What Is A Computer Virus?

Just what is a virus? Virus means "poison" in Latin, and a computer virus is, well, a computer poison. Computer viruses are malicious software programs that are designed to adversely affect your computer without your knowledge or permission. It is a leech that implants itself on legitimate software and spreads from one file to another. A virus might corrupt or delete data on your computer, use your e-mail program to spread itself to other computers, or even erase everything on your hard disk. Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files in e-mail messages or instant messaging messages. A virus can infect your computer when you are just visiting a website, using a shareware program, or opening a Word document. The list of possible infection points is enormous and covers almost any imaginable user activity.

Read More »

Brief History of Computer Viruses

It is pretty much a convention these days to trace the history of computer viruses to a paper called 'Theory and Organization of Complicated Automata', published in 1940s by an American mathematician and computer research pioneer John von Neumann. The paper explored the probability of self-replicating "automatons". Von Neumann postulated that it was possible, at least in theory, for machines to produce something as complex as themselves - essentially, reproduce.

Read More »

In The News...

vBulletin Software Flaw
The flaw in a specific version of vBulletin software allows anyone to easily access the main administrator username and password for a site. This would also allow hackers to access data, such as e-mail addresses, and edit the site at will. The owner of the program - Internet Brands - released a fix on 21 July. However, at this time, many sites remain vulnerable. More »

Tabnapping, or Gmail Favicon Virus
The attack, dubbed "tabnapping" by Firefox creative lead Aza Raskin, uses Javascript to replace the contents of a tab and its label. The malicious code waits until you switch to view another tab. Then, when you're not paying attention, it quietly changes its contents to resemble the Gmail log-in screen (or some other information-collecting site). Between the convincing fake page and the Gmail favicon in the tab bar, it's likely that many will simply assume they left the tab open and were logged out. After collecting your log-in credentials, it simply forwards you to the correct page (in this case Gmail), because you were never actually logged out. The attack script can be triggered on a delay so that it will only change the page if it has not been touched for several minutes, or hours, preying on the inaccuracy of a user's memory. It can even mine your browser history to target the sites you're currently logged-into without special coding. Read More »

Android Virus Removal
Google's open-source program manager has launched an entertaining rant against firms offering mobile security software, accusing them of selling worthless software and of being "charlatans and scammers". Chris DiBona, Google's open-source programs manager, argues that neither smartphones based on Google's Android nor Apple's iOS need anti-virus protection. Anyone telling you different is a snake-oil salesman, he said. "Virus companies are playing on your fears to try to sell you BS protection software for Android, RIM, and, iOS," DiBona said on Google+. "They are charlatans and scammers. If you work for a company selling virus protection for Android, RIM or iOS, you should be ashamed of yourself." Read More »

CVE-2011-3544
A new vulnerability has been uncovered in Java runtime that allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. Read More »

iPad Virus Protection
It was inevitable, it had to happen, and now it has. The first iPad virus is here. According to BitDefender, hackers are sending out email messages that falsely offers a software update for Apple's freshly launched tablet computers. The messages steer iPad owners to a realistic looking website that supposedly provides the latest version if iTunes online shop but instead installs malicious code on visitors' machines. Read More »

Fake (Rogue) Antivirus
Fake anti-virus software is on the rise and currently accounts for about 15% of all malware detected, according to a forthcoming report from Google. According to a blog post by a member of Google Security Team, the research paper containing their findings, 'The Nocebo Effect on the Web: An Analysis of Fake AV distribution' is going to be presented at the Workshop on Large-Scale Exploits and Emergent Threats (LEET) in San Jose, CA on April 27th.

Stuxnet Computer Worm - An Attack of Biblical Proportions?
Cyber security experts say they have identified the world's first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant. The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet's arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something. The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems. Unlike most malware, Stuxnet is not intended to help someone make money or steal proprietary data. Industrial control systems experts now have concluded, after nearly four months spent reverse engineering Stuxnet, that the world faces a new breed of malware that could become a template for attackers wishing to launch digital strikes at physical targets worldwide. Internet link not required. A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability. Could Stuxnet's target be Iran's Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?

