Got a virus/trojan or adware/spyware?
 

What are these grotesque things?

• Virus - A computer program that can reproduce by changing other programs to include a copy of itself. It is a parasite program, needing another program to survive.
• Trojan - A trojan is a program that does something undocumented that the programmer intended, but that some users would not approve of if they knew about it. According to some people, a virus is a particular case of a Trojan, namely one which is able to spread to other programs. According to others, a virus that does not do any deliberate damage is not a Trojan. Finally, despite the definitions, many people use the term "Trojan" to refer only to *non-replicating* malware, so that the set of Trojans and the set of viruses are disjoint.
• Spyware - any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes; also called adware

How do they get on to your system?

• You may have opened an attachment from someone you don't know or even someone you do know which contains some executable code within it.
• There are flaws in one of the most major browsers out there known as Internet Explorer which hackers regularly exploit. It's vital to keep this up to date.
• You may have gone onto a P2P file sharing program and downloaded a file which looked legitimate but in fact contained executable code as well as music for example.

Viruses/Trojans - How to keep clean

• Don't open email attachments! This is the most common way that viruses and trojans are getting into users systems. If you don't know who the email is from it's simple. Do NOT open it. Also if you're not expecting an email off a friend especially with an attachment chances are they have got a virus and the virus has forwarded itself to you within the email from your friend.
• Be careful what you download and where it's from! Many of the large P2P networks are now full of viruses and trojans. If you're stupid enough to download stuff off there, then chances are you're stupid enough to get the virus trojan too. It's simple and easy. Just go out and buy your music,software,games, movies :p You'll be much safer in the long run! (Note to RIAA: you can pay me later ;))
• You should have a virus checker on your system at ALL times and keep it up to date and regularly scan There are now so many trojans and viruses out there it was inevitable that the software makers would have a huge market of innocent users to cash in on. There are lots and lots of virus scanners and trojan removers out there but which one is for you. That is not for me to decided and I won't sit down here and give my (possibly biased) personal opinion on each and every one of them but there is one virus scanner which stands out from the rest. Simply because it's a good free solution for those that don't want to spend the money on protecting themselves. This virus canner is AVG Anti-virus FREE EDITION. The definitions are updated on a daily basis and it's a good tool for helping you get rid of those nasty evil viruses ;)
• Get a firewall There's no excuse if you don't have one of these. Don't believe all this hype about microsofts firewall as I guarentee things will still manage to slip throug your system. You need a custom-built solution that is regularly updated. Again like anti-virus programs there are loads of firewalls out there and it's up to you and do the research, read the reviews on the best out there. Again I'm just going to offer you the most popular free solution which is Zone Alarm. It's free and whilst the pro version is far better it'll again provide a first line of defence of things trying to get in. And also things that are are already in trying to get out.
• Just use your common sense You don't have to be a computer genius when browsing online. Don't go on silly sites which host warez, porn and other stuff as chances are they have viruses on their sites too. Just keep mainstream, enjoy the internet and have fun :)!

Spyware/Adware/Browser Hijackers
Now with spyware you need to take a different approach. You can follow the tips above but we also need to outline some other tips to keep yourself clean. The main way that these pesty things get into your system is via vulnrabilities in your browser. Their aim is to take your credit card details, log your keystrokes, take over your homepage, bombar you with popups.

Now a lot of people claim the cause of the huge rise in spyware is due to the flaws and vulnrabilities in internet explorer (IE). I myself have been using internet explorer for quite some time until about 6 months ago when I decided to migrate to another browser. The main reason for this was due to it's failure to follow standards and keep itself up to date. I wanted something new, fresh with new features and plugins. My answer was a great product released by the Mozilla foundation called Firefox. For me this is my favorite browser out right now. I just can't heap enough praise on it but I'm not going to bore you going on about it. I'm going to explain the security reasons why you should move away from IE and to an alternative browser and if you insist on carrying on to use IE then how to make it a little more secure.

The great browser war
Do you want to carry on using IE but make it a little more secure?
Go here and take a look at the great tutorial on how to beef up IEs security settings. The problem with IE is most of the security settings are disable by default and your average joe bloggs who knows little about computers is not going to know anything about tweaking software settings, let alone care about it. So what we need to do is heighten the security of it. Follow the instructions in the tutorial and you should be just a little bit more secure. However due to the regular exploits being discovered in IE and windows almost every month, unless Microsoft starts upgrading its software and adding functionality and more security then you're just going to be at constant risk if you don't update your security settings.

