Computer Security Page

"I like to think back on the good old days, when the worst thing Windows might do to us was crash."

Having read Brian's report above, it might be time to make things easier for the folks that are new to all this by giving definitions to the jargon that us geeks use.

Computer Geek: - Comes in many sizes and shapes, usually 6 foot tall with bedroom eyes, walks with 'that knowing gait', can answer computer questions faster than a speeding bullet, is able to ftp without blinking an eye, usually is seen blinking his eye, invariably choses not to go with the crowd instead travels his 'own way', quite often overheard whistling "My Way', usually has a computer magazine sitting close by, and will sit up till all hours of the night getting his web page online for others to read and learn. Disclaimer: If you have seen anyone that looks like this walking 'round downtown Gore Bay, pay no attention, it's only my web design competition and he's not dangerous!
Most geeks are known to drink vast amounts of coffee throughout the day and therefore need bathroom breaks throughout their sleep. A true geek will check his e-mail during these bathroom breaks and/or check to see if any of his Instant Messaging Contacts are online.
Wannabe Geeks can be identified by the use of frames and flash in their web pages - don't trust these people, as they are not true geeks and they have their own agenda which is taking over the world by the use of animated gif's which are intended to lull you into a feeling of security and contentment.

http://www.webopedia.com/

Spam: - Electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. However, if a long-lost brother finds your e-mail address and sends you a message, this could hardly be called spam, even though it's unsolicited. Real spam is generally e-mail advertising for some product sent to a mailing list or newsgroup.

http://www.webopedia.com/

Trojan Horse: - A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

http://www.webopedia.com/

Denial-of-service: - a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.

http://www.consumer.gov/idtheft/

Identity Theft: - Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes.

http://www.webopedia.com/

Hacker: - A slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subject(s). Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has coopted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is cracker.

http://www.webopedia.com/

Hardware Firewall: - A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

http://www.webopedia.com/

Firewall: - see above

http://www.webopedia.com/

Virus: - A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
The first virus occurred in 1987 infecting ARPANET, a large network used by the Defense Department and many universities.

http://www.webopedia.com/

Antivirus Program: - A utility that searches a hard disk for viruses and removes any that are found. Most antivirus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered.

http://www.webopedia.com/

Worm: - Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.

http://www.webopedia.com/

Phishing: - The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information. By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately.

http://www.webopedia.com/

Adware: - (1) A form of spyware that collects information about the user in order to display advertisements in the Web browser based on the information it collects from the user's browsing patterns.
(2) Software that is given to the user with advertisements already embedded in the application.

http://foldoc.doc.ic.ac.uk/foldoc/index.html

Bandwidth: The amount of data that can be transmitted in a fixed amount of time. For digital devices, the bandwidth is usually expressed in bits per second(bps) or bytes per second. For analog devices, the bandwidth is expressed in cycles per second, or Hertz (Hz).

Steve Gibson - http://grc.com/optout.htm

Spyware: is ANY SOFTWARE which employs a user's Internet connection in the background (the so-called "backchannel") without their knowledge or explicit permission.
Silent background use of an Internet "backchannel" connection MUST BE PRECEDED by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed, consent for such use.
ANY SOFTWARE communicating across the Internet absent these elements is guilty of information theft and is properly and rightfully termed: Spyware.

Mike Healan - http://www.spywareinfo.com/articles/hijacked/

Browser Hijacking: there is a despicable trend that is becoming more and more common where the browser settings of web surfers are being forcibly hijacked by malicious web sites and software which modifies your default start and search pages.
Sometimes internet shortcuts will be added to your favorites folder without asking you. The purpose of this is force you to visit a web site of the hijacker's choice so that they can artificially inflate their web site's traffic for higher advertising revenues.

http://www.doxdesk.com/parasite/

Parasite: is a shorthand term for “unsolicited commercial software” — that is, a program that gets installed on your computer which you never asked for, and which does something you probably don’t want it to, for someone else’s profit.

http://cpcug.org/user/clemenzi/technical/Parasites.htm

Parasites: are programs running on your system that you don't need, don't want, and probably don't even know you have. Normally, these are intentional parts of larger applications. I use the term parasite because they use memory, CPU time, and other resources which reduce the performance of your machine.
Normally, you don't know about these because they are loaded at boot time either via the registry (a part of the operating system that Microsoft warns all users not to read or modify), via Start / Programs / Startup, or by some other method.
As an example, loading Netscape 4.72 loads RealAudio/RealPlayer and other related crap on your system without even telling you. (Another good reason to stop using Netscape.)
Many people like RealAudio, it may even be good software. However,

