viruses on the international space station

this past week there was a lot of buzz surrounding the news that an autorun worm had infected 2 laptops aboard the international space station... i wasn't sure i was going to bother saying anything about it at first but then i decided it might serve as an interesting object lesson so let's look at what we can learn from this event and what could have been done differently....

my first reaction when reading of the event was that this just goes to show how pernicious and autonomous self-replicating malware truly is... that notion (that viruses/worms are somehow worse or more autonomous than other forms of malware) has been scoffed at in the past but viruses in space stand as a testament to their ability to get into places no one intended or would have imagined... no other form of malware besides self-replicators would have been able to find new victims in that sort of environment...
source- anti-virus-rants.blogspot.com

another thing we can learn from this is to stop clinging to the fantasy that the only kind of malware we need to worry about anymore is the new stuff, that old-style viruses and worms aren't worth worrying about anymore... this wasn't brand new malware, it wasn't state of the art, and it wasn't something researchers on the bleeding edge would have taken notice of even when it was new... the malware threat landscape isn't composed exclusively of novelties, there's a heck of a lot of banality out there as well...

yet another lesson is that can be learned is that for all the whining about how AV is failing, at least some of the evidence used to support that argument (in other words, some of the failures) is actually a result of not using AV in the first place, not keeping it up to date, or not following the various other best practices for AV...

actually using an AV program is the first thing the astronauts and/or NASA could have done differently... while i'm sure there are plenty of arguments for why one might not want an anti-virus program on them, such as highly critical real-time processing of experimental data, these were laptops running windows and so were already unsuitable for real-time processing ('what do you mean the OS must have been busy don't something else during that time period?')... i assume someone up there must have had AV or else we wouldn't have a name for the malware...

failing that, they could have used some other sort of anti-malware technology like application whitelisting... in fact, considering the environment that might even be a more appropriate approach since it's unlikely that astronauts need to introduce new software to those machines very often... that is unless part of their job requires them to rewrite or apply patches to software being used in the experiments to collect/analyze data... come to think of it, that might actually be the case - it's not like the folks designing the experimental payloads have a lot of chances to test and debug their software under real-world conditions when the real-world in question is actually out of this world...

the astronauts could have operated the machines under non-administrative accounts - actually there isn't really anything to suggest they didn't, nor is there anything specific to an autorun worm's replication technique that should require administrative access... despite a previous post i made highlighting the ways in which least privilege can fail to stop malware, it still is fairly effective against a lot of existing malware...

they could have disabled autorun on those machines - in fact, they probably still should disable it... autorun is purely a convenience feature for the technologically inept; hopefully that's not the sort of folks NASA is sending into space (then again, they did get infected by somewhat old malware)...

finally, they could have used something other than windows machines... although technically not immune to malware, macs and linux machines have a far smaller pool of threat agents to worry about and the lower population density means that they are less connected to other similar endpoints that could pass on something they'd be susceptible to... of course, once again this is likely subject to what the machines are being used for - if they're running or monitoring experiments with them then they may be stuck with whatever the people who designed those experiments wrote their software for (and considering the cost of doing anything in space, cutting corners on the ground and using cheap windows developers is pretty likely)...

according to NASA this is not the first time they've had a virus infection in space... let's hope they also look at these sorts of events as learning experiences and figure out how to do things better in future...


src="http://www.mochasupport.com/aff/banners/88x31_2009.gif" width="88" height="31">

Best antivirus Software

2007 BEST AntiVirus software:

Golden：BitDefender AntiVirus
Silver：Kaspersky
Copper：Quick Heal antivirus software
04：PC-cillin AntiVirus
05：ESET Nod32 antivirus software
06：McAfee VirusScan
07：Norton AntiVirus
08：AVG Anti-Virus
09：eTrust EZ Antivirus
10：F-Secure Anti-Virus
11：AntiVirusKit
12：AVAST! AntiVirus
13：Panda Titanium
14：F-Prot antivirus software

Antivirus software are computer programs that attempt to identify, neutralize or eliminate malicious software. The term "antivirus" is used because the earliest examples were designed exclusively to combat computer viruses; however most modern antivirus software is now designed to combat a wide range of threats, including worms, phishing attacks, rootkits, trojan horses and other malware. Antivirus software typically uses two different approaches to accomplish this
These are the world renowed BEST AntiVirus softwares -Antivirus1234.com

Need of anti virus software...

By practicing responsible web surfing and email handling most Internet users can and do cut their virus threats down to one every blue moon, the anti virus program on the other hand is with you every day of your life.


So why do many anti virus packages try to attract attention, take up lots of resources and generally just bug the life out of you every day, all this to prevent a relatively rare occurrence.


