Definitions

Adware:

"Adware" is an abbreviation for advertising-supported software. Adware comes bundled with some commercial software which, upon installation, installs packages that download advertising material to your computer and display them. These ads are usually displayed when the user is using the original software application. However, this is not always the case. As it becomes increasingly pervasive on your PC, adware begins to pop up ads even when u aren't using the original software application. And that's when it gets really irritating.

Spyware:

Spyware, on the other hand, is irritating right from the beginning. It gets its name from the fact that it installs itself and performs (often malicious) operations on the user's computer without his knowledge. It is intentionally designed to stealthily install itself and monitor the user's activity, accessing information that can easily be used to someone's profit.

Essentially, spyware, once on ur computer, is used to transmit personal data to a third party that will use it for a purpose you did not sanction.

Spyware shouldn't be confused with viruses or worms, as a spyware package is not intended to replicate itself.

Freeware:

As the name suggests, freeware is software that is available for download and use free of charge. The essential difference between freeware and adware is that freeware is free software without advertising content. Freeware also does not usually come with technical support on the developer's behalf. As opposed to shareware, freeware can be used indefinitely and does not expire after a particular period of use.

Shareware:

Put simply, shareware is "try before you buy" software. Shareware allows you to use the software for a trial period, after which you are asked to purchase it. The purchase may be of the entire software package, or a registration code to unlock the original shareware package for unrestricted use. The best part about shareware packages are that they allow you to evaluate them before actually buying, so you know whether the package suits your requirements or not. And as the name implies, users are encouraged to share the shareware package with friends.

Warez:

Warez is essentially pirated stuff (games, applications, music albums, et al) that are available for download over the internet.

Phishing:

Phishing is essentially a clever and illegal method used by "phishers" to extract personal information about Internet users. This personal information may be in terms of credit card numbers, bank account details, passwords, and such.

Trojan Horses:

A Trojan Horse, or simply a Trojan (the name is derived from Greek mythology) is a malicious program that disguises itself as something interesting, thereby gaining the confidence of the user, who unsuspectingly then installs a piece of malicious software on his computer. Once installed, the developer of the Trojan is able to gain content from the machine(s) it has been installed on, which can then be used for malicious purposes.

Definitions given by Digit

d

Protect your Pen Drive

How to prevent your PCs from VIRUSES through Pen Drives?


Many of our PCs/laptops normally gets a virus without even being connected to the network. This mostly happens because of an infected Pen Drive or a USB device. Some Viruses like Ravmon Virus, Heap41a worm, which are not detected by Antivirus softwares normally spreads through Pen Drives. In such cases, to prevent your PC from getting infected with a Virus that spreads through USB devices or Pen Drives, u can follow the simple steps below.


Connect your Pen Drive or USB drive to your computer.

Now a dialogue window will popup asking you to choose among the options as shown in the figure.

Don't choose any of them, simply click Cancel.

*Now go to Start--> Run and type cmd to open the Command Prompt window .
*Now go to My Computer and Check the Drive letter of your USB drive or Pen Drive. (E.g. If it is written Kingston (I:), then I: will be the drive letter)
*In the Command Window (cmd), type the drive letter:
and Hit Enter.

*Now type dir/w/o/a/p and Hit Enter
*You will get a list of files. In the list, search if anyone of the following do exist

1. Autorun.inf
2. New Folder.exe
3. Bha.vbs
4. Iexplore.vbs
5. Info.exe
6. New_Folder.exe
7. Ravmon.exe
8. RVHost.exe or any other files with .exe Extension .

If you find any one of the files above, Run the command attrib -h -r -s -a *.*
and Hit Enter.

Now Delete each File using the following Command del filename (E.g. del autorun.inf).

That's it . Now just scan your USB drive with the antivirus you have to ensure that you made your Pen Drive free of Virus.


This virus is very common now... like the Amvo.exe. For details on Amvo.exe, there is another post for you. But, you can follow the same steps above and try clearing it. Its always better u dont directly open any pendrives before listing the contents in it and scanning it. Though scanning doesn't find the viruses in it, u can remember the names and just delete it manually through the command window.


