and run its setup for installation. I recommend you use its Express Settings which automatically configures your most commonly used software like browser, chat messengers, ftp software to access internet, while blocks every other internet traffic in real-time. If any software or service tries to upload or download any data, it pops up an alert whereby you can allow or disallow such internet traffic.
Computer Slow Down: It is very common to see many complaining about their computer slow-down. The fastest and easiest cure is using Windows' built-in Defragmenter utitlity that you can find in Start Programs Accessories System Utitlities Disk Defragmantor and run thorough defragmantation. It will take a while before it ends.
If your system's performance does not improve after running defragmantation utility, consider scanning your computer via a software utility called HiJackThis which you can download and install on your system. Use this tool carefully as it is intended for advanced users only. HijackThis is a tool, that lists all installed browser add-on, buttons, startup items and allows you to inspect, and optionally remove selected items. The program can create a backup of your original settings and also ignore selected items. Additional features include a simple list of all startup items, default start page, online updates and more.
CWShredder is a utility for removing CoolWebSearch (aka CoolWwwSearch, YouFindAll, White-Pages.ws and a dozen other names). This tool will find and destroy all traces of the CoolWebSearch (CWS) hijacker on your system including redirections, IE slowdowns, start page changes, un-authorized addition of sites in IE Trusted Zone, and blocking access to IE options or setup.
Download CWShredder from their official website only as there is a similar named virus/trojan on the loose at various websites which you may accidently download and install, hence become more infected than being cured instead. When it is installed successfully, run the software to scan your local machine. Select the fix button & it will get rid of everything related to CoolWebSearch. Close ALL other programs & windows, including IE, before running CWShredder. Reboot after doing this.
I know there is still a lot left, but as I wanted to keep this tutorial as brief as possible, hence I covered only the critical elements here. I am sure you will have fewer breakdowns (if not ZERO0 and more productive hours on your computer. I would recommend you to setup all the software's auto update and auto-check options to free your time for more productive things than just playing hide and seek with spywares, adwares or viruses. Happy and safe computing!
This article is submitted by Kashif Raza http://www.networkingtutorials.net
Thursday, June 26, 2008
Monday, June 16, 2008
Virus Prevention and Removal
A virus is a piece of code that gets loaded onto your computer without your knowledge and runs against your wishes. The first known occurrence of viruses goes back to 1987 when the ARPANET was infected by one.
One common misnomer among people is that you can infect your computer just by opening an email and reading its text. That is not possible; it is usually the files attached to the email that contain the virus. The most common file types are ".SCR" ".VBS" ", ".PIF"
Prevention is better than a cure: Here are some tips to make sure that your computer does not get infected.
* Get a good Anti-Virus software like Norton Anti-Virus, MacAfee, PC Cillin etc.
* Keep your anti virus software updated by downloading new virus definitions regularly. Most Anti-Virus software comes with the feature of updating virus definitions.
* Keep your windows operating system updated by regularly downloading new updates from the Internet. Windows O/S's have a lot of security loopholes and bugs that can be easily exploited by worms and viruses.
* Make sure the anti virus scans the file each time before its opened.
* Floppy disks and removable media are a good source of viruses; always scan them before accessing files on them.
* Never open email attachments from sources that are unknown or suspicious.
* Do not open emails that have questionable subject lines.
* When in doubt about a file, don't open it.
* Even with the best of precautions bad things can still happen. Backup all your data and important files.
Even after taking all these precautions if your computer does get infected, then here are a few things that you can do:
Online clearing tools - are a good source of trying to clean out the virus, there are many Anti-Virus websites that offer free online virus detection and removal services.
Removal tools - If you have an Anti-Virus software then you can go to the website of that software and download removal tools designed specifically for the virus. However, you must find out the name of the virus that infects your PC beforehand.
If you have a backup of all your important files, you can also consider formatting your hard disk.
Ashish Jain
http://www.m6.net
Ashish is an integral member of the M6.Net Web Helpers team
One common misnomer among people is that you can infect your computer just by opening an email and reading its text. That is not possible; it is usually the files attached to the email that contain the virus. The most common file types are ".SCR" ".VBS" ", ".PIF"
Prevention is better than a cure: Here are some tips to make sure that your computer does not get infected.
* Get a good Anti-Virus software like Norton Anti-Virus, MacAfee, PC Cillin etc.
* Keep your anti virus software updated by downloading new virus definitions regularly. Most Anti-Virus software comes with the feature of updating virus definitions.
* Keep your windows operating system updated by regularly downloading new updates from the Internet. Windows O/S's have a lot of security loopholes and bugs that can be easily exploited by worms and viruses.
* Make sure the anti virus scans the file each time before its opened.
* Floppy disks and removable media are a good source of viruses; always scan them before accessing files on them.
* Never open email attachments from sources that are unknown or suspicious.
* Do not open emails that have questionable subject lines.
* When in doubt about a file, don't open it.
* Even with the best of precautions bad things can still happen. Backup all your data and important files.
Even after taking all these precautions if your computer does get infected, then here are a few things that you can do:
Online clearing tools - are a good source of trying to clean out the virus, there are many Anti-Virus websites that offer free online virus detection and removal services.
Removal tools - If you have an Anti-Virus software then you can go to the website of that software and download removal tools designed specifically for the virus. However, you must find out the name of the virus that infects your PC beforehand.
If you have a backup of all your important files, you can also consider formatting your hard disk.
Ashish Jain
http://www.m6.net
Ashish is an integral member of the M6.Net Web Helpers team
Friday, June 13, 2008
Virus Alerts [Panda Security's weekly report on viruses and intruders - 06/13/08]
- Panda Security's weekly report on viruses and intruders -
Virus Alerts, by Panda Security (http://www.pandasecurity.com)
Madrid, June 13, 2008 - PandaLabs' report this week focuses on the
Banbra.FUD and Dadobra.APK Trojans, and the MalwareProtector 2008
adware.
The Banbra.FUD Trojan uses the Microsoft Internet Explorer icon. When
run, the file with the malicious code establishes an FTP connection with
a specific IP address, loading the file with the name of the affected
computer followed by the word Aviso (Warning).
Banbra.FUD creates several files on the infected system and keys in the
Windows registry. When users connect to specific online Brazilian banks,
an error message is displayed and a window with a spoof bank url is
opened where users are asked to enter their login details. .
On reentering their credentials, the Trojan intercepts them and adds
them to the text file, which is later sent via FTP to the IP address
mentioned earlier.
Additionally, this Trojan deletes security application files and other
banker malware files.
