Fix From Virus

If your wireless network is not secure, a hacker can easily intercept the data you send and receive, or access files saved on your computer – all from the comfort of their own sofa.

Why is it necessary to secure my wireless network?

These days, most computers are wireless-enabled: they let you connect to the Internet without a physical network cable. The major benefit, of course, is that you can use your computer anywhere in the house or office (as long as it’s within range of your wireless router). However, there are potential risks involved in wireless networking - unless you make your network secure:
A hacker could intercept any data you send and receive;
A hacker could get access to your wireless network;
Another person could hijack your Internet access.


Therefore, if your wireless network is not protected, a hacker could intercept any data you send; access your network, and therefore your shared files; use your connection to connect to the Internet - especially significant if you have a download limit on your internet package and your bandwidth is being swallowed up by a hijacker.

There are some simple steps you can take to secure your wireless network and router in order to minimise these risks:

Change the administrator password for your wireless router. It’s easy for a hacker to find out the manufacturer’s default password and use this to access your wireless network. And avoid using a password that can be guessed easily: follow the guidelines provided in the section below on choosing a password.

Switch off SSID (Service Set Identifier) broadcasting, to prevent your wireless device announcing its presence to the world.

Enable encryption in your connection settings: WPA encryption is best, if your device supports it (if not, use WEP encryption).

Change the default SSID name of your device. Again, it’s easy for a hacker to find out the manufacturer’s default name and then use this to locate your wireless network. Avoid using a name that can be guessed easily: you should follow the guidelines provided in the 'Choosing a Password' section.

Spam is anonymous, unsolicited bulk email – it is effectively the email equivalent of physical junk mail delivered through the post. It is sent out in mass quantities by spammers who make money from the small percentage of recipients that actually respond. Spam is also used for phishing and to spread malicious code.

Over the last decade, the use of and delivery of spam has evolved. While spam was initially sent directly to computer users and easily blocked, in the coming years, high-speed Internet connections allowed spammers to send out mass mailings inexpensively and quickly, as did the discovery that individual users' modems could be accessed by anyone from anywhere in the world since they had no protection at all. In other words, unsuspecting internet users' connections could be used to send their spam in much higher volume.


That was until hardware manufacturers began securing their equipment, and filters became more proficient at blocking spam. Yet, spammer techniques have always evolved, not only in the way they send spam, but also in response to filters. The result is an ongoing battle between spammers and those working to prevent them, constantly trying to stay one step ahead in the fight to keep spam from clogging the information superhighway.

How can I protect myself from spam

Maintain at least two email addresses. Use your private address only for personal correspondence, and another address for registering on public forums, in chat rooms, to subscribe to mailing lists etc.

Your private address should be difficult to guess. Spammers use combinations of obvious names, words and numbers to build lists of possible addresses. Your private address should not simply be your first and last name. Be creative and personalize your email address.

Treat your public address as a temporary one. The chances are high that spammers will get hold of your public address fairly quickly if it is frequently being used on the internet. Don't be afraid to change it often.

Never respond to spam. Most spammers verify receipt and log responses. The more you respond, the more spam you will receive.

Do not click on 'unsubscribe' links in emails from questionable sources. Spammers send fake unsubscribe letters in an attempt to collect active email addresses. If you click 'unsubscribe' in one of these letters, it will simply increase the amount of spam you receive.

Never publish your private address on publicly accessible resources.
If you must publish your private address electronically, mask it to avoid having it picked up by spammers. ‘Joe.Smith@yahoo.com’ is easy to find, as is ‘J.Smith@yahoo.com.’ Try writing ‘Joe-dot-Smith-at-yahoo.com’ instead. If you need to publish your private address on a website, do this as a graphics file rather than as a link.

Consider using a number of public addresses in order to trace which services are selling your address to spammers.

Make sure that you use the latest version of your web browser and that any security patches have been applied.

Use an anti-spam solution and only open email accounts with providers who provide spam filtering.

If your private address is discovered by spammers - change it. This can be inconvenient, but changing your email address does help you avoid spam - at least for a while!

Crimeware is malicious software that is covertly installed on computers. Most crimeware progams are in fact Trojans. There are many types of Trojans designed to do different things. For example, some are used to log every key you type (keyloggers), some capture screenshots when you are using banking websites, some download other malicious code, and others let a remote hacker access your system. What they each have in common is the ability to ‘steal’ your confidential information – such as passwords and PINs – and send it back to the criminal. Armed with this information, the cybercriminal is then able to steal your money.

There are several steps you can take to protect your computer from today’s cyber threats. Following the simple guidelines below will help minimise the risk of attack.

Protect your computer by installing Internet security software.

Install security patches for your operating system and applications. If you use Windows® simply switch on Automatic Updates. And don’t forget to update Microsoft® Office.

If you receive an email with an attached file (Word documents, Excel spreadsheets, .EXE files, etc.) don’t open it unless you know who sent it and only then if you’re expecting it. NEVER open an attachment sent in an unsolicited (spam) email. The same is true for email messages or IM (Instant Messaging) messages that contain links.

Update your security software regularly (i.e. at least once a day).

Keep your other applications updated.

Only use your computer’s Administrator account if you need to install software or make system changes. For everyday use, create a separate account with only limited access rights (this can be done through 'User Accounts' in 'Control Panel'). By doing this, you limit a malicious program’s access to valuable system data.

Backup your data regularly to a CD, DVD, or external USB drive. If your files become damaged or encrypted by a malicious program you can then copy them back from your backup.

Download Internet Security Software
Kaspersky Internet Security | Panda Internet Security | Norton Internet Security

Windows 2000:
Click Start,
1. and then click Run
2. In the Open box, type gpedit.msc, and then click OK
3. Expand User Configuration, expand Administrative Templates, and then expand System
4. In the right pane, double-click Don't run specified Windows applications
5. Click Enabled, and then click Show
6. Click Add, and then type the executable file name of the program (avnotify.exe) that you want to restrict users from running.
7.Click OK, click OK, and then click OK (NOTE: If domain-level policy settings are defined, they may override this local policy setting.)
8. Quit Group Policy Object Editor
9. Restart the computer



Windows 2000/XP: (2000 & XP Pro do not require you to boot into safe mode)
1. Boot into Safe Mode (tap F8 repeatedly after you restart the computer)
2. Log in using the Administrator account
3. Go to C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
4. Right-click avnotify.exe-> properties-> security-> advanced
5. Under the Permissions tab click on SYSTEM under Permission entries:
6. Edit-> Traverse Folder / Execute File-> deny-> ok ->apply-> yes -> ok-> ok
7. Reboot the computer into Normal Mode (start-> shutdown-> restart)