It hijacks many file extensions without asking or telling you
It adds a significant number of entries to the registry, there by slowing down every task on your machine
It automatically runs every time you boot your machine
It uses about 30% of your cpu
And the old versions loaded the Comet Cursor parasite

Tom Spring, PCWorld.com - http://www.pcworld.com/news/article/0,aid,57064,00.asp

Scumware: Move over spam, there's a new ad scheme called Toptext that is delighting advertisers and drawing ire from users who view it as yet another obnoxious online advertising gimmick.
Popularized by a California firm called Ezula, Toptext technology highlights words on a Web page which then link you to an advertiser. But for those who have unknowingly downloaded and installed Toptext, the technology is more a scourge than a revolution.
Toptext works with Microsoft's Internet Explorer browser 4.0 and above. It's typically bundled with free software programs and is currently being distributed with popular file sharing software such as IMesh and KaZaa.
But while advertisers are seeing results with TopText, critics view the technology merely as the latest iteration of intrusive advertising and liken it to pop-up and pop-down ads.

http://www.thiefware.com/

ThiefWare: is software being used in an unethical or disagreeable manner. The term does not necessarily mean that the software is involved in outright thievery or other serious criminal activity as determined by law.
The word is being used to denote unethical, unacceptable, or otherwise negative use of software and Internet technology.
Some of the software mentioned places links on victimized sites for visitors to click on leading them away to other competitor sites. Many site owners would say the software is stealing visitors which makes it ThiefWare, an appropriate name for such services and software.

http://www.geocities.com/yosponge/datacoll.html

Cookies: are small text files containing information on what sites you visit, a unique ID number, and may contain any other information the website designer chooses to include, such as how long you were at the site, if you made any purchases, where else you went, your name, credit card number, etc.
When you visit most popular websites, or click on any ad, a cookie is generated and set on your computer. It can either be stored on your computer's hard drive (called persistent cookies) or are temporary and will be erased once you shut down your browser (called per-session cookies.) In either case, the website can store the information they keep and or reveal.
Data collection works by association: that is, there must be a unique identifying number assigned to you. This is necessary in order for any data collection to generate reliable and useful data. If the number were different every time, the website company and its advertisers would not know you've been there before because last time you may have had a different identifying number.

http://computer.howstuffworks.com/question525.htm

Packet: It turns out that everything you do on the Internet involves packets. For example, every Web page that you receive comes as a series of packets, and every e-mail you send leaves as a series of packets. Networks that ship data around in small packets are called packet switched networks.
On the Internet, the network breaks an e-mail message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message. A typical packet contains perhaps 1,000 or 1,500 bytes.
Each packet is then sent off to its destination by the best available route -- a route that might be taken by all the other packets in the message or by none of the other packets in the message. This makes the network more efficient. First, the network can balance the load across various pieces of equipment on a millisecond-by-millisecond basis. Second, if there is a problem with one piece of equipment in the network while a message is being transferred, packets can be routed around the problem, ensuring the delivery of the entire message.
Most packets are split into three parts - header, payload, and trailer.
Let's say that you send an e-mail to a friend. It is broken into packets as the network uses fixed-length packets.
Each packet's header will contain the proper protocols, the originating address (the IP address of your computer), the destination address (the IP address of the computer where you are sending the e-mail) and the packet number. Routers in the network will look at the destination address in the header and compare it to their lookup table to find out where to send the packet. Once the packet arrives at its destination, your friend's computer will strip the header and trailer off each packet and reassemble the e-mail based on the numbered sequence of the packets.

http://www.geocities.com/yosponge/internet.html

Packet sniffers: are highly-useful tools for intercepting and monitoring data passing around the Internet. They are used legitimately by all Internet Service Providers, including yours, to check out performance. They are used by law enforcement to check out illegal activity. And they are used by businesses and amateurs to look for suspicious data coming into or leaving their computers and networks.
Of course, any tool that can be used for good can be used for unethical or illegal purposes. They can be used to read credit card numbers, SSNs, and other information in transit.

http://www.geocities.com/yosponge/internet.html

Port: A port provides a mechanism for organizing incoming packets so they go to the right place at a particular IP address. This is exactly like the situation if you sent your letter to someone living in an apartment building: apartments usually have the same street address, so it's not good enough to jsut have the address. You also have to specify an apartment number in order to make sure it gets to the right place. If computers didn't use "apartments", or ports, then you would be restricted to only running one thing at a time; your couldn't use email, your web browser, and such simultaneously. If you tried, you'd be downloading that song from Napster in your browser and pieces of this webpage might be showing up in your email.

