Viruses are usually unique, or, if similar, can be variants of one another. Whatever form they take, and however they work, they are designed with one, and only one thing in mind – the manipulation of your machine to serve the purposes of the person writing the virus programming code.

The purpose could be mischief – to some people it is highly amusing to destroy something which does not belong to them. To others, it could be a means of cheap advertising, such as in virus spam mail, where they piggy back off your expense account by getting your computer to send out spam mail on their behalf. Yet others have much more sinister aims, and attempt to infiltrate your system for the purpose of obtaining personal details such as banking account numbers, personal ID data, for purposes of criminal behavior, identity theft, or fraudulent transactions.

Types Of Viruses:

1. Viruses

2. E-mail Viruses

3. Trojan Horses

4. Worms

Viruses generally work behind the scenes – they arrive as hidden code on the backs of innocent looking emails, links which you are encouraged to click on in websites which you perceive to be safe (these are known as Trojans), and as hidden code in the form of downloadable programmes such as games (malware). Spyware records what you look at, where you go when you surf, and sometimes your keystrokes, which endangers your security.

They spread like worms, via emails or file sharing, and send copies of themselves to others who you normally communicate with or have received emails from (all those In you’re address book).  Sometimes viruses can work behind the scenes for long periods of time without the user even being aware of them. They may sap the processor, or they may just dance along in the background causing very little disturbance at all. It pays to be aware of viruses and how they can negatively impact on your personal computer use, and in particular, your personal life.

Question – Can Viruses Infect Storage Devices Like Discs?

Answer – The answer to this question is – Computer viruses can not infect disks whichh are write protected or infect written documents. Viruses also do not infect compressed files, but the infection can be before compressing the file. The viruses also do not infect cmputer hardware devices like your Monitor, Keyboard, Mouse, computer chips etc. It can only infect the computers software. Viruses also are not able to invade or infect DOS OPERATING SYSTEMS.

Minimize the risk of identity theft and fraud by installing and maintaining anti-virus, anti-malware and anti-spyware software on your personal computer. It doesn’t have to cost you much – plenty of effective freeware and shareware anti-virus programs exist and are available for you to download and use. Some recommendations include  MS Security Essentials, AVG – Free Edition, and Malware Bytes.

Because of this technology, the Internet is now considered to be an important factor in life and in business. Many companies today are now using the Internet for advertising as well as a tool to sell their goods and services.

However, the Internet also has its drawbacks. Since it is connected to your computer, all your personal and financial information are exposed to other people. Having an Internet is like welcoming strangers in your own home and letting them install surveillance equipments right under your nose.

The thought of it could make anyone cringe. This is why there are companies today that develops software programs to protect you from malicious software, adware, spyware, and viruses. There are programs that even protect you from intruders that may access your personal files in your computer which may have your personal and financial information and use it to commit identity theft.

It is a fact that many people using the Internet without the proper protection from malicious softwares have been victimized by identity theft and suffered from huge financial losses and have also been involved in criminal cases that they didn’t even know they committed.

This is why you should protect your computer and yourself with an Internet security software to avoid being victimized by malicious software, hackers, identity thieves, and viruses. One kind of software that has a good reputation for fighting of this malicious software is called the McAfee Internet Security Suite 2006.

The McAfee Internet Security Suite 2006 contains all the necessary programs to protect you from malicious software circulating around the Internet. McAfee has a good reputation for warding of onlione threats and viruses.

The company has three versions of their software. One is for your Home and Home Office, the second is for small and medium businesses, and the last one is for enterprise and industries. Depending on the security level you need, you should get the software that suits your needs.

McAfee Internet Security Suite 2006 offers one of the best securities for every kind of computers. They offer automatic updates for virus and other malicious software definitions to better protect you from the new threats being created in the Internet everyday. McAfee also offer protection from the different kinds of spyware.

Other benefits of McAfee Internet Security Suite 2006 are that it’s very easy to use, and is able to provide the best Internet security available. With features that enable zero-day protection and successfully blocks spyware and malware, McAfee is definitely the choice of many people around the world when it comes to online security.

McAfee Internet Security Suite 2006 is readily available for purchase in the McAfee website. All you have to do is click on the buy now link, enter your credit card information and download the complete version of the program. Or, you can download the free demo version if you want to try it out first before buying. If you have owned previous versions of McAfee Internet Security before, you know how efficient it gets to protect you from malicious software and viruses.

