Wednesday, January 26, 2011
Friday, December 24, 2010
And so you ask yourself, how do I get rid of spyware? The best way to deal with this dilemma is to download a complete antivirus software that deals with all kinds of malicious intruders such as viruses, malware, and spyware. Here are suggested steps on how to do this:
1. Open Google or any other popular search engines and try looking for an anti-spyware program. You might also consider typing in the keyword "antivirus download" and check the website of the antivirus programs listed if it includes spyware removal in its protection package.
If you're unsure whether a particular antivirus program is safe enough to use, try researching first by visiting forums and legitimate reviews and check what others are saying about your target antivirus program.
2. When you have decided on what program to download, simply click on the Download Now button or any other similar button. Make sure you get the latest version because it contains updated protection system that can fight off any recently-created spyware or viruses. Remember that everyday, there are hundreds of viruses being unleashed and the only way you can protect your computer is by arming it with the most updated antivirus software.
3. Follow the instructions given after you have clicked on the Download Now button. Only click the Next button if you have thoroughly checked the step presented. Somewhere along the way, you will be given options on what programs to include. Make sure you check Antivirus, Spyware, and Malware as these are the three most common types of computer enemies.
4. The steps would usually include accepting the license agreement which you must read and understand before doing so. You will also need to choose between personal and office use. If it is for company use, you might need to sign up and purchase a package for ultimate protection. When choosing a destination folder, make sure that the desktop option is selected so that you can easily find the icon in your desktop should you need to manually run it.
5. As soon as you have clicked Finish, reboot your computer if it does not give you an option to do so. Without rebooting, some functions may not properly work. This would mean you will go back to square one and ask yourself again, how do I get rid of spyware. After rebooting, run the program and let the program destroy any spyware it detected.
Saturday, December 18, 2010
What is a virus?
A virus is a self-replicating piece of software which usually sends itself to other computers via email or the Internet. It does not require human intervention. Its purpose is to either replicate, cause computer damage, or both. It typically comes from infected emails or documents and can either do its damage right away, or be like a ticking time bomb waiting for the special day to activate.
Examples of viruses:
Boot viruses such as Michelangelo and Disk Killer load when the computer reads the disk. This type of virus is extremely difficult to get rid of.
Program viruses attach themselves to the executable programs on the computer and replicate themselves to all executables on the hard drive. Again, these are very difficult to remove. Examples include the Sunday Virus and Cascade Virus.
Stealth viruses manipulate file sizes to avoid detection. Examples include the Whale virus and the Frodo virus.
Polymorphic viruses change when they replicate so they don't look the same to antivirus software or humans attempting to find them. Examples include the Stimulate virus and Virus 101.
Macro Viruses infect Microsoft Office documents (and others) and infects the normal.dot file (the template that opens with Word when you don't open a file). These viruses infect every document that is opened in the program, and replicates itself to other computers when infected files are shared. Examples include the DMV and Nuclear viruses.
Viruses also got really good at doing something else: disabling anti-virus software. Not only could this particular virus do its dirty deeds after this event, but other malware could also infect the computer without fear of being caught. As a matter of fact, on many routine service calls I would observe that the little anti-virus software icon near the clock disappeared, and the computer user never even noticed the difference (at least until I pointed it out!).
What is Spyware?
Spyware is a general term for malware that is installed on a computer by infected pages on the Internet, or comes from software and other packages that was installed on the computer by the user. Incorrectly labeled as viruses, spyware has proliferated over the last 8-10 years (since about 2000) and has caused many computer users to have major headaches, causing computer reformats and file loss. This type of software is what this document is going to concentrate on.
Spyware can come in the form of Ad-ware, Hijackers, tracking cookies (although not all tracking cookies are bad), rogue security software, ransom-ware (an advanced rogue security software), and keyloggers. New types of spyware include rootkits which can be very difficult, if not impossible to remove from a computer system. I will speak more on that later. The primary point of spyware, however, is that it is a piece of software installed on a computer system without the user's consent or knowledge, and is typically very difficult (or seemingly difficult) to remove.