That was quite a list of definitions, but now that they are all listed - it is not important that you memorize them. Just reading them a few times until this all starts to make sense is all that is needed here.
If you wish to have a quick reference to 'computer definitions' you will find many scattered across the internet, but click here for Webopedia.

Seeing as this is a page about security....if you clicked on Webopedia.com above the page that opened would have displayed this image. It is advertising and if you click thru it you will be paying for something if you see something you like. Keep that in mind! Another is Ads by Google - another advertising thingie and nothing that is going to be a freebie.

What follows now is old material that I had previously posted elsewhere that will appear in a new window. It is a large file, but worthy of your time, so read 'Secure Your Computer'

I suppose that if you now click on the links listed below, you will be as educated as me with respect PC Security. So, "Happy reading my friend!"

POKO

More Stuff That You Have To Know

To have a truly secure computer, you have to arm yourself with all the defences that are available to you. A well-respected computer geek, Fred Langa, suggests several layers of defence are necessary.

I decided that I'd just list all my favourites at this point and let you click away. On the next window that opens go to Security.

Click on Calamity for an excellent Forum on Computer Security. The folks that post
on this forum are quite knowledgeable and an excellent source of information.

Trojan Horse

I have yet to come across a true anti-trojan freeware application, but don't lose hope - you can visit WindowsSecurity.com and run their free on-line scan. We have all heard alot about trojan horse programs and the threat that they pose to your security. This Trojan FAQ sheds some light on what these programs are, what they do, how they can infect your system and suggests measures that could be taken to prevent such infections. You can make sure that you have a good grasp on these malicious programs by browsing through this regularly updated Trojan FAQ which provides the answers to these questions and many others.

Anti-Virus

I was a devout Norton Anti-Virus follower until I ran into their poor support at which time I started using AVG by Grisoft, but I've recently loaded Active Virus Shield from AOL. This freeware is based on the Kaspersky Labs engine. It's relatively new, but looks promising and its gui is certainly more straight forward than AVG's.

E-mail Spam

I fight spam by several means. I avoid having my e-mail address being broadcast where spammers harvest them so when you send me an e-mail telling me to forward it to six of my friends, it goes directly to the trashbin. I use a secondary e-mail address when signing onto various websites so if you want to have me read your mail, don't send it to my Hotmail account as that is just a repository of bogus mail. I also use a GMail account for the same purpose. Another tool I use is MailWasher that sits in front of my e-mail client and checks my pop3 account for me. It allows me to delete anything from my server before I even have to download it to my machine.

Spyware

There are literally hundreds of software companies promoting their wares to combat spyware. I use all the apps listed to the right. BUT please note - no anti-spyware does it all and if they are to be effective, they must be kept up-to-date.

Internet Security Systems - AlertCon(TM)

This is the current
internet security status.
Click the Alertcon button to investigate.

You've Been Infected - What Now ?

I have not used everything listed below so use at your own risk.

Security Checks

a-squared (a˛) Online portscan, security-test, Exploit- test, Browser check Checks 101 ports!

Auditmypc.com
Security scan Firewall Test, Port Scan, Spy Ware and Security Audit Choices

Cablemodemhelp Portscan

CentralOps Browser Mirror See what your browser reveals

Computer Cops UDP Port Scanner Slow but good

Dageek Nessus Security Scanner

Digital Control Systems Passive TCP Port Scan Slow connection, quick results

DSLReports Security testing Slow

Echannel Site compatible check

Firewalls Also online firewall wizard

Fortify Check your encryption cipher key

GFI Trojanscan

Hackerwacker Quickscan and more Nice

Hackerwatch Portprobe Scans ports: 21/23/25/79/80/110/139/143/443

It.sec German site (english)

Jason's Toolbox Browser Security Test

Jtan WinNuke test fast and simple

Kalish Port scanner fast and simple

McAfee Free online scan W32/Lovsan

MVS several tests

Myserver.org Short test. Can submit your own port number to test.

Obit "Free scan" or "Obot Quick scan" This scan does not check the security, but simply gives a quick report of possible problems

Onlinescanner Internet security systems Lot of info

PCFlank Tests ports,trojan and browser Quick, stealth, browser, trojan , exploits tests and advanced port scanner

Pcinternetpatrol short test

PCPitstop Many tests autofix

Prosumis Scanner press Check&Scann (bottom left) TCP/UDP Excelent reporting

Remote security tester

RSGIS Fast

ScanIt Browser security test (amazing) Tries to open files, gives advise

Securewall 365 ports

SecurityFocus scans 1500 ports and scans for 750 vulnerabilities

Securitymetrics.com This free port scan will test 22 of the 500 most commonly used communication ports on your computer/server

Securitymetrics.com For Webmasters, Network Administrators, and Executives
Server and Firewall Test

SecuriScan Quick results Checks your system for the status of 23 popular ports.