Anti virus software create little popups to inform you of every single program trying to access the Internet, tell you in freaky computerized voices that they have been updated, suck a load of your computers resources, cause your computer to lag on startup as they start their scan services; just to name a few problems.

New VIPRE Antivirus + Antispyware

For the more technically inclined VIPRE offers several useful bonus tools. If you enable the Secure File Eraser, you get a menu item to the right-click menu for files and folders that lets you permanently erase sensitive data. Specifically, Eraser overwrites the file three times before erasing it. The erases recently used file lists and other traces of computer and browser activity for several dozen popular programs. And the PC Explorer offers a view of many system settings that are relevant to security.

Probably the most useful PC Explorer elements are the list of startup programs and running processes. For each program it displays the name, publisher, and description along with an icon identifying that program as safe, suspicious, hazardous, or unknown. These are strictly informational—you can't remove a program from the startup list or terminate a process.
Source-pcmag.com/article2/0,2817,2326532,00.asp

Avast! Antivirus Professional Edition

The professional solution to great protection avast! 4 Professional Edition represents the best antivirus protection avast! 4 Professional Edition comes with anti-spyware, anti-rootkit and strong self-protection built-in. It is designed to protect your valuable data and programs, as well as keep itself up-to-date and has the kind of built-in features that many vendors charge for additionally, or don’t include at all. Simply install and forget. All-inclusive, comprehensive protection avast! 4 Professional Edition includes ANTI-SPYWARE protection, certified by the West Coast Labs Checkmark process, to protect against the latest spyware threats and ANTI-ROOTKIT DETECTION based on the best-in class GMER technology, built in to the scan engine. No additional purchase is required. Simple to use and automated Just install and go. Automatic incremental updates provide real-time protection of your system, including web surfing. We’ve made avast! antivirus as simple to use as possible, while allowing full control of your security.-
Fast direct download Avast!

Spyware and Winlogon

Do you know what is Winlogon?

Winlogon creates the desktop for the windows environment.

The registry key is located at:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

Just by adding an ADDITIONAL shell (to the default explorer application) a spyware program can get itself loaded on windows startup.

"The Shell key value can contain a comma-separated list of programs to be executed. Explorer is the default shell program and will be executed if the Shell key value is null or not present. By default, Explorer is listed."

Editing the Windows registry-
You can use either regedit.exe or regedt32.exe to modify the registry. Under Windows XP and Windows Server 2003 there is no difference.

However if you are using Windows NT 4 or Windows 2000 then regedit.exe would have a few restrictions and is recommended only to search the registry (to view the restrictions, please refer to the references below)

Hacker Pleads Guilty to Attacking Anti-phishing Group

A California hacker has pleaded guilty to launching a Valentine's Day 2007 computer attack that nearly knocked an anti-phishing Web site offline.

21 year old Gregory King pleaded guilty Tuesday in federal court to two counts of "transmitting code to cause damage to a protected computer," for launching distributed denial of service (DDOS) attacks against the Castlecops anti-phishing Web site and Killanet, an online forum for gamers and graphic designers.Read more..

Configuring Norton 360 for firefox

The Norton 360 software package for Windows includes a firewall component, which controls the programs that can connect to the outside world and the types of connections that they can make. It also includes an "Eavesdropping Protection" feature, which can mis-identify Firefox and prevent it from working properly. Norton 360 can also erase Firefox's browsing history.

This article describes how to configure Norton 360 to allow Firefox to work normally. Link:-Configuring Norton 360 antivirus

Does using internet service affect my privacy?

Well yes it does affect the privacy but sometimes you can keep it safe by using these method

1. Don't register in unknown websites.
2. Don't register in websites which you don't visit often or don't know what they are offering.
3. Make sure you don't sign up for free newsletters
4. Don't provide your mail id publicly.
5. Also See to it that you always use an different identity [ you can even use a different photo of yours,if required.]

This way your privacy will not be ruined.