The Dadobra.APK Trojan is designed to download other files infected by
banker malware, generically detected as Banbra.FTX by Panda Security
solutions.
When users run a file infected by Dadobra.APK, a video in which a
football field is shown is played, to fool users while the Trojans
continue carrying out malicious actions. .
Finally, MalwareProtector 2008 is an adware (program designed to show
unwanted advertising) which simulates system scans and encourages users
to buy software to delete the malware which has supposedly been found.
When run, it modifies the desktop wallpaper, displaying a message
informing users the computer is infected by spyware. Then, a window is
displayed recommending users to download anti-spyware software. If the
download is rejected, a screensaver with cockroaches eating the desktop
wallpaper is displayed.
If users download the application, it simulates a computer scan and
displays a list of the malware supposedly installed on the system. If
users choose to delete the malicious code, a message is returned
claiming the software is not registered and users must pay to use it.
Virus Alerts, by Panda Security (http://www.pandasecurity.com)
Madrid, June 13, 2008 - PandaLabs' report this week focuses on the
Banbra.FUD and Dadobra.APK Trojans, and the MalwareProtector 2008
adware.
The Banbra.FUD Trojan uses the Microsoft Internet Explorer icon. When
run, the file with the malicious code establishes an FTP connection with
a specific IP address, loading the file with the name of the affected
computer followed by the word Aviso (Warning).
Banbra.FUD creates several files on the infected system and keys in the
Windows registry. When users connect to specific online Brazilian banks,
an error message is displayed and a window with a spoof bank url is
opened where users are asked to enter their login details. .
On reentering their credentials, the Trojan intercepts them and adds
them to the text file, which is later sent via FTP to the IP address
mentioned earlier.
Additionally, this Trojan deletes security application files and other
banker malware files.
The Dadobra.APK Trojan is designed to download other files infected by
banker malware, generically detected as Banbra.FTX by Panda Security
solutions.
When users run a file infected by Dadobra.APK, a video in which a
football field is shown is played, to fool users while the Trojans
continue carrying out malicious actions. .
Finally, MalwareProtector 2008 is an adware (program designed to show
unwanted advertising) which simulates system scans and encourages users
to buy software to delete the malware which has supposedly been found.
When run, it modifies the desktop wallpaper, displaying a message
informing users the computer is infected by spyware. Then, a window is
displayed recommending users to download anti-spyware software. If the
download is rejected, a screensaver with cockroaches eating the desktop
wallpaper is displayed.
If users download the application, it simulates a computer scan and
displays a list of the malware supposedly installed on the system. If
users choose to delete the malicious code, a message is returned
claiming the software is not registered and users must pay to use it.
Saturday, June 7, 2008
The Traditional Antivirus Programs Useless Against New Unidentified Viruses Alert!
Every now and then you can read about a new virus and the damage it causes. The millions viruses costs companies each time they strike. It is however not only companies that are suffering from the damages caused by viruses. A virus can be just as damaging if not more for a private Internet user by destroying important documents, family pictures and everything else you keep on your computer. Therefore should no home computer be without a good virus protection software. This way you can protect your computer and yourself from loosing data, corrupted hard drives and a number of other problems. There are several anti virus programs available of which some are free and some are not. You should however always remember that you might get what you paying for, meaning that the service and the updates might be better for the paid alternatives and thereby protect your computer better.
When using a virus program you should try to find one that is fast, reliable and able to discover as many viruses as possible. Whether it is fast or not might seem unimportant if you dont use your computer that much, but you will find that an anti virus program that scans your computer faster will be used more frequently and thereby giving you a better protection. If an anti virus program should be effective when protecting your computer it needs to be able to recognise all viruses, and since new viruses are constantly created this means that the database for the program has to be constantly updated. You should therefore consider how often the different anti virus programs update their databases when choosing which antivirus program to get. You should always make sure to keep your virus program up-to-date.
One of the best anti virus programs on the market today is Panda Active Scan Anti Virus Software Online which has an unrivalled capacity for detecting viruses and other threats online which is the most common path for viruses to reach our computer. Almost all viruses today are spread through the Internet. Panda Titanium Active Scan Anti Virus 2005 is easy to install and once it is installed it finds and remove viruses automatically. Panda Titanium Active Scan Anti Virus 2005 also automatically updates itself if you want it to. In other words: Panda Anti Virus is an anti virus program that manages itself and makes sure that it is up to date and able to keep your computer safe from viruses. Panda Titanium Active Scan Anti Virus 2005 scans your entire computer, including the program itself, to make sure that a virus cant infect any part of the computer. Panda Titanium Active Scan Anti Virus 2005 doesnt just search for virus, it also search your computer for a number of other security risks like spy wares and Trojans.
Panda Titanium Active Scan Anti Virus 2005 contains TruPrevent Technologies. TruPrevent Technologies is a system designed to help Panda Anti Virus protect your computer against unknown viruses and intruders. The user can choose whether they want to use TruPrevent Technologies or not. The technology has been implemented to allow Panda Anti Virus to protect your computer against new virus since a new virus can spread world wide within a few hours. The TruPrevent Technologies allows Panda Anti Virus to detect and block viruses even if they are not yet included in the virus database. This allows Panda Titanium Active Scan Anti Virus 2005 to keep your computer safe against all viruses and not only the ones that are already identified, since you might encounter a new virus despite the fact that Panda updates their database at least once a day. Old anti virus programs - and most of the modern anti virus programs as well - can only protect you against already identified viruses. The ability to protect against unknown viruses is what Panda Titanium Active Scan Anti Virus 2005 a superior choice for an anti virus program.
Panda Titanium Active Scan Anti Virus 2005 does not only offer superior security and very user friendly functionality. It also comes with tech support where experts answer any questions that might arise.
All personal computers should have virus protection since you otherwise risk loosing important document, family pictures etcetera and if you are looking for user friendliness and a superior security Panda Titanium Active Scan Anti Virus 2005 is your best choice.
You can get panda antivirus at support cave.
Supportcave.com offers new and enhanced free Anti Virus Remover Software. Not only will these programs effectively check and clean your computer from Spyware, once installed they will also shield your computer from future Spyware intrusions and browser hijacks - before the malevolent software even have a chance to enter you PC! Anti Virus Remover Software is an important function all computer users should rely on to ensure their computer is free from nosey software and their privacy protected.
http://www.supportcave.com/
When using a virus program you should try to find one that is fast, reliable and able to discover as many viruses as possible. Whether it is fast or not might seem unimportant if you dont use your computer that much, but you will find that an anti virus program that scans your computer faster will be used more frequently and thereby giving you a better protection. If an anti virus program should be effective when protecting your computer it needs to be able to recognise all viruses, and since new viruses are constantly created this means that the database for the program has to be constantly updated. You should therefore consider how often the different anti virus programs update their databases when choosing which antivirus program to get. You should always make sure to keep your virus program up-to-date.