Trojan Stuxnet »



Hackers target Microsoft Windows XP support system
Hi-tech criminals are "escalating" attacks on an unpatched bug in the Windows XP help and support system. Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for. Found by Google engineer Travis Ormandy, the loophole revolves around the Help and Support system built into XP. Mr Ormandy found that it was possible to exploit its ability to give remote aid and apply fixes to ailing machines. Initially, said Microsoft, it only saw "innocuous" attacks by researchers attempting to replicate what Mr Ormandy had found. Real exploits turned up on 15 June and these have been enthusiastically adopted by hi-tech criminals.

Read More »



Asp.NET View State Vulnerability
Microsoft is investigating a new public report of a vulnerability in ASP.NET. An attacker who exploits this vulnerability could view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config.

Asp.NET View State Security »



Microsoft windows contains a vulnerability that can allow a remote attacker to gain elevated privileges. The vulnerability is due to windows kernel-mode drivers do not properly validate all callback parameters when creating a new window. An attacker can exploit this vulnerability gain elevated privileges.

A new type of malware infects PCs using file-share sites and publishes the user's net history on a public website before demanding a fee for its removal. The Japanese trojan virus goes by the name Kenzero and installs itself on computers using a popular file-share service called Winni, used by up to 200m people. Pretending to be a game installation screen, it requests the PC owner's personal details. It then takes screengrabs of the user's web history and publishes it online in their name, before sending an e-mail or pop-up screen demanding a credit card payment of 1500 yen (£10) to "settle your violation of copyright law" and remove the webpage. It targets those downloading illegal copies of games in the Hentai genre, an explicit form of anime.

Read More »


Virus Removal

McAfee Windows XP SP3 Virus
A disastrous McAfee automatic update Wednesday morning created major problems for users running computers with Windows XP SP3. The malware alert, issued today at 9am EST, resulted in computers with Windows XP Service Pack 3 to shut down and start on a continuous reboot cycle. How did this happen? Read on to find out the shocking truth and decide for yourself whether you can trust this company... Read More »

IBM booth visitors at the AusCERT conference in Australia discovered the true meaning of Trojan horse - their complimentary USB sticks were laden with malware. IBM owned up to the ironic truth in an e-mail, alerting AusCERT delegates that the USB sticks the company handed out at the conference might have been infected with the virus. Read More »

Mobile Virus Alert
Recently a new mobile virus named "MMS Bomber" has run rampant in China, and millions of Chinese mobile phones were impacted, reported Beijing Business News. The National Computer Network Emergency Response Technical Team/Coordination Center of China has alerted mobile users that the targets of the virus are mobile devices with S60 3rd OS, mostly Nokia and Samsung smart-phones. The virus is disguised as an application; once installed, the virus will automatically connect to the internet and send MMS containing a malicious URL to random mobile phone numbers without the user's awareness, and result in financial losses to mobile users. Read More »

Zone Alarm Service Agent
Sality virus is known for antivirus attacks, and lately reports of zone alarm being disabled by the virus have been on the rise. Read More »

Java Webstart Vulnerability A new java applet exploits the recently discovered Java Vulnerability to allow an attacker to run commands on the affected system. Read More »

Unnamed App Facebook Hoax:
Unnamed App: Users are told in the warning that they can find the "Unnamed app" by going to "Settings"/"Application Settings" and then choosing "Add to Profile" from the drop-down box. Read More »

Koobface worm Removal (Facebook Virus Removal):
Koobface, an anagram of Facebook, is a computer worm that targets the users of the social networking websites Facebook, MySpace, hi5, Bebo, Friendster and Twitter. Read More »