Computer Security-Free Virus Removal Tools

Getting a virus on your system is frustrating to say the least, and can be hazardous to the health of your computer. Indeed, today's malicious software can even steal your identity and wreck your hard-earned credit rating. To help fight back, here's a list of free tools, tips, and tricks to get rid of viruses and keep them from getting back on your system.
Free Virus Removal Tools
Sure the antivirus vendors want to make money, but if you ever get the chance to meet one of their virus researchers, you'll find their real motivation is to protect users. As corny as that may sound, it's true. That's why when stubborn or fast-spreading infectors are discovered, antivirus vendors release special tools to remove the malware - and give the tools away free. It's no substitute for installed antivirus software, but if you're already infected and in a pinch, it's the next best thing to, well, installed antivirus software.
* Create a Free F-Prot Rescue CD - FRISK Software - one of the oldest and most respected antivirus companies (and the secret sauce hidden in a lot of antivirus products being sold under other names)- offers their F-Prot for DOS scanner free for personal use.
# It's ideal for making a rescue CD so you can scan the system from a clean boot.
# McAfee AVERT Stinger - McAfee AVERT Labs offers a handy utility to run in Windows that cleans some of the more common malware.
# Microsoft Malicious Software Removal Tool - Microsoft offers a free tool to remove prevalent software active on the system. The tool is offered via Automatic Updates, Windows Updates, and Microsoft Updates, or it can be manually downloaded using the provided link.
# Symantec Virus Removal Tools - Antivirus vendor Symantec offers a wide range of free cleaning tools for individual malware removal.
# F-Secure Virus Removal Tools - Another good choice for individual malware removal are these free tools from F-Secure.
# For a second opinion scan or a not-so-stubborn infector, try one of the Top Online Scanners.
Free Virus Repair and Prevention Tips
# How to Repair a Boot Sector Virus - Though boot sector viruses are rare in the U.S. and most European countries, they are still prevalent in other parts of the world.
# How to Make an Antivirus Rescue CD - In case you missed it above, steps for creating an F-Prot CD.
# http://antivirus.about.com/library/weekly/aa011902a.htm - Prevention. Prevention. Prevention. These are the essential steps.
# How to Make Sure Your Antivirus is Working - Viruses, worms, and trojans often disable your antivirus software when they infect your system. This prevents the antivirus software from being updated and detecting the presence of the malware. Here's how to check to ensure it's working.
# How to Avoid Macro Viruses - From the SANS Institute, tips on avoiding macro viruses.
# How To Prevent Email Worms - Security configuration changes you need to make to your favorite email client software.
# IM Safety Tips - In some crowds, instant messaging (IM) is more popular than email. But IM carries its own set of risks. These tips will help reduce the risk.

Avast! Antivirus 4.8.1195 Professional Edition

Avast! Antivirus 4.8.1195 Professional Edition
The professional solution to great protection avast! 4 Professional Edition represents the best antivirus protection avast! 4 Professional Edition comes with anti-spyware, anti-rootkit and strong self-protection built-in. It is designed to protect your valuable data and programs, as well as keep itself up-to-date and has the kind of built-in features that many vendors charge for additionally, or don’t include at all. Simply install and forget. All-inclusive, comprehensive protection avast! 4 Professional Edition includes ANTI-SPYWARE protection, certified by the West Coast Labs Checkmark process, to protect against the latest spyware threats and ANTI-ROOTKIT DETECTION based on the best-in class GMER technology, built in to the scan engine. No additional purchase is required. Simple to use and automated Just install and go. Automatic incremental updates provide real-time protection of your system, including web surfing. We’ve made avast! antivirus as simple to use as possible, while allowing full control of your security. fastddl.com - Fast direct downloadsAvast! Antivirus 4.8.1195 Professional Edition direct downloads.

Bitdefender total security 2008 V11 0 9 FREE Rapidshare Links for Download

Bitdefender total security Real-time Antivirus Protection Protects your PC in real time from known viruses, spyware and other malware with hourly updates Proactive Protection Blocks unknown viruses using advanced proactive detection techniques Anti-Rootkit Detects and removes the newest breed of hidden threats known as rootkits Gamer Mode Provides a smooth gaming experience by reducing the system load to a minimum Privacy Protection Reduces the risk of identity theft by preventing personal information leaks via e-mail or web. Anti-Spyware Monitors and prevents spyware threats in real-time Web Anti-Phishing Protects against phishing attacks by filtering all accessed web pages for fraud attempts Firewall Protection Controls applications Free rapidshare downloads on rapidsharereactor.comBit defender total security 2008 V11 0 9 FREE Rapidshare Links for Download rapidshare download.

Kaspersky Internet Security 2009 v8.0.0.357

Kaspersky Internet Security 2009 is a Totally New Approach to Data SecurityWith Key valid till 17. 03. 2009Product contains 6 main subsystems, and each of those includes basic protection components:1) System watch. System watcher (all-in-one system for registering events).- HIPS (host intrusion prevention system - proactive defense, which is based on limiting application actions on a system)- PDM (system of proactive defense, which is based on application behavior analysis for malicious/suspicious activities)- Firewall (personal protection screen)2) Malware protection- Protection of files and memory (File-Antivirus)- Protection of email and IM (Mail-Antivirus)- Protection of WEB (Web-Antivirus)3) Online Security- Protection from Phishing (Anti-Phishing)- Protection against network attacks (IDS)- Protection from auto-dialers (Anti-Dialer)4) Content zxcing- Spam zxcing (Anti-Spam)- Banner zxcing (Anti-Banner)- Parental Control5) On Demand Scanning (Scan tasks)6) .