One of the best anti virus programs on the market today is Panda Active Scan Anti Virus Software Online which has an unrivalled capacity for detecting viruses and other threats online which is the most common path for viruses to reach our computer. Almost all viruses today are spread through the Internet. Panda Titanium Active Scan Anti Virus 2005 is easy to install and once it is installed it finds and remove viruses automatically. Panda Titanium Active Scan Anti Virus 2005 also automatically updates itself if you want it to. In other words: Panda Anti Virus is an anti virus program that manages itself and makes sure that it is up to date and able to keep your computer safe from viruses. Panda Titanium Active Scan Anti Virus 2005 scans your entire computer, including the program itself, to make sure that a virus cant infect any part of the computer. Panda Titanium Active Scan Anti Virus 2005 doesnt just search for virus, it also search your computer for a number of other security risks like spy wares and Trojans.
Panda Titanium Active Scan Anti Virus 2005 contains TruPrevent Technologies. TruPrevent Technologies is a system designed to help Panda Anti Virus protect your computer against unknown viruses and intruders. The user can choose whether they want to use TruPrevent Technologies or not. The technology has been implemented to allow Panda Anti Virus to protect your computer against new virus since a new virus can spread world wide within a few hours. The TruPrevent Technologies allows Panda Anti Virus to detect and block viruses even if they are not yet included in the virus database. This allows Panda Titanium Active Scan Anti Virus 2005 to keep your computer safe against all viruses and not only the ones that are already identified, since you might encounter a new virus despite the fact that Panda updates their database at least once a day. Old anti virus programs - and most of the modern anti virus programs as well - can only protect you against already identified viruses. The ability to protect against unknown viruses is what Panda Titanium Active Scan Anti Virus 2005 a superior choice for an anti virus program.
Panda Titanium Active Scan Anti Virus 2005 does not only offer superior security and very user friendly functionality. It also comes with tech support where experts answer any questions that might arise.
All personal computers should have virus protection since you otherwise risk loosing important document, family pictures etcetera and if you are looking for user friendliness and a superior security Panda Titanium Active Scan Anti Virus 2005 is your best choice.
You can get panda antivirus at support cave.
Supportcave.com offers new and enhanced free Anti Virus Remover Software. Not only will these programs effectively check and clean your computer from Spyware, once installed they will also shield your computer from future Spyware intrusions and browser hijacks - before the malevolent software even have a chance to enter you PC! Anti Virus Remover Software is an important function all computer users should rely on to ensure their computer is free from nosey software and their privacy protected.
http://www.supportcave.com/
Friday, June 6, 2008
The Basic of Small Business Computer Security
Anyone in business today realizes both the natural dependency on computers in the workplace, and also the potential dangers associated with storing important data on them. Todays business owners are constantly being reminded that their companys data is at risk by the daily reports on various news stations, or even their favorite business-related website.
But what can a typical small business owner do to protect their network from these threats that are broadcasted in so many ways? Dangers lurk at every turn on the Internet. There are thousands of attacks or areas of security that could be discussed, but I am going to try and focus on three general nuisances associated with todays computers: viruses, spy-ware, and traditional hackers that will intentionally try to exploit your computer systems for various reasons. All of these attacks, although different, serve a specific purpose for the attacker, yet basically translate into three things for a business: lost productivity, lost data, and the end result lost money.
Here is brief descriptions of what the aforementioned attacks are, consist of, and what a typical small business can do to protect their technology investments.
Virus: A computer virus shares some traits with an actual virus that gets people sick. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks. A computer virus can have many intentions. One common goal is the viruss desire to infect as many machines as possible. Some are harmless and are no more then an attempt for a hacker to spread their name and get recognition amongst their peers. However, this can still lead to slow computer performance or programs acting up. On the other side of the coin, viruses can be extremely harmful and delete data, cause complete computer interruption, give someone unauthorized access to your company data, or even be used in conjunction with thousands of other infected computers to launch grand-scale attacks. Viruses are still mostly transferred via email; however newer attacks will entice you via an email to a malicious website that will exploit a flaw in your computer to install the virus.
Protection from Viruses: If you are reading this article, and you still do not have current (this is very important) anti-virus software running on EVERY single computer you own, then shame on you. With all of the marketing commotion that surrounds viruses, you should already have antivirus software on all of your computers. If you dont, then hurry to the store and purchase it. Popular software in the antivirus market is made by Symantec (www.symantec.com) and McAfee (www.mcafee.com). Larger companies may look into a system that will scan emails prior to the email getting to a users inbox for viruses. Also, be wary of what you open in your email. Do not open emails from people you do not know, and even if you do know the sender, take extra caution, as most viruses today will trick you into believing that the virus is sent from someone that you know.
Spyware: You may know spyware by one of its many names, adware, malware, trackware, scumware, thiefware, snoopware, and sneakware. Because of its stealthy nature, most Internet users are more familiar with the symptoms of spyware infection: sluggish PC performance, increased pop-up ads, unexplained homepage change, and mysterious search results. For virtually everyone surfing the Internet, malware and adware are a nuisance, but if you do not detect spyware on your PC, it can lead to much more serious consequences such as identity theft. Many people wonder how they get spyware installed onto their computer in the first place. Typically, spyware is installed onto your PC without your knowledge because the programs are usually hidden within other software. For example, when you are browsing a website, and a pop-up appears to install the latest online Casino game, it probably will give you that game, but youve also just installed spyware along with that. Another avenue for Spyware to infect your machine is through popular Peer-to-Peer File Sharing software such as Kazaa. The financial impact on a business that is plagued by spyware can toll very high. Costs paid to computer consultants to remove spyware, and a users overall lost of productivity from a slow-performing computer can add up very quickly.
Protection from Spyware: Spyware is a huge problem in todays computing environment. Fighting Spyware starts with smarter use of your computer. The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few helpful tips that can protect you from downloading software you don't want. Only download programs from web sites you trust, read all security warnings, license agreements, and privacy statements associated with any software you download, and never click "agree" or "OK" to close a window. Instead, click the red "x" in the corner of the window or press the Alt + F4 buttons on your keyboard to close a window, and be wary of popular "free" music and movie file-sharing programs, and be sure you clearly understand all of the software packaged with those programs. If you do happen to install Spyware on your computer, there are some tools available to assist in the removal of spyware. Be careful however when downloading these free spyware removal softwares, as even some of the removal tools incorporate spyware into their software. A popular product that does a good job of removing spyware is Lavasofts Adaware (www.lavasoft.com). Larger organizations can look to companies such as Computer Associates (www.ca.com) for enterprise protection. There are instances when there is simply just too much spyware installed on a machine where these tools cannot help, and youll be forced to format your hard drive and reinstall your operating system.