Many spyware programs are installed by way of Trojans where a piece of software is installed on the computer from the Internet. The spyware is installed unknowingly by the user at the same time as the "software" giving the malware free reign of the computer. Software that installs this way includes free screensavers, free games, programs from torrents, programs from file sharing (such as Limewire), and other rogue software.
Other spyware programs are installed by way of infected web pages. If you see a page with a popup that comes up and says something like "Warning: Your computer is infected with 99999 viruses. Click here to perform a scan of your computer," you are witnessing an infected web page and rogue software that is trying to get on your computer.
Ad-ware includes pop-ups, pop-unders, and other advertisements that appear on a computer by way of software that is unknowingly installed on the system. The primary purpose of adware is to get users to click on advertisements which earn money for the person that made the software.
Hijackers (browser hijackers) literally hijack a web browser and take the user to places other than where the user wanted to go. Most of the time even the homepage gets hijacked. Again, the purpose of a hijacker is money - when users click on the links on the hijacked page, the malware maker receives a payout. Hijackers operate technically at several different levels including registry changes, Hosts file changes, browser add-on changes, LSP (Layered Service Protocol) Hijacks, and homepage changes. Removing browser hijackers can result in browser connectivity loss which requires additional (and more experienced) diagnostics and cleaning.
Keyloggers can determine what the user is doing on the computer and record the keystrokes of the user while logging into banking pages, eBay, Paypal, and other websites important to the user. The keylogger software then transmits this information to the "Home" server (also known as "calling home") where the bad guys can decipher the information and use it to gain user credit card, banking, and other identity stealing information.
Rogue security software and their more dangerous cousins, ransom-ware, are the latest types of malware to cause problems for computer users. The rogue security software pretends to be useful security software, and is generally installed by way of infected web pages in the form of a popup that states the computer is infected with so many thousands of viruses (also known as drive-by download). This scares the user into clicking on Scan Now or OK, which really just installs the malware. The software doesn't actually detect anything at all, even though it says it does. It then offers to clean the computer for the price of the software. Paying for the software just changes the routine a bit, with the software stating it cleaned all of the infections. Examples of this malware include Spy Sheriff (one of the originals), Antivirus 2009, Antivirus 2010, Security Tool, and Security Essentials 2010.
Ransom-ware is similar in nature to rogue security software, but the effects are much worse. Not only does it want to be paid for, but it will not allow for proper operation of the computer until it does get paid for. Even worse, some of the malware of this type also encrypts all of the data files on the computer - documents, pictures, music, everything, with a 128 bit key that only the programmer knows. Recovering the data is nearly impossible unless the data was backed up onto an external drive, or the user pays the ransom. This software is installed in the same manner as the rogue security software.
The nature of malware programs and why anti-virus software cannot protect you in many cases.
Malware is created by people that understand computers, operating systems, and browsers MUCH better than the average Joe, AND know how to program the computer - and they can be located anywhere in the world. They make their creations, test them, and then send them out of the nest to fly (and infect) on their own. The malware is tested against every browser and operating system the bad guys can get their hands on, and they do their best to take advantage of ANY security holes still available in the software and operating systems.
Many times they learn about these security holes from other hackers, and sometimes they even learn about them from other people that just find them without any intent to harm. Then the malware creators advertise their infected web pages on search engines, or maybe purposely misspell a popular domain name, or upload (some great looking, but infected, software that promises the world to the user) on a website or possibly even a shareware site. The software starts to infect computers, slowly.
What about the antivirus companies? Well, the antivirus and anti-spyware companies (Norton, Mcafee, Trend, AVG, Avast, Webroot, Spybot, Ad-aware, and now Microsoft, etc.) do not even know about this software yet. That is because no one has reported it to those companies. The bad guys are, well, really bad! They don't tell the anti-malware companies that they are releasing this new software!
However, once the antivirus companies start getting reports of the new malware, they request samples and the sources (where it came from). Then they can start taking them apart (reverse engineer) as needed and work on updating their program definitions so their software can fight the infections.
Definitions are the bits of code that the good-guy software uses to compare the code on the hard drive to and determine whether it is bad software or not. Definitions need to be constantly updated so the good guys can fight the bad guys. Years ago, definitions were updated about once a week. Now many companies update them once a day, or even more.