Windows XP Pro & Vista Business/Ultimate/Enterprise
1. Start-> Control Panel
2. Administrative tools-> Local security policy
3. Click on Software Restriction Policy-> Action (at the top)-> create new restriction policies
4. Right-click additional rules (on the right side)-> new path rule
5. Click Browse and navigate to C:\Program Files\(Avira)\AntiVir PersonalEdition Classic\ and double-click avnotify.exe
6. Set the security level to Disallowed-> apply-> ok

Windows Vista Home Premium
1. Go to C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
2. Right-click avnotify.exe-> properties-> security->
3. Under the group or username SYSTEM click edit
4. Put a checkmark under the DENY column for "read and execute"

.: Disable the splash screen :.
1. Open regedit and navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
2. In the right pane double-click avgnt and add /nosplash at the end of the path (ex. /min /nosplash)

Svchost Process Analyzer lists all svchost instances and checks the services they contain. Svchost.exe is a generic host process name for Windows services that run from dynamic-link libraries (DLLs). The authentic svchost.exe is located in C:\Windows\System32, but numerous viruses and trojans use the same file and process name to hide their activities. Svchost Process Analyzer makes it easy to uncover Svchost worms like the infamous Conficker worm.

Download Here

Today I got an unusual spam:

I believed for the first few seconds that it was a valid message so i checked what was at the link. My instinct told me to download it in a safe environment, which turned out to be a good idea. I saw this page:



I see a lot of scaremongering messages in my job, but this is special
because it speaks about the city where i live - Brno. This site check the IP address and change the message according to your location. Rest of the page is the usual stuff - the message says you need the latest Flash player and when you click on the picture or download link, you get a nasty trojan horse. On every refresh, you get a different link and trojan horse.

Of course it's not a real Reuters message. AVG protect from all trojans i saw on this page.(Pavel Krcma)

Download AVG 9.0 Or AVG Internet Security

Kaspersky Anti-Virus 2010 – the backbone of your PC’s security system - offers protection from a range of IT threats and provides the basic tools needed to protect your PC.

Kaspersky Anti-Virus 2010 – the backbone of your PC’s security system, offering real-time automated protection from a range of IT threats:
- Real-time scanning of files, web pages and e-messages
- Basic identity theft protection Improved!
- Color-coding of links to unsafe websites New!
- Disabling of links to malicious websites
- Blocking of suspicious programs based on their behavior Improved!
- Protection from hijacking of your PC
- Self-protection from malware
- Regular and emergency updates for always-on protection

Kaspersky Anti-Virus 2010 offers a number of new and improved features together with unique protection technologies to address the latest online threats, keeping your PC running smoothly and customize protection according to your activities:
- Kaspersky Toolbar for Internet browsers to warn you about infected or unsafe websites New!
- Basic identity theft protection, including improved secure Virtual Keyboard Improved!
- Urgent Detection System to stop fast emerging threats Improved!
- Next generation proactive protection from zero-day attacks and unknown threats Improved!
- Special Game Mode to suspend alerts, updates and scans while you play New!

Kaspersky Anti-Virus 2010 has a range of unique tools which heighten security and keep your computer running smoothly:
- Enter logins and passwords using secure Virtual Keyboard Improved!
- Turn on Game Mode to suspend alerts, updates and scans New!
- Scan system and installed applications for vulnerabilities
- Tune up your OS and Internet browser settings for better security
- Restore correct system settings after malware removal
- Burn a Rescue CD to restore your system in case of infection Improved!
- Remove activity traces in your Internet browser (history, cookies, etc.)

DOWNLOAD Kaspersky Anti-Virus 2010 + Resseter software

WHAT IS A VIRUS?
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. Computer Viruses have been a problem for many years. When people speak of computer viruses they often mistake Spyware for being a virus, when in fact most computer viruses are hidden and not out in the open like a spyware infection.

A Virus can be introduced to a computer through many different ways. They can be attached to an email, hidden in a CD-ROM or USB drive, installed unknowingly when installing supposedly legitimate software, through a network from another infected
computer, and through unsafe surfing with an un-patched computer.

Among the things that a Computer Virus can do damage to, are a persons files system files, and boot files. Or a virus could do nothing at all other than replicate itself and spread to other computers.

WHAT CAN I DO?
Using and running a good Anti-Virus is the best step a person can take to combat viruses. When people think of Anti-Virus programs for some reason they often think of Norton Anti-Virus, unfortunately Norton is not the best Anti-Virus out there and we recommend avoiding it.

WHAT ANTIVIRUS SHOULD I GET?
For an antivirus we suggest AVG Professional or Kaspersky Anti-Virus. These are better Anti-Virus software packages which will not slow your computer down like an Internet Security Suite. Internet Security Suites like Norton Internet Security, AVG Internet Security and McAfee Internet Security are more likely to cause problems on a home an business network., and are likely to become detrimental to the speed of your computer.

A good free Anti-Virus is AVG Free. Something to remember is that a popular antivirus
is not always best when trying to clean your computer. A fully patched computer is
also important. On a regular basis Microsoft releases critical patches to their operating systems to help keep them secure.

THINK PREVENTION!
An Antivirus program is only a curative measure, they do not stop the computer from
becoming infected in the first place, they only serve to remove known infections. With this in mind it is essential that you have your security setup so you don't get infected to begin with. Preventing a virus infection is better then dealing with the cleanup afterward.

A KEY PROGRAM that will help is FIREFOX.
Firefox is an internet web browser. And since web browsers are the means by which you view any web related content, it makes sense that you should be using one which has better security and preventative measures in place than the most common alternative Internet Explorer. Firefox will actively stop most pop-ups and auto downloads while using the internet. Download it at http://www.firefox.com
http://free.avg.com

BE WISE!
It is important that you have the right tools for the job, that you do not become complacent in your everyday browsing habits. Key things to look out for and avoid
are:

Pop-ups or buttons prompting you to buy or download a product.

Buttons and adverts including the word “FREE”

Sites that offer testimonials to sell their products, if its good, then its good enough for word of mouth.

Check the URL, often the address of the site will not match the content.

Email spoofing and what can be done about it. Examining solutions such as the Sender
Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it are some of the solutions to this problem.

E-mail spoofing is forgery of an email header.(Header is the part of a message that
describes the originator, the addressee and other recipients, message priority level,
etc.) The message appears to have originated from someone or somewhere other than the
actual source. While spoofing can be used legitimately., using by anyone other than yourself is illegal in some jurisdictions.

Although most spoofed e-mail falls into the "nuisance" category and requires little
action other than deletion, the more malicious varieties can cause serious problems
and security risks. A favorite technique of spammers and other mischief mongers is to “spoof” their return e-mail addresses, making it look as if the mail came from someone else. This is a form of identity theft, as the sender pretends to be someone else in order to persuade the recipient to do something (from simply opening the message to sending money or revealing personal information), according to Deb Shinder, technology consultant, who has authored a number of books on computer operating systems, networking, and security.