Hackers: The term hacker has many different meanings to many different people. A dictionary might define the word hacker as follows, A person who breaks into, or attempts to break into, or use, a computer network or system without authorization, often at random, for personal amusement or gratification, and not necessarily with malicious intent. 2. [An] unauthorized user who attempts to or gains access to an information system 3. A technically sophisticated computer expert who intentionally gains unauthorized access to targeted protected resources, loosely, a computer enthusiast. 4. A person who uses a computer resource in a manner for which it is not intended or which is in conflict with the terms of an acceptable-use policy, but is not necessarily malicious in intent. As you can see, a hacker is someone with a very high aptitude in computing. By studying the inherent design of computer systems, a hacker will then attempt to compromise those systems for a purpose. Typically, they use a collection of tools easily downloadable on the Internet to exploit a flaw in a program or hardware system. Hackers do what they do for various reasons. Some do it for simple prestige amongst their peers, others for financial gain, and others do it to make a political statement. The impact of your networks security being breached can lead to very serious financial losses. Imagine your customer database being sold to a competitor or even what public response would be if you had to tell your customers that their personal information was stolen?
Protection from Hackers: I was once told, that no matter how good a safe you buy, there will still always be a locksmith that can un-lock it. The same goes for protection against hackers. However the amount of people with the expertise to bypass most security defenses, available to companies, are few and far in between. To keep your network safe, the following three items are an absolute must. A quality firewall at your networks perimeter to filter what goes in and out of your internet connection, desktop level firewalls to keep internal company computers safe, and the importance of performing updates to your computers operating system and applications. Firewalls simply stated, filter data passing through them. They are in essence, inspectors that allow and deny data to be passed through them based on certain rules. Most quality firewalls will protect your network by letting the good data through and keeping the bad out. Recommended firewalls for small businesses can be purchased from companies such as Cisco (www.cisco.com), Watchguard (www.watchguard.com) or Sonic Wall (www.sonicwall.com). Firewall vendors typically have many different models available, so consult with your network security professional on what to buy. The important thing is that you have one in place. Desktop level firewalls provide a true multi-layered approach to security. This added level of protection strengthens your computer systems defense, and is especially helpful to companies that have remote workers. Most companies today do have firewalls on their corporate network; however no one ever thinks about the company presidents laptop that gets brought home everyday. The president brings his laptop home and sets up his trusty remote connection back into his office over his broadband home Internet connection. The once protected laptop is now completely unprotected and connected directly to the corporate office, which gives a direct avenue for virus and hackers onto your corporate network. The great thing about desktop firewalls is that you can get some great ones for free! If you use the Microsoft Windows XP operating system, simply upgrade to service pack 2 and it includes a free and easy to use desktop level firewall. If you do not have Windows XP or just do not want to use their firewall, Zone Alarm (www.zonealarm.com) offers a great desktop level firewall. The last level of defense is to keep your networked systems up to date with the latest patches and fixes from their respective manufacturers. I will assume that most companies use Microsoft Windows products for most of their computing needs, so to keep your system updated simply go to http://windowsupdate.microsoft.com. You should check for updates twice a month.
Even though this article simply brushes the surface of network security, I hope it gives you insight as to some potential dangers out there and real incentive to implement better security for your company. Just as you have an alarm system at your office, please take the necessary steps to protect your companys computer network and data. If not, the costs of recovery I guarantee you will far exceed the costs to implement a secure network.
Jarrett M. Pavao studied at the University of Miami, is a Microsoft Certified System Engineer, and Citrix Certified Administrator. Jarrett is the Director of Business Technologies for Docutek, a systems integrator in Boca Raton, FL. Jarrett can be contacted at jpavao@docuteksolutions.com with any network security related questions or concerns.
Jarrett M. Pavao studied at the University of Miami, is a Microsoft Certified System Engineer, and Citrix Certified Administrator. Jarrett is the Director of Business Technologies for Docutek, a systems integrator in Boca Raton, FL. Jarrett can be contacted at jpavao@docuteksolutions.com with any network security related questions or concerns.
But what can a typical small business owner do to protect their network from these threats that are broadcasted in so many ways? Dangers lurk at every turn on the Internet. There are thousands of attacks or areas of security that could be discussed, but I am going to try and focus on three general nuisances associated with todays computers: viruses, spy-ware, and traditional hackers that will intentionally try to exploit your computer systems for various reasons. All of these attacks, although different, serve a specific purpose for the attacker, yet basically translate into three things for a business: lost productivity, lost data, and the end result lost money.
Here is brief descriptions of what the aforementioned attacks are, consist of, and what a typical small business can do to protect their technology investments.
Virus: A computer virus shares some traits with an actual virus that gets people sick. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between computer and biological viruses stretches things a bit, but there are enough similarities that the name sticks. A computer virus can have many intentions. One common goal is the viruss desire to infect as many machines as possible. Some are harmless and are no more then an attempt for a hacker to spread their name and get recognition amongst their peers. However, this can still lead to slow computer performance or programs acting up. On the other side of the coin, viruses can be extremely harmful and delete data, cause complete computer interruption, give someone unauthorized access to your company data, or even be used in conjunction with thousands of other infected computers to launch grand-scale attacks. Viruses are still mostly transferred via email; however newer attacks will entice you via an email to a malicious website that will exploit a flaw in your computer to install the virus.
Protection from Viruses: If you are reading this article, and you still do not have current (this is very important) anti-virus software running on EVERY single computer you own, then shame on you. With all of the marketing commotion that surrounds viruses, you should already have antivirus software on all of your computers. If you dont, then hurry to the store and purchase it. Popular software in the antivirus market is made by Symantec (www.symantec.com) and McAfee (www.mcafee.com). Larger companies may look into a system that will scan emails prior to the email getting to a users inbox for viruses. Also, be wary of what you open in your email. Do not open emails from people you do not know, and even if you do know the sender, take extra caution, as most viruses today will trick you into believing that the virus is sent from someone that you know.