Because of this technology, the Internet is now considered to be an important factor in life and in business. Many companies today are now using the Internet for advertising as well as a tool to sell their goods and services.

However, the Internet also has its drawbacks. Since it is connected to your computer, all your personal and financial information are exposed to other people. Having an Internet is like welcoming strangers in your own home and letting them install surveillance equipments right under your nose.

The thought of it could make anyone cringe. This is why there are companies today that develops software programs to protect you from malicious software, adware, spyware, and viruses. There are programs that even protect you from intruders that may access your personal files in your computer which may have your personal and financial information and use it to commit identity theft.

It is a fact that many people using the Internet without the proper protection from malicious softwares have been victimized by identity theft and suffered from huge financial losses and have also been involved in criminal cases that they didn’t even know they committed.

This is why you should protect your computer and yourself with an Internet security software to avoid being victimized by malicious software, hackers, identity thieves, and viruses. One kind of software that has a good reputation for fighting of this malicious software is called the McAfee Internet Security Suite 2006.

The McAfee Internet Security Suite 2006 contains all the necessary programs to protect you from malicious software circulating around the Internet. McAfee has a good reputation for warding of onlione threats and viruses.

The company has three versions of their software. One is for your Home and Home Office, the second is for small and medium businesses, and the last one is for enterprise and industries. Depending on the security level you need, you should get the software that suits your needs.

McAfee Internet Security Suite 2006 offers one of the best securities for every kind of computers. They offer automatic updates for virus and other malicious software definitions to better protect you from the new threats being created in the Internet everyday. McAfee also offer protection from the different kinds of spyware.

Other benefits of McAfee Internet Security Suite 2006 are that it’s very easy to use, and is able to provide the best Internet security available. With features that enable zero-day protection and successfully blocks spyware and malware, McAfee is definitely the choice of many people around the world when it comes to online security.

McAfee Internet Security Suite 2006 is readily available for purchase in the McAfee website. All you have to do is click on the buy now link, enter your credit card information and download the complete version of the program. Or, you can download the free demo version if you want to try it out first before buying. If you have owned previous versions of McAfee Internet Security before, you know how efficient it gets to protect you from malicious software and viruses.

Even the U.S. Federal Trade Commission (FTC for short), which is a governmental bureau that is designed to assist customers, had to publish a press launch stating that customers, including company and banking executives, might be victims of a fake e-mail supposedly sent by the FTC. The fake document was actually sent by a third party trying to fool users into installing malicious software onto their computers.

There is little doubt that adware, malware, and nasty virus assaults make any pc with an internet connection open to attack. But, not all Web safety breaches are immediately obvious. In point of fact, most people are usually oblivious of the fact that their seemingly hassle-free computing is at serious risk from criminal elements.

Now that you understand the scale of the problem, here are seven pointers to assist you to navigate the world-wide-web in safety:

1. Shield your private information as it is important to prevent identity theft. For instance, when making a purchase on an ecommerce web site, be sure that the page where you enter your personal data is safe, as designated by “https” in the URL shown in the browser address bar.

2. Be mindful of the possibilities before you click on a link. For instance, many cyber-criminals impersonate reputable companies, or send out a “phishing” e-mail that asks you to click on a link. Check out on-line retailers and by no means click on emailed hyperlinks unless you are sure of the source. Usually you can just hover over an email link to see the actual internet address it goes to, but not always. If it looks suspicious, then don’t click on it as it will send you to a website set up to steal your details.

3. Keep your antivirus and firewall software up to date. The trouble is, hackers and others who engage in cyber-crime appear to always be one jump ahead of the curve. In the case that your pc protection is out-of-date, you are vulnerable.

4. Use an internet browser and computer OS that has good safety features. Be certain your browser settings offer you optimal privacy and safety, and be certain that you update your operating system often to make the most of security patches.

5. Use secure passwords at all times. For example, create a single password for every site you go to, and maintain them in a secure place. Use letters, numbers and other symbol mixtures in an effort to circumvent automated password detection programs.

6. It’s vital to perform frequent backups. If your computer does suffer a virus or a worm, your most importantinformation may be lost. Make sure that you frequently make a backup of any essential records and store them in a secure place.