Security News Links and lots of info

SecuriNews 22 popular ports

Securityspace some free security audits Gives advise

Securitywire uses NMAP

Shavlik security exposure

Shields Up CRC Test your shield and ports

Subgotdns.org Scans most common ports

Surfplan.nl

SSL check by verisign Browser check: version and encryption

Still Listerener env. test, SSi, Java test

Speedguide.net TCP/IP analyzer

Stealthtest Log-, Mac-, NetBIOS test and more

Sygate Online Services Quick,stealth, trojan,TCP, UDP ICMP

T1shopper

TestMyFirewall This firewall test takes a 4 phase approach, a virus and trojan port scan, a standard port scan, a spyware test and a browser test.

Trendmicro Hackercheck.com provides a free port-scanner to test your computer's security for internet transactions. This service is provided by TREND MICRO.

Tools-on.net Look under privacy tools Holmes/Who, Proxy checker, anonymous surf and mail, port scanner,trojan scanner, netbios scanner

Voltron Kru Portscan Scans well known ports. Scans also a range of given ports

WindowSecurity Eventlogs. Email security

Yashy.com Open ports based on NMAP

Spyware Checks

About - Buster Stops bogus spyware popups on Internet Explorer startup and homepage hijacking to res://random .dll/random (Freeware)

Ad-aware   A free multi-spyware removal utility that scans your memory, registry and hard drives for known spyware and scumware components and lets you remove them safely. It is updated frequently. also freeware

Adware Remover online Online Quick scan. In depth scan needs tr-setup.exe. No reference so far

Anomizer online You need to install a ActiveX file. Doesn't clean

Anti-Spy Security software that detects and removes malicious programs, trojans, keyloggers and adware

Aumha Quick fix protocol, follow the steps in the order listed

Bazooka Bazooka Adware and Spyware Scanner detects a multitude of spyware, adware, trojan, keylogger, foistware and trackware components; sources of irritation that antivirus software does not deal with. freeware

Bugnosis Free

Computer helpdesk online

Content Audit online Porn on your PC. Check your computer now! You may be surprised what you find

Dosdesk online Fast

Gemal online

GIANT AntiSpyware Not only does GIANT AntiSpyware search and destroy all spyware on your computer, it even instantly alerts you when potential dangers arise, stopping most spyware before it can even install.

HijackThis HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents freeware

Housecalltechnicians online This test will scan your computer for known types of adware, spyware and malware, otherwise known as "parasites."

"How to remove" from PC HELL How to remove spyware

ITC Virginia How to turn off windows messenger service

McAfee

Microsoft AntiSpyware (Beta) No reference so far (Free)

NoAdware Free download. Will only detect and inform you. Doesn't clean unless you buy it

Parasite check 1 online This page allows you to check your computer for a hundred different parasites

Parasite check 2 online This page allows you to check your computer for a hundred different parasites

Panda New This application is updated at least once a day, so it can always root out even the very latest spyware. And you don't even need to install any program, all you need is to be connected to the Internet.

PcPitstop Press "Scan for undesirable programs using our quick test."

PC Hell How to remove spyware

RegFreeze online Please pay attention that this scanning module does not remove any spyware. For actual removing of spyware programs you need to download and install the full version of RegFreeze.

Pestpatrol online Try the online version. You need to install ActiveX file. Excellent reporting, you have to buy it to remove the spyware.

Spector Records Emails, Chats, IMs, Web Sites, Programs Run, Keystrokes Typed, Peer to Peer File Sharing, Screen Snapshots - Plus - Offers Internet Access Blocking and Instant Notification Alerts.

Spybot S&D Application to scan for spyware, adware, hijackers and other malicious software. Besides finding spyware, SpyBot can check for system problems (faulty Uninstall information, broken links, and so on) and history lists that record information you may not want stored.