Trojan.Hydraq Removal:
Trojan Hydraq (also known as Aurora) is behind the recent cyber attack on Google (google.cn) China. What is Hydraq? How to remove Hydraq? Read More »

Rimecud:
W32.Rimecud is a worm that propagates via removable USB drives, MSN chat client and file sharing networks. W32/Rimecud can embed malicious code onto explorer.exe and modify Windows registry to hook itself during the startup process. Win32/Rimecud.H can also spread via MSN Instant Messenger by sending a link to all of the user's online contacts. When the recipient clicks on the link, he or she will unwittingly download a randomly-named copy of the worm. Read More »

Vundo:
Vundo is a multiple-component family of programs that deliver out of context pop-up advertisements. They may also download and execute arbitrary files. Vundo is often distributed as a DLL file and installed on an affected machine as a Browser Helper Object (BHO) without a user's consent. This family uses advanced defensive and stealth techniques to escape detection and to hinder removal. Read More »

Conficker Virus Removal:
It is estimated that more than 15 million computers worldwide have been infected with Conficker. Alternatively known as Downandup or Kido, the virus is believed to allow hackers to steal user passwords and personal data, such as banking information. It started spreading in late 2008 and turned infected computers into slaves forming an army of computers known as a botnet. Although the Conficker virus was supposed to get activated on April 1, 2009, and cause a huge wave of distruction in its path, the big attack never took place. Nevertheless, internet security experts emphasize that the threat is real and evolving. Conficker may not have staged the widely anticipated dramatic showdown, but instead has gone on a stealh trajectory and taken up quiet residence in sabotaged machines. It now installs a second virus, Waledac, which engages the infected computers into another botnet specialized in distributing e-mail spam. Look here for possible Conficker virus removal tools.

WIN32.Agent Virus Removal:
WIN32.Agent is an adware trojan program that downloads unwanted software. When Win32.Agent launches, it copies itself to %WINDIR%\System32 under a random name and it will launch each time Windows is rebooted on the user's computer. Look here for WIN32.Agent removal instructions.

Read More »

Types of Computer Viruses

Computer viruses can be classified in many different ways based on a number of factors, such as their entry point, infection strategy, objectives, etc.

Read More »

Virus Protection

Probably the two most important things you can do to protect your computer against being infected in the first place is to keep it up-to-date with the latest anti-virus software and have the firewall on. Then again, if you're looking for virus removal info, you probably suspect that your computer is already infected and this advice might have come a little too late (although you should still follow it for the future).

Read More »


Virus Removal Tools

There is no shortage of virus removal tools, either free to download or available for purchase. Most reputable anti-virus software vendors offer some or other free version of virus removal software, but you can also buy full antivirus programs if you need support or if your problems are just too severe to be dealt with using free ant-virus software.

Read More »


Free Virus Removal

Is there such a thing as free virus removal? Apparently, yes. In the internet community accustomed to free everything, the laws of physics are defied, and free lunch does exist. The devil, however, is in the fine print. Online virus removal tools are a-plenty, but beware every step of the way! Fake antivirus and antispyware are just some of the dangers lying low in the mist...

Free Virus Removal »


Adware Removal

Adware is software that periodically pops up advertisements on a user's computer (source: Adware). It displays ads targeted to the individual user based on key words entered in search engines and the types of Web sites the user visits. The marketing data are collected periodically and sent in the background to the adware Web server. Adware is known as "contextual marketing."

If adware is installed in the user's machine without disclosure, it is considered "spyware." Such programs are often delivered as part of another download the user actually did want, but without any notification. Since software licenses are rarely read, there is controversy over what is legitimate adware versus spyware.

Adware Removal »


Jessica Biel As A Virus Bait?

Next time your curiosity tempts you to Google the latest pictures of cutesy couple Jessica Biel and JT, be warned: A report by security technology company McAfee Inc. revealed yesterday that one in every five people who search for Biel online will be misled to a website with the intention of harming one's computer (aka, you will probably get a virus).

Read More »