7. Be prepared for all contingencies. If something does go wrong, such as your pc being hacked or infected with a virus, or should you unintentionally reveal private info, know what steps to take to remedy the situation and prevent additional problems.

Protecting your financial and personal data from all of the threats in the on-line world can seem like an impossible task. Fortunately there are many software vendors who make it their business to supply people and companies cutting-edge pc security software. They will help to keep your computer secure from the many threats which stem from the modern bandits of our time, who infest the internet and make safe computing more and more difficult.

A nightmare indeed, but federal authorities recently unraveled a scheme by a man using file sharing software to get into other user’s computer system. Gregory Thomas Kopiloff of Seattle, allegedly used P2P Software to steal the personally identifiable information of at least 83 people. Kopiloff stole $73,000 worth of merchandise using user’s personal data.

You probably have used or know someone that has used software like BearShare.com, Limewire.com, Kazaa.com, Soulseek.com, Fastrack.com. These type of software actually shares a particular folder on the hard drive of your computer with potentially thousands of users utilizing the software and that are part of this so-called “file-sharing network.” The users of this file sharing are in danger of having the computer hacker having access to sensitive data such as social security numbers, tax information, credit information and other personal information. With this type of software, a hacker can even have access to individuals personal digital pictures, music and all types of documents. According to the National Research Council, “Computers at Risk,” 1991, “The modern thief can steal more with a computer than with a gun. Tomorrow’s terrorist may be able to do more damage with a keyboard than with a bomb. Can we stop this?

Monster.com was also hit by hackers not too long ago. 1.3 million monster.com users personal information were exploited. Later on, those same crooks that broke into Monster.com vault of personal data went on to hit USAJOBS.com, the federal government’s official job search site and stole over 150,000 user’s information. Credit Card companies have also been hit.

It’s time to secure your computer with your life. The luxury of the internet is a two edge sword. We can indulge ourselves in all the information that we want, explore the world with a few clicks of a button, communicate instantly and we can shop through all the multitudes of stores and hundreds and thousands of products. We are the ruler of our own internet kingdom!

But can we manage our internet castle, or does the evils of the outside world can control and destroy us. It’s a digital world, my friend. Billions of bits of information cross our little technological planet. From thieves, to child molesters and to your boss – we are more vulnerable now than 20 years ago. A sacrifice for all the goodies we can get from our “lovely” internet? Definitely.

Here’s a few simple things to do to avoid a fatal intrusion into your life:

1. Don’t have personal info stored in your computer. (easier said than done, most people have their whole lives inside that little box). But limiting such things, as social security numbers, tax info and identification numbers from your files can help tremendously.

2. Don’t file share. (Good luck on that one.) And don’t give out any personal information from an unsolicited email! Sadly, many people do this.

3. Always keep in mind that whatever you have in your computer, anyone can possibly get. For example, those special valentine pictures of your intimate other. It happens more than you think. A couple from Virginia had intimate pictures on their personal computer and were shocked to see those same pictures on the web on a adult website. Who would’ve’ known, huh?

4. Powerful Anti-hacking software. For example, The Nuker at www.stop-hackers.com is a super software that can stop hackers to get into your system. Best of all, it’s free to try.

5. Keep laptops out of prying eyes. Oh, yea -don’t lend out your computer to anyone! Let’s be stingy with this, you guys. Nothing personal.

Anti-hacking/Anti-spy ware is mandatory. But don’t rely on those fake software, you got to use a legitimate software. Remember 9 out of 10 pc’s are infected with spy ware or ad ware. Be wise. Your computer and your life depends on it!

To stop any type of hacking or for more information please review www.stop-hackers.com. With new hacking software and creepy crawlers all over the internet,you need a good anti-spyware product.

To fight back against identity theft, go to ftc.gov. Learn more. Be wise. If you want to know what real hackers are doing today then check out www.attrition.org. This is one of the places on the Internet where hackers “gloat” about their attacks on innocent individuals.

The modern world, with all its sophisticated technology, still has a problem with identifying identity theft when it occurs. There are companies sprouting up that promise to secure your identity, and make you aware if anything happens in regard to fraudulent transactions occurring in your name.

