All
purchases of AVG products come with a 30 day money back guarantee Disclaimer:
Even though PC-Helpers Highly Recommends the Above AVG AntiVirus Products
- All Guarantees & Warranties are Provided Solely by the Manufacturer:
AVG Technologies USA, Inc. www.avg.com/us-en/support
FileFix
Pro Overview: FileFix Pro is the new scam takes a different
tack: It uses a Trojan horse that's seeded by
tricking users into running a file that poses as
something legitimate like a software update. Once on
the victim's PC, the Trojan swings into action,
encrypting a wide variety of document types --
ranging from Microsoft Word .doc files to Adobe
Reader .pdf documents -- anytime one's opened. It
also scrambles the files in Windows' "My
Documents" folder.
When a user tries to open one of the encrypted
files, an alert pops up saying that a utility called
FileFix Pro 2009 will unscramble the data. The
message poses as an semi-official notice from the
operating system: "Windows detected that some
of your MS Office and media files are corrupted.
Click here to download and install recommended file
repair application," the message reads.
Clicking on the alert downloads and installs FileFix
Pro, but the utility is anything but legit. It will
decrypt only one of the corrupted files for free,
then demands the user purchase the software. Price?
$50.
Trojan.Ransomlock Overview: Trojan.Ransomlock
locks PC's
desktop making computer unusable - To unlock you
need to send SMS. Whenever Windows starts this
Trojan displays a message in Russian, which has been
translated into English as follows:
"To unlock you need to send an SMS with the
text [RANDOM NUMBERS] to the number 3649. Enter the
resulting code: [TEXT BOX] Any attempt to reinstall
the system may lead to loss of important information
and computer damage." The threat executes every
time the computer is started, even in safe mode.
Antivirus'09 Overview: Antivirus'09, otherwise known as Antivirus 09
or Antivirus 2009, is a rogue anti-spyware program
that uses aggressive advertising and false scan
results in order to scare you into thinking you are
infected.
Antivirus'09 is advertised through the use of
pop-ups that appear when browsing the web. These
pop-ups will state that your computer has a security
issue and that you should run an online anti-malware
scanner. You will then be brought to a page that
displays an advertisement that impersonates an
online anti-malware scanner,
and when it has finished scanning will state you
have a myriad of infections and that you should
download and install Antivirus'09 in order to
protect yourself
Conficker
Worm Overview: Conficker Worm had started to wake up and is
downloading malicious software on to infected
computers. It has been a mystery, up until now, as
to how the virus writers would benefit from their
creation. Was it for fame or was it just a big
Aprils Fools joke? Now we know that it's real
purpose was to make money and lots of it. The
malicious software that is being downloaded consists
of MalWare that uses your computer to send out spam
emails. This in itself is a huge money generator. It
is also downloading Trojans that display fake
security alerts stating that your computer is
infected and then suggesting you purchase the rogue
software called Spyware Protect 2009. Rogue software
is big business for MalWare writers with incredible
earning potential. In fact, it has been reported
that certain affiliates for Antivirus 2009 and
Antivirus 360 were generating close to $330,000 in a
month. Imagine the amount of money that could now be
generated with over 8 million computers infected and
displaying alerts suggesting you purchase it. So, if
find yourself receiving alerts for Spyware Protect
2009, please do not fall for the scam and purchase
the program.
What
is a ‘Virus’? *
A
computer virus can seriously damage or completely
destroy files or software on a computer. The result
is that files may be lost permanently,
programs may not function correctly or the overall
performance of a computer may be slowed down. *
The
process involved in repairing the damage can be time
consuming and expensive. *
The damage caused by computer viruses varies from
poor computer performance to erasing the hard drive.
•
A computer virus is a program or piece of code that
operates by attaching itself to some other program
or downloaded file. When this program starts, the
virus code unintentionally runs, replicates itself
and infects other programs or documents on the PC. A
computer virus spreads mainly via e-mail
attachments, downloadable files from the Internet or
floppy disks. Virus infection can be prevented by
installing (and maintaining) anti-virus software,
among other strategies, some of which are outlined
in this advice sheet.
How Does a Virus
Work?
• Direct Action –
the virus is activated immediately, frequently
relying on other programs to infect and carry out
specific behavior encoded by the author of the
virus.
• Memory Resident –
the virus is loaded into the computer’s memory and
is activated by a triggering event. A triggering
event can be either a date or a certain combination
of keystrokes.
Types
of Viruses:
• Boot Sector Infectors –
These viruses infect the boot
sector on
floppy disks and hard drives. The boot sector is a
small program that initializes the operating system.
By placing its virus code in the boot sector, a
virus is guaranteed to be executed. It can load
itself into the memory immediately and it is able to
run whenever the computer is on, infecting the
entire system. Boot sector infectors are spread
through infected bootable floppy disks and can
damage the entire computer system from the moment
the computer is switched on.