Spyware: You may know spyware by one of its many names, adware, malware, trackware, scumware, thiefware, snoopware, and sneakware. Because of its stealthy nature, most Internet users are more familiar with the symptoms of spyware infection: sluggish PC performance, increased pop-up ads, unexplained homepage change, and mysterious search results. For virtually everyone surfing the Internet, malware and adware are a nuisance, but if you do not detect spyware on your PC, it can lead to much more serious consequences such as identity theft. Many people wonder how they get spyware installed onto their computer in the first place. Typically, spyware is installed onto your PC without your knowledge because the programs are usually hidden within other software. For example, when you are browsing a website, and a pop-up appears to install the latest online Casino game, it probably will give you that game, but youve also just installed spyware along with that. Another avenue for Spyware to infect your machine is through popular Peer-to-Peer File Sharing software such as Kazaa. The financial impact on a business that is plagued by spyware can toll very high. Costs paid to computer consultants to remove spyware, and a users overall lost of productivity from a slow-performing computer can add up very quickly.
Protection from Spyware: Spyware is a huge problem in todays computing environment. Fighting Spyware starts with smarter use of your computer. The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few helpful tips that can protect you from downloading software you don't want. Only download programs from web sites you trust, read all security warnings, license agreements, and privacy statements associated with any software you download, and never click "agree" or "OK" to close a window. Instead, click the red "x" in the corner of the window or press the Alt + F4 buttons on your keyboard to close a window, and be wary of popular "free" music and movie file-sharing programs, and be sure you clearly understand all of the software packaged with those programs. If you do happen to install Spyware on your computer, there are some tools available to assist in the removal of spyware. Be careful however when downloading these free spyware removal softwares, as even some of the removal tools incorporate spyware into their software. A popular product that does a good job of removing spyware is Lavasofts Adaware (www.lavasoft.com). Larger organizations can look to companies such as Computer Associates (www.ca.com) for enterprise protection. There are instances when there is simply just too much spyware installed on a machine where these tools cannot help, and youll be forced to format your hard drive and reinstall your operating system.
Hackers: The term hacker has many different meanings to many different people. A dictionary might define the word hacker as follows, A person who breaks into, or attempts to break into, or use, a computer network or system without authorization, often at random, for personal amusement or gratification, and not necessarily with malicious intent. 2. [An] unauthorized user who attempts to or gains access to an information system 3. A technically sophisticated computer expert who intentionally gains unauthorized access to targeted protected resources, loosely, a computer enthusiast. 4. A person who uses a computer resource in a manner for which it is not intended or which is in conflict with the terms of an acceptable-use policy, but is not necessarily malicious in intent. As you can see, a hacker is someone with a very high aptitude in computing. By studying the inherent design of computer systems, a hacker will then attempt to compromise those systems for a purpose. Typically, they use a collection of tools easily downloadable on the Internet to exploit a flaw in a program or hardware system. Hackers do what they do for various reasons. Some do it for simple prestige amongst their peers, others for financial gain, and others do it to make a political statement. The impact of your networks security being breached can lead to very serious financial losses. Imagine your customer database being sold to a competitor or even what public response would be if you had to tell your customers that their personal information was stolen?
Protection from Hackers: I was once told, that no matter how good a safe you buy, there will still always be a locksmith that can un-lock it. The same goes for protection against hackers. However the amount of people with the expertise to bypass most security defenses, available to companies, are few and far in between. To keep your network safe, the following three items are an absolute must. A quality firewall at your networks perimeter to filter what goes in and out of your internet connection, desktop level firewalls to keep internal company computers safe, and the importance of performing updates to your computers operating system and applications. Firewalls simply stated, filter data passing through them. They are in essence, inspectors that allow and deny data to be passed through them based on certain rules. Most quality firewalls will protect your network by letting the good data through and keeping the bad out. Recommended firewalls for small businesses can be purchased from companies such as Cisco (www.cisco.com), Watchguard (www.watchguard.com) or Sonic Wall (www.sonicwall.com). Firewall vendors typically have many different models available, so consult with your network security professional on what to buy. The important thing is that you have one in place. Desktop level firewalls provide a true multi-layered approach to security. This added level of protection strengthens your computer systems defense, and is especially helpful to companies that have remote workers. Most companies today do have firewalls on their corporate network; however no one ever thinks about the company presidents laptop that gets brought home everyday. The president brings his laptop home and sets up his trusty remote connection back into his office over his broadband home Internet connection. The once protected laptop is now completely unprotected and connected directly to the corporate office, which gives a direct avenue for virus and hackers onto your corporate network. The great thing about desktop firewalls is that you can get some great ones for free! If you use the Microsoft Windows XP operating system, simply upgrade to service pack 2 and it includes a free and easy to use desktop level firewall. If you do not have Windows XP or just do not want to use their firewall, Zone Alarm (www.zonealarm.com) offers a great desktop level firewall. The last level of defense is to keep your networked systems up to date with the latest patches and fixes from their respective manufacturers. I will assume that most companies use Microsoft Windows products for most of their computing needs, so to keep your system updated simply go to http://windowsupdate.microsoft.com. You should check for updates twice a month.
Even though this article simply brushes the surface of network security, I hope it gives you insight as to some potential dangers out there and real incentive to implement better security for your company. Just as you have an alarm system at your office, please take the necessary steps to protect your companys computer network and data. If not, the costs of recovery I guarantee you will far exceed the costs to implement a secure network.
Jarrett M. Pavao studied at the University of Miami, is a Microsoft Certified System Engineer, and Citrix Certified Administrator. Jarrett is the Director of Business Technologies for Docutek, a systems integrator in Boca Raton, FL. Jarrett can be contacted at jpavao@docuteksolutions.com with any network security related questions or concerns.
Jarrett M. Pavao studied at the University of Miami, is a Microsoft Certified System Engineer, and Citrix Certified Administrator. Jarrett is the Director of Business Technologies for Docutek, a systems integrator in Boca Raton, FL. Jarrett can be contacted at jpavao@docuteksolutions.com with any network security related questions or concerns.
Wednesday, June 4, 2008
The Move to a New AntiVirus
This is the second in a series of articles highlighting reasons why we need a new model for anti-virus and security solutions.
Reason #1: the Basic Model
Anti-virus software vendors still rely on yesterdays methods for solving todays problems: they wait for the next virus to wreak havoc and then produce a solution. That worked for a long time when a virus would take years to traverse the world. But in this fast-paced Interet-crazed world we live in today, this type of solution is no longer applicable. Now a virus can traverse the world and infect millions of computers in minutes.
