HelpGetRidOf.com

The Self Help Information Center

Archive for the ‘Trojan horse’ tag

How to get rid of spyware, viruses, phishing, adware, etc.

without comments


Let’s start with some terminology for those that may not know these terms:

SPYWARE:  Spyware is software that downloads itself to your computer without you even knowing it.  It can be automatically downloaded by a website owner that has gotten paid to install it on your computer, or just by visiting a site you can get infected.  Sometimes it is installed on your PC when you install another piece of software.   Spyware will change your system configurations, monitor your on-line activity and broadcast the information back to an outside party (usually advertisers.)  It will collect your personal information, user names, passwords, account numbers, driver’s license number, social security numbers, etc.  Spyware is not a virus.

SPYWARE INFECTION:  Usually carried by freeware or shareware programs that can be downloaded from media-supported sites and worms its way into your computer to monitor and report what you are doing.  This additional tracking software on your system, is continuously “calling home”, using your Internet connection and reporting statistical data to the “mothership” (a company or person you do not know).

ADWARE:  Adware is a type of software that collects information about the user in order to display targeted advertisements to the user.  (Advertising Supported software)  This is the way for shareware authors to make money from a product, other than selling it to the users.  There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales.  This way you don’t have to pay for the software and the developers are still getting paid.  If the banners are annoying to you, there is usually an option to remove them by paying a regular licensing fee.

MALWARE:  Malware is malicious software that has been designed to infiltrate or damage a computer system and includes, computer viruses, worms, Trojan horses, most root kits, spy ware, dishonest adware, crimeware, and other unwanted and malicious software.  Malware is also known as a computer contaminant.

CRIMEWARE:  A computer program or a set of computer programs designed to facilitate illegal activity online.  Many spyware programs, browser hijackers, and keyloggers can be considered crimeware.  A phishing kit is a common type of crimeware.
 
SPYWARE TROJANS, REMOTE ACCESS TROJANS (RATs), TROJAN HORSE:  Malicious programs that run on your computer, permitting an intruder (cyber criminal) remote access to your computer.  Trojans are the first stage of an attack and their primary purpose is to stay hidden in your computer while downloading and installing a stronger threat – such as a BOT.  Trojans cannot spread by themselves like a virus or a worm can; they are usually delivered to a victim through an email message, coming through as an image or a joke, or a malicious website, which installs the Trojan horse on your computer through vulnerabilities in web browser software such as Microsoft Explorer.  Once it is installed, the Trojan horse will lurk silently, invisibly carrying out it misdeeds, such as downloading spyware.

STALKING HORSES:  Spyware that is generally bundled into many programs and can also be presented in the installation as desirable additions to the main software, the Trojan horse that you are installing.

BOTS, INTERNET BOTS, WEB ROBOTS, WWW BOTS, BOTNETS:  Software applications that run automated tasks over the internet; performing at high rates and used mostly in web spidering.  BOTS take control of your computer and make it participate in networks called BOTNETS that harness massive computing power and Internet bandwidth to relay spam, attack web servers, infect more computers, etc.

WEB SPIDERING:  The use of bots, for fetching and analyzing files information from web servers.
 
BROWSER HELPER OBJECTS (BHOs):  A plug-in designed by Microsoft for Internet Explorer to help developers customize and control the browser and improve it with new features.  Most BHO’s are helpful but they can also be exploited to install features or functions that are malicious.  To view the BHO’s that are currently installed in Internet Explorer click on TOOLS, then MANAGE ADD-ONS.  BHODemon can be used to detect and remove malicious BHO’s.  If you are worried about BHO’s, you can switch to Firefox which BHO’s cannot impact.

KEYLOGGERS, KEYBOARD LOGGERS:  A keylogger is a program that logs all the activity of your keyboard and reports this information back to a remote computer.  This information is used to steal passwords, bank information, etc.  This program runs in the background and records every keystroke.  The attacker then peruses them carefully hoping to find passwords, or other personal information that can be used against your computer or you.  Some keyloggers capture screens instead of keystrokes. Keyloggers are also used as a surveillance tool by employers to ensure employees use work computers for business purposes only.

MODEM HIJACKER, PHONE DIALER:  This is an application that changes the phone number dialed when using a dial-up internet connection so charges are incurred on your phone bill.
 