There are measures you can take yourself that can reduce the possibility of identity thieves stealing your personal information. It is all about being very careful with any items that contain any of your details; one slip up could result in years of dealing with lawyers. Even though the steps below may seem irrelevant to protecting yourself from computer identity theft, they all can be used in relation to computer fraud.

Step One

Buy a paper shredder and shred any letters, bills and credit card statements before you throw them in the trash. In fact absolutely everything and anything that has you personal information printed upon it should go through the shredder. Make sure you get into the habit of checking through your bank statements and credit card bills. If anything does not look right or is an obvious fraudulent transaction then notify your issuers right away.

Step Two

Be extremely careful when dealing with companies online. Get into the habit of not trusting websites that ask you for your personal details. Only use online stores and online banking if you are absolutely certain of who you are dealing with. Even then be very skeptical and scrutinize every detail. Fraudulent websites can be set up to look like your online banking facility. Always type the URL of your banking facility into your browser.

Make sure your computer has a full version of security software on your computer such as Norton. And always use secure servers where you get the opportunity. Your bank should be using secure servers.

Step Three

Be careful with your social security number (SSN), if this item of personal information is leaked to anyone that shouldn’t have it then disaster could soon follow. If you suspect your SSN has been stolen you must contact the authorities right away. This number is a very important identifier as to who you are; this is one of the items that identity thieves will do anything to get hold of.

Step Four

Be wary of people behind you in the queue at an ATM; always check the cash point card reader for suspicious looking devices. Keep you PIN hidden, stand in front of the keypad, cover the buttons as you type in your PIN and certainly do not say your PIN aloud when you type it in. trust me it does happen!

Hide the keypad when swiping your debit card to pay for goods in a store, and always make sure you keep an eye on your purse, wallet and pockets when you put your cards away. Make sure they are secured straight away, and if they go missing, then call your card issuer right away and notify the police.

Step Five

Keep tabs on your credit report; this is a great way of discovering fraudulent behavior if it happens. If you see anything that should not be there, call the companies involved, notify the credit bureaus and speak to the police.

Step Six

It is a good idea to get Identity Theft insurance cover on all your bank accounts and credit cards, if you can find a cheaper insurer just make sure they cover for all eventualities and a good cash figure.

The paper explores the role of Pass word, Anti virus and data  encryption in computer security.  It has been discussed that passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword. Sentries would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. Data encryption refers to mathematical calculations and algorithmic schemes that transform plaintext into cyphertext, a form that is non-readable to unauthorized parties. The recipient of an encrypted message uses a key which triggers the algorithm mechanism to decrypt the data, transforming it to the original plaintext version.

Lastly the paper discusses another important computer security software, computer virus which is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term “virus” is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.

MAIN BODY

A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (Example: An access code is a type of password). The password must be kept secret from those not allowed access.

The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword. Sentries would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user may require passwords for many purposes: logging in to computer accounts, retrieving e-mail from servers, accessing programs, databases, networks, web sites, and even reading the morning newspaper online.

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The term passcode is sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.

For the purposes of more compellingly authenticating the identity of one computing device to another, passwords have significant disadvantages (they may be stolen, spoofed, forgotten, etc.) over authentications systems relying on cryptographic protocols which are more difficult to circumvent. The original password concept has been proven to be insecure. There have been cases where passwords have been compromised without a users knowledge, through coersion, or because they were conned into revealing it. The core problem with legacy passwords is that it is very difficult or impossible for an administrator or a computer system to differentiate between a legitimate user and illegitimate user gaining access through the same password. Because of this inherent flaw in the original password system, Two Factor Authentication was invented.

A password is “something you know.” This information is understood to be known by a single individual. Two-factor authentication systems add in another factor, “something you have”, electronic card key, electronic token, dongle, fob or some other physical item you keep in a secure place when not in use. A common stand in replacement for this second factor when higher levels of security are needed is “something you are”. A biological fingerprint, retina pattern, person’s weight, specific vital signs or a combination of these items is used in place of the electronic device. The biological factor for authentication and authorization has been found to be unreliable, but not in that it permits those that should not be permitted when used properly, but because there is a tendency for it to deny legitimate users access due to sickness, physical body changes, or other physical impairments.

There are two common methods of authentication when users use electronic components for two-factor authentication, response-only, and challenge-response systems.