In the good old days a virus traveled by floppy disk. Put a floppy in your computer and save some data to it and the virus would infect the floppy. Then unwittingly put the infected floppy in another computer and presto the new computer would become infected. (Im skimming over a lot of detail here to make a point). So the virus progress was slow and steady. Anti-virus vendors had time on their side. They had the time to get a copy of the virus, dissect it, run it through a series of tests to come up with a signature string (see below for definition), put the string into a database of strings to search for when scanning your hard drive (and floppies) and release the new database to the public. Ten years ago this system worked very well.
But now everyone is connected via the Internet. Now, using email as a transport point, it doesnt take years to gather momentum, instead it takes a matter of minutes. And here is where the model breaks. Step back and ask yourself the following question: if vendors can catch known and unknown viruses as their literature states, how then is it that we continue to have virus problems?
The answer lies in the fact that virus authors have been more creative in coming up with new ways to infect and wreak havoc and the software industry has not responded in kind, preferring to stay embedded in its old fashioned methodologies.
Why dont the old ways work any more, you might ask? Its relatively simple. Lets go through the steps.
A virus author unleashes NewVirus via email. He mass mails his virus to thousands of people. Some, not all, unwittingly open the attachment thinking its from a friend or the subject is so enticing that they are fooled into opening it without thinking its a problem (cf. nude pictures of Anna Kournikova). The email attachment immediately starts emailing everyone in his contact list and embeds itself into his operating system so that its activated every time he turns on his computer.
The folks he emails in turn get fooled into thinking the email is valid and they open the attachment. Very quickly all hell breaks loose. Agencies which monitor Internet traffic see problems arising with the sudden spikes in email traffic and they begin to get calls or emails alerting them to the fact that theres a new problem. Samples are obtained and sent off to anti-virus vendors. They pass the emails through a series of tests to analyze what exactly the virus does and how it does it. Additionally analysis is performed to extract a unique string of 1s and 0s to identify this attachment as none other than NewVirus. This is called the signature string. Its important that whatever string is arrived at does not exist in any other program or piece of software; otherwise, you will get what is commonly called a false positive.
Quick digression on false positives: if a vendor arrives at a unique string that just happens to be embedded in Microsoft Word, then every time a user runs a scan of their hard drive, Microsoft Word will be identified as being infected with NewVirus. Users will uninstall Word and re-install only to learn that they are still infected. There will be complaints; the vendor will be forced to re-assess the signature string and re-release his list of strings and admit the error.
Typically signature strings are matched against a whole boatload of commonplace software just to protect against this occurrence, but it still happens and vendors learn to add new software to their test beds.
OK, so the vendor has arrived at a signature string. Next? Implement the string into their string database so that when their scanners are scanning they will match whats on your hard drive to whats in the database. After the database has been updated they release the database to their customers in whats commonly called a push where they send the updates to their primary users.
If you did not buy into this service, you must know enough to log into your anti-virus vendor and update your software so that you stay current.
So where are we? The bad guy or problem teenager- has unleashed NewVirus. NewVirus has infected thousands of computers; vendors have been alerted; NewVirus continues to infect; solutions are achieved and pushed to corporate clients; NewVirus continues to infect hundreds and thousands of computers; corporate clients breathe a sigh of relief and alert their users as to the new threat.
Thousands, if not millions, of computers become infected and need to be cleaned because the best way to solve the virus problem is to wait for each new virus to come along and solve on a case by case basis.
But if you sat back and said: what if? What if you categorized all the things a virus can do (or could do), built a series of computers to allow any email attachment or program to have full rein of a computer (much like it would have on your own computer such a computer is called honeypot) and then analyze that computer for unwelcome behavior?
That would be a true pre-emptive strike against all malicious software. This is the behavior-based model. Such a model would actually protect you unknown viruses, along with all the known 70,000 viruses.
In part 2 well discuss the risks and security failures of having distributed vendor software on your desktop.
About The Author
Tim Klemmer
CEO, OnceRed LLC
http://www.checkinmyemail.com
Tim Klemmer has spent the better part of 12 years designing and perfecting the first true patented behavior-based solution to malicious software.
timklemmer@checkinmyemail.com
Reason #1: the Basic Model
Anti-virus software vendors still rely on yesterdays methods for solving todays problems: they wait for the next virus to wreak havoc and then produce a solution. That worked for a long time when a virus would take years to traverse the world. But in this fast-paced Interet-crazed world we live in today, this type of solution is no longer applicable. Now a virus can traverse the world and infect millions of computers in minutes.
In the good old days a virus traveled by floppy disk. Put a floppy in your computer and save some data to it and the virus would infect the floppy. Then unwittingly put the infected floppy in another computer and presto the new computer would become infected. (Im skimming over a lot of detail here to make a point). So the virus progress was slow and steady. Anti-virus vendors had time on their side. They had the time to get a copy of the virus, dissect it, run it through a series of tests to come up with a signature string (see below for definition), put the string into a database of strings to search for when scanning your hard drive (and floppies) and release the new database to the public. Ten years ago this system worked very well.
But now everyone is connected via the Internet. Now, using email as a transport point, it doesnt take years to gather momentum, instead it takes a matter of minutes. And here is where the model breaks. Step back and ask yourself the following question: if vendors can catch known and unknown viruses as their literature states, how then is it that we continue to have virus problems?
The answer lies in the fact that virus authors have been more creative in coming up with new ways to infect and wreak havoc and the software industry has not responded in kind, preferring to stay embedded in its old fashioned methodologies.
Why dont the old ways work any more, you might ask? Its relatively simple. Lets go through the steps.
A virus author unleashes NewVirus via email. He mass mails his virus to thousands of people. Some, not all, unwittingly open the attachment thinking its from a friend or the subject is so enticing that they are fooled into opening it without thinking its a problem (cf. nude pictures of Anna Kournikova). The email attachment immediately starts emailing everyone in his contact list and embeds itself into his operating system so that its activated every time he turns on his computer.
The folks he emails in turn get fooled into thinking the email is valid and they open the attachment. Very quickly all hell breaks loose. Agencies which monitor Internet traffic see problems arising with the sudden spikes in email traffic and they begin to get calls or emails alerting them to the fact that theres a new problem. Samples are obtained and sent off to anti-virus vendors. They pass the emails through a series of tests to analyze what exactly the virus does and how it does it. Additionally analysis is performed to extract a unique string of 1s and 0s to identify this attachment as none other than NewVirus. This is called the signature string. Its important that whatever string is arrived at does not exist in any other program or piece of software; otherwise, you will get what is commonly called a false positive.