Now that the malware has been "in the wild" (on the Internet) for some time, the good guys have a chance to update their definitions and possibly update their software (if necessary) to fight the malware. Does that mean that it will remove all of the infections all of the time going forward? NO! There may still be problems with the removal routines, and sometimes the removal routines do not even improve for many weeks, or even months. Other problems can occur because the good software is not able to stop the bad software from running when the computer is on (known as processes). Rootkits are especially good at hooking themselves into the operating system - they can even run in Safe Mode.
Anti-virus software may not help! If the user (you, or a relative, friend, etc) gives the okay to install a program (ANY program) on your computer, your antivirus software will not be able to stop the installation, even if it has a Trojan in tow. No matter what anti-virus software you use, even the "rated-best" software, cannot stop the infection from installing!
Can you see how this is a never-ending, vicious cycle? Can you see how and why your antivirus software will not be able to protect you? Does this mean you should stop using anti-virus software? No, I think not. Anti-virus software CAN help protect you in some cases, and it CAN help remove infections and alert you to changes in your operating system that should not occur. But, it is NOT a cure-all for virus infections, nor can it prevent them from occurring!
HOW do you protect yourself from these bad, nasty infections:
1) EDUCATION and Common Sense must be used on the Internet. That's right - YOU have power to stop these infections dead in their tracks with no ifs, ands, or buts. If something doesn't feel right about what you see on the screen, don't do it!! Don't press the button.
2) ALWAYS keep Windows and your Anti-Malware software updated - it can't fight what it doesn't know! Only run ONE anti-virus software program. Multiple anti-spyware scanners may be used, however (like Ad-Aware and Spybot Search and Destroy, for example).
3) Use a software firewall. Windows 7 comes with an adequate firewall that monitors incoming AND outgoing connections. The Windows firewall in Vista and XP are passable but do not monitor outgoing connections (like when spyware tries to "call home") Check out a free firewall like Comodo Firewall with antivirus - it's free and it works great. Again, only one anti-virus (and one firewall), okay?
4) When you are browsing, stay away from porn sites, hacker sites, party poker sites, and any sites with funny characters or where the domain name (such as google.com) does not make sense. When you are doing searches on the Internet, be careful what you are clicking on. Don't just click a site that looks appealing if you don't recognize the domain. Critically think about the way the domain and the rest of the URL looks. If it looks scary, don't go there. Same thing with Facebook and MySpace links! Find another, safer looking place to go (think of URLs like you think of a dark alley - you never know if danger lurks!). You can use a website checker (Symantec and McAfee both have one with their Security Suite and AVG uses one, even with their free anti-virus software) but again, remember that nothing is 100% guaranteed.
5) Here is a way to make the bad pop-up go away (note - this ONLY works if you have NOT clicked anything yet and the malware has not infected your computer): Press the CTRL and ALT buttons (hold them down) and press the DEL (or DELETE) button once. If Windows XP or before, Task Manager will start; if XP (with Quick Logon disabled), Vista or 7, click "Start Task Manager." Make sure the Programs tab is highlighted. Click the all Internet Explorer programs one at a time and click End Task until the bad pop-up goes away, and guess what - You were saved!
6) Some techs advocate unplugging the computer from the power when they see a bad popup like this, or if a laptop, holding the power button for 5 seconds. One caveat to this method, however: this is a hard shutdown, and it can actually ruin your Windows installation and possibly your hard drive. Therefore, I do not personally recommend this method except in a dire emergency. Know the possible consequences however, should you decide to try it!
Other kinds of attacks that the bad guys use to try to get your personal information have nothing to do with installing software on your computer.
Phishing attacks can come from email, or from a rogue web page that is disguised as the real thing. A couple of years ago, rogue emails were sent out to millions of people that looked like they came from their stock broker, bank, PayPal, or eBay. The email stated that the account was in default, or that their password had expired, or scared the user in some other way (this is known as Social Engineering in the computer security world). The user, not thinking about a possible scam, clicked on the link and freely entered all of their personal and banking information into the rogue web page. Needless to say, many people lost a lot of money by not critically thinking about what they were doing, or even looking at the entire domain. Here is an example of a rogue webpage URL: "http:// www. ebay.changepassword.tki.ru". Note that "eBay" is in the URL, but the actual domain is tki.ru - this would be a Russian website, with the page URL disguised as an eBay page. The title could even say something like "eBay - Change Password." ALWAYS know the TRUE domain and NEVER provide personal information unless you typed the URL in yourself, or used a trusted favorite (also known as a bookmark).
