Sunday, February 15, 2009

The rogue quartet



Last week, I told you how to save your computer from viruses. This week we will take a look at the top four viruses and malwares infecting computers in India.

Autorun malware
The most common infection is the autorun malware. Autorun is a brilliant utility built into all Windows systems, but sadly it has been causing more harm than gain in the last few years. Autorun enables designated files to run when an enabled drive (a CD or USB thumbdrive) is inserted into the computer. If your thumbdrive is infected, it will automatically run an installer infecting the PC. The autorun malware will usually download more malware, additional backdoors and password stealers, most of which also have the capability to disable your anti-virus, leaving your system vulnerable. The best way to tackle the malware is by disabling autorun.

IE start page changes
Spyware and adware often change your browser’s start and search pages. Even if you remove the malware using your anti-virus software, you will still need to reset the settings of Internet Explorer, so as to get your default pages back. For Internet Explorer 6, right-click the IE icon on the desktop, choose ‘Properties’, click the ‘Programs’ tab, then the ‘Reset Web Settings’ button and click ‘Apply’ and ‘OK’ to reset settings. In IE 7, click Tools/Internet Options in the Internet Explorer menu, click the Advanced tab and click Reset.

Downadup/Conficker
If you are on a network, or have a PC that often links to one, there are chances you may get infected by Downadup, a malicious worm that uses your computer resources to replicate, and make copies of itself. It can also include other malwares that damage both the computer as well as the network. Once executed, it disables a number of important Windows services, including automatic updates, security centre, Windows defender and Windows error reporting. After infecting and shutting down services it uses your Internet connection to download more malware. However, removal tools are available.

W32/Netsky-P
Ever wondered why there is spam being generated using your email address? Most probably, you are using Peer-to-Peer Networks to share files, or to download pirated music or movies and may have infected your PC with W32/NetSky-P. The worm copies itself to your P2P shared folders and adds files such as ‘britney spears song text archive.exe’, ‘harry potter all e.book.doc.exe’, ‘microsoft office 2003 crack best.exe’ which steal data from your local files and spreads by emailling a copy to your colleagues, with subjects such as Re: Thank you for delivery, Re: Status, Re: Notify. The worm is also known to delete registry entries. Tools to remove the worm are available on the Net.

--
The above story was printed in the Indian Express on Sunday 15th Feb 2009.

Bookmark and Share

Labels: , ,

Posted by The Big Geek at 9:01 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Creative Commons License
Writings by Gagandeep Singh Sapra by Gagandeep Singh Sapra is licensed under a Creative Commons Attribution 2.5 India License.
Based on a work at www.thebiggeek.com | www.gagandeepsapra.com | www.g-spot.in.
Permissions beyond the scope of this license may be available at www.thebiggeek.com.