Also another important point to tweaking your security settings is to update your windows as often as possible. There's an option to enable auto-updated but I do it manually every day when I get on just to be safe. To go to windows update navigate to your start menu and go to 'Programs > Windows Update'. (It's in the first, far left column almost right at the top)

Want to move away from IE and step into the light?
The alternative browsers that are around right now are superb. We have new features, plugins, skins and lots more. There's several right now but two which stand out for me are:

• Firefox - This browser is my favorite. Yes I'm biased, yes I love it and yes I will stand by it besides anybody elses genuine arguements against it ;) It follows web standards, is upgraded regularly, has plugins, skins and renders pages much quickly compared to IE. Oh hold on. I forgot. It's FREE! :)
  
• Opera - Another great browser. I've used it once and it worked quite nicely. A lot of people rave about this browser also just like they do about firefox. I'll leave that one up to you ;)

You've got spyware already huh?
Ok well there are literaly hundreds of spyware/adware removers out there. Some are free, some are paid. Just be careful of what you're using and if you're reading reviews of them make sure they are coming from an unbiased source.

Freebies:
Ad-Aware - Probably the most popular free one out. They update their definitions on a regular basis and have an active community base for trying to resolve problems.
Spybot, Search & Destroy - Another hugely popular free one. I will warn you now though I've been using it for about 2 months and they haven't updated the definitions once. It's good and will clean up quite a lot of the clutter on your system and also prevent it from ever getting on your system but unless it keeps up to date with the latest spyware technologies it'll be of little use in the next year or so.

Paid or Free Trial:
SpySweeper - This one only recently came into my light but boy oh boy it does the job. It can run in the background, protect your memory and monitor cookies. Also it regularly updates its definitions and the scan finds a lot of stuff which the others will not.
PestPatrol - This one's great too. Ignore the horrific interface and navigation. It does the trick and finds so much horrible things on your PC. I've found all sorts from decompilers to tracking cookies. It's a great tool to have.

Continued...

Still got spyware in IE?
Ok well this is not a foolproof method and you will need help unless you're a genius and can follow the jargon presented in the range of tutorials for this software. It's called HijackThis and was developed by a programmer not too long ago. It basically list the component parts of the registry used by legitimate programmers and also hijackers. It'll produce a log but I must urge you do not do anything with this program other than look at it unless you know what you're doing. I will not be held responsible if you use this program and end up with a mucked up PC. Now what I do reccomend you do is just generate your log file and pop on over to ComputerCops and they have a dedicated forum where users can post their HijackThis logs and have an expert analyse it and tell you what to edit/delete. Yet again I must stress this is something which should be done only if you know what you're doing and the people over at ComputerCops and myself cannot be held responsible for any accidental damage to your computer that you may cause.

That's about it
I hope you enjoyed reading the article and if you have any further resources which you reccomend then send me a private message with the link and I'll think about adding it to the list. Please only reccomend the software if you have personal experience with it.

Copyright/Disclaimer
This tutorial was written by Dean Clatworthy and is copyrighted material. It may not be posted on any forum or website without my written consent. If you wish to post this on your website then please contact me and I'll let you know if you can use it. Anyone found re-distributing, translating or modifying this article without permission will be reported to their appropriate host and internet service provider.

Also I will not be held responsible for any damaged caused to your PC as a result of information provided in this article. All software, changes to your sytem you do at your own risk.

someone posting this on their forum/site and gives you credit for the article still has t ask permission?

what happened to people just offering information for the benfit of others?

no offense.. your material, i just find that a little over the top..

Anyone who wants to use this article has to ask for my permission privately yes :) There's nothing a little over the top about these pests. All I've tried to do is provide an informative article to people who are new to getting rid of them to try and help :)

Nicely written and informative. :)

Nice article, but I have to strongly disagree on one point: Firewalls.

First of all, a friewall can never-ever consist of a single product - be it Soft- or Hardware.
Furthermore, a "Firewall" on the system that should be protected doesn't make sense at all.
All those personal "firewall" software available is kinda risky, as it gives the user a false feeling of being save - which isn't and won't be the case. In fact, thos PFWs can be highly dangerous when it comes to remote managemant functions - they can open backdoors to your system that won't even exist if there was no such program.
As we all know, only closed ports are good ports. So if you don't have open ports there's no need for a "firewall" to block those :)
So the only case in which personal firewalls might be useful is to stop programs from "calling home", but even this doesn't work well.
Last point: Zone Alarm is the worst software of this type. If one really want's to use such software you'd better go with Tiny/Kerio Personal Firewall.