Response-only systems require a user to present your electronic device to an electronic reading system, or for you to enter data displayed on the electronic device without user input. The user must provide a username or pin that is not known to outsiders, and then enter specific credential data generated by the electronic device when prompted. In many cases, this mechanism returns the user back to a single factor authentication, where the user does not need to know something, but just posseses the item in question. An example of this is the standard electronic card key used to enter a facility or building perimiter. The user need not provide any other factor to prove their identity.

Challenge-response systems require the user to enter a specific passphrase or pin into the electronic device first, before the device responds with the proper access credentials data. This varient is always considered two-factor authentication, since the user must provide both “something they know” (the pin), and use “something they have” (the electronic device).

Both the response-only and challenge-response systems can be defeated if the user both reveals the private information they keep secret, such as their username or pin code, and the attacker takes ownership of the electronic device. Due to this weakness, the bioligcal factor was invented.

Biological factors have been in use for several decades, and have proven to be reliable and secure ways to prevent unauthorized users from gaining access to secure systems or environments, regardless of the privacy of their passwords used. Systems monitor fingerprints, eye retina patterns, weight, ambient temperature, and other biological signs to determine the authenticity of the user requesting access. Movies have been touting methods of defeating these systems by cutting off body parts, using retinal masks, or forcing legitimate users into bypassing the authentication mechanisms for the attacker. These are largely Hollywood schemes and rarely work in the real world. In most cases where this level of security is required, local or remote monitoring of entry points through cameras and security personnell is common. Deadlock portals, remote activated magnetically controlled entranceways, and visual idenfitication are the norm.

Many simple methods have been devised to defeat weakly designed biological factor systems, so be sure you thoroughly test the security measures you plan to put in place before implementation.

The easier a password is for the owner to remember generally means it will be easy for a hacker to guess. Passwords which are difficult to remember will reduce the security of a system because (a) users might need to write down or electronically store the password, (b) users will need frequent password resets and (c) users are more likely to re-use the same password. Similarly, the more stringent requirements for password strength, e.g. “have a mix of uppercase and lowercase letters and digits” or “change it monthly”, the greater the degree to which users will subvert the systemIn Jeff Yan et al. examine the effect of advice given to users about a good choice of password. They find that passwords based on thinking of a phrase and taking the first letter of each word, are just as memorable as naively selected passwords, and just as hard to crack as randomly generated passwords. Combining two unrelated words is another good method. Having a personally designed “algorithm” for generating obscure passwords is another good method.

However, asking users to remember a password consisting of a “mix of uppercase and lowercase characters” is like asking them to remember a sequence of bits: hard to remember, and only a little bit harder to crack (e.g. only 128 times harder to crack for 7-letter passwords, less if the user simply capitalises the first letter). Asking users to use “both letters and digits” will often lead to easy-to-guess substitutions such as ‘E’ –> ’3′ and ‘I’ –> ’1′, substitutions which are well known to crackers. Similarly typing the password one keyboard row higher is a common trick known to crackers.

Factors in the security of a password system

The security of a password-protected system depends on several factors. The overall system must, of course, be designed for sound security, with protection against computer viruses, man-in-the-middle attacks and the like. Physical security issues are also a concern, from deterring shoulder surfing to more sophisticated physical threats such as video cameras and keyboard sniffers. And, of course, passwords should be chosen so that they are hard for an attacker to guess and hard for an attacker to discover using any (and all) of the available automatic attack schemes. See password strength, computer security, and computer insecurity.

Effective access control provisions may force extreme measures on criminals seeking to acquire a password or biometric token. Less extreme measures include extortion, rubber hose cryptanalysis, side channel attack,

DATA ENCRYPTION

Data encryption refers to mathematical calculations and algorithmic schemes that transform plaintext into cyphertext, a form that is non-readable to unauthorized parties. The recipient of an encrypted message uses a key which triggers the algorithm mechanism to decrypt the data, transforming it to the original plaintext version.

Before the internet, data encryption was seldom used by the public as it was more of a military security tool. With the prevalence of online shopping, banking and other services, even basic home users are now aware of data encryption.

Today’s web browsers automatically encrypt text when making a connection to a secure server. This prevents intruders from listening in on private communications. Even if they are able to capture the message, encryption allows them to only view scrambled text or what many call unreadable gibberish. Upon arrival, the data is decrypted, allowing the intended recipient to view the message in its original form.