To know whether ur system is infected, type C:\heap41a in the address bar...if there is a folder named heap41a, then ur system is infected.


Though I'm not sure, I've heard that AVAST antivirus is the best solution for this worm. Symantec also works.

d

Amvo.exe

This is deadly! - Amvo.exe f


My sis recently bought a pendrive - so small and good looking that I couldn't resist connecting it to my USB port. Upon Autoplay, I clicked 'OK' to the newly acknowledged drive and then - I'm stil tryin to exactly figure out what happened first and then the rest - my system's cooling fan was sounding like it was highly asthmatic and will pass away soon. I could simply understand that the virus scanner is activated bcos during that time the fan gave out a huge noise. But problems just kept on moving forward one by one. The pendrive I opened had opened up in a separate window, which I din't bother much. There was drastic decrease in system speed and all memory was used entirely for the virus scanner. Clicking on any drive opened up in a new window. I had to click a number of folders bcos that was my scheduled working time, and all that opened up in new windows. I dint really understand that all these happened bcos of the pendrive. I dint expect it to be - bcos it was brand new. Just then a msg popped up showing something about 'amvo.exe' within the pendrive. Though my virus scanner (Symantec 10.0 Corporate Edition) was carrying out its scan in the background, it dint alarm of anything serious and no warnings at all except it was slowing down my PC. Now, it came to the point where I couldn't do anything and my desktop filled with new windows for all what I clicked. I could only restart, and then immediately pull out the pendrive. (Now the quarrel at home with my sis should be made separate as that will be enough to fill this page).

Upon restarting, the same problems persisted and I was in a hurry to finish work. But opening up of new windows dint seem well for me and I coulndt escape from low speed due to Symantec's scan also without finding anything. Though v.slow, my system was working but frequently restarting. It had about 10 reboots that nite alone and somehow I managed to finish work. After work, I spent the whole day scanning the system with Symantec, which broke off at some point and then the system restarted again. I checked for errors on drives, scanned for viruses and still nothing positive. But something was there that made the scans incomplete. I started googling from then, getting all details for this process called 'amvo.exe.'

I did an online scan, which failed too. Installed Yahoo CA Antispyware, RegRun Security Suite, Registry booster to chek errors in registry at startup etc.. System reboots still continued.

Now, I'l give u details relating to this.
Amvo.exe: This is considered a Trojan/backdoor.
Categorized as Dangerous. I would call it like some people call it 'nasty.'

Symptoms:

• Clicking on any drive or folder opens in a new window.
• Unable to view hidden files (this is the most intersting thing and u'l go mad. Go to folder options and tick 'view hidden and system files' -> click Apply -> OK and u still wont be able to view hidden files or folders. This is becuase every time u tick this box and click OK, the next moment the virus turns it off. Do it any number of times and this is what happens. Sounds funny, but its hell with this nasty thing on your PC.
• U wont be able to even view "temp" files. Typing 'temp' in 'Run' just shows u an empty folder.
• Virus scanner breaks down often and auto-protect is automatically disabled at times. The worrying thing is that not much virus scanners can detect the Amvo trojan.
• Frequent reboots.

Solution:

There are may ways to clean it as posted on many forums and webpages. But on detailed investigation, I understood that only the process can be killed. Bcos many antivirus softwares dont even detect this virus. I wonder why they dont have a solution for such like amvo, kavo etc..

Now I'm not going to let u thru the tedious steps I went through in locating the virus at first. It was only a week later that I thought of such a way, because there was no simple way of viewing hidden files and this virus was hidden too.

Just install a FTP software, something like LeechFTP. If u dont have one, u can get Bulletproof FTP from http://www.bpftp.com/. Its free. Download it, install, and get into each drive starting with C: This virus resides in the root of every drive and can be easily located. (Now, something which I forgot to inform - Disable auto-play on all drives including ur USB drives and CD drives. It is good u dont run auto-play for any drives till this problem is resolved). Look for the files amvo.exe, amvo.dll, amvo0.dll, amvo1.dll, etc. Delete those files from within ur FTP itself. If u find a file named 'autorun.inf' delete that too. In this way, now skip to D: and do the same. (Please take utmost care that u dont delete any system files). This process should be repeated on all drives. If u r not able to delete these files thru this software, then restart your computer and log into 'Safe Mode.' Run the FTP s/w and do the same steps. Hopefully this will delete the thing.