Quick digression on false positives: if a vendor arrives at a unique string that just happens to be embedded in Microsoft Word, then every time a user runs a scan of their hard drive, Microsoft Word will be identified as being infected with NewVirus. Users will uninstall Word and re-install only to learn that they are still infected. There will be complaints; the vendor will be forced to re-assess the signature string and re-release his list of strings and admit the error.
Typically signature strings are matched against a whole boatload of commonplace software just to protect against this occurrence, but it still happens and vendors learn to add new software to their test beds.
OK, so the vendor has arrived at a signature string. Next? Implement the string into their string database so that when their scanners are scanning they will match whats on your hard drive to whats in the database. After the database has been updated they release the database to their customers in whats commonly called a push where they send the updates to their primary users.
If you did not buy into this service, you must know enough to log into your anti-virus vendor and update your software so that you stay current.
So where are we? The bad guy or problem teenager- has unleashed NewVirus. NewVirus has infected thousands of computers; vendors have been alerted; NewVirus continues to infect; solutions are achieved and pushed to corporate clients; NewVirus continues to infect hundreds and thousands of computers; corporate clients breathe a sigh of relief and alert their users as to the new threat.
Thousands, if not millions, of computers become infected and need to be cleaned because the best way to solve the virus problem is to wait for each new virus to come along and solve on a case by case basis.
But if you sat back and said: what if? What if you categorized all the things a virus can do (or could do), built a series of computers to allow any email attachment or program to have full rein of a computer (much like it would have on your own computer such a computer is called honeypot) and then analyze that computer for unwelcome behavior?
That would be a true pre-emptive strike against all malicious software. This is the behavior-based model. Such a model would actually protect you unknown viruses, along with all the known 70,000 viruses.
In part 2 well discuss the risks and security failures of having distributed vendor software on your desktop.
About The Author
Tim Klemmer
CEO, OnceRed LLC
http://www.checkinmyemail.com
Tim Klemmer has spent the better part of 12 years designing and perfecting the first true patented behavior-based solution to malicious software.
timklemmer@checkinmyemail.com
Monday, June 2, 2008
Virus Prevention Rules
Blaster, Welchia, Sobig, W32, Backdoor, Trojan, Melissa, Klez, Worm, Loveletter, Nimda Do these names sound Familiar?
Have you been as bothered by viruses this past year as I have? Does it seem like there are more viruses, worms and Trojans out now then ever before? It is only getting worse.
For the general public, "virus" has become a catchall term for any unwanted program that spreads from computer-to-computer; yet, in reality, there are differences between viruses, worms and Trojan horses.
Worms reside in active memory, are self replicating, and usually use native operating system components to do so. Trojans are programs in which malicious or harmful code is contained inside apparently harmless programming or data. Viruses are pieces of programming code that cause some unexpected and usually undesirable event. All of them can really ruin your day.
Everyone who uses a computer can catch a virus. Borrowing disks, swapping floppies, moving data from one machine to another, sending and receiving e-mail, the list goes on. If you use the Internet, your chances increase, even if you use a dial-up modem. Some viruses can be caught just by visiting infected websites.
There are over 50,000 active viruses today. But on any given day, only a few hundred viruses pose a serious threat to your computer. Some of the most destructive--Melissa, Love Letter, and more recent Blaster--caused millions of dollars in damage.
Many systems and networks never completely recover from a virus attack. Though a virus protection program is imperative to your computers health, it does not in any way ensure your safety.
To be effective antivirus programs require proper setup and frequent updates. Newer applications have built in updaters and if installed properly require almost mo maintenance. However, older programs required user interaction to get the latest definitions.
In a corporate environment, a system can be installed in which the users have no dealings with the antivirus application at all. All monitoring is done by the network administrator and on the server level.
A primary server with groups and group leaders can be defined during setup. Specific systems are assigned to groups usually based on their physical location. The primary server automatically gets its updates from the antivirus vendor. The group leaders then get their updates from the primary server and distribute them to all the members on a daily basis. The network administrator monitors one system that can control the scanning, updating and managing for the entire network.
How can you stay protected?
1. Install anti-virus software and keep the virus definitions up to date.
2. Don't automatically open attachments and make sure your email program doesn't do so automatically.
3. Scan all e-mail attachments.
4. Configure your anti-virus software to boot automatically on start-up and run at all times.
5. Avoid downloading files you can't be sure are safe. This includes freeware, screensavers, games, and any other executable program.
6. Dont use floppies, but if you must, scan them before using them.
7. Educate yourself and your users to learn how to spot viruses.
All past articles written by Greg Richburg are available at http://www.netricks.com/news. Please address article suggestions to: info@netricks.com. Greg Richburg a Microsoft Certified Systems Engineer and the owner of Netricks, Inc. for wed design adn hosting, and KlickCommerce for Internet Marketing Strategies. Please visit http://www.klickcommerce.com/.
Have you been as bothered by viruses this past year as I have? Does it seem like there are more viruses, worms and Trojans out now then ever before? It is only getting worse.
For the general public, "virus" has become a catchall term for any unwanted program that spreads from computer-to-computer; yet, in reality, there are differences between viruses, worms and Trojan horses.
Worms reside in active memory, are self replicating, and usually use native operating system components to do so. Trojans are programs in which malicious or harmful code is contained inside apparently harmless programming or data. Viruses are pieces of programming code that cause some unexpected and usually undesirable event. All of them can really ruin your day.
Everyone who uses a computer can catch a virus. Borrowing disks, swapping floppies, moving data from one machine to another, sending and receiving e-mail, the list goes on. If you use the Internet, your chances increase, even if you use a dial-up modem. Some viruses can be caught just by visiting infected websites.
There are over 50,000 active viruses today. But on any given day, only a few hundred viruses pose a serious threat to your computer. Some of the most destructive--Melissa, Love Letter, and more recent Blaster--caused millions of dollars in damage.
Many systems and networks never completely recover from a virus attack. Though a virus protection program is imperative to your computers health, it does not in any way ensure your safety.
To be effective antivirus programs require proper setup and frequent updates. Newer applications have built in updaters and if installed properly require almost mo maintenance. However, older programs required user interaction to get the latest definitions.
In a corporate environment, a system can be installed in which the users have no dealings with the antivirus application at all. All monitoring is done by the network administrator and on the server level.
A primary server with groups and group leaders can be defined during setup. Specific systems are assigned to groups usually based on their physical location. The primary server automatically gets its updates from the antivirus vendor. The group leaders then get their updates from the primary server and distribute them to all the members on a daily basis. The network administrator monitors one system that can control the scanning, updating and managing for the entire network.
How can you stay protected?