Types of Data Encryption

There are many different types of data encryption, but not all are reliable. In the beginning, 64-bit encryption was thought to be strong, but was proven wrong with the introduction of 128-bit solutions. AES (Advanced Encryption Standard) is the new standard and permits a maximum of 256-bits. In general, the stronger the computer, the better chance it has at breaking a data encryption scheme.

Data encryption schemes generally fall in two categories: symmetric and asymmetric. AES, DES and Blowfish use symmetric key algorithms. Each system uses a key which is shared among the sender and the recipient. This key has the ability to encrypt and decrypt the data. With asymmetric encryption such as Diffie-Hellman and RSA, a pair of keys is created and assigned: a private key and a public key. The public key can be known by anyone and used to encrypt data that will be sent to the owner. Once the message is encrypted, it can only be decrypted by the owner of the private key. Asymmetric encryption is said to be somewhat more secure than symmetric encryption as the private key is not to be shared.

Strong encryption like SSL (Secure Sockets Layer) and TLS (Transport Layer Security) will keep data private, but cannot always ensure security. Websites using this type of data encryption can be verified by checking the digital signature on their certificate, which should be validated by an approved CA (Certificate Authority).

Encryption with a variable key

A more advanced method is the use of simple encryption to encipher the virus. In this case, the virus consists of a small decrypting module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus that remains constant is the decrypting module, which would (for example) be appended to the end. In this case, a virus scanner cannot directly detect the virus using signatures, but it can still detect the decrypting module, which still makes indirect detection of the virus possible. Since these would be symmetric keys, stored on the infected host, it is in fact entirely possible to decrypt the final virus, but that probably isn’t required, since self-modifying code is such a rarity that it may be reason for virus scanners to at least flag the file as suspicious.

An old, but compact, encryption involves XORing each byte in a virus with a constant, so that the exclusive-or operation had only to be repeated for decryption. It is suspicious

COMPUTER VIRUS

A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term “virus” is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. ( Fred Cohen) The term “computer virus” is sometimes used as a catch-all phrase to include all types of malware. Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software), including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms

Methods to avoid detection

In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the “last modified” date of a host file stays the same when the file is infected by the virus. This approach does not fool anti-virus software, however, especially those which maintain and date Cyclic redundancy checks on file changes.

Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called cavity viruses. For example the CIH virus, or Chernobyl Virus, infects Portable Executable files. Because those files have many empty gaps, the virus, which was 1 KB in length, did not add to the size of the file.

Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them.

As computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access. (T Matsumoto.)

Avoiding bait files and other undesirable hosts

A virus needs to infect hosts in order to spread further. In some cases, it might be a bad idea to infect a host program. For example, many anti-virus programs perform an integrity check of their own code. Infecting such programs will therefore increase the likelihood that the virus is detected. For this reason, some viruses are programmed not to infect programs that are known to be part of anti-virus software. Another type of host that viruses sometimes avoid is bait files. Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus. These files can be created for various reasons, all of which are related to the detection of the virus:

Anti-virus professionals can use bait files to take a sample of a virus (i.e. a copy of a program file that is infected by the virus). It is more practical to store and exchange a small, infected bait file, than to exchange a large application program that has been infected by the virus.

Anti-virus professionals can use bait files to study the behavior of a virus and evaluate detection methods. This is especially useful when the virus is polymorphic. In this case, the virus can be made to infect a large number of bait files. The infected files can be used to test whether a virus scanner detects all versions of the virus.

Some anti-virus software employs bait files that are accessed regularly. When these files are modified, the anti-virus software warns the user that a virus is probably active on the system.

Since bait files are used to detect the virus, or to make detection possible, a virus can benefit from not infecting them. Viruses typically do this by avoiding suspicious programs, such as small program files or programs that contain certain patterns of ‘garbage instructions’.

A related strategy to make baiting difficult is sparse infection. Sometimes, sparse infectors do not infect a host file that would be a suitable candidate for infection in other circumstances. For example, a virus can decide on a random basis whether to infect a file or not, or a virus can only infect host files on particular days of the week.