WORRY:

But still, there is no solution to view hidden files. Now that u've cleared (or partly cleared) the virus, u still wont be able to view 'temp' files by typing 'temp' in Run. But ur PC will be running alrite if the virus is cleared. Now, if u want to view and clear 'temp' files regularly, type "%temp%" in the Run command box and hit enter. There u get the whole window full of 'temp' and now u can easily delete them. This is what I'm following till date. Bcos someone said on his blog that this virus will never leave you even if you format all your drives. I was really confused when I read it that time, but later understood that those were golden words by the guy. Bcos recently I formatted my C: drive alone and installed WinXP afresh, but the hidden files problem still persists. Only reformatting all drives and repartitioning may provide total solution is what I heard.

AVOID:

• Circulating ur pendrives to unknown parties or even a friend if u feel his system is infected.
• Opening the contents of pendrive without thorough scanning (as this virus transmits mostly through pendrives). Please refer to the recent post "Protect your Pen Drive" for more details.

IMMEDIATE DO'S:

• Turn off Auto-Play on all drives if u find any virus of this sort.
• Take immediate backup of ur important data bcos u dont know when u'l need a format. (Make sure the virus doesnt transmit to the backup storage too). Try using another OS such as Linux to do this. This will also help in finding the virus. Access all drives through Linux and delete the 'unwanted' thing.

I had sleepless days often due to this Trojan, also leading to delay in completion of work. It seems to be The WORST Thing I've come across on a PC. And I'm not fully recovered of it, yet.

f

INTRO - Being Defensive

Well, I'm still only defensive!!

24 x 7


The topic and the entire theme of this blog is not self defense of the human body, but its defending the PC 24 x 7 online or offline. I consider it more often a serious issue than an injury to my body bcos it has indeed caused a number of critical mental upsets in me and also indigestion by pondering over what went wrong and how to fix it. I had sleepless days and workless nights - (no mistake made there bcos I'm a night owl) all bcos my PC went wrong somewhere or I dint know what needed to be done when something of such kind happened. This is now just an ongoing problem for me compared to how my system was performing more than a year ago when it was stand-alone and not connected to the internet. So you may very well understand now that I'm not fully defensive. I wish I were Defensive 24 x 7 thereby making it impossible for anything or anyone to hack my machine or do critical damages to my system or spread some infectious process.


Before I ever I got a system, I only had dreams of a system - mostly of how it should look, perform, and then the rest. I wanted a machine that never hung at any time, that never let me down, and never restarted until thats what I can do at last or it should do by itself. But my dream dint come true though I got all branded hardware and even genuine Windows OS. The reason behind my dream was bcos machines I've been working with through the years in offices, what I saw in people's houses, or in a cafe all halted at some point, restarted, or never even woke up after commanding for a reboot. This doesn't need any explanation: Its a machine afterall - it has its own restrictions of what it can do and what more can it do when people dont know how to handle it..? Yea, even humans get a headache very often, then why cant the machine take a break and reboot itself?


I can't be so funny by saying so. It cant do so by itself. Now most Linux freaks say, 'it only happens with Windows.' Now I'm not ready to say that bcos I've not worked much on a Linux machine or an Apple Mac. Leaving all about the OS we are working on, I'm just trying to blog the problems I've been encountering with my system knowing that many of you must be encountering similar problems and even some without knowing what to do in case something of this kind happens.

This page will deal with some possibilities of system malfunction due to Viruses, Trojans, Worms, Spyware, Adware, or all worst possible elements that can hack a system or bring it to a halt or lead to a malperformance.

You can very well post your comments and also place your queries so that myself or someone who reads this can find a solution. Now, as u know there are a lot of forums with experts that give immediate reply. But this is not such a page because even I trust on those forums when things turn out seriously. Here, I'l try to define the problems that I've faced so that You dont either need to face it in future or it may help you to recover if you're facing it. Anyone can actively participate and answer the questions asked by someone on this page either through experience or exploration.

d