"When it comes to software on the Internet, we need to ask ourselves - did it come to me, or did I go to it?"
If it came to you, run away (or close the browser window). If you went to it, you probably knew what you were doing and where you were going.
Another security risk on the Internet:
Craigslist has become hugely popular over the last few years and for many people it works well, but unfortunately it is fraught with scammers as well! Here is the way the scam usually works:
You list something to sell on Craigslist.org. You get an email from someone who is interested (they are usually afraid to call!). The person states they are very interested in the item and want to buy it immediately, sight unseen (a definite warning flag). They offer to send you a Moneygram or cashier's check for much more than the item is worth. You get to keep some extra for your trouble, they say, but they also want you to pay the shipper an extraordinary amount to pick up the item and ship it to the "new" owner. The scam is that you pay your hard earned money for the shipping, lose the item, and to boot the cashier's check turns out to be a fraud. Not a very good day in Craigslist land, was it?
Amazingly enough, someone tried to scam me in much the same way on Craigslist! I had two people email me after I listed an advertisement to repair laptops that said they had 7 laptops to fix, and the laptops were currently out of state. They told me to name my price and they would ship the laptops. The scam was I would get paid with fake money, and I would pay the "shipper" to ship the computers - but, I would be out of my money, there are no real computers to fix, and the fake money would be lost.
Okay, now that you have this great information on what the malware is, how it gets on your computer, why antivirus software cannot protect you from it, and how to stop it if it tries to get on your computer, what do you do if you still get bit?
You could try performing a "Google" search for the symptoms and look for web pages that tell you how to remove the infection. For example, if you have a box that comes up that will not go away, and it calls itself "Security Tool," search for that term on Google. You don't need to go to paid techy sites such as experts-exchange.com; bleepingcomputer.com is a GREAT place to go for advice - a lot of people on that site have tons of experience removing malware and are happy to help for free.
Note that sometimes you are really going to have to get your hands dirty and possibly learn much more about this removal stuff if you want to try it on your own. And, it's a scary world out there.
But, there is always an alternative. You can hire a professional to help you - you can look in the online yellow pages or do an online search, or look in your local phone book. Choose someone that is reasonably priced but not cheap - cheap always comes at a price you may not want to pay. Look for a business that has been around for a while - ask them when you call how long they have been doing this and what the success rate is. Sometimes the computer is so badly infected it really needs to be wiped clean. You will want your data saved, too. The true pro will offer a flat rate to do all of that. Do not be afraid to ask questions - that is part of what you are paying for.
I hope this report has been beneficial to you, and I also hope that it has helped prevent your computer from getting infected at least once or twice. We aren't perfect, and even I have had the "opportunity" to do my own damage control once or twice.
Thank you for reading! Have a great day!
Sunday, December 5, 2010
There are several reasons why you could get a blank page when you query Google. It could be a programming error on Google's end but such incident could be fixed by the search giant in a couple of minutes and usually not the case.
The most probable cause of the problem is malware infection and search results hijacking. Your computer could be infected by a Google hijack virus. This virus prevents you from using Google by giving a blank search result or redirecting you to malicious sites. This is one of the latest malware problems bugging millions of computer users.
Getting Rid of Google Hijack Virus Is Not Easy
A blank page on Google results can be fixed but do not expect it to be easy. The Google hijacker is tricky and it hides deep into the system folders. If not properly cleaned, the problem simply reoccurs thus preventing you from using Google and other search engines.
For many months, the Google hijacker virus has caused a lot of headaches even for experienced computer users. Computer experts are finding it hard to delete Google hijack virus. They are getting help from professional malware removal services to completely clean their computers.
If you have been infected by the Google hijacker, you must never attempt manual removal. To remove Google hijack virus manually, you have to delete certain files from your system folder. If you delete the wrong folder, you could end up having a totally unbootable machine. Manual removal therefore is dangerous and exposes your computer from further harm especially if you are not an advanced tech expert.