I don't use a personal firewall and haven't had problems with digital crap (eg. worms, virusses, etc.) so far, although I am using Windows.

There is some info Here that you are free to use

Regards

Chet

Why was this stickied?

To try and help users, it'll disappear into the abyss otherwise :)

I know this thread is old, but Dean, when you link too http://www.grissoft.com/ near the top of your thread, the site doesnt exist anymore so you get one of the nasty search pages and lots of pop ups and download prompts. Just thought i would tell you.

'Twas a typo - thanks :)

Oh kool :) My computer is in virus/adware hell and nothings fixing it *crys*

I think its a good article. Good job.

Nice Article.

I would suggest useing McAfee Security Center.

Ive used many different programs (McAfee, Norton, Trend Micro, Hauri) and McAfee is the best.

:)

This was an excellent piece!

When I was a ubb.t user I loved that they had a forum with articles where you could copy them as FAQs onto your own board. It was a great idea and really helped out.

Dean, thanks for this!

-Jason

*cough*
OR, you could just say the truth:
A Trojan Horse (trojan for short) is a program designed specifically to open backdoors to your computer. A trojan often comes bundled with regular programs, to appear safe to the average computer user. Once the bundled software is executed, the trojan either loads itself into the memory, or drops other .exe files with seemingly legitimate "Windows-ish" names into system folders. These exe files will then re-open the backdoor every time the computer is connected to the net.
Trojans are mostly used by the novice to intermediate hacker, as a way of gaining access to computer systems not belonging to them.
Trojans do not inprint their code into other programs, but as mentions before often drops other .exe files.
What makes a good trojan such a threat is the fact that newer trojans have the ability to unload any virus protection you may have, and often completely bypass any software and/or hardware firewall. The recommended solution to those problems would be having an antivirus software capable of determining and containing a trojan before you have a chance to run it. My personal favourite is Symantec AntiVirus Corp 9. It is made by the same people who creates Norton AntiVirus (which is highly NOT recommended as an antivirus). What SAV lacks in fancy looks, it makes up for in speed and reliability.

[/end]
As a personal note, I have never had a single virus/trojan on my computer since I started using the above program.
And as for what I know about trojans, well I used to play around with them, so believe me I know how at least SOME of them work.

I decided I had to correct the quoted text, because it is basically a whole paragraph with beating around the bush about whether or not to define a trojan as a virus or not, instead of focusing on what it actually IS and what it DOES.


//out

I have never had a trojan or virus since I started using common sense while browsing and downloading stuff.

Don't use a virus scanner and I just use windows sp2 firewall.

Scan with pandas online scanner every now and then but it never finds anything

Common sense, firewall's or virus scannes don't work for me, i got a trigger happy (click happy) wife :D

Only thing that really help is a fresh re-install every month.

(PS No, i won't let her touch this PC)

i been using spotbot for years, its the best you could use ever.. and AVG for virus..!

Good Post! I'd like to add the following to useful tools for people with spyware/adware/virus issues.

http://hjt.iamnotageek.com/ <~~HiJackThis log analyzer

Another good new program for security being recommended by Alliance of Security Analysis Professionals members is Ewido Security Suite 3.5

Ewido Security Suite is a supplement to your current Anti-Virus Program.
NOTE: It will only work on Win2K and XP systems.

Welcome,
Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

First:
Please download ewido security suite it is a free version of the program.

1. Install ewido security suite
2. When installing, under "Additional Options" uncheck..
   • Install background guard
   • Install scan via context menu
3. Launch ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
   
6. You will need to update ewido to the latest definition files.
   • On the left hand side of the main screen click update.
   • Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed.
   (the status bar at the bottom will display "Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates


Once the updates are installed do the following:

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• While the scan is in progress you will be prompted to clean files, click OK
• When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop.

Now close ewido security suite.