Spyferret Free download. Will only detect and inform you

Spygone Free download

Spy Guard Free download

Spyhunter Free download

SpyRemover Spy Remover detected spyware and adware unremarkably

SpySites
Stop Web Sites from installing Spyware, Sleazeware and Cookies on your PC

Spysubtract protects your PC from spyware programs that gather personal information, monitor your PC applications and online activities, including web surfing history, online shopping and search engine usage

SpySweeper Free download. Automatically detects and can remove all common forms of spyware programs including Trojans, system monitors, keyloggers and adware. Subscribers automatically receive free software upgrades for the duration of their subscription

Spywareblaster SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed. freeware It even blocks spyware/tracking cookies in Mozilla/Firefox and Internet Explorer.

Spyware Check Free download

SpywareGuard SpywareGuard provides a real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

Spywarenuker Free download

Spyware C.O.P Free download

STOPzilla CNET Editors Choice Award Winner. STOPzilla kills spyware and adware, stops popups, erases cookies and history, protects your homepage and more.

Sunbelt online You need to install CounterSpy ActiveX. Excellent reporting, you have to buy it to remove the spyware.

System Spyware Interrogator This tool is designed to be used in conjuction with your favorite spyware detection/removal utility.[Freeware]

TrendMicro Trend Micro Anti-Spyware for the Web is a free online tool that checks computers for spyware, and helps remove any infections found

TrueWatch Detects spyware / adware on your machine and then quarantines or removes them forever.

Webroot Scans for spyware, but doesn't remove it. Excellent reporting, you have to buy it to remove them.

Winpatrol Finds Worms, Adware, Spyware, Cookies, Trojan horses and other virus type, malicious, nasty programs. [Purchase required for PLUS version; freeware version also available]

Winguard online Spyware detector

XBlock This freeware comes with many functions, It performs cookie cleaning, Internet cache cleaning, scans for many popular spy software packages and performs permanent file shredding. Check back OFTEN. We release enhanced features on a regular basis.

X-Cleaner online This scanner is an ActiveX applet. After a short delay in which your browser downloads the control file, you will receive a "Warning Dialogue" requesting permission for the scanner to run. Click "Yes" and the applet will pop up and scan. You will be alerted if any spyware is found. When a spyware or malware is found, you will be alerted and asked if you want to remove it. If no spyware is found, the scanner will disappear on its own.

XP-AntiSpy XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may rise security or privacy concerns in some people.

XoftSpy They offer a Free Scan that will allow you to determine if you have been infected with possibly undesired items.

Virus and Trojan Checks

Anti-Trojan

Germany

Fast

Alken.nl Romania This online virus check from www.alken.nl

Command on Demand

USA

Based on F-Prot Profesional scan engine

DialogueScience Russia Single file

Dr.Web Single file

eTrust

Freedom Based on F-Prot Profesional scan engine. Doesn't clean infected files

GFI USA Email Security Testing Zone

GFI USA Trojan scan

Kaspersky Moscow Single file

McAfee

USA



McAfee USA Avert WebImmune. Submit infected file

MyV3 Korea

Panda Spain

PC Pitstop

USA

Dial up modem ISDN/DSL/Cable/T1/T3/Extreme

Securityspace Canada Test online for: Nimda, Code red and Bugbear

Symantec

USA

No compressed files

Trend Micro



Virusscan

Belgium

Housecall

XoloX McAfee free scan

Zeroknowledge



F-Prot, detects only

Virus Removal
something not listed here - check individual anti virus software companies listed below on the right

AOL.Trojan.32512 Symantec

Apost.A Trend Micro

Autoupder Symantec

Avril Sophos

Avron Kaspersky

BadTrans Panda

Bad Trans.b Symantec, Panda, F-Secure Sophos

Bagle.A@mm Panda F-Secure Bitdefender Symantec Sophos AntiVir F-Secure Norman McAfee

Bagle.B@mm Bitdefender Panda F-Secure Symantec McAfee

Bagle.C@mm McAfee Bitdefender

Bagle.E.@mm Bitdefender

Bagle.F.@mm Bitdefender

Bagle.H@mm Symantec, Bitdefender

Bagle(j-k)@mm Bitdefender

Bagle.M@mm Symantec, Bitdefender

Bagle.N@mm Symantec, Sophos, Panda, McAfee,

Bagle.U@mm Trend Micro Symantec, McAfee, Panda, Bitdefender

Bagle.Q@mm Trend Micro Symantec, Panda, Bitdefender

Bagle.V@mm Bitdefender

Bagle.AF@mm Bitdefender, McAfee, Panda

Bagle.AI@mm Sophos McAfee Trend

Bagle.AT Trend

Bagle.AU Trend

Bagle.BC Panda

Bat.Mumu.A Symantec

Bat.Mumu.B Symantec

Benjamin BitDefender

Braid.A (Bride) Panda, Symantec, BitDefender

Buddylist Symantec

Bugbear-A@MM BitDefender, Symantec, Sophos, McAfee, Panda , F-Secure, Norman, Trend