If the precaution is not taken, anyone with the requisite knowledge can connect to
the server and use it to send messages. To send spoofed e-mail, senders insert commands in headers that will alter message information.

If you remember, your snail mail had the return address as an indicator of where it
originated. However, the sender could write any name and address there and you had no assurance about its genuineness. Just anyone can send spoofed e-mail that appears to be from you with a message that you didn't write!

Why does anyone want to send 'spoofed emails'!!! It could be that spoofed e-mail
may purport to be from someone in a position of authority, asking for sensitive data,
such as passwords, credit card numbers, or other personal information -- any of
which can be used for a variety of criminal purposes.
Whatever the motivation, the objective of spoofed mail is to hide the sender's real
identity. This can be done because the Simple Mail Transfer Protocol (SMTP)
does not require authentication (unlike some other, more secure protocols). A sender
can use a fictitious return address or a valid address that belongs to someone else,
says Ms. Shinder.

Display of popups containing advertises when accessing infected internet sites.

Spreading: very high
Damage: low
Size: about 4000 bytes
Discovered: 2007 Mar 07

In order to successfully display the pop-ups containing advertises, the trojan has functions to bypass the Norton Internet Security Pop-up Blocker. (Dan Lutas, virus researcher)

The trojan displays pop-ups containing advertising from the following address :
http://asd.cl[removed].com/serving/links.php?[removed]

Please let BitDefender disinfect your files.

1. Dont assume anything. Make some time to learn about securing your system.

2. Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.

3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.

4. Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.

5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.

6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.

7. Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.

8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.

9. Do not copy any file if you don't know or don't trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.

10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in. (bitdefender.com)

There are no obvious symptoms until the malware manages to infiltrate the system. This can happen when opening a crafted PDF file and the javascript code inside the file is executed.

Exploit:Win32/Pidief.D; Exploit:W32/AdobeReader.QQ

This is a generic detection for specially crafted PDF files which exploit different vulnerabilities found in Adobe PDF Reader's Javascript engine in order to execute malicious code on user's computer. The exploitation mainly involves the following two functions:
util.printf() - if an attacker sends a string long enough to generate a
stack-based buffer overflow he will then be able to
execute arbitrary code on user's computer with the
same level privileges as the user who opened the PDF
file
Collab.colectEmailInfo() - a stack-based buffer overflow can be
caused by passing a string long enough (at least 44952
characters) as a parameter in the msg field of this
function.

The Javascript function containing the actual exploit is specified in the OpenAction tag of the PDF file. Usually this function is encoded using zlib. After decompression sometimes the script is still obscured through one or more layers of encoding in order to avoid detection and make analysis more difficult. The javascript code inside the PDF file is used to download and execute other malware on user's computer.

Keep updated the sofware installed on your computer.
Please let BitDefender delete the infected files.

Download BitDefener now

Win32.Worm.Downadup is a worm that relies on the Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (MS08-67) in order to spread on other computers in the local network. The authors took various approaches to make this malware especially fast spreading and hard to remove.

SYMPTOMS
Connection times out while trying to access various antivirus-related websites.
Windows Update has been disabled.
Presence of autorun.inf files in the root of mapped drives pointing to a .dll file inside the RECYCLER folder of the drive.

This malware always comes wrapped in an obfuscated layer which aims at deterring analysis. The layer can be in two flavors, either packed with UPX or not packed, but it is always obfuscated and uses various rarely used apis to break emulators. The real malware is contained inside in an encrypted form. It is packed with a standard upx version, but to deter unpacking it is never written on disk and it doesn't have the PE header which makes it appear as an invalid executable. This has the side effect of being undetectable when injected into another process, it just looks as standard memory allocated page.

A computer can be infected by possible three means:
* if not patched with the latest security updates (in this case if MS08-67 vulnerability is not patched), by an already infected computer in the local network
* if the administrator account of the computer has a weak password (brute force dictionary attack against administrator password is used)
* if the computer has the Autoplay feature enabled and an infected mapped/removable drive stick is attached.

Once gained execution this worm does the following actions:
* hooks NtQueryInformationProcess from ntdll.dll inside the running process
* creates a named Mutex based on the computer name
* injects intself into one of the following processes:
* explorer.exe
* svchost.exe

* uses the following registry key to hide the files with hidden attributes:
* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL\"CheckedValue" = "0"

* executes the following command, which disables auto-tuning (details) option under Windows Vista :
* netsh interface tcp set global autotuninglevel=disabled

* copies itself into one or more of the following locations:
* %Program Files%\Internet Explorer\[Random Name].dll
* %Program Files%\Movie Maker\[Random Name].dll
* %Documents and Settings%\All Users\Application Data\[Random Name].dll
* %Temp%\[Random Name].dll
* %System32%\[Random Name].dll

* if residing into services.exe application (Win2K) it hooks on the following apis:
* NetpwPathCanonicalize from netapi32.dll - this api is used to avoid reinfection of the local machine from other infected computers
* sendto from ws2_dll.dll

* if residing into svchost.exe it hooks the following apis
* NetpwPathCanonicalize from netapi32.dll - this api is used to avoid reinfection of the local machine from other infected computers
* DnsQuery_A, DnsQuery_W, DnsQuery_UTF8, Query_Main from dnsapi.dll - this apis are hooked to restrict access to various sites related to antivirus companies.

* it sets maximum number of simultaneous connections allowed by doing one of the following
* patching tcpip.sys driver, using a driver it drops itself (contained in an unencrypted form)
* setting HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\"TcpNumConnections" to "00FFFFFE"

* injects itself into services.exe (Win2K)

* it sets the following registry keys (if they are not set already), probably as an infection marker:
* HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\"dl" = "0"
* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\"dl" = "0"
* HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\"ds" = "0"
* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\"ds" = "0"

* Disabled the following Windows services:
* Background Intelligent Transfer Service (BITS)
* Windows Automatic Update Service (wuauserv)

* sets the following registry key to hide files with hidden attribute:
* HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL\"CheckedValue" = "0"

See information detail
Download Malware Remover - BitDefender antivirus

Trojan.Lopad.K Virus description :
The exact path to "Internet Explorer" browser is retrieved from registry. A check is made to see if the virus code is executing from within iexplorer's address space. If it is not then a new instance of iexplore.exe is infected with the viral code and executed. The code injected into iexplorer does the following: If the command line arguments does not include the string "923CCB1F" then a message box with title "Bad Elmo" and text "

You must install this software as part of the parent program. Press OK to exit." appears before exiting. If the command line argument "-newkEm" is present then it searches for a window of class "wwBYAwnd" and name "windWWAA" and sends it a message with id 0x533 then exits. If the window cannot be found the a file named "cdromruleclose.exe" is looked for in "%app_data%/play view/"and executed if it is found.