1. Install anti-virus software and keep the virus definitions up to date.
2. Don't automatically open attachments and make sure your email program doesn't do so automatically.
3. Scan all e-mail attachments.
4. Configure your anti-virus software to boot automatically on start-up and run at all times.
5. Avoid downloading files you can't be sure are safe. This includes freeware, screensavers, games, and any other executable program.
6. Dont use floppies, but if you must, scan them before using them.
7. Educate yourself and your users to learn how to spot viruses.
All past articles written by Greg Richburg are available at http://www.netricks.com/news. Please address article suggestions to: info@netricks.com. Greg Richburg a Microsoft Certified Systems Engineer and the owner of Netricks, Inc. for wed design adn hosting, and KlickCommerce for Internet Marketing Strategies. Please visit http://www.klickcommerce.com/.
Sunday, June 1, 2008
Worm Viruses, Trojans and Spyware- Protecting your Computer.
Secure Your PC From Hackers, Viruses, and Trojans
No user on the internet is safe from assault. Viruses, Trojans and Spyware can all effect your computer by placing annoying ads, tracking your credit card numbers, or even slow it down to a certain extent it is deemed no longer usable. By following through these simple steps, you can help protect yourself from the internet.
High CPU Usage: If your computer seems to be slower than usual, it is very likely that you have been infected. Background services can slow down your computer, and to check performance, enter Task Manager (Ctrl+Alt+Delete). Then, click on the processes tab. You will be able to see active processes that are running. To find what should be running on your computer, visit http://www.theeldergeek.com/services_guide.htm.
Check your level of protection: A good way to know whether you are safe or not is by using security tools. Here are some you should try out: NeWT 2.1: This is a very simple tool to use, and it scans for more than 4000 common security vulnerabilities. Download NeWT here: http://www.tenablesecurity.com/newt.htm Sumantec security check: This is a free service provided by Symantec. Simply visit here (www.sumantec.com), then select Scan for Security Risks. It will only tell you what vulnerabilities you have, but however it won't tell you how to fix them. Infinitive! Port Scanner: Our very own online port scanner! http://infinate.x10hosting.com/phport
Update Yourself: Install all the latest update possible. Service Pack 2 is a good way to start if you're running Windows XP. Enable Automatic Updates, and make sure you have the latest updates on your PC.
Safe Surfing: Due to Internet Explorer's high popularity, it is usually safe to change altogether. A common program now is known as FireFox (www.mozilla.com/products/firefox), which is fast, responsive and similar to Internet Explorer. However a major flaw with FireFox is that you will need to install additional plug-ins in order for you to view certain pages.
Make Regular Backups: Prepare for the worst. Make regular backups of your important files and store them on a type of offline storage.
Don't open suspicious links: If you are sent a link you are not sure about, do not open them, Simple. Another good way is to avoid suspicious sites altogether. Many programs too, bundle with spyware, so when you download them make sure they are stated "Freeware", nothing else.
Program Protection: Use Anti-Virus and Firewall software. McAfee is a highly recommended product over Symantec, but there are also other free anti-virus/firewall software online such as NOD32. http://www.nod32.com/
If you have been infected: Find cleaning instructions online on sites such as http://vil.nai.com. It will tell you where to locate your infection, and where to find and remove it. System Restore is also a good option on Windows XP. To use System Restore, go to Start, All Programs, Accessories, System, System Restore. Simply click a restore point and reboot.
You can also remove viruses using the programs listed under Program Protection. To remove Spyware, Spybot S&D (http://www.safer-networking.org/en/index.html) is a free yet useful tool to use.
All articles are written by Infinitive!
Infinitive! http://www.infinate.x10hosting.com You may reproduce and use this article just so long as you add a link (http://www.infinate.x10hosting.com) down at the bottom.
Infinitive! All the latest articles, tools, news, file hosting and more!
No user on the internet is safe from assault. Viruses, Trojans and Spyware can all effect your computer by placing annoying ads, tracking your credit card numbers, or even slow it down to a certain extent it is deemed no longer usable. By following through these simple steps, you can help protect yourself from the internet.
High CPU Usage: If your computer seems to be slower than usual, it is very likely that you have been infected. Background services can slow down your computer, and to check performance, enter Task Manager (Ctrl+Alt+Delete). Then, click on the processes tab. You will be able to see active processes that are running. To find what should be running on your computer, visit http://www.theeldergeek.com/services_guide.htm.
Check your level of protection: A good way to know whether you are safe or not is by using security tools. Here are some you should try out: NeWT 2.1: This is a very simple tool to use, and it scans for more than 4000 common security vulnerabilities. Download NeWT here: http://www.tenablesecurity.com/newt.htm Sumantec security check: This is a free service provided by Symantec. Simply visit here (www.sumantec.com), then select Scan for Security Risks. It will only tell you what vulnerabilities you have, but however it won't tell you how to fix them. Infinitive! Port Scanner: Our very own online port scanner! http://infinate.x10hosting.com/phport
Update Yourself: Install all the latest update possible. Service Pack 2 is a good way to start if you're running Windows XP. Enable Automatic Updates, and make sure you have the latest updates on your PC.
Safe Surfing: Due to Internet Explorer's high popularity, it is usually safe to change altogether. A common program now is known as FireFox (www.mozilla.com/products/firefox), which is fast, responsive and similar to Internet Explorer. However a major flaw with FireFox is that you will need to install additional plug-ins in order for you to view certain pages.
Make Regular Backups: Prepare for the worst. Make regular backups of your important files and store them on a type of offline storage.
Don't open suspicious links: If you are sent a link you are not sure about, do not open them, Simple. Another good way is to avoid suspicious sites altogether. Many programs too, bundle with spyware, so when you download them make sure they are stated "Freeware", nothing else.
Program Protection: Use Anti-Virus and Firewall software. McAfee is a highly recommended product over Symantec, but there are also other free anti-virus/firewall software online such as NOD32. http://www.nod32.com/
If you have been infected: Find cleaning instructions online on sites such as http://vil.nai.com. It will tell you where to locate your infection, and where to find and remove it. System Restore is also a good option on Windows XP. To use System Restore, go to Start, All Programs, Accessories, System, System Restore. Simply click a restore point and reboot.
You can also remove viruses using the programs listed under Program Protection. To remove Spyware, Spybot S&D (http://www.safer-networking.org/en/index.html) is a free yet useful tool to use.
All articles are written by Infinitive!
Infinitive! http://www.infinate.x10hosting.com You may reproduce and use this article just so long as you add a link (http://www.infinate.x10hosting.com) down at the bottom.
Infinitive! All the latest articles, tools, news, file hosting and more!
Subscribe to:
Posts (Atom)