Bymer.A Norman

Cih Symantec F-Secure

CodeRed BitDefender, Symantec,Trend Micro,Sophos

CodeRed.F Symantec, Trend Micro

Corica Trend Micro

Dadinu Panda

Datom BitDefender

Disemboweler Panda

Donk.D Sophos

Doomjuice A and B Microsoft

Dumaru Symantec, McAfee, Bitdefender

Dumaru.Y Symantec, Bitdefender, McAfee

Elkern.c Kaspersky, Sophos , McAfee, Panda

EwploreZip.Worm Symantec

Femot.Worm Symantec

Fizzer BitDefender, Panda, Symantec, McAfee, Kaspersky

Flcss Sophos

Fleming Trend Micro

Fortnight Panda

Fortnight.B Panda

Fortnight.C Panda

Fortnight.D Panda

Fortnight.E Panda

Frethem BitDefender Symantec

Funlove.4099 BitDefender, Symantec, F-Secure

Gibe Symantec

Gigger Trend Micro

Gink Trend Micro

Goner Symantec

Goner.A Symantec

Happy99.Worm Symantec

Haptime Symantec, Panda

HLLW.QAZ.A Symantec

HybrisF Symantec

JS_JECT.A Trend micro

I-Worm.Magistr.A BitDefender

I-Worm.Prolin BitDefender

Kakworm Symantec

Klez.E@mm BitDefender, Symantec, Kaspersky , F-Secure, McAfee

Klez.F Panda (Windows 9.x/Me)
Panda (Windows NT/2000/XP)

