There is a lot of danger from viral infections, trojans, malware and spyware that lurk on the internet, waiting for the unprepared and unwary. Many of these infections are carefully crafted and can spring on you like a Venus Fly Trap, snaring you within. Facebook offers, free VISA cards and others can snare the unwary. You can protect yourself with a few simple precautions. Continue reading “Trojans, Viral Infections, Malware and Spyware Await You on The Internet Ocean” »
Hackers, malware writers and attackers have a variety of motives for installing malicious software and use various methods and sophisticated techniques to spread their malicious programs.
“Rouge” security programs are one of the most common sources of malware infection. They typically infect machines by using scams to trick a user into spending money to buy an application which claims to remove malware. They typically use bogus warning messages and alerts to indicate that your computer is “infected” with spyware or has critical errors as a scare tactic to push you into downloading a malicious security application to fix it. The alerts can mimic system messages so they appear as if they are generated by the Windows Operating System. It is not unusual for malware writers to use the names of popular and legitimate security programs as part of the name for fake anti-virus software in order to trick people into using them. There are at least two malicious security programs that use part of or the entire “Malwarebytes” name. There are also ones for the popular Spybot Search and Destroy and many more. Even Microsoft has been targeted by attackers using such names as Microsoft Security Essentials, MS Anti-virus for their fake programs and incorporating the names Defender, XP, and Vista into their names.
Rogue anti-spyware programs are responsible for launching unwanted pop ups, browser redirects and downloading other malicious files so the extent of the infection can vary to include backdoor Trojans, Botnets, IRCBots and rootkits which compromise the computer and make the infection more difficult to remove. Infections spread by malware writers and attackers exploiting unpatched security holes or vulnerabilities in older versions of popular software such as Adobe, Java, Windows Media Player and the Windows operating system itself. Software applications are a favored target of malware writers who continue to exploit coding and design vulnerabilities with increasing aggressiveness.
A large number of infections are contracted and spread by visiting gaming sites, porn sites, using pirated software (warez), cracking tools and keygens where visitors may encounter “drive-by downloads” through exploitation of a web browser or an operating system vulnerability. Security researchers looking at World of Warcraft and other online games have found vulnerabilities that exploit the system using online bots and rootkit-like techniques to evade detection in order to collect gamer’s login information so they can steal their accounts!
Infections spread by using torrent (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smorgasbord of malware infections, remote attacks, exposure of personal information, and identity theft. File sharing networks are thoroughly infected and infested with malware! Malicious worms, backdoor Trojans and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocent-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Hackers are also known to exploit Flash vulnerabilities which can lead to malware infection. When visiting a website that hosts an HTML page which requires a Flash script, users may encounter a malicious Flash redirector or malicious script specifically written to exploit a vulnerability in the Flash Interpreter which causes it to execute automatically in order to infect a computer.
Infection can also spread by visiting popular social sites and through emails containing links to websites that exploit security holes in your web browser. When you click on an infected email link or spam, Internet Explorer launches a site that stealthy installs a Trojan so that it can run every time you startup Windows and download more malicious files. Email attachments ending with a .exe, .com, .bat, or .pif from unknown sources can be malicious and deliver dangerous Trojan downloaders, worms and viruses which can utilize your address book to perpetuate its spread to others.
Finally, backing up infected files, is a common source of re-infection if they are restored to your computer. Generally, you can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml ) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise themselves by hiding a file extension or adding to the existing extension, so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions.
One of the things that I am most concerned with as a computer professional of 38 years, is ensuring that my customers computers are protected from viral infections, malware, hard drive, other hardware failures, computer theft and environmental factors.
I am constantly amazed when speaking with business professionals, associates, friends and family, people at trade shows and other events that I attend, how unprepared and unprotected most people’s computers really are. They usually start by telling me that they are alright and that they have protection. So… I ask them: Continue reading “So You Think Your Computer Is Protected” »
Many people are lured these days by the siren song of tune-up programs or on-line services that claim to “double your speed,” or “make your computer perform like new,” or dramatically boost your computer’s performance.
While these programs can help improve the performance of your computer, most of you will likely be disappointed with the results of the “improvement,” and your wallet will be a bit lighter. In addition, many of these tune-up programs and services use a “shotgun” or “Swiss army knife” style of approach to cleaning the Windows System Registry of the clutter that slows down your PC. (Think of the Registry as an inventory of all programs and their settings that are installed within the windows System.) Removing entries can often result in programs, or some portion of Windows becoming inoperative, or suddenly start displaying error screens due to these programs aggressive approach to cleaning. Continue reading “A Word About “Magic” Tune-up Programs And Services.” »
Many viral infections can not be removed while you are using Windows in normal mode. Re-starting your computer in SAFE mode, and then performing an anti-virus or anti-malware scan, or both, will remove many of the infections that resist your efforts in normal mode. Some infections are difficult to remove for normal anti-virus products even in SAFE mode. See the tip below. Continue reading “Removing Stubborn Computer Virus Infections” »