Social Networking junkies beware of the worm Koobface

Courtesy: Akash Khare

Are you getting enticing messages in your with video links in your social networking sites such as Facebook, Orkut, Twitter, MySpace, iBibo, Friendster etc? Beware that any attempt to download the video my infect your system with Koobface Worm. This worm can steal sensitive data from your computer.

Koobface spreads by delivering Facebook messages to people that are 'friends' of someone on Facebook whose computer has already been infected. The messages contain innocuous subject headers such as "Paris Hilton Tosses Dwarf On The Street", "LOL", "My friend catched you on hidden cam", and "My home video :)" followed by a link. The link leads to video sharing site like YouTube. Once you are there, you have been asked whether you want to download a software required to watch the video. If you click "Yes" the worm gets activated and infect your computer.

The worm not only disrupts your internet experience by sending your searches on engines like Google elsewhere and return garbled replies, it also steals data that may have been left in your computer's memory.

You may not be able to notice the worm activity. However, your internet activity may highlight it  when you will get abnormal results and you will be misdirected to other site.

Steps to remove KoobFace:

Stop Koobface.B Worm processes:
C:\Windows\fbtre6.exe
Delete Koobface.B Worm files:
C:\Windows\fmark2.dat
Get rid of Koobface.B Worm registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating
Note: In any Koobface.B Worm files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”). If you have any questions about manual Koobface.B Worm removal, go ahead and leave a comment.

How Do You Remove Koobface.B Worm Files?

Need help figuring out how to delete Koobface.B Worm files? While there’s some risk involved, and you should only manually remove Koobface.B Worm files if you’re comfortable editing your system, you’ll find it’s fairly easy to delete Koobface.B Worm files in Windows.
How to delete Koobface.B Worm files in Windows XP and Vista:
   1. Click your Windows Start menu, and then click “Search.”
   2. A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
   3. Type a Koobface.B Worm file in the search box, and select “Local Hard Drives.”
   4. Click “Search.” Once the file is found, delete it.

How to stop Koobface.B Worm processes:

1. Click the Start menu, select Run.
2. Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
3. Click Processes tab, and find Koobface.B Worm processes.
4. Once you’ve found the Koobface.B Worm processes, right-click them and select “End Process” to kill Koobface.B Worm.

How to remove Koobface.B Worm registry keys:

Koobface.B Worm warning Because your registry is such a key piece of your Windows system, you should always backup your registry before you edit it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or value, there’s a chance you may need to reinstall your entire system. Make sure your backup your registry before editing it.

1. Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
2. Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
3. To find a registry key, such as any Koobface.B Worm registry keys, select “Edit,” then select “Find,” and in the search bar type any of Koobface.B Worm’s registry keys.
4. As soon as Koobface.B Worm registry key appears, you can delete the Koobface.B Worm registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”

How to delete Koobface.B Worm DLL files:

1. First locate Koobface.B Worm DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
2. To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Koobface.B Worm DLL file is located. If you’re not sure if the Koobface.B Worm DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
3. When you’ve located the Koobface.B Worm DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.That’s it. If you want to restore any Koobface.B Worm DLL file you removed, type “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
   

Did Koobface.B Worm change your homepage?

1. Click Windows Start menu > Control Panel > Internet Options.
2. Under Home Page, select the General > Use Default.
3. Type in the URL you want as your home page (e.g., “http://www.homepage.com”).
4. Select Apply > OK.
5. You’ll want to open a fresh web page and make sure that your new default home page pops up.

Technorati Tags: Koobface,security,twitter,facebook,worm,how to

Remote Control your Mobile Phone from Internet

Courtesy: Akash Khare

In this corporate world, you are not allowed to keep your mobile phone with you. This is mainly because of security concerns plus the high resolution camera available in your phone. You are provided a locker for this. So, what do you do when you are away from your mobile and have to access to it in case there is an important call or message.

Even if you are not in office but somewhere else and you forgot your phone somewhere and there is an urgent need to get some data from your phone like someone's contact number or an important message stored in it. You are at your wit's end.

I know how you will feel as I have myself faced this kind of situation many times. I had been searching for a solution to this. I found some web servers which can keep store your phone's data when you sync them but they are not real time. But I found one application which is real time. Nokia is providing Mobile web server for its S60 devices but not many people have S60 devices. And it will be too costly if you have any other Java phone. But there is one more web server application Httpd4mobile.

Httpd4mobile is HTTP server for your Java mobile device. It uses WiFi/GPRS connection to let you access your mobile contact list, Camera, Data etc. through your desktop computer browser connected to Internet. The two awesome feature I like are Dynamic IP Support and neat web frontend to access all mobile functions from your browser. Some of the webservice functions are listed below.

