What are spywares?
Spyware is a technical name for any software that tracks the user’s activities without user’s permission; when he is online and passes the information to a third party. Spywares are programs, which use your computer without your permission or knowledge, and try to accumulate our private information and use our own computer resources to relay it to someone else. Another potential problem is that many Spywares are poorly written, “contains bugs or errors”, and can cause problems with the normal operation of your computer, because of which the web-browser experiences “General Protection Faults”, hangs, or freezes it may be due to one or more of these types of programs interfering with its proper function. Spywares come in the Trojan horse category of viruses. Spywares are distributed mainly through the Internet, via freeware downloads or through underground hacker sites. Spywares are also sometimes bundled along with some commercial software, as a means to track the usage of the software and collect data regarding the user.
What OS is the software compatible on?
Wind 2k Pro
Win XP Home
Win XP Pro
Advance Server 2003
What Network types do we support?
We support the following types in a LAN Configuration
• Machines under a Domain Network
• Machines under workgroups with administrator user
• Machines connected using TCP/IP or NetBios
• All machines that can be viewed under Network Neighborhood
What is NetBios, and Subnet?
NetBios: Short name for Network Basic Input Output System, an API that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all Windows-based LANs for PCs are based on the NetBIOS. Some LAN manufacturers have even extended it, adding additional network capabilities.
SubNet: A portion of a network that shares a common address component. On TCP/IP networks, subnets are defined as all devices whose IP address have the same prefix. For example, all devices with IP address that start with 100.100.100. would be part of the same subnet. Dividing a network into subnets is useful for both security and performance reasons. IP networks are divided using a subnet mask.
Where are the Live Updates done?
Live updates are done from our own server. The location of the server cannot be disclosed. All the spyware definitions and software enhancements can be made available through this live update. It is recommended that the application should be kept closed while the live update is in progress as we even replace the application exe to update the program.The frequency of the update is usually once in 15 days. Only the latest definition set of spywares get updated.
What are pipes?
Pipes in network are channels or threads that the application uses to connect to the clients to install our client exe on all the nodes.
Reason why we cannot access a machine even after getting administrator prompt
In case you are not able to access the machine even after getting the administrator prompt, please check the network access service in the Local Network Policy (Control Panel – Administrator Tools – Local Policy). There has to be a permission to access the shared folders and files. Our software needs only the admin$ share. We do not need any drives to be shared. Local Services Policies have to activated only in XP machines that are connected in a workgroup.
What is the number of spywares in the database?
We have a record set of 80,000 spywares along with spyware signatures. That makes the scanning more comprehensive. There is a research team working on the database definitions and constantly updating it.
How often do we update the database?
The research team is constantly working on the new spyware definitions and they are usually available to licensed copy users in intervals of 15 days. New definitions are first tested very rigorously in-house and test labs before they are added in the database. We ensure that any new entry added does not actually disturb your existing setup.
What is the process in which scanning takes place?
When the application starts or initiates the scan, its looks for the system32 folder in the client PC. To access this folder through any other PC we need administrator rights. That is the main reason we recommend that you log on to the machine where the server is installed as administrator for the domain, or if it’s a workgroups as administrator on the computer.
Which folder on the node do we access?
We access the WINNT(Or Windows) \ System32 folder of the node.
What are the components that are posted on the client PC?
Once the system32 folder is accessed, we transfer the following components from the server to the clients automatically
What is the file size of software on server and on the client?
On the server the file size is less that 4 MB and on the clients it’s less than 2MB. The updates available are also not more that 4 MB in size.
What language is the software written in?
The application is written and developed in C++
What do you check in client selection interface?
We check for the following things when we connect to PC in the Client Selection interface:
• OS(Operating System) of the machine
• If the machine is online or offline
• Admin$ is shared or Not
What is Full and Quick scan?
Full scan scans all the drives in your hard-disk.
Quick scan scans that part of the hard drive, which has the OS from which you have currently booted the machine.
Why do some spywares seen in the list not get deleted?
Only those spyware which are in process at that time cannot be deleted, especially cookies and some exe’s.
Why do you need exclude option?
Some corporates use spywares as very trusted programs for e.g., PCAnywhere, VNC. Since by definition these applications perform the same task as what a spyware would do, we recognize them as spywares, so they are detected. But the user is given an option to exclude it from the list so that they are not detected again.
Why can’t we block the spywares on the main gateway?
To block the spywares entering at the gateway we will have to run a spyware filter that will actually scan all the web pages entering the network. As Internet is the only source for spywares to enter the network. The complete network will become very slow if it has to be scanned for a record set of 35K + records every time. This will make the internet slow plus it will not allow any application supporting tracking cookies.
Can an Anti-Virus detect a spyware?
An anti-virus technology is very differently written, because of which it cannot detect the spyware. But there are a few companies like Norton complete security solutions which are attempting to provide this service. Even though the anti-virus would attempt to scan for spywares, it will never will able to scan for tracking cookies or registry values.
Does a spyware infect a file?
Yes, A spyware can infect a file and also spread through the emails as trusted emails.
What is the main difference between a virus and a spyware?
Viruses are programs that get installed in your hard drives with a pure intention of damaging the machines. Spywares do not cause any harm to the computer, as they want the computer to be intact so that they can use the resources completely to transmit all the data present in the machines. Even after the virus are killed they may leave behind the spyware and still keep the machine infected.
Why do we need Internet connection when we register the product?
During the registration process of the software, i.e. while assigning the licenses, we usually capture the hard disk number of the computer. The server voucher key is locked for that hard-drive number and cannot be used on any other machines. This information is stored on our web server. It will also help us in giving a customer support to the client.
What is difference between other Anti-spyware software’s in market and our product?
• Currently most of the products available in the market have only standalone versions, including Microsoft. In which it becomes the responsibility of all the users to ensure that they are scanning the PC regularly. Most of the time, due to over load of work and work-commitments people tend to forget in doing so.
• There is big difference in the database of spyware definitions that we cater to compared to the rest available in the market.
• The Enterprise Edition does not need any installation or pre-configuration on the client PC.
• The scan of all the computers is done in record time and very fast as compared to others.
What are the types of spyware that we can remove?
• Adware: The most common kind of spyware, adware generates several types of ads, possibly keyed to the sites you visit on the Internet. May download programs onto your PC without your knowledge.
• Adware cookies: Installed without your knowledge, these tiny pieces of code store information about your surfing habits. Can let marketing companies create and sell a profile of you.
• Browser hijacker: Changes the settings in Microsoft’s Internet Explorer browser, changes your chosen home page, and redirects your searches. May render browser useless.
• Dialer: Disconnects you from your Internet service provider and reconnects you to the Internet using an expensive line.
• Keylogger: Records all the keystrokes you type. May let outsiders access your logins, passwords and credit card numbers.
• System monitor: Records keystrokes plus e-mail, chat room conversations and instant messages. May be accessible to outsiders.
• Trojans: Programs that let outsiders make changes to your computer. Might create or delete files, or install other programs without your knowledge
What do you mean by no client installation needed?
In case where we are saying that there is no client installation done, we mean that the client exe is automatically placed and installed on the nodes that will be scanned from the server.