Liz

ANY of these sites can help:
[247Fixes
5 Star Support
Amazingtechs
AntiSpyware Offensief
Assiste.com
Atribune.org
BestTechie
BleepingComputer
Bluetack Internet Security Solutions
Calender of Updates
CARMA
Common Sense Security
CPASecurity
CyberAnswers.org
Freedomlist
Geeks to Go
Gladiator Security
hpHosts
InfoSpyware
Infotex
JSKYs XP Support
LandzDown
Linha Defensiva
Lockergnome
MalwareBytes
MalWare Removal
ManageYourPC
MickeyTheMan
NeoPlanet
NetworkTechSupport
PCdistress
PCHelper
PC Pitstop
PCtorium
Phantom Phixer
Pipex Support
RescueME
Security Central
Short-Media.com
SpywareAid
SpyWare BeWare!
Spywarefri
SpywareInfo
Spyware Warrior
Subratam.org
Tankweb
Tech Support Forum
Tech Support Guy
Tech with DK
TeMerc Internet Countermeasures
That Computer Guy
Spykiller
TomCoyote
UBCD4Win
Vital Security.org

Great post Liz :)

I was surprised to find this tut posted here...

here's another you can add to your list:
Windows AntiSpyware

windows antivirus is crap

Princeton posted antispyware... It' actually a really good program.
[from download.com]

spybot is the best as it literally will check every little thing on your pc and even allows you to edit highjacked registerys and much more, u cant beat it..

on the net for 7 years and aint found better

i kinda laughed at "and keep it updated" i haevnt updated my virus crap in so long, but now that i read that, i think i will

it been 6 months since i last updated nortan ;)

Of course, the best solution is to just stop using Windows. :D

Opera is now free, perhaps the first post should be edited? ;)

people are copyright happy...

check out my new signature!
____________________
Copyright/Disclaimer
This post was written by GearTripper and is copyrighted material. It may not be posted on any forum or website without my written consent. If you wish to post this on your website then please contact me and I'll let you know if you can use it. Anyone found re-distributing, translating or modifying this article without permission will be reported to their appropriate host and internet service provider.

Nice guide for those who really dont know what these things are by now.

I have to say most comunities I see have similar allready posted, theres likely to be thousands of them kicking about, some better some not, yours is the first post I have ever seen which just offers some tips and is actually copyrighted.
Your choice of course and you can understand someone being annoyed if someone has copyied word for word but I really think this is somewhat OTT. Why dont you just add a copyright to your sig, then you would cover every post you make. I say this because you could very easily come accross one of those other guides which may not be older and looks very similar and I would dread to think you would really try to sue someone for something they may actually not have done. Im guessing next, when anyone who recomends using one of the softwares you have chosen to mention after reading your post will also have to credit your post as the original source ?

</end sarcasm>

By the way I have used amongst some others spybot S & D for some time and there are regular updates.

Avast is a very good free AV package with excellent live protection, unlike AVG free edition.

Shorewall is an excellent firewall as your main entry blockade (sorry not for windows users), and then you can use other firewalls on your internal computers if you so wish. Its not just about having closed ports, a closed port will tell a hacker that a computer exists at the address, (when a hacker locates a computer they then scan for anything open, its one of those situations where any hole will do), a port in stealth mode will slow down a scan on your IP and give away nothing about a computer in existence. You should also ensure that your internet entry unit never responds to any form of ping, (unless you need it to for a specific reason, but thats the same as using an open port).

Yes very useful, thanks

Thanks for the info!!!

While I've found your article informative with regards to Spyware (or Malware) and Adware, the above statement is not entirely accurate. Spyware/Malware and Adware are different breeds, mainly because of the agendas and methods of collecting information; Spyware/Malware use deceit while Adware is up-front. Spyware/Malware can be trojan-based but Adware is nothing more than advertisement. A prime example is TV commercials. Guess which method is used?

With regards to browsers, IE has the most vulneralbilities because it is most widely used. It's the same argument between Microsoft and open source; the PC and Mac. While the tools we use are important it is how we use them that plays a bigger role.

ADWARE is more upfront???? That's the biggest LOL I've had all morning.

I suggest you start reading these three blogs: Benjamin Edelman, Spyware Warrior, and Vitalsecurity.org. Then check out this list: http://research.pestpatrol.com/search/browse.aspx (see the first definition? Adware 628 types) Pick one like 180Solutions and read what it loads onto your machine.

MORE UPFRONT? And that is from an ADVERTISING agency.

Adware is actually MORE dangerous than spyware and malware. YOU KNOW where they are coming from, you don't on the adware. Liz

Just with a "hacker" the definition of "Adware" got twisted in the mix. What you're defining is "Spyware".

changed to firefox now . thanx for the help

Yup, and i found the software in googles software pack to be helpful as well

Hi all

I hope you can help me. when i turn on my pc normaly it displays cpu tem system spec ect and after this it loads windows but recently when i turn it on the lights on the base unit come on but nothing apears on screen no system specs nothing. could you please tell me what is wrong with my pc.

THANK you

Everything is acceptable but Trojan horse make me very nervous. I think somebody upgrading that Trojan garbage it could bug us all time long.