Stealth

Some viruses try to trick anti-virus software by intercepting its requests to the operating system. A virus can hide itself by intercepting the anti-virus software’s request to read the file and passing the request to the virus, instead of the OS. The virus can then return an uninfected version of the file to the anti-virus software, so that it seems that the file is “clean”. Modern anti-virus software employs various techniques to counter stealth mechanisms of viruses. The only completely reliable method to avoid stealth is to boot from a medium that is known to be clean.

Self-modification

Most modern antivirus programs try to find virus-patterns inside ordinary programs by scanning them for so-called virus signatures. A signature is a characteristic byte-pattern that is part of a certain virus or family of viruses. If a virus scanner finds such a pattern in a file, it notifies the user that the file is infected. The user can then delete, or (in some cases) “clean” or “heal” the infected file. Some viruses employ techniques that make detection by means of signatures difficult but probably not impossible. These viruses modify their code on each infection. That is, each infected file contains a different variant of the virus.

code that modifies itself, so the code to do the encryption/decryption may be part of the signature in many virus definitions.

Polymorphic code

Polymorphic code was the first technique that posed a serious threat to virus scanners. Just like regular encrypted viruses, a polymorphic virus infects files with an encrypted copy of itself, which is decoded by a decryption module. In the case of polymorphic viruses, however, this decryption module is also modified on each infection. A well-written polymorphic virus therefore has no parts which remain identical between infections, making it very difficult to detect directly using signatures. Anti-virus software can detect it by decrypting the viruses using an emulator, or by statistical pattern analysis of the encrypted virus body. To enable polymorphic code, the virus has to have a polymorphic engine (also called mutating engine or mutation engine) somewhere in its encrypted body. See Polymorphic code for technical detail on how such engines operateSome viruses employ polymorphic code in a way that constrains the mutation rate of the virus significantly. For example, a virus can be programmed to mutate only slightly over time, or it can be programmed to refrain from mutating when it infects a file on a computer that already contains copies of the virus. The advantage of using such slow polymorphic code is that it makes it more difficult for anti-virus professionals to obtain representative samples of the virus, because bait files that are infected in one run will typically contain identical or similar samples of the virus. This will make it more likely that the detection by the virus scanner will be unreliable, and that some instances of the virus may be able to avoid detection.

Metamorphic code

To avoid being detected by emulation, some viruses rewrite themselves completely each time they are to infect new executables. Viruses that use this technique are said to be metamorphic. To enable metamorphism, a metamorphic engine is needed. A metamorphic virus is usually very large and complex. For example, W32/Simile consisted of over 14000 lines of Assembly language code, 90% of which is part of the metamorphic engine.

Conclusion

As more users come to understand the internet’s open nature and the dangers of web surfing, applying data encryption to common communications such as emailing and instant messaging is likely to become more popular. Without this security mechanism, information transferred over the internet can be easily captured and viewed by anyone listening. This critical data can be compromised in a number of ways, especially when stored in servers that might change hands over the years. When considering how detrimental crimes like are identity theft are on the rise, data encryption is well worth pursuing.

One of the most common types of computer identity theft is called phishing. This is when you receive an email requesting your personal information from someone pretending to be a financial institution. The email appears to be from a business or agency that you may have had a reason to do business with in the past, such as the IRS, a credit card company, or EBay. The email explains that there has been a problem with your credit card, or there is a pending audit, and you need to reply to the email with the correct credit card information, or social security number to correct the problem.

As soon as you respond with the requested information, the computer identity theft begins. Your information could be sold online, or the scammer may use your identity to make online purchases, apply for loans, or to clear out your bank account. They might have the bills sent to a different address, so you won’t even realize there is a problem until your good credit is ruined. They could use your name to get utilities such as telephone, heat, cable TV, or use your information to access your wireless internet account, and run up your charges. Your name could be used to file a fraudulent income tax return, or to obtain government benefits. The list of ways that computer identity theft can affect your life appears to increase daily.

Awareness is the most effective way to fight online identity theft. Share the knowledge that you need to protect your personal information and the potential for this type of crime with your friends and family. You should become familiar with anti-spy software programs for your computer. Research different types, and invest in one that works best for you. Run the program before you do any online financial transactions.

Don’t open emails from people you don’t know. If you receive an email from a financial institution that you do business with, go to their website, and check for any warnings about unauthorized emails being sent. You could also phone the institution to see if the email is legitimate.