Klez.I Panda

Klez all variants (including variants of Win32:Elkern) Avast

K0wbot BitDefender

Kriz Symantec , Panda

Lentin.E Panda

Lirva Panda Software, Sophos, Trend Micro, McAfee (Stinger) BitDefender

Loveletter Symantec

Lovegate (all versions) Bitdefender

Magistr Symantec

MTX Symantec, Panda

Mydoom.A Panda

Mydoom.(variants A, B, D, F-H - including the trojan horse)A Avast

Mydoom A, B and C Microsoft

MyLife Symantec

Nimda Panda, F-Secure

Nimda.A BitDefender, Symantec

Nimda.D Panda

Nimda.E Symantec, BitDefender, McAfee, Trend Micro, F-Secrure

Navidad Symantec, Panda

Opaserv.A BitDefender

Opaserv.D Panda

Opaserv.Worm BitDefender, Symantec , Panda, F-Secure, Trend Micro

Potok Symantec

PrettyPark.Worm Symantec

Reeezak.A@mm Panda

Sasser A, B,C, D and E Panda

Sasser A, B,C, D, E and F Microsoft

SirCam Bitdefender, McAfee, Symantec, Panda , F-Secure, Avast

Stages Symantec

Stream Symantec

TROY_SUA.A Trend

VBS.Haptime Symantec

VBS.Loveletter Symantec, Panda

VBS.Stages.A Symantec

VBS.Potok Symantec

VBS_REDLOF.A Trend

Vote Panda

W2K.Stream Symantec

W32.Badtrans Avast

W32.Badtrans.B@mm Symantec

W32.Bagle.AI@mm Sophos McAfee

W32.Blackmal.B@mm Symantec

W32.Blaster.worm Symantec Trend Micro

W32.Blaster.worm             (aka Lovsan), variants A-M Avast

W32.Beagle (aka Bagle), variants A-L, U, W, X Avast

W32.Bobax.fam (a,b,c) Mcafee

W32.Bugbear.B.@mm Symantic, Panda

W32.Bugbear.C.@mm Bitdefender

W32.Bugbear including B and E variant Avast

W32.Donk.Q Symantec

W32.Evaman@mm Bitdefender , Trend Micro

W32.Fizzer.A@mm BitDefender F-secure Panda, Trend Micro

W32.Frethem.J/K@mm BitDefender, Symantec , Panda

W32.Ganda Avast

W32.Gibe@mm Symantec

W32.Erkez.B@mm Symantec

W32.Klez all variants (including variants of Win32:Elkern) Avast

W32.Korgo F,H,I,L,M,N,O,P,Q,R Symantec

W32.Korgo A,B,C,P Bitdefender

W32.Nimda Avast

W32.Nimda Avast

W32.Lovegate (all versions) Bitdefender

W32.LovGate.C Bitdefender Trend Micro

W32/Lovesan McAfee

Win32:Nachi [Wrm] (aka Welchia, variants A-G) Avast

Win32:Netsky [Wrm] (aka Moodown, variants A-U) Avast

W32.Netsky.B@mm Trend Micro

W32.Netsky.X@mm (B,C,D,E,K,P,Q,S,T,X,) Symantec

W32.Netsup.a@mm Mcafee

W32.Nimda Avast

W32.Magistr.B@mm BitDefender, Panda , F-Secure, Trend Micro

W32.Mimail.C@mm Bitdefender

W32.Mimail.I@mm Bitdefender

W32.Mimail.J@mm Bitdefender

W32.Mimail, variants A, C, E, I-N, Q, S-U Avast

W32.MyDoom (A,B,F,N and O) Sophos

W32.Mydoom.M@mm Symantec

W32.Myparty.A@mm Bitdefender

W32.Opas(aka Opasoft, Opaserv) Avast

W32.Palyh.A@mm Bitdefender

W32.Parparo.worm Mcafee

W32.Randex.D Symantec

W32.Sasser Symamtec McAfee

W32.Sasser A, B,C,D and E Panda

W32.Sasser.worm Symantec

W32.Sasser.B.worm Symantec

W32.Sasser.C.worm Symantec

W32.Sasser.worm Symantec

W32.Scold Avast

W32.Sircam Avast

W32/Slanper Sophos Symantec

W32.Sober.D@mm Bitdefender

W32.Sobig.A BitDefender

W32.Sobig.B@mm Symantec

W32.Sobig.F@mm Bitdefender Symantec F-Secure Sophos

W32/Sober@mm Symantec

W32/Sober-A Sophos BitDefender

W32/Sober.B@mm Symantec

W32/Sober-C Sophos Symantec

Win32:Sober [Wrm], variants A-F Avast

Win32:Sobig [Wrm], including variants B-F Avast

W32.Swen.A@mm Symantic Norman Bullguard

W32.Updatr.A@mm BitDefender, Panda

W32.Welchia.worm Symantec

W32.Worm.Benjamin BitDefender

W32.Worm.Datom.A Bitdefender

W32/Zafi McAfee Bitdefender

W95.CIH Symantec, F-Secure

Win32.Worm.Bobax A-C Bitdefender

Win32.Msblast.A Bitdefender

Win32.Novarg.A@mm Bitdefender

Win32.Zafi.B@mm Bitdefender

W32.Yaha@mm Panda, BitDefender, Symantec, F-Secure, Sophos, McAfee, Trend Micro Avast

Winevar Symantec, Trend Micro

Worm.Datom.A BitDefender, Panda

Worm.ExploreZip Symantec

Worm_RATOS.A Trend

Worm_Zafi.D Trend a2

Wscript.Kakworm Symantec , Panda

Wscript.Kakworm.B Symantec

Yaha Symantec

Yahaa BitDefender

Yahaa.K BitDefender

Zafi.B F-Secure

Zobot Microsoft

And Some More Stuff You Should Know

Running all these security applications will do you absolutely no good if you do not keep them updated.

So you ask yourself, "How do I remember to do that?" The answer is simple - put a shortcut to Calendar of Updates on your desktop.

Click on the above graphic and their web page will load. Create a shortcut and you are in business.

With a shortcut on your desktop (position it where you will be reminded to use it) you have only yourself to blame that your security definitions are not updated.

Depending on how often you run your security apps, you have only to check the calendar for that time period and note any updates that have occurred.

But Remember

No one security application does it all. You have to depend on using multiple applications to get the job done!

And Another Thing ....

It is very possible - check that - it is more than likely that you have software installed which is out of date. That is to say, software you have may be crippled with some flaw that has been discovered and updated, but your system has the old version making you at risk.

Run this on-line scan !

It will advise you of apps that need to be updated.
Minimum Requirements:
     Windows 2000, Windows XP, or Windows 2003
     Sun Java JRE 1.5.0_06
     Internet Explorer 6.x, Opera 9.x, or Firefox 1.5.x
     Latest version of Microsoft Windows Update

The right column of this web page list many of the applications I run regularly to ensure my pc is kept free of malware and I recommend you use them.

The future of malware: Trojan horses

By Joris Evers
Staff Writer, CNET News.com
Published: October 13, 2006, 4:00 AM PDT

MONTREAL--Some of the most dangerous cyberattacks are the least visible ones.