• Macro Viruses –
These viruses function by relying on the built-in
(internal) programming languages used in popular
applications, such as Microsoft Word and Excel,
which allow users to create macros. Macros are very
simple programs that automate tasks. Virus writers
have created macros that, when opened unknowingly,
replicate themselves and spread into other
documents. These can subsequently be spread via
e-mail attachments and floppy disks.
• File Infectors –
These viruses function by modifying specific program
files, such as .EXE or .COM files (the file that
starts Microsoft Word, for example, is Word.exe).
When the program runs, the virus executes by loading
itself into the memory and later infects and
corrupts other files. These viruses are usually
spread via infected floppy disks, over networks or
the Internet.
Preventing Virus
Infection:
• Install
and regularly update anti-virus software. This, in
conjunction with good housekeeping, can greatly
reduce the threat caused by computer viruses.
• All floppy disks should remain within the
confines of the computer room. It is not advisable
to bring them home or return with them. However, if this occurs they should be
scanned immediately using anti-virus software.
Floppies should also be write-protected.
• Files should be saved to a designated hard drive
where incoming files can be scanned automatically by
anti-virus software.
• When the sender of an e-mail is not known to the
recipient, avoid clicking on attachments containing
an executable file.
• Creating back-ups of files won’t directly
prevent virus infection, but it may speed up the
recovery process in the event of a virus erasing or
damaging files.
* A
computer virus can seriously damage or completely
destroy files or software on a computer. The result
is that files may be lost permanently,
programs may not function correctly or the overall
performance of a computer may be slowed down. *
The
process involved in repairing the damage can be time
consuming and expensive. *
The damage caused by computer viruses varies from
poor computer performance to erasing the hard drive.
In the past, the classic virus
which attached itself to other programs was the only major concern. In
today's Internet environment, a new kind of menace which is especially
made for attacks on the Internet are much more dangerous. Every
computer on the web is vulnerable. Two categories of harmful code have
become more important in the last two years: Worms and Trojan Horses.
Such harmful tools are called Malware. The term was created by a
combination of "malicious" and "software
".
‘Browser Hijackers’ are programs that
attempt to alter homepage, searchpage and/or other browser
settings. Some also install additional files that change these
settings back on every restart (if you should try to revert to
your old settings). Browser Hijackers may be installed by
ActiveX controls on webpages.
Browser Helper Object: (BHO).
A component that Internet Explorer will load whenever it
starts, shares IE's memory context, can perform any action on
the available windows and modules. A BHO can detect events,
create windows to display additional information on a viewed
page, monitor messages and actions. Microsoft calls it "a
spy we send to infiltrate the browser's land." BHOs are
not stopped by personal firewalls, because they are seen by
the firewall as your browser itself. Some exploits of this
technology search all pages you view in IE and replace banner
advertisements with other ads. Some monitor and report on your
actions. Some change your home page.
Downloader: A program
designed to retrieve and install additional files, when run.
Most will be configured to retrieve from a designated web or
FTP site.
Error Hijacker: Any software
that resets your browser's settings to display a new error
page when a requested URL is not found. Hijacks may reroute
your info and address requests through an unseen site,
capturing that info. In such hijacks, your browser may behave
normally, but be slower.
Toolbar: A group of buttons
which perform common tasks. A toolbar for Internet Explorer is
normally located below the menu bar at the top of the form.
Toolbars may be created by Browser Helper Objects.
Dialer: Software that dials
a phone number. Some dialers connect to local Internet Service
Providers and are beneficial as configured. Others connect to
expensive toll numbers, (such as pornography web sites),
without user awareness and/or permission.
Phishing:
Unsolicited email that looks like it's from a trusted
institution — but in reality is an attempt to lure people
into providing personal or sensitive account information on
phony web sites. The information collected is later used to
commit fraud.
‘Parasite’ is a shorthand term for
“unsolicited commercial software” — that is, a program that gets
installed on your computer which you never asked for, and which does
something you probably don’t want it to, for someone else’s
profit.
The parasite problem has grown
enormously recently, and many millions of computers are affected.
Unsolicited commercial software can typically:
plague you with unwanted advertising
(‘AdWare’);
watch everything you do on-line and
send information back to marketing companies (‘SpyWare’);
add advertising links to web pages,
for which the author does not get paid, and redirect the payments
from affiliate-fee schemes to the makers of the software (such
software is sometimes called ‘scumware’);
set browser home page and search
settings to point to the makers’ sites (generally loaded with
advertising), and prevent you changing it back (‘homepage
hijackers’);
make your modem (analogue or ISDN)
call premium-rate phone numbers (‘dialers’);
leave security holes allowing the
makers of the software — or, in particularly bad cases, anyone
at all — to download and run software on your machine;
degrade system performance and cause
errors thanks to being badly-written;
provide no uninstall feature, and
put its code in unexpected and hidden places to make it difficult
to remove.