Lastly, only do business online with secure sites. They will usually have a small symbol in the bottom right corner of your browser to show it is secure. Never use your social security number on the internet.

Following these tips will help you to protect yourself against computer identity theft. Unfortunately, it is becoming far too common; don’t let yourself become the next victim.

Installed

You installed a new version of your favorite program and ended up getting infected. Most spyware is installed without users being aware. Anti-spyware software programs can be used solely for detection and removal of spyware software that has already been installed onto your computer. With this protection software you can schedule weekly, daily, or monthly scans of your computer to detect and remove any spyware software that has been installed. Updates may be installed automatically on a schedule or before doing a scan, or may be done manually.

If a spyware program is not blocked and manages to get itself installed, it may resist attempts to terminate or uninstall it. Spyware programs do not spread like viruses; they are generally installed by exploiting security holes or are packaged with user-installed software. Concealment can also help get the malware installed. When the user installs the software, the spyware is installed alongside. Once a malicious program is installed on a system, it is often useful to the creator if it stays concealed. Once a system has been compromised one or more backdoors may be installed, in order to allow the attacker access in the future. In the case of newly installed software, an user would need to set up default profiles for the new code.

This usually involves the tracking and sending of data and statistics via a server installed on the user’s PC and the use of your Internet connection in the background. Like other spyware, the program, once installed, tracks which websites the user visits, and reports the information back to the company’s servers to build a user profile. Prevents spyware,adware,malware from being installed in your computer. Detects spywares and trojans as soon as they are installed in you computer.

Downloads

The user downloads a program and installs it, and the installer additionally installs the spyware. One of the most common ways that spyware is distributed is as a Trojan horse, bundled with a piece of desirable software that the user downloads off the Web or a peer-to-peer file-trading network. “Spyware” programs are among the most popular downloads on the Internet.

Threats

Ad-Aware secures your computer against dangerous infiltrators and threats. Keep up with all the latest news on the spyware front, including developing threats and newly released anti-spyware programs. Detect and remove spyware, adware, trojans and other threats. Remove Spyware from your PC and block future Spyware threats.

Tools

Tools are like a warrant from a judge. There are many PC surveillance tools that allow a user to monitor all kinds of activity on a computer, ranging from keystroke capture, snapshots, email logging, chat logging and just about everything else. These tools are often designed for parents, businesses and similar environments, but can be easily abused if they are installed on your computer without your knowledge.

These tools are perfectly legal in most places, but, just like an ordinary tape recorder, if they are abused, they can seriously violate your privacy. These tools can detect serious spy activity like keyloggers, activity monitoring software, web site loggers and also common Adware, web bugs, tracking cookies and many other items that are frequently encountered on the web. As the spyware versus anti-spyware battle rages on, we were looking for good tools that allow a user to examine the contents of his or her machine and to take corrective actions against questionable programs. Remove Gromozon, an attack designed to bypass traditional anti-malware tools. If you are using Microsoft Windows operating system, to prevent malicious programs from taking advantage of known security holes, make sure you have the latest updates.

In Internet Explorer, from the Tools menu, select Windows Update. If using the Internet Explorer browser, ensure that the “Display a notification about every script error” option is not checked: In Internet Explorer, from the Tools menu, select Internet Options Click the Advanced tab Scroll down and uncheck Display a notification about every script error Click OK to save your changes. Potentially unwanted applications include adware, dialers, remote administration tools and hacking tools.

Spy

Spyware that acts as a web proxy or a Browser Helper Object can replace references to a site’s own advertisements, instead fund the spyware operator.

Quick Note: Taking the Nonsense out of looking for the right spyware remover

If you really want to take the work out of looking for that right Spyware Protection from a Spybot go to the Internet and get a Free Spybot Download or a Spybot Search and Destroy

to prevent your vital information from being ripped from your computer.

List

Cyber criminals are using sophisticated identity theft techniques for financial gain. While most of the top twelve tax scams involve fraud perpetrated by taxpayers, number three on the list is phishing, a scam whereby an identity thief attempts to take advantage of an innocent taxpayer and obtain personal financial data. This type of anti-spyware software scans the contents of the windows registry, operating system files, and installed programs on your computer and will provide a list of any threats found, allowing you to choose what you want to delete and what you want to keep.