Widespread worms, viruses or Trojan horses spammed to millions of mailboxes are typically not a grave concern anymore, security experts said at the Virus Bulletin conference here Thursday. Instead, especially for organizations, targeted Trojan horses have become the nightmare scenario, they said.

"Targeted Trojan horses are still a tiny amount of the overall threat landscape, but it is what the top corporations worry about most," said Vincent Weafer, a senior director at Symantec Security Response. "This is what they stay up at night worried about."

The stealthy attacks install keystroke-logging or screen-scraping software, and they are used for industrial espionage and other financially motivated crimes, experts said.

Cybercrooks send messages to one or a few addresses at a targeted organization and attempt to trick their victim into opening the infected attachment--typically, a Microsoft Office file that exploits a yet-to-be-patched vulnerability to drop the malicious payload.

Security technology can stop common attacks, but targeted attacks fly under the radar. That's because traditional products, which scan e-mail at the network gateway or on the desktop, can't recognize the threat. Alarm bells will ring if a new attack targets thousands of people or more, but not if just a handful of e-mails laden with a new Trojan horse is sent.

"It is very much sweeping in under the radar," said Graham Cluley, a senior technology consultant at Sophos, a U.K.-based antivirus company. If it is a big attack, security companies would know something is up, because it hits their customers' systems and their own honeypots (traps set up to catch new and existing threats), he said.

Targeted attacks are, at most, a blip on the radar in the big scheme of security problems, researchers said. MessageLabs pulls about 3 million pieces of malicious software out of e-mail messages every day. Only seven of those can be classified as a targeted Trojan attack, said Alex Shipp, a senior antivirus technologist at the e-mail security company.

"A typical targeted attack will consist of between one and 10 similar e-mails directed at between one and three organizations," Shipp said. "By far the most common form of attack is to send just one e-mail to one organization."

In the past two years, MessageLabs has seen such attacks hit multinational companies, governments and military bodies. Other recurring targets include law firms, human rights organizations, news organizations and educational establishments, Shipp said.

Most attacks include Office files that use yet-to-be-patched vulnerabilities in the Microsoft application to install malicious code on vulnerable systems. The software giant has patched many such flaws on recent Patch Tuesdays.

Office files are also popular with attackers because organizations typically allow people to receive those files in e-mail, while executables or other files seen as more likely to be malicious are often blocked, Shipp said. "By and large, the best way of getting into an organization is to use something that the company lets in," he said.

The future of malware
The use of zero-day flaws circumvents traditional signature-based security products. These products rely on attack signatures (the "fingerprint" of the threat) to block the attack, which requires the attack to have been identified at least once before.

"This is the future of malware attacks," said Andreas Marx, an antivirus software specialist at the University of Magdeburg in Germany. "People affected by this won't be protected by antivirus software because there is no signature."

A signature is created when antivirus companies get a report from an infected company, when they see samples in their own honeypots, or get samples from other antivirus companies. "This doesn't happen with targeted attacks, as only an extremely small number of people get infected," Marx said.

As an example, Shipp said that only four antivirus products today detect one specific targeted attack that was first spotted months ago. Other products still let it through. MessageLabs is able to identity some of the threats by looking at the specific details of Office documents attached to e-mail and pinpointing unusual code in them, he said.

The identity of the attackers is mostly unknown. Security experts have theories of multiple gangs in different parts of the world, but haven't been able to pinpoint them.

The motivation of the attackers is also topic of dispute. From his analysis, Shipp believes the intent is to steal information. "In other words, corporate espionage," he said.

But Symantec's Weafer isn't so sure. "Whether they are for hire, or whether they are simply trying stuff out is not clear," he said.

Security companies are working on behavioral blocking and other techniques that go beyond signature-based detection to protect systems. Heuristics, which are programs that use pattern recognition, instead of being based on algorithms, are one example.

"Antivirus companies have moved in leaps and bounds in terms of heuristic attacks," Cluley said. "It is not completely disastrous, even if it doesn't appear on the radar. Good proactive protection can still defend against a lot of this stuff," he said.

The real good news is that there is a only a very low probability that any specific company was attacked last year, Shipp said. "The bad news is, if you were attacked and it was successful, it is of very high value," he said.

The above article written by CNET News.com gives you an idea of what we are up against. While common sense dictates not opening an attachment from an unknown source, this article makes it clear even trusted sources may have been compromised by a trojan horse and you should run any attachment through your anti-virus and other security applications before opening them.

I save trusted attachments to a specific folder on my secondary harddrive then right-click on them to open my security apps.

Never just open the attachment!

Computer Security