The virus then exits, but not before retrying to send the previous message, to the same window. If the command line argument "SWIcertifiedEd 1" is present then the file "%temp_dir%\bis.tmp" is looked for and removed.
Next a random URL is constructed, with the form "http://c2839.bins.lop.com/", from where a variant of Swizzor virus is downloaded as "%temp_dir%\bis.tmp" and executed.The virus the exits. The virus uses encrypted strings to make the analysis difficult. The use of command line arguments is meant to prevent heuristical detection.

You can use BitDefender, Download here

"BitDefender Antivirus 2009 provides advanced proactive protection against viruse"
BS Editor: BitDefender Antivirus 2009 provides advanced proactive Protection against viruses, spyware, phishing attacks and identity theft, without slowing down your PC.
Family network protection
Manage the security of your home network from a single location. BitDefender software from other computers in the network can be remotely configured, while tasks such as scans, backups tune-ups and updates can be run on-demand or scheduled to run during off-hours.

Hassle – Free Hourly Updates
Hourly updates ensure that you are protected against the latest threats without pushing a button. Lost program files are not a problem either. In the rare event of file damage due to PC problems, BitDefender automatically repairs and updates itself.


Free Download BitDefender Antivirus 2009 now.

Your brave anti-spam software works hard to defend your inbox from all those messages about enlarging… um… various things. Even more important, your spam buster also helps protect you from less-embarrassing --but more dangerous-- phishing scam emails. But not entirely safe. Just in case a big bad phishing scam does get through to your inbox, it’s important to know how to spot it.

1. Do they handle your money? Then they won’t ask for your info.

The companies that deal with your money can be counted on for a lot of things. Making mistakes on your monthly statement. Talking robotically on the telephone (even if they’re human). Sending you advertisements you don’t want. But one thing they can’t be counted on to do --because they never do it-- is ask for your account information in an email. No company that deals in your finances will ask for your info via email. Ever. Not the bank, not the IRS, and not Paypal.

2. Check that the sender’s email address matches the company’s URL.

Whenever you receive an email from a secure financial organization, such as your bank or the ever-friendly IRS, be sure to check the email over carefully. Is the name of the organization misspelled in the email address, or not included at all? Is the appearance and language of the email official? (Just a hint: a title of “It’s time 4 U to renew UR account!” is a dead giveaway.)

3. Check who’s getting the email. If there’s more than one address, get suspicious quick.

If a message you’ve received has aroused your suspicion, a quick way to check if it’s legit is to take a look at who it’s gone out to. If there’s more than one email address there, they’re probably not who they say they are-- after all, major companies have a privacy policy to follow. Many lazy phishers simply blitz the Net, sending messages to hot_bad_muscles1, hot_bad_muscles2, all the way up to you at hot_bad_muscles2000.

4. Do the email’s claims catch your attention? Check it online.

One way phishing spam works is by trying to scare you into acting quickly. They’re going to delete your account. Or they’re going to kill you. Or they’re going to run over your dog. If the content of an email catches your attention and you feel you must take action, look into it first. The easiest way to do this is to Google a sentence or two from the email. If you find other people online talking about it, it’s garbage.

The big bad phisher will try to get under your skin-- but just delete those suckers right out of your inbox.

5. Stop phishing in its tracks by reporting phishing scams to the company they’re pretending to be.

No major (or, heck, minor) company wants to be impersonated by someone looking to steal their clients’ info and even their identities. While most of them don’t actually care what happens to you (when is the last time your bank manager gave you a hug?), they do care how identity theft makes their company look. So be sure to advise an organization that their customers are being targeted by a phishing spam. They can send out warnings, button down security, and generally work to keep their clients’ info safe.

There are a lot of nasty characters creeping around on the Net. And some careless people do fall into their traps. Don’t be one of them. Instead, up the anti-spam security on your email server, keep your eyes peeled for bogus emails, and delete, delete, delete.

The growing economic value of information, products, and services accessible through computer systems has attracted increased attention from opportunistic criminals. In particular, the many potential vulnerabilities of online systems and the Internet have made computer crime attractive and pose significant challenges to professionals whose task it is to secure such systems.

The motivations of persons who use computer systems in unauthorized ways vary. Some hackers primarily seek detailed knowledge of systems, while others (often teenagers)
seek “bragging rights.” Other intruders have the more traditional criminal motive of gaining access to information such as credit card numbers and personal identities that can be used to make unauthorized purchases (see identity theft). Computer access can also be used to intimidate (see cyberstalking and harassment), as well as for extortion, espionage, sabotage, or terrorism (see cyberterr orism).


Attacking and defending information infrastructure is now a vital part of military and homeland security planning (see information warfare). According to the federal Internet Crime Complaint Center, in 2006 the most commonly reported computer-related
crime was auction-related fraud (44.9 percent), followed by nondelivery of goods (19 percent)—these no doubt reflect the high volume of auction and e-commerce transactions.

Various forms of financial fraud (including identity theft) make up most of the rest.
The new emphasis on the terrorist threat following September 11, 2001, has included some additional attention to cyberterrorism, or the attack on computers controlling key infrastructure (including banks, water and power systems, air traffic control, and so on). So far ideologically inspired attacks on computer systems have mainly mounted to simple electronic vandalism of Web sites. Internal systems belonging to federal agencies and the military tend to be relatively protected and isolated from direct contact with the Internet.

However, the possibility of a crippling attack or electronic hijacking cannot be ruled out. Commercial systems may be more vulnerable to denial-of-service attacks (see below) that cause economic losses by preventing consumers from accessing services.

Surveillance-based attacks involve scanning Internet traffic for purposes of espionage or obtaining valuable information. Not only businesses but also the growing number of Internet users with “always-on” Internet connections (see broadband) are vulnerable to “packet-sniffing” software that exploits vulnerabilities in the networking software or operating system. The main line of defense against such attacks is the software or hardware firewall, which both “hides” the addresses of the main computer or network and identifies and blocks packets associated with the common forms of attack (see firewall).

In the realm of harassment or sabotage, a “denial of service” (DOS) attack can flood the target system with packets that request acknowledgment (an essential feature of network operation). This can tie up the system so that a Web server, for example, can no longer respond to user requests, making the page inaccessible. More sophisticated DOS attacks can be launched by first using viruses to insert programs in a number of computers (a so-called botnet), and then instructing the programs to simultaneously launch attacks from a variety of locations.

Computer viruses can also be used to randomly vandalize computers, impeding operation or destroying data (see computer virus). But a virus can also be surreptitiously inserted as a “Trojan horse” into a computer’s operating system where it can intercept passwords and other information, sending them to the person who planted the virus. Viruses were originally spread through infected floppy disks (often “bootleg” copies of software). Today, however, the Internet is the main route of access, with viruses embedded in e-mail attachments. This is possible because many e-mail and other programs have the ability to execute programs (scripts) that
they receive. The main defense against viruses is regular use of antivirus software, turning off scripting capabilities unless absolutely necessary, and making a policy of not opening unknown or suspicious-looking e-mail attachments as well as messages that pretend to be from reputable banks or other agencies.

see phishing and spoofing.