IDENTITY THEFT:  Identity theft is a crime involving fraud when someone pretends to be someone else in order to steal money or other things from another by wrongfully obtaining and using another person’s data – Social Security number, your bank account or credit card number, your telephone calling card number, and other valuable identifying data ­ can be used, if they fall into the wrong hands.

HIJACKERS, BROWSER HIJACKERS:  A form of malware or spyware that replaces your existing internet browser home page, error page, or search page with its own.  Usually you are forced to a particular site for advertising or marketing purposes.  You can do a search in Google and instead of getting the results back from Google, your search request is hijacked and sent to another search engine.

BACKDOORS, BACKDOOR SANTAS:  These are programs that you can download off the internet and contain valid uses, but they do collect information and statistics on the sites you visit, the type of hardware, etc. and this information is transmitted back to the servers.  They usually do not work with adware products.
 
ROGUE ANTI-SPYWARE:  Software that is mostly used by those that are running Microsoft Windows to detect and remove spyware.  Many anti-spyware programs are fake alerts and false promises that trick you into buying the software.  Antivirus System PRO can install itself on your computer without your permission through trojans and browser security holes.  It configures itself to run automatically every time your computer starts, scanning your computer and listing a lot of threats to trick you into buying the paid version of the rogue.  The threats are all fake – you can ignore them.  This is the display you may see:
Windows Security alert
Windows reports that computer is infected. Antivirus software
helps to protect your computer against viruses and other
security threats. Click here for the scan your computer. Your
system might be at risk now.
Antivirus System PRO will also install an Internet Explorer BHO module (iehelper.dll) that will hijack Internet Explorer and randomly shows a message “Internet Explorer cannot display the webpage.  Needed Powerful PC Protection” and uses a fake address (security.Microsoft.com) instead of the site you are trying to browse to:
Internet Explorer Warning – visiting this web site may harm your computer!
Most likely causes:
The website contains exploits that can launch a malicious code on your computer
Suspicious network activity detected
There might be an active spyware running on your computer
What you can try:
- Purchase Antivirus System PRO for secure Internet surfing (Recommended).
- Check your computer for viruses and malware.
- More information
Once again the warning is fake and should be ignored.
You can uninstall Antivirus System Pro from your computer.

VIRUS:  A computer virus is a program that reproduces itself.  It can attach to other programs or create copies of itself; it can damage or corrupt files and data, change data, etc.
A BOOT SECTOR COMPUTER VIRUS:  Your computer will not successfully boot, the virus stays in memory and infects floppies and other media when they are written to the infected computer; becoming less common now that floppy disks have become rarer.
MASTER BOOT RECORD (MBR) COMPUTER VIRUS:  Similar to boot viruses, except they infect the MBR (Master Boot Record) instead of the boot sector.
FILE INFECTOR VIRUSES:  Infect files that have executable codes such as .EXE and .COM files.
MACRO VIRUSES:  Infect certain types of data files such as Microsoft Office files, word documents, Excel spreadsheets, Power Point Presentations, and Access Databases – usually using the Visual Basic macro language built into Microsoft Applications.
MULTI-PARTITE VIRUSES:  These share the characteristics of more than one virus type, possibly infecting both the boot record and program files.

WORM, COMPUTER WORM:  Malicious software applications designed to spread through computer networks.  They are one form of malware associated with viruses and Trojans.  Worms are usually sent through email attachments or messages that contain executable scripts.  They can penetrate most firewalls because they are embedded inside everyday network software and they spontaneously generate additional messages containing copies of the worm. 
 
BADWARE:  Software that disregards a user’s choice regarding how your computer will be used.  Badware can be spyware, malware, or deceptive adware.  One common example of badware includes free screensavers that generate advertisements, malicious web browser toolbars that take over your computer.  In general, badware is the term that includes all spyware, phishing, botnet, and other related terms.

ROUTES OF INFECTION:  The source of infection is primarily when the spyware downloads itself from the Internet.  The Internet is the route of contamination.  Storage devices and local area networks can also contribute to this.  We would never knowingly download spyware into our computers and they know it.  That is why spyware needs to deceive us by loading itself into the computer by attaching itself to other software programs.
 