1. CAM Picture : Use phone camera as WebCAM
2. Audio Record : Recording of audio data about phone microphone
3. Contact List : Contact,ToDo and Event list entries can be downloaded directly from phone for import in your email client e.g Outlook. Also it's possible to create a simple new contact list entry
4. Send SMS : Send SMS about a standard web browser
5. File Download : You can download files from phone about a link in your web browser window
6. File Upload : You can upload files from your computer to phone via web browser.
7. Phone Infos : General information about your mobile phone.
8. Phone Jokes : Via browser activate the vibration alarm, flash or the sound on your mobile phone.
9. Server Status : httpd4mobile servers status and other useful information.
10. Server Log : View all HTTP requests in a HTML table.
11. Phone Location : Display your mobile phone location via GPS in Yahoo Maps (in new version)

See the application in action:

This is shareware software and in free mode you can transfer data up to 1 MB. For unlimited data transfer over Httpd4mobile server you have to register at the site. Download the Httpd4mobile app java module from here.

PS: Thanks a lot Akash for such an interesting post.Welcome to our world. :)

Technorati Tags: Nokia Mobile WebServer,MyMobileSite,Httpd4mobile,Remote Control,Mobile,Java Phone,J2ME,JAR,JAD

Portable, fast & light weight search utility for your Windows Desktop

Do you have any desktop search utility installed in your computer? I have tried Google Desktop, Copernic Desktop search and Windows search. I found all of them a bloatware and creating huge index file. In order to have more real estate in my hard disk for movies, I had uninstalled these softwares long time back.

Snowbird is lightweight (only 267 KB) search utility and it is much faster than Windows built in search utility. Though it is not as fast as the dedicated search utility software like Google Desktop, Copernic Desktop etc. As these softwares carry a high overhead. Creating and maintaining the indexes eats up a lot of processor power, and the indexes themselves take up a lot of disk space. In comparison to this; Snowbird is light on system resources resources and takes mere 1 MB of disk space. And another good feature is that it can be run from the USB Drive as well.

The application maybe limited to three basic function: file search, file transfer and browsing folders like Windows Explorer. However the developer has ensured that the utility is able to do

1. Fast Search

2. Efficiently copy large amounts of data. Skip errors while copying and even pause transfers temporarily.
3. Browse faster: Access extremely large folders and network resources at lightning speed. Navigate faster using bookmarks, mouse gestures and Vista-style breadcrumb navigation.

Give this app a try and you will find a good addition for your Flash Drive.

Technorati Tags: Fast Search,File Search,Freeware Search,Google,Search File,Search Tools,Search Utility,Snowbird,Windows Freeware,Windows Xp Software

Create Self Destructing messages for Emails, Facebook posts, Orkut, Web Chats etc. with Vanish

You want to share something personal against your boss with your colleague; you want to send some mushy love notes to your girlfriend/boyfriend; you had steamy chat session yesterday night. In all these cases one thing is common that you don't want to leave behind any trace of your internet activities. And if you can send messages which can destruct itself in few hours .... AMAZING..... you would say.

On Internet the data lives forever. Even if you delete the data, it can be retrieved. But this is going to change due to the technology called Vanish. The credit goes to the research scholars Roxana Geambasu, Yoshi Kohno, Amit Levy and Hank Levy of University of Washington. They describe Vanish as

"Vanish is a research system designed to give users control over the lifetime of personal data stored on the web or in the cloud. Specifically, all copies of Vanish encrypted data — even archived or cached copies — will become permanently unreadable at a specific time, without any action on the part of the user or any third party or centralized service."

The amazing thing about Vanish is that it can erase posted data anywhere on the web. Be it Hotmail, Gmail, Facebook, Twitter, Orkut, Google Docs etc. However right now it can be done only in Firefox right now. In order to use this install Vanish. It has two components, first one is Vanish System - install this in your computer (Windows, Linux, Mac) and the second one is Firefox Plug-in. Once installed allow it to boot strap for 5 minutes. To use it select the text of the message and then right click the mouse button and select "Create Vanish Message".

In order to read the message select the encrypted text and then right click the mouse button and select "Read Vanish Message".

The Vanish Current prototype deletes data using the natural churn on file-sharing P2P networks. For each message Vanish send it creates a secret key which is not revealed to user and using that key the message is encrypted. And then the secret key is broken into several pieces and then it is spread in the P2P networks. As the file sharing network are on constant change as computers are logging and leaving the networks constantly. And due to this when some key pieces are lost the message cannot be decoded. In this case the sender also cannot retrieve the data.

Currently Vanish works only for Text, however the developer are saying that the technology can be extended to include images or any kind of data form. Vanish also has "Online Version" for those who do not want to install this in his computer. Give Vanish a try and let me know your feedback.

Technorati Tags: email,facebook,firefox extension,privacy,my space,Twitter,Orkut,self destructing mail

We are back!!!!!!

My friends and readers are asking that why no post in July. Were we on some sorts of sabbatical? Actually first Pranav was down with chicken pox and then I was not well for some time. Two of my colleagues resigned at office and then my examination :)

I thank all our readers who keep on checking our blog for new posts and updates, you are motivation for us.