Malicious ads (also known as “malvertising”) may also be a way for a website to experience a malware attack. Rather than infecting a website directly, the hackers infect an ad network (perhaps even by simply creating an ad that looks legitimate, but actually serves malware to the user). One their malicious ad is in the ad network, it can be presented to users on various websites by the ad network simply rotating through its inventory of ads. This is often a difficult attack to detect on a website.

Example of a malvertising popup imitating anti-virus software

The reason is that the malicious code may show up intermittently on various user requests, and unless you happen to observe the malicious ad being served, you will not be able to detect the malicious code on the website.

Use Antivirus Internet Security AVG 9.0 | Panda 

The simple answer is that malware attacks on websites are the best way for hackers to distribute viruses. In the past, viruses used to spread via email attachments, or by coaxing users to download and install a malicious file. These have all become less effective and/or too cumbersome for the hackers over time. The preferred
method of distributing viruses these days is by drive-by-downloads from legitimate websites. A drive-by-download occurs when a user visits a web page and malicious
code is automatically and silently downloaded and installed on the user's computer, without any interaction with the user required.

Once the virus is on the user's PC, the hackers have remote access to the computer and can steal sensitive information such as banking passwords, send out spam or install more malicious executables over time.



Figure 1 - Emails with Infected Attachments, 2005-2008 (Percent of total emails)

Figure 2 - Malware-infected web pages discovered daily, 2006-2008

From the data above [1][2], one can observe that emails with infected attachments have declined 94% since 2005, while malware-infected web pages have increased by 600%
since 2006. According to published reports, 77% of drive-by-downloads are occurring on legitimate websites [3]. From the hacker's point of view, it is easier to tap into a legitimate website's existing user base than try to lure users over
to a malicious website that they themselves have set up. Therefore, the hackers now target innocent, legitimate websites for virus distribution.

The impact on websites of this behavior is enormous. If undetected, the website will now infect any visitors with a virus. This can severely damage the website's reputation with its existing and potential customers, as well as create liability issues. Furthermore, search engines, browsers, and security companies are now blacklisting websites that are found to be serving malware drive-bydownloads. Google, Yahoo, Firefox, Internet Explorer, Norton, and McAfee all blacklist legitimate sites that have been infected with malware. The blacklisting has an immediate impact on the website's traffic and revenues, as well as heightens the damage to a website's brand and reputation.

Get Anti-Malware

The very short, very easy answer is: hell yes! With all that's happening on the internet these days it's simply too risky to sit "naked" on the internet unless you really know what you're doing. The real question is: what do you need? It's even possible you already are behind a firewall and don't need anything additional.

First, realize that a firewall is about protecting you from them, where "them" means "the malicious folk on the internet". A correctly configured firewall does not block your access out to the internet so you should be able to browse the web, for example, without interruption. The firewall prevents access from somewhere on the internet to you. That's not to say people can't send you email; they can because you access your mail through the internet when you retrieve or download it. It does mean that people can't copy files directly to your PC or cause programs to be run on your machine.

Step one is to check with your ISP. Some actually do provide a certain amount of firewalling. AOL, if I'm not mistaken, is a fairly good example:
they've set up their own private network and internet access is tightly controlled. The good news is that you may be well-protected. The bad news is that you have no control over it, and you may not be protected from other AOL users. Most ISPs, however, do not provide any kind of firewall. What you get from them is a direct connection to the internet. That gives you the most flexibility and control but it also places the burden of protection in your lap.

The next question is do you need a hardware or software-based firewall?
In my opinion, if you connect via broadband such as cable or DSL then there's no question at all: broadband routers are inexpensive and provide an exceptionally high level of protection out of the box. They're typically easy to set up and also
have the flexibility to be carefully configured for more advanced uses such as running a web server from behind your firewall. I like the hardware approach because the routers are devices dedicated to their task and do not interfere with - nor can they be compromised by - your computer. Remember, a router will work fine even if you have only one computer.

If you are on dialup or have some other reason for not wanting to go the hardware route there are software firewalls as well. In fact, Windows XP includes one by default: on the properties page of any network connection, click the advanced tab and you'll find the Windows Firewall.

Even if you do nothing else and you're not sure what you really want to do, you should turn this on. Other popular firewalls include ZoneAlarm and Comodo.

Finally, when you believe you're protected or even if you know you're not you should visit Gibson Research and run "Shields Up", a vulnerability analysis. It will try to access and analyze your computer from the internet, list for you exactly how you are vulnerable, and tell you the potential steps you can take. It tends to be a little techie but it's worth the effort.

Download Software ZoneAlarm And Comodo

A firewall is a piece of software or hardware that sits between your computer and the internet and only allows certain types of things to cross the wall. For example, a firewall may allow checking email and browsing the web, but disallow things that are commonly not as useful such as RPC or "Remote Procedure Calls". In fact, it's vulnerabilities in RPC that allowed for one of the more recent worms to propagate.

Viruses like the Sasser worm can be prevented simply by using a good firewall. What's a firewall? Well, in your car it's the "wall" of metal behind the dashboard between you and the engine that prevents engine fires from roasting you and your passengers.

A firewall for your computer is much the same - it's to keep you from getting burned.
A firewall's purpose is very simple: to block or filter certain types of network traffic from reaching your computer. What do I mean by "certain types"? There are things you want to get like the pages of web sites you visit or the software you might download. And then there are other things you might not want like people accessing your computer remotely or viruses and worms infecting your machine.

A firewall knows the difference. Firewalls are also usually configurable; they can allow you to say "this kind of connection from the outside is OK". A good example is Remote Desktop. A firewall will by default prevent it from working. But you can
also configure the firewall to allow that type of connection to come through. That way you would be able to access your computer from another, across the room, or across the internet. But other types of traffic like viruses are still blocked.
Some firewalls will also monitor outgoing traffic for suspicious behavior.

One characteristic of many viruses is that once you're infected they attempt to establish connections to other computers to spread. Many software firewalls will detect and either warn you or simply prevent it. And that leads to a very important distinction in firewalls - there are two types: hardware and software.
· A hardware firewall is just that - a box that sits between you and the internet that performs the filtering function. Traffic that is filtered out never reaches your computer. Broadband routers perform the function of a firewall quite nicely and
are typically what I recommend. The downside for hardware devices is that most will not filter outgoing traffic.

· A software firewall is a program that runs on your computer, and at the very lowest level monitors your network traffic. The firewall prevents filtered traffic from getting through to the operating system. All network traffic reaches your computer but the firewall prevents your system from actually doing anything with it.