Antivirus website of AvSoft caused Virus download

AvSoft Technologies, an antivirus developer based in India, had a unique problem recently when its web site started delivering a virus to its customers. The malware was first detected by security company AVG and reported by its CRO (chief research officer) Roger Thompson. The malware is part of the Virut family of viruses and hacks.

According to Thompson, the hackers used a vulnerability that can affect any server - an iFrame hack. By hacking an opening in an iFrame window in the server, the visiting customer can then be redirected to another server containing malware.

iFrames are a standard way to put content in place in a webpage. It is the ability to create an invisible iFrame window that makes them a tool of choice for new hackers. It’s hard to fight against what you can’t see, after all.

AvSoft is the developer behind SmartCOP an Smartdog antivirus software. It is virtually unknown in the United States, doing most of its business in Asia. The news would not have made headlines in the States, except that it illustrates a new threat to companies that have web servers - the invisible iFrame hack.

McAfee Security Research Manager Dave Marcus believes that the site was compromised by exploiting a Web programming error, most likely in the site’s SQL or PHP code. Security experts say that criminals have written automated programs that scour the Web for these types of flaws and then automatically infect sites, making this an increasingly common problem.

The code was first discovered in the downloads portion of the SmartCOP website. There is no comment from the company on the problem as yet, and no word on if the virus has been removed or not.

Source-Yahoo!News

How to Delete Trojan Horse

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, Rebooting the computer in Safemode (with or without networking) may allow an antivirus program to find a trojan and delete it.

Easy Tips to remove Spyware

This article gives some simple tips to clean spyware off the computer. Cleaning the cache can help get rid of how where one has been that people can use to exploit. How to get rid of this will depend on the browser and type of system one is using. The most effective way to get rid of the threats will be to use an anti-virus and anti-spyware program. Some programs will only find the malicious files after a scan has been perform. This means that every time one surfs the net will want to run a scan to make sure one is parasite free. Most large companies like Norton and McAfee add this into their protection policy.

Anyone who has ever experienced the pain of getting a virus on their computer knows the dangers of hackers and virus. And the worst thing is that anyone can be vulnerable to getting viruses. The internet makes it possible for any computer to get a virus, if, that is, you have a computer without virus protection. Luckily, there are great programs that can help prevent getting viruses. If you don't have an anti-virus program it's about time you got one! So here are some tips for choosing an anti-virus program.

First, anti virus protection software must be able to detect 100% of all possible virus threats. To find out which software meets this requirement, go to AV-Test.org, which performs extensive testing of viruses. You also want to get some protection that is affordable, and offers upgrades at little or no cost. If you use email, instant messaging or file sharing applications, you'll need some extra measures of protection.

Computer worm

A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Microsoft says Gmail is a virus

Microsoft has started flagging Gmail as a virus in their virus scanning software Windows Live OneCare. Many people are reporting that every time they open Gmail, a warning is displayed telling the user they are infected with "BAT/BWG.A".

Now, either Gmail is a virus(ofcurse not), or Microsoft is generating false positives. Some affected by this "virus" say other anti-virus products do not pick up the infection — to me, this is a bit suspicious.

virus test

The EICAR virus test is a harmless text file that is detected as a virus by most AV vendors. You can use it to verify that your local virus scanner is working (just copy the string into a plain text file), check to see if your email server scans for viruses (email yourself a copy), and test if scanners detect viruses inside archives (put it inside a zip file).

Common types of viruses

There are a variety of computer virus available now.Most common types of viruses are mentioned below:

Resident Viruses: This type of virus is a permanent which dwells in the RAM memory.

Direct Action Viruses : The main purpose of this virus is to replicate and take action when it is executed.

Overwrite Viruses : Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.

Boot Virus : This type of virus affects the boot sector of a floppy or hard disk.

Macro Virus : Macro viruses infect files that are created using certain applications or programs that contain macros.

Directory Virus : Directory viruses change the paths that indicate the location of a file.

Polymorphic Virus : Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.

File Infectors : This type of virus infects programs or executable files (files with an .EXE or .COM extension).

Companion Viruses : Companion viruses can be considered file infector viruses like resident or direct action types.

FAT Virus :The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.

Worms : A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses.

Download Best Antivirus softwares for free at antivirus1234.com