Fix computer problems
   Remove spyware    Remove adware     Remove trojan   Blog   


TOP Malware (April)


Malware, remove malware.

What is malware?

Malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data - without your knowledge!

Types of malware

We can divide malware into several broad categories of malware: adware, spyware, hijackers, toolbars, and dialers. Many, if not most malware programs will fit into more than one category.
It is very common for people to use the words adware, spyware, and malware interchangeably. Most products that call themselves spyware or adware removers will actually remove all types of malware.

Adware is the class of programs that place advertisements on your screen. These may be in the form of pop-ups, pop-unders, advertisements embedded in programs, advertisements placed on top of ads in web sites, or any other way the authors can think of showing you an ad. The pop-ups generally will not be stopped by pop-up stoppers, and often are not dependent on your having Internet Explorer open. They may show up when you are playing a game, writing a document, listening to music, or anything else. Should you be surfing, the advertisements will often be related to the web page you are viewing.

Programs classified as spyware send information about you and your computer to somebody else. Some spyware simply relays the addresses of sites you visit or terms you search for to a server somewhere. Others may send back information you type into forms in Internet Explorer or the names of files you download. Still others search your hard drive and report back what programs you have installed, contents of your e-mail client's address book (usually to be sold to spammers), or any other information about or on your computer - things such as your name, browser history, login names and passwords, credit card numbers, and your phone number and address.
Spyware often works in conjunction with toolbars. It may also use a program that is always running in the background to collect data, or it may integrate itself into Internet Explorer, allowing it to run undetected whenever Internet Explorer is open.

Hijackers take control of various parts of your web browser, including your home page, search pages, and search bar. They may also redirect you to certain sites should you mistype an address or prevent you from going to a website they would rather you not, such as sites that combat malware. Some will even redirect you to their own search engine when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Toolbars plug into Internet Explorer and provide additional functionality such as search forms or pop-up blockers. The Google and Yahoo! toolbars are probably the most common legitimate examples, and malware toolbars often attempt to emulate their functionality and look. Malware toolbars almost always include characteristics of the other malware categories, which is usually what gets it classified as malware. Any toolbar that is installed through underhanded means falls into the category of malware.

Dialers are programs that set up your modem connection to connect to a 1-900 number. This provides the number's owner with revenue while leaving you with a large phone bill. There are some legitimate uses for dialers, such as for people who do not have access to credit cards. Most dialers, however, are installed quietly and attempt to do their dirty work without being detected.

Ways of infection

There are several ways that these programs can end up on your computer:
Software with "other software" bundled. For example, AOL Instant Messenger currently bundles in WildTangent, a known spyware offender. Peer-to-peer file sharing software, such as Kaaza, LimeWire, and eMule, bundle various types of malware that are categorized as spyware or adware. Software that promises to speed up the Internet connection or assist with downloads (e.g., My Web Search) will often contains adware. Some malware programs exploit Internet Explorer's ActiveX (e.g., Microsoft technology that links desktop applications to the Internet) installation option. If you click a link to an ActiveX program, a dialog box prompts you about executing it. If you click Yes (or if your IE security settings are set lower than normal so you aren't prompted) the software runs and can perform any tasks on your computer, including installing malware. Sometimes web sites state that software is needed to view the site, in an attempt to trick users into clicking Yes thus installing software onto their machines. Another trick is if you click No, many error windows display. Other sites will tell you that using a certificate makes their site "safe" which is not the case. Certificate verification means only that the company that wrote the software is the same as the company whose name appears on the download prompt.
Malware can exploit security holes in Internet Explorer as a way of invading your machine.

On top of this, some malware provides no uninstall option, and installs code in unexpected and hidden places (e.g., the Windows registry) or modifies the operating system, thus making it more difficult to remove.

How do I secure my PC?

Keep your software up-to-date
A major source of malware infections is outdated software, especially Windows itself. Malware can install itself on your PC by taking advantage of bugs in your operating system, browser, or other software. These bugs are typically fixed as soon as possible, but your software must be updated to take advantage of these fixes.

Windows has a built-in system for automatically updating itself, called "Windows Update". Windows XP also supports a newer, more comprehensive version called "Microsoft Update", which you can upgrade to when you run Windows Update. You should not only have Automatic Updates turned on, but you should go to Windows Update at least once a week to make sure that everything is working as it should.

When Windows pops up a message in the System Tray (down near the clock in the Task Bar) that says "updates are ready to be installed", do not ignore that message. It is not uncommon for people to ignore that message for months, and then wonder why their system got infected.

Is it recommended that if you have a computer capable of running it, that you upgrade to Windows XP with at least Service Pack 2. Windows XP with SP2 is more secure and better-supported than any previous Windows version. Future updates to Windows XP should continue this trend.

Individual non-Microsoft pieces of software may or may not automatically keep themselves up-to-date. Some software will pop up a warning, suggesting that you download and install the new version. Others will not. It is very important to keep your web browsers, email software, java runtimes (if installed), and instant messengers up to date. Bugs in any of these pieces of software can let malware install itself on your PC. You should make a habit of checking for new versions of any software you use regularly.

Use a firewall
A "firewall" is a piece of software or hardware that sits between your computer and the Internet, protecting your computer from attacks. You should never connect a computer to the internet without a firewall of some sort.

A hardware firewall is preferred. The inexpensive "routers" that many companies sell make fine firewalls. This includes the routers (wired and wireless) from companies like Linksys or D-Link, and the Apple Airport base stations (which work fine with PCs).

These routers shield all of the PCs that connect to them from incoming attacks from the Internet. They do not protect you from malware that you get from having bad browsing habits

A software firewall, like the one built into Windows XP, is not as good as a hardware firewall. But it is much better than nothing, and will probably be adequate as long as you follow the first step and make sure your PC remains as up-to-date as possible.

WARNING: The built-in Windows XP firewall is turned on by default in Windows XP Service Pack 2. It is not turned on by default in previous versions of Windows XP, and versions of Windows that pre-date Windows XP do not have a built-in firewall at all. If you connect a Windows PC to the internet without a firewall (hardware or software), and the system is out of date, the computer is in very serious danger of becoming infected by something malicious within an hour or less.

This means that if you are re-installing Windows, or are setting up a new PC, do not connect it to the internet until you are sure that a firewall is in place. If you do not know what version of Windows XP you have on your PC, or do not know if the firewall is turned on, keep it disconnected until you are sure. This is one thing that makes a hardware firewall superior to a software one; you know that it is on at all times, regardless of the state of your PC.

Use anti-virus software

There is no such thing as a perfect piece of anti-virus software. All anti-virus software relies on detecting malware once it has already arrived on your PC, and preventing it from running. It is much better to not let that malware onto your PC in the first place.

However, having some sort of anti-virus software running on your PC at all times is yet another level of security, and the more security the better. Some anti-virus software also comes with a software firewall (such as "Norton Internet Security").

Anti-virus software must be updated regularly in order to be effective. Most anti-virus software will automatically get its updates from the Internet.

These three steps to securing your PC are automatically monitored by Windows XP Service Pack 2 with the "Security Center" tool. This tool can be found in the Windows Control Panel; it will also pop up with a warning if it finds that any of these steps have not been performed. Please take these warnings seriously. You can find more details about the Windows XP Security center here.
Everyone heard the adage "The best offense is a good defense" and that's most often true. You can find a wide range of programs here on that can detect and eliminate malware, adware, spyware and other dangerous programs.

Privacy Policy | Blog
2005-2014 Fix Computer Problem, a High Technologies Computer Security site.
All rights reserved.