The good news is that if you're running Windows XP, you already have a firewall built-in. It's a simple matter of turning it on to get the protection you're looking for.(Ask Leo)

What firewall kind's do you need?

Kaspersky Internet Security 2009 is a totally new approach to data security. The main feature of the application is restricting the programs' rights to access the system resources. It helps prevent unwanted actions by suspicious and hazardous p

 rograms. The application's capabilities in the protection of user's confidential data have been considerably enhanced. The application now includes wizards and tools which substantially facilitate execution of specific computer protection tasks.

New Protection Features

- Kaspersky Internet Security now includes Application Filtering component along with Proactive Defense and Firewall which implements a new universal approach to the system protection against any threats including existing threats and threats that are unknown at the moment. Kaspersky Internet Security now requires considerably less input from the user due to the use of lists of trusted applications (whitelisting).

- Scanning of operating system and software for vulnerabilities with their subsequent elimination maintains a high system security level and prevents sneaking of hazardous programs into your system.
- New wizards – Security Analyzer and Browser Configuration facilitate the scanning for and elimination of security threats and vulnerabilities in the applications installed on your computer, operating system's and browser settings.
now reacts to new threats faster due to the use of Participating in Kaspersky Security Network technology that gathers data about infection of users' computers and sends it to Kaspersky Lab's servers.
- New tools - Network Monitor and Network Package Analysis - facilitate collection and analysis of information about network activities on your computer.
- New wizard - System Restore helps fix system damages after malware attacks.

New confidential features:

- A new component Application Filtering effectively monitors access to confidential data, user's file and folders by applications.
- Security of confidential data entered from the keyboard is ensured by a new tool - Virtual keyboard.
- Kaspersky Internet Security structure includes Privacy Cleaner wizard which deletes all information about his or her actions which can present an interest to intruders (list of visited websites, opened files, cookies, etc.) from the user's computer.

New anti-spam features:
- Efficiency of spam filtering by the Anti-Spam component has been increased due to the use of Recent Terms server technologies.
- The use of Microsoft Office Outlook, Microsoft Outlook Express, The Bat! and Thunderbird extension plug-ins simplifies the process of configuring the anti-spam settings.
- Revised Parental Control component allows effective restriction of undesirable access of some internet resources by children.

New protection features for internet use:
- Protection against internet intruders has been upgraded due to the extended databases of phishing sites.
- ICQ and MSN traffic scan has been added which ensures safety of the use of internet pagers.
- Security of the use of wireless networks is ensured through the scan of Wi-Fi connections.

Interface Language: English

Download here Mirror 1 | Mirror 2 | Key file for All

The new Panda Antivirus Pro 2010 is the easiest-to-use and most intuitive protection for your computer. Just install it and forget about viruses, spyware, rootkits, hackers, online fraud and identity theft. Chat, share photos and videos, bank and buy online, read your favorite blogs or simply surf the Web, with complete peace of mind. And thanks to the new Collective Intelligence technology, the solution is now much faster than previous versions.Compatible with Windows 7.

Install it and forget about viruses, spyware and hackers.

Requirement
Operating System:
- Windows 7 (32 & 64-bit)
- Windows Vista (32 & 64-bit)
- Windows XP (32-bit)
Processor: Pentium 300 MHz or faster
RAM:
- 128 MB without TruPrevent
- 512 MB with TruPrevent (1 GB recommended)
Hard Disk: 265 MB free space
MS Internet Explorer 6.0
CD-ROM drive

See More at pandasecurity.com
Download Panda Antivirus Pro 2010 Now

Panda Internet Security 2010 is a security suite that lets you use the Internet with complete peace of mind. It protects you from viruses, spyware, rootkits, hackers, online fraud, identity theft and all other Internet threats. The anti-spam engine will keep your inbox free from junk mail while the Parental Control feature ensures your children can use the Web safely. And thanks to the new Collective Intelligence technology, the solution is now much faster than previous versions. Compatible with Windows 7.

Anti-Malware Engine

Automatically detects and eliminates viruses, spyware, Trojans, rootkits, bots and other malware before they infect your computer.
NEW! Panda USB Vaccine protects your USB drives from infection.
IMPROVED! 80% reduced memory consumption.
IMPROVED! Scans files in real-time and on-demand.
IMPROVED! Scans emails before they reach your inbox, regardless of your email program.
IMPROVED! Scans Internet traffic regardless of your browser type.
IMPROVED! Scans Instant Messaging traffic in MSN Messenger, Windows Live Messenger, Yahoo Messenger and AOL.
IMPROVED! Removes all traces of clutter left by spyware on your PC.
Advanced Proactive Protection



Technologies from Panda Security are widely recognized as the most effective against new and unknown malware.
NEW! New detection technologies include generic signatures and remote heuristic scanning from the cloud.
IMPROVED! Genetic Heuristic Engine combines advanced algorithms to detect new variants of the most dangerous malware families.
IMPROVED! TruPrevent Technologies 2.0 silently analyze the behavior of programs, blocking those that try to damage your PC. This last line of defence blocks zero-day targeted attacks and terminates any malicious activity that has evaded traditional protection systems.
Personal Firewall

Protects you against Internet-borne worms and hacker attacks.
IMPROVED! Smart auto-configuration allows good programs to run while blocking malicious ones.
IMPROVED! Shields your PC from hackers on the Web.
Wireless Monitor protects your wireless network from intruders.
Intrusion prevention blocks known and unknown hacker attacks and vulnerability exploits.

Anti-Rootkit Technology

IMPROVED! Detects and removes silently-installed rootkits used by malware or hackers to evade traditional antivirus products.
Anti-Phishing Filter

Recognizes fraudulent email and protects you from scams while you shop, bank or pay bills online.
Anti-Banking Trojan Engine

Detects the most dangerous identity theft malware used by cyber-criminals to steal banking credentials. Specialized heuristics and generic detection techniques ensure maximum protection for online transactions. NEW!

Web Filter

IMPROVED! Lets you use the Internet safely without the risk of infections, vulnerability exploits, browser hijacking or phishing websites. By analyzing website content, links and Web reputation scores, Panda Security provides protection against all types of Web-based malware and scams
Personal Information Filter

IMPROVED! Prevents theft from your PC of credit card numbers, social security numbers and any other personal information you define.
Anti-Spam Filter

Keeps your inbox free from junk mail. With the new spam engine detection rates are now over 97%, ensuring uninterrupted service and delivering the emails you really need.
Parental Control

Lets your children browse the Internet safely by blocking access to violent, adult, or racist content, as well as other inappropriate websites. From the solution’s control panel –and regardless of the browser type- you can assign predefined filters (child, adolescent, employee…) to users or customize filter rules according to your specific needs.