Best Way to Fix Blank Page on Google Search Results Problem
You should remove Google hijack virus automatically by using the latest anti malware tool. This is the safest and fastest option for you. What you need to do is to find the latest information on security forums to know where to find a fix for the Google hijacker. By using a malware removal program, you can immediately stop the bad behavior of your browser. You will never get a blank page on Google results again.
Many users have come across this or will be unfortunate enough to come across it and find their searches redirected.
When using search engines users are redirected to other malicious sites or to sites unrelated to the search query.
Removing the rogue application or other malware is usually simple and straightforward using Malwarebytes or Superantispyware but the redirect remains in place.
In many cases this is caused by changes to the System32/Drivers folder and a rootkit being installed in the system which redirects all searches. This is bad news but can also be rectified without too much trouble.
If infected copy the following link and paste it into your browser address bar and download TDSSKiller.zip:
or click this link:
Save this zip file to your desktop, close all open browsers and any other windows you may have open.
Extract the files from the zip file and click on TDSSKiller.exe - the command window will open and it will scan your drive for hidden files.
Once the scan has finished any rootkits found will be listed and users will see a prompt to reboot to remove the rootkit from the system, simply hit y on the keyboard and allow the system to reboot.
Once rebooted it is always advisable to scan with an antimalware program or you can try the Automatic fix with FixGoogleRedirect
Thursday, December 2, 2010
The Google redirect virus can cause a lot of trouble for you. It leads you to websites that distributes malicious software. In most cases, the sites offer fake antivirus programs. These programs are actually viruses and malwares. Once you download and install the programs, cyber criminals could take full control of your computer.
Delete Google Redirect Virus Immediately, It Is Dangerous
You have to uninstall this virus the moment your Google results redirected to harmful website. Aside from hijacking your browser and exposing your computer to malicious sites, the virus can harm your computer permanently.
First, it slows down your computer considerably because it runs several processes that can use 100 percent of your machine's resources. Second, the virus generates pop-up ads once you boot your computer. Some are adult oriented and porn pop-up ads while others are fake warnings that you need to install a new antivirus program. Lastly, the Google hijacker opens your computer to hackers. Because your browser can be controlled by the virus, you might become the victim of phishing operators and information thieves.
How to Remove Google Search Redirect Virus
There are two ways to delete Google redirect virus. If you have superior technical knowledge of your computer's system, then you can remove Google redirect virus manually. Unfortunately for most computer users, manual removal is dangerous. You can permanently damage your PC if you delete a wrong system file.
Remember that even highly experienced computer users are having a hard time removing the virus manually. They also seek the help of qualified professionals who can remove Google redirect virus automatically. Automatic removal involves the use of spyware and malware removal tool. This is the safest and the fastest option for removing malwares and other viruses from your computer.
What you need to do is to look for recommendations from tech experts on where to find the best spyware and malware removal tool. An anti malware tool automatically scans your computer for infection and deletes malicious programs. The moment your Google results redirected to harmful website, immediately scan your hard drive to detect the malware and completely remove the virus from your machine.
Tuesday, November 30, 2010
If both these softwares are used according to the instructions given in this article, the search redirect virus can be removed.
For the Google redirect virus removal follow these steps:
Step 1: Run a registry cleaning scan to clean the Windows registry from traces of the virus that redirects Google search. What happens is that such nasty viruses hide in the Windows registry entries and do come back if the registry is not cleaned.
Step 2: Run an antimalware scan to eliminate the malwares behind search redirect issues.
Step 3 If a virus redirects Google search in your web browsers then you shall also try doing the following:
My Computer > Properties > Device Manager > Hardware > View > Show Hidden Devices. Scroll down to "Non-Plug and Play Drivers" > disable 'TDSSserv.sys'.
These 3 steps have helped a lot of people fix the Google redirecting virus. Are you looking for the quick fix of the same problem? Are you asking yourself why a virus redirects Google search in your web browser? Here are the tools which you need to fix it. Make it sure that you follow the sequence and other antispywares or malwares in your systems are turned off for a while to fix this problem.