All the parasites we currently know
about are only compatible with Windows, and some only affect the
Internet Explorer browser. The script on this site — when it is run
in IE for Windows — can detect many of them. But not all, for
tedious technical reasons.
Where do they come from?
There are three major ways unsolicited
commercial software can make its way on to your machine:
Some freeware programs are
‘bundled’ with parasites, which are installed at the same
time. The P2P file-sharing programs are notorious for this.
Many parasites load using Internet
Explorer’s ActiveX installation option.
Some of the really sleazy
parasites, particularly homepage-hijackers and dialers, execute
by exploiting security holes in Internet Explorer, ways of getting
code to run that are not supposed to be possible, but are due to
mistakes in the browser code.
Why doesn’t my anti-virus software
detect this?
Technically, most unsolicited
commercial software isn’t viral: it doesn’t spread from computer
to computer, it just installs and runs on one system.
That doesn’t mean it’s not harmful,
but anti-virus software does not attempt to detect all software that
could be harmful. Whether it should is a tricky argument that
ends up a question of where you draw the line.
To explain what
SpyWare is, we'll first explain what AdWare is. AdWare is
'freeware', whereby ads are embedded in the program. These ads will
show up when you open the program. Most AdWare authors provide the
free version with ads and a registered version whereby the ads are
disabled. As such, you the user have the choice, you either use the
freeware with ads served or you purchase the registered version.
Spyware, however, is
published as 'freeware' or as 'AdWare', but the fact that an analysis
and tracking program (which reports your activities to the advertising
providers' web site for storage and analysis, the 'SpyWare' agent) is
also installed on your system when you install this so-called
'freeware', is usually not mentioned. Even though the name may
indicate so, SpyWare is not an illegal type of software in any way.
But what the AdWare and SpyWare providers do with the collected
information and what they're going to 'feed' you with, is beyond your
control.
Hardware
SpyWare
Nowadays SpyWare can
even be found accompanying hardware you buy and install in your
system. Yes, the software you install with hardware purchased from
certain manufacturers (some even well-known) may include SpyWare
agents.
Spyware
categories
AdWare
networks The backbones for big
time SpyWare are ad-serving networks that pay publishers of games,
utilities and music/video players per download, to include their
ad serving programs. Ad serving networks are DoubleClick, Web3000,
Radiate, SaveNow, GAIN, etc.,
Stalking horses A number of programs
that enable the AdWare networks to function on desktops are
bundled in many popular programs and often (not always!) presented
in installation disclosure screens as desirable add-ons to their
Trojan horse hosts. All collect information. Included in TopText,
Cydoor, OnFlow, Medialoads, Delfin, WebHancer, New.net,
etc.,.
Trojan horses These popular Internet
downloads usually come with the ad serving network basic software
and at least one stalking horse. Included in KaZaa, Grokster,
Morpheus, Limewire, AudioGalaxy, iMesh, DivX.
Backdoor Santas Stand-alone programs
that incorporate similar approaches have no links to ad serving
networks and collect information from users. Included in Alexa,
Hotbar, Comet Cursor, eWallet, CuteFTP, BonziBuddy.
Cookies Netscape Navigator and
Internet Explorer will still send out existing cookies even after
disabling cookies in the browser settings. You must manually
delete any/all cookie files on your system to eliminate being
tracked by third-party ad networks or SpyWare or AdWare providers.
Spyware threats
Spyware threats come
in different flavors. The SpyWare agent can be MalWare (modifies
system settings, and can perform undesirable tasks on your system),
hijacker (redirects your browser to web sites), dialer (dials a
service, most likely porn sites, for which you are billed!), Trojan
horse (is attached to a program, and performs undesirable tasks on
your system), collectware (collects information about you and your
surfing habits).
In addition to doing
a detailed check of your browser history, SpyWare can install DLLs and
other executables files, send continuous data to the parent, leave a
backdoor open for hackers to intercept your personal data or enter
your computer, can install other programs directly on to your computer
without your knowledge, can send/receive cookies to other SpyWare
programs and invite them into your computer (even if you have cookies
disabled), and they can add Trojan horses to your system. Most SpyWare
and AdWare programs are independent executable files, which take on
the authorization abilities of the victim. They include auto install
and auto update capabilities and can report on any attempts to remove
or modify them.
Spyware programs can reset your auto signature,
disable or bypass your uninstall features, monitor your keystrokes,
scan files on your drive, access your applications, change homepages
in addition to displaying advertising content online or offline. They
can read, write and delete files and even reformat your hard drive and
they do this while sending a steady stream of information back to the
advertising and marketing companies. The majority of these programs
once installed cannot easily be deleted from your system by normal
methods and often leave components behind to continue to monitor your
behavior and reinstall themselves.
** In addition to being included
with software products many SpyWare programs
can get installed on your computer while you surf the Internet!
Spyware
and
Virus
Information
plus
Latest
Threats
Virus, SpyWare, MalWare, and RansomWare Removal is Our
Specialty