Backup & Restore

Safeguards your most important files against accidental loss or damage. It prevents loss of important documents either unintentionally, or through hard disk problems or other accidents. Backup and restoration from hard drive, CD, DVD, other external media or online are both extremely simple and easy.
NEW! Includes a 2GB online backup

To safeguard your most important files and allow access to them anytime, anywhere. This ultimate safety layer provides 2 gigabytes of free, secure storage for one year.

Requirement
Operating System:
- Windows 7 (32 & 64-bit)
- Windows Vista (32 & 64-bit)
- Windows XP (32-bit)
Processor: Pentium 300 MHz or faster
RAM:
- 128 MB without TruPrevent
- 512 MB with TruPrevent (1 GB recommended)
Hard Disk: 275 MB free space
MS Internet Explorer 6.0
CD-ROM drive

Download Mirror 1

In this article we will explain every tip you can use to avoid virus and other
malicious software (malware) infection such as worms, trojan, adware, and spyware.
As you already know of what damages they can inflict to your system in our early
‘Malicious Software’ coverage, you must be irritated by now. In a time when data
exchange traffic is very high and there is almost no spot where a PC is not exposed
to the World Wide Web, it is no wonder that to be completely freed by any virus
attack someone can advise you to completely disconnect your line to the outside
world.

But doesn’t it remind you of “The Village”? A movie from M. Night Shyamalan that
pictures a small community that builds a village far from main society after the
elders being paranoia with all of the cruelty there are. Sadly, this extreme effort
doesn’t work either. Because not only the fear of the outside world itself has been
consuming them day and night, the isolation from main society has abandoned
them from all access including critical medical treatment.
So this is what we want to emphasize: with all the advantages of World Wide Web
has to offer and the concept of rapid information data interchange itself, it is our
lost to completely isolate ourselves from the main limelight. So accept the World
Wide Web with open arms and embrace it. But, equip yourself with the best
knowledge and application to avoid from being another victim. These are our 10
simple tips to avoid virus infection and other malware:
1. Load only software from original disks or CDs. Pirated or copied software even if
it’s from your friends is always a risk for a virus. Why? Unlike general assumption,
optical disks can easily become the medium of viruses because not like the old
days, now CDs and DVDs can be produced easily in any house in the world with very
poor protection of virus.

2. Be careful when opening emails. Do not open the one that you don’t sure where it
comes from. Especially if the title are suspicious and the email contain attachment.
If it does contain attachment, scan the attachment with an antivirus program before
opening it. Be cautions of attachments with a double extension, such as .txt.vb or
.jpg.exe. Double extensions are often a good indicator that the file is malicious. For extra safety, use email client that support prevention on any active content or
remote image that pop ups automatically. If you are using offline email client like
Microsoft Outlook or Mozilla Thunderbird, make sure your Antivirus support email
scanner function. Please also remind that Microsoft Outlook is more susceptible to
worms than other e-mail programs. You might want to consider Pegasus or Mozilla
Thunderbird.

3. Execute only programs which you are familiar as to their origin. Do not download
software from just any websites. Also, programs sent by email should always be
suspicious.

4. Keep your system up-to-date by setting up your computer to automatically
download patches and upgrades and any updates to both the operating system and
Internet Explorer. Visit Microsoft Update and turn on automatic updating.
5. Install anti-virus, antispyware, and Internet firewall program. Better most, find the one that offers a complete solution to all malicious software threats and firewall function. And although Windows Vista and Windows XP with SP2 have a firewall
already built-in and turned on by default, most of the time this is not enough. Once
installed, make sure you update your virus definitions in daily basis and run a full
system scan in weekly basis.

6. Back up critical files on a regular basis before you encounter a virus or other
problems. Turn on the system restore feature option for those of you who has
Windows XP and Vista. For those of you who don’t know how click here. Last, don’t
forget to change your passwords in regular basis.

7. Be careful when surfing. Avoid visiting and downloading file from suspicious and
dangerous websites. These websites usually include those that contain adult
content and websites that sell or offer illegal serials and cracks. These kinds of
websites usually have so many suspicious popup windows and applications that
upload automatically without our knowledge. There are so many other websites that
do just like this. Thus, use web browser with capabilities to block pop-ups and active content and the one that also can warn you if the site is unsecure. Mozilla Firefox is our favorite. Combine it with antivirus software that has site scanner ability and you got the ideal pair of prevention scenario. Also please be careful on any unknown intrusive activity. For example if you ever get a dialog box asking if you want to allow an automatic install, say "No" unless you know the site requesting the install and you trust it.

8. Stay informed about recent threats. Read about the latest virus threats so you are
aware of the potential danger. You can find this information on many major antivirus
vendors’ websites. Or join newsletter both from these vendors and some major authoritative PC’s online magazine to receive the latest malware threats.

9. Avoid using file sharing application if your system is not equipped with adequate
protection. Even if you do have, you need a very best of them to get you protected
from virus that lurking in the channel. Why? It is because there is almost no
guarantee that the file you are accessing and downloading are virus free since it
comes from unknown and untrusted source. Furthermore it might be the virus itself.
If what you want to do is downloading music, just go directly to iTunes or Rhapsody.

10. Consider to deactivate autorun function for all removable media drives like
floppy drive, optical drive, and flash disk. You need to do this because even the
most advanced virus out there is still need a trigger to run, be it a click from your
mouse, a command from a recognized program, or a command from Windows itself
such as commanding a newly inserted media to run its autorun program.
Autorunspecifically designed to make us enjoy the contents automatically: CD music
and DVD movies played automatically by your favorites multimedia player
application, data files automatically explored by your Windows Explorer, and your
new bought application directly bring you to the front window. But what if the
autorun program is the one that you don’t wanted at all like virus? So it is better to leave autorun function disable.

For final word, we recommend you to just stay sane and don’t be paranoid. Some
people get really weird about viruses, spyware, and other malware threats. What’s
important is that you still feel freedom in using your computer as you like it while
being optimally protected all along. Once you follow these steps, it shouldn't be a
big problem.(David Omar)

Software reference Anti-Malware | Spyware Doctor | AVG 9.0 | Avast Professional

What is Web-based Malware?

Web-based Malware is an emerging security threat for websites and web users. Hackers are now planting malicious code on legitimate websites in an effort to distribute viruses to consumers. (This attack is often called a “drive-bydownload”). Once the viruses are installed on users’ PCs, the hackers can monetize those compromised PCs in various ways (including logging users’ keystrokes or using the compromised PCs to send spam email).

The malicious code that hackers inject on websites is Web-based Malware, and it is very different from the typical virus that might infect a user’s PC. Web-based Malware runs in a web browser and often works by embedding in, sourcing in, or redirecting to malicious content from a hacker's website. Web-based Malware can be written in HTML, Javascript, Dynamic HTML, AJAX, Flash, PDF, or a variety of other programming languages. By contrast, a PC-based virus often takes the form of an executable file that runs code directly on the computer's microprocessor as opposed to being interpreted by the web browser. Attackers often use Web-based Malware to infect web pages so that those web pages can serve as distribution points for traditional, PC-based viruses.