STEALWARE:  Stealware is a new name given to products that modify affiliate tracking codes in order to change the person to which the payment is due.  You’ve worked hard on developing a site that generates a modest revenue from cost per action referrals to other sites.  You get the traffic,  the visitors to the site follow the link you’ve set up to other sites and purchase things – and you receive a referral fee.  And someone else resets the tracking codes to their own and get the payments due to you.

BROWSER COOKIES, TRACKER COOKIES:  Cookies are small text files (.txt) that will not hurt your computer.  Every website your visit, on every visit will give you more cookies.  Delete them today and return to the site again tomorrow and they will be back.  Cookies will not slow up your computer, are not a virus, are not spy ware, etc.  They are third party cookies from advertising servers – tracking your movements around the web to send  you specific advertising that you would be interested in.  If you feel that these cookies are a threat to your privacy, and you are using Internet Explorer, you can permanently block all third party (tracking) cookies by going to TOOLS, INTERNET OPTIONS, PRIVACY, ADVANCED, and check mark OVERRIDE AUTOMATIC COOKIE HANDLING, THIRD PARTY COOKIES, BLOCK, OKAY.

UNWANTED SOFTWARE:  Unwanted software is the spyware, adware, malware, etc. that you do not want in your computer.

PHISHING:  Phishing is sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.  Usually the e-mail will direct the user to visit a website where they will be asked to update personal information, including passwords, account numbers, credit card numbers, social security numbers, etc.  The legitimate organization already has this information – the website you  just visited to update your personal information is bogus and is only set up to steal your information.
 
POPUPS, POPUP ADS:  This is a form of on-line advertising used to attract web traffic or capture e-mail addresses.  Certain websites will open a new web browser window to display advertisements.  If you have a popup blocker and you are still seeing popups, then the web developers have found a new way to get around your popup blocker.

There are five known types of popups that you might see even with a popup blocker enabled:
1 – Popup ads from adware.  If you see popups promoting explicit web sites, you most likely have some web site or program that has installed adware on your system.
2 – JavaScript debugger windows – usually showing you a run-time error and asking if you want to debug. Don’t respond to this.
3 – Windows messaging service – these popups are “messages” for advertisements.  Don’t respond to this.
4 – User-requested popups cannot be blocked.  If you click on a link and that link is supposed to open a new window, your popup blocker assumes that since you clicked on the link, you wanted the popup.
5 – Yahoo! Feature tips – That purple and gray panel that is sliding down from the top of your Internet Explorer window, is not a popup.  It’s a feature tip from Yahoo!  You can disable them.

FIREWALL:  A firewall is software or hardware that checks information coming from the Internet or a network, and then blocks it or allows it to pass through to your computer, depending on your firewall settings.  It’s design is to block any unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.

INTRANETS:  The generic term for a collection of private computer networks within a corporation that share information.

EXTRANETS:  An extension to intranets, opens to provide controlled access to outsiders.

Spyware and your computer is a very serious thing!  Spyware can cause much damage to your computer and the data that is stored on it.  It can be just sitting there right now, disrupting your data, and possibly even stealing your identity.  It can be a part of various programs or it is hidden in another program.  It hides itself very well. And even if you have removed the program or the virus it could still be there.

Spyware is so sneaky – installing itself so secretly so that it can take over your computer without your consent.  These programs collect all types of information from you, personal, business,  every site you have visited while interfering with your user control in other ways, such as installing additional software, redirecting Web browser activity, accessing websites at random that will cause more harmful viruses, and even passing all your information onto a third party -  usually advertisers.  It can change your computer settings, slow down your connection speeds, change your home pages, make you lose your internet or other programs.  It can download porn on your computer as well.  It will also load adware and viruses.  The new term for it is “privacy-invasive software.”

Trojan horses are especially bad.  They get into your computer and steal things like passwords.  Stealing a password to a site you visit regularly isn’t as bad as the Trojan horse being able to collect the information you need to give when logging in to your bank account and then transferring it to whoever created the Trojan so they can steal your bank account details. A Trojan horse accounts for a large part of identity theft.
How would you know you have spy ware infecting your computer?  Your internet connection begins to slow down, popup windows appear in unexpected places, and your computer may be crashing regularly.  You can still be infected without any of these happening.  You will need a quality spyware remover that is reliable.  Check various product reviews to see what others have said about it.  Once you find a spyware remover that you feel comfortable with, download it and run it.  Be sure to keep up with updates, those that write these spyware programs find ways of breaking through anything they can.  If at any point you do not like it, remove it and get another one.