Figure 1 - How Attackers Use Websites to Distribute Malware

What happens when a website gets infected with Web-based Malware?

80% of the sites found to be serving malicious code are, in fact, legitimate sites that have been hacked and infected with Web-based Malware1. There are approximately
1,000,000 malicious web pages discovered each month2. When a website gets infected with Web-based Malware, it is at risk of getting blacklisted by browsers, search engines, and desktop anti-virus companies. Internet users are prevented from accessing blacklisted sites.

Figure 2 - Google and Firefox blacklist a website that is infected with Web-based Malware

The above graphic illustrates the user experience when trying to access a site that
has been blacklisted by Google and Firefox. In this case, Google’s crawlers encountered this website while it was indexing the web. The crawlers detected that
the site was infected with Web-based Malware, and subsequently Google applied a warning saying, “This site may harm your computer.” in the search results. Firefox
users were blocked from accessing the site completely. As a result, traffic from to
this site would plummet. Microsoft’s Internet Explorer and Live Search, Symantec
Norton, McAfee SiteAdvisor, and many other browsers, search engines, and desktop
anti-virus companies also blacklist websites.

Once a site is blacklisted, it can take days or even weeks for the site to clear its
name from the blacklist. During this time, the website is experiencing significant
business losses:

· Customer loss (visitors are blocked from accessing the site; the site is “off the air”)
· Brand damage (the blacklisting hits the blogosphere and Twitter; the site loses confidence and trust of existing and new users)
· Support costs (site has to engage in emergency technical fixes while fielding concerned calls and emails from their customers)

The following are some direct quotes from website owners who were infected with Web-based Malware and subsequently blacklisted3:

“Just hoping for the best right now, my traffic has dropped 95% - 98%”
“Because of this block I am losing thousands of dollars at a critical time of the year”

[During a blacklisting]: “It’s a tremendous burden on my support staff because we get constant email about it”
“My site was blacklisted for a week. I lost at least $10,000 in ecommerce revenue.”
“The attacks occurred weeks ago, and I'm only now getting back to my normal levels of traffic.”

To help web businesses defend against malware attacks and avoid losses of traffic,
reputation, and revenue, Dasient has developed the world’s first and only complete
Web Anti-Malware (WAM) service. The Dasient WAM provides end-to-end protection
by monitoring websites for Web-based Malware infections. When an infection is
detected, Dasient WAM Monitoring will alert the website owner and provide
diagnostic information to remove the malicious code on the site. Dasient WAM can
also automatically quarantine any malicious code injected onto the website if the
customer (or their hosting provider) has deployed the Dasient WAM Quarantining
service. In many cases, website owners are alerted early enough that they can
avoid getting blacklisted altogether, even if their site was infected.(dasient.com)

What i should do? Download Antivirus Internet Security

Malicious code can be defined as code that has been developed to perform various harmful activities on a normal computer. Examples of such harmful activity can be actions such as stealing the end users data or personal information, infecting other ma-chines on a network or sending spam through infected machines. There are several categories of malicious code which include but are not limited to viruses, worms, trojan horses and bots. Each of these categories has differing characteristics according to their intended purpose. As we move forward, our aim is to discuss the various techniques we can use for effectively analyzing such malicious code.

Let us discuss the basic definitions of some different types of malicious code:


• Virus: Viruses are simple programs, which are written to change the way the computer works without the permission of its user. A virus cannot infect other PCs on a network until someone executes an infected file.

• Trojan Horse: In the context of computer software, a Trojan horse is a program that unlike a virus, contains or installs a malicious program (sometimes called the payload or 'Trojan') while under the guise of being something else.

• Worms: A computer worm is a self-replicating computer program. It uses the network to send copies of itself to other nodes (computer terminals on the network)
and it may do it without any user intervention.

• Bots: A bot is a malicious program, which receives instructions from its controller and performs operations according those instructions. By their nature, bots will replicate using various techniques like exploiting remote systems, sending e-mails using social engineering and subsequently creating a network of bots which are referred to as botnets. This network of compromised computers can be used to launch Distributed Denial of Service attacks, install malware or perform other nefarious activities. Bots are rising in popularity.

Spyware can be more than an annoyance. Poorly programmed spyware can interfere with other programs and can even cause system instability. Privacy issues are at stake as well.This type of software is often installed without a user's consent and often can't be uninstalled without special tools. When distributors use tricks and deception to installuninvited software, trust is destroyed.

The first line of defense against spyware is to be careful installing software. Know what's being downloaded. A large percentage of freeware or shareware programs have spyware embedded in them. Sometimes that's disclosed in the user agreement, but often not. Before downloading any new software, look for guarantees that it's spyware free. Even so, be on your guard — the file-sharing program Kazaa has been claiming to be spywarefree for years. Anyone who installs this software soon has an opportunity to test this claim.

How can you tell if you have spyware on your system? You may see pop-up advertisements even when you aren't browsing the web. Your homepage may have been
changed without your consent. New toolbars are installed on your web browser which you didn't request. Your computer may be sluggish or mysteriously reboot on its own. Though, the last effect is usually a virus. If you find your system bogged down with spyware, don't give up hope. There are several utilities specifically designed for removing spyware from your computer. They rely on frequently updated databases which contain signature files of all known spyware and adware. They scan all the files on your hard drive and alert you if 'uninvited guests' are found.

Many are free, though sometimes the paid versions have more automation features such
as removing spyware on receipt rather than requiring a manual scan. None will find every piece of spyware on your system, since they rely on a database which has to be
populated according to someone's judgment. And, one man's spyware is sometimes
another's welcomed advertiser. Some spyware is notoriously difficult to remove. They may make several alterations to your system settings and install files in different places. Often the only way to remove this type of spyware is to find the locations of all the files and manually delete them.
Needless to say, this should be performed only by skilled users. Deleting the wrong files can damage your programs and even your operating system. One software tool that can help you remove difficult spyware is called 'HijackThis'. It creates a list of files which could have been altered with spyware. The list is very comprehensive and also includes system files and files installed by legitimate software, so take care.

HijackThis wasn't designed to be a spyware removal tool, but it can be used to locate
persistent and hard to remove spyware. It requires knowledge of various system settings and you must be careful when changing them. It's possible to disable your system with the wrong setting. Fortunately, there's a community of HijackThis experts on the Internet willing to give free advice about suspicious entries.

Once your system is spyware free — help keep it that way. Some of the spyware removal
tools include utilities that can protect your computer from being exposed to spyware.
Much like virus scanners, they monitor changes to your system files and alert you of any suspicious activity. And, of course, beware those tempting looking free offers. You may get more than you bargained for.

Download Software: Internet Security & Antivirus Software | Spyware Remover | Firewall Registry Cleaner | Parental Control Software