It may be to your advantage to use two different spyware removers.  The new spyware programs find the sneakiest ways of infecting your computer and are even better at hiding.  No one program can remove all spyware.   There are just too many different types of malware for just one company to be able to deal with all the time.
 
For added protection, have an anti-virus and a firewall.  No matter how careful you are at what you are downloading into your computer, you can never be 100% sure.  Get a reliable spyware remover that will also remove infections and get a second one to remove anything the first program may have missed.
 
Do this on a regular basis and keep up with all updates to be safe.

If you don’t know the source that is sending you an attachment – do not open it.

By doing all the above you will keep your computer safe.

Do not worry about having spyware or adware on your computer – and if you are running Windows, you have at least one malicious program on your computer right now.  It can be removed, and there are even free downloads available for your use.

With spyware reading your documents, tracking your internet use, reading your address book, and returning all this over to a malicious third party, malware – including adware – makes popup advertisements appear out of nowhere.  One thing you should not do is download any spyware removal program that is advertised in a popup ad – it won’t be spyware removal that you are downloading!

Type “spyware removal software” in your internet browser and search.  Download the software and install – then scan your computer for spyware doing a full scan.  This may take 30 minutes or more depending on the number of files on your hard drive.  Restart your computer and run the spyware removal program again.  If the program detects spyware once again do an internet search of “spybot search and destroy”.  Download and install.  Spybot will scan your computer and remove any spybots that are detected.  Reboot your computer IN SAFE MODE and run Spybot a second time.  To do this, restart your computer and as the computer is turning on repeatedly press F8 (function key 8).  Choose SAFE MODE from the DOS menu – press ENTER.  Run Spybot in safe mode; then run the Spybot software again and remove any spyware that is found.  When finished, restart your computer and run both programs again.  You should now have a computer that is spyware free! 
 
The companies that distribute spyware do not want to give you the option of uninstalling it making it almost impossible to get rid of.  You don’t know when it is installed.

Maybe you have downloaded some free software – like the Weatherbug or Kazaa and you didn’t notice that in the terms and conditions you were allowing “free” software to install extra “helper” applications which may change your home page, search page, add a toolbar on Internet Explorer, popup ads at odd times, or cover up your favorite web page with a big ad. 

Maybe you clicked on a popup add or “Yes” to a dialog box while surfing the web.  Maybe it was a warning of error message, but in fact it was false advertising luring you to install some adware.

If it’s a “free” download of “free” software from the Internet, be sure to read all license agreements thoroughly before downloading.    For instance, you may sign up for a free music service, but “pay” for the service by agreeing to receive targeted ads.  You understand the terms and agree to them.  You  may have also agreed to let the company track your online activities to determine which ads to show you.

Always be sure to read disclosures, including the license agreement and privacy statement.  Sometimes the inclusion of unwanted software is a given software installation is documented, but it may appear at the end of a license agreement or privacy statement.

Always back up your data – anything that is important to you – that you would want to save if your computer should crash.  Do this on a regular basis.

If you do not want to be a victim of identity theft, stop all banking, shopping, etc. online that involves user names, passwords, social security numbers, account numbers, driver’s license numbers, etc.

Of you computer has spyware the FTC wants to know.  You can file a complaint with the FTC:

For cross-border scams file a complaint at econsumer.gov

To report identity theft file a complaint at ftc.gov/idtheft

To report any unsolicited email offers go to spam@uce.gov

If your computer gets infected with malware, notify your Internet Service Provider (ISP) and file a complaint with the Federal Bureau of Investigation (FBI)

If you’ve been a victim of online investment fraud, send your complain to the U.S. Securities and Exchange commission, using the agency’s online complaint center.

For online shopping fraud, contact the Attorney general in your state, the Better Business Bureau (BBB) and the FTC.

Forward spam that is phishing to spam@uce.gov and also reportphishing@antiphishing.org

If you believe you’ve been scammed, file a complaint at FTC.gov