[Annapurna]

I'm asking because of that other thread where Laura couldn't log in anymore and Ron said his computer used to slow down after posting here.-

Now I'm concerned. I've used a cleaner yesterday (ccleaner)and updated firefox, and my computer is a lot faster now.

But is Avira free spyware enough to spot a Trojan or are you aware fo better free spyware?

One on my contacts who says he is extremely well guarded, says his scanner reported something from me, but nobody else seems to have any trouble, not even a professional computer specialist with the best guards possible.

I'm confused.

What should I use to make sure I have nothing bad on my PC?

I do have an old one, but XP professional runs smoothly and my new camera too...

I have 6000 DSL. WLAN.

[Nemo]

Currently computer hacking has left the socially maladjusted shut in living in mom's basement stage to the international criminal syndicate stage. The quality of the malware code coming out of Russia is especially excellent. Judging by the quality I think malware writers are getting paid more than AV personnel.

The main source of current infections is malformed code embedded in web based advertisements. Criminal syndicates buy legitimate advertising time from a reseller with a bogus account. They get posted as banner ads on legitimate sites. Then after running the real ads for a few days they update it to one that injects malicious code into your browser. Thousands get infected until the advertiser pulls the ads and bans the new account. A few weeks later the syndicate opens a new account from a new business and the cycle starts again. (this is simplified a bit)

That web ads malicious code is injected into volatile memory which then crashes and allows them to run a snippet of their own code. That snippet downloads the payload. The usual payload now is a virus that pretends to be a part of your operating system. Once installed the infection pretends to be software that your hardware needs to run protected by the dodgy DRM scheme Microsoft implemented. The classic rootkit problem that MS won't fix. Thanks Hollywood for wrecking my computer security while completely failing at stopping piracy. The current payload infections I have found cannot even be found by AVG, Norton, F-Secure, McAfee or Trend Micro. Some can find the malicious code in the banner. Though they still got infected and the first thing the payload did was disable the AV programs.

There are other infection techniques that are also undefendable by AV software. If you go past criminals to include snooping governments and law enforcement AV companies are not allowed to find their viruses and trojans.

The bottom line is you are not secure online. If you use IE 6 or don't do windows update no AV software in the world can protect you now. Firefox is the better choice. Remember the old adage. Crash firefox you lose your browser. Crash IE and you can get the entire operating system. Install the ad block plus addin to Firefox. Those banners will never even appear. Most infections target dodgy older versions of Windows. If you move away from that there are fewer infections. Other platforms are not more secure. They just are not targeted as much.

An infected Microsoft machine auctions for anywhere from 10 to 35 cents depending on hardware and connection. The same computer is often auctioned out multiple times. The "secure" Macs usually sell for 50 cents. But they tend to be resold fewer times and stay infected longer.

There were also some major flaws in the php scripting language that sites like esangha used. Admins who did not do updates, which are often no easy task and can wreck a sites usability, were used as platforms for malware. Esangha was either deliberately destroyed or found by a web spider looking for known weaknesses and infected automatically.

I know a few tricks if you think you are infected and need some help.

[Annapurna]

Thank you Nemo.

I would appreciate advice.

PM or here?

What I don't understand is, -why do they do that?

I don't do online banking, because my brother says it's not safe,.

Is that so?

I go in via Firefox, the new version, which speeded the computer up considerably.

[ronnewmexico]

JUst one example.
A sports site I know of had exactly what Nemo is talking about in the legit adds.
The addon was selling believe it or not...a PC protection device. I actually knew of one person crashing a site and then when the site became funtional again trying to sell site protection hardware on that very site. Was the protection hardware worth anything...probably not. So it would be complete profit for the scammer.

Seems strange and bizzare but many people are quite delusional. You ask them about such things and the response is invariably if they have families.....my child has to eat. So it then becomes morally justifiable on such basis. Remiinds me of a financial service add several years ago. It had a picture of a very young child with the words to the effect of....you are responsible for her protection. Of course in America young children are rarely in circumstance of starving and to buy this financial product you had to be quite well off as well.

It is rarely called as it is.....to make myself rich. Being rich in such deluded peoples minds being the end all be all. And when they die....in thier minds they take it all with them. And in the bardo I suspect such pretense as moral good from bad action quickly dissolves. The arbitrator of truth buys no such product I think. Every posession suchly gathered turns into piranna that finds them in that pool they are swimming. They never recognize the pool, the swimming, or the piranna, for what they are. So they suffer greatly. That's my guess.

Geeze Louise.....I'm now seeing spyware trojans and whatnot everywhere now due to my paranoia on reading this thread....Geeze Louise!! Quick virus check, quick scam check, quick delete history, quick, quiick quick......

Ah.....who cares....steal away me hardies......you will find what it will get you.

I'd guess some are actually trying to hack into individual computers, but the chance that the person you are getting into has some actual useful thing you can use to transfer monies and such.....I'd say the chances are very very low. It's not that everyone doesn't have that info. on their computers and such but to corrospond with the information gained there has to be corrosponding information that allows access to the institution you are useing that information on. How many financial institutions nowadays do not have a visual or some other prompt that the user must know to transfer monies, and virtually any phone transaction to confirm the transaction requires specific information which is generally not available to the hacker. Of course if you leave such information up and accessible on your computer you are generally a idiot(note to self check information on computer).

To mention how bad it can be....I had one faith based internet site that I used to corrospond on, several months ago . I received internal Email on the site that identified to me the corrospondant was performing the Nigerian scam(a simple scam exchanging offer of monies for information or other monies) Winkipedia has a article on how it works when perfomed over the phone or by mail. I notified about every moderator I could(about five or six) and the adminstration of that site(you had to be a member to corrospond by internal email). I checked the originator of the scams profile and found that person already had made successful targets. And the site.....they removed my internal email that attested to that and to my knowledge, never deleted the account of the person performing the scam nor did they delete my account when I then requested they do that. As far as I know the scam is still being performed on that site. In retrospect I should have just notified our state attorney general and left it at that. When the emails were deleted I had no "evidence"' to work with. Most just disregard such scams as they are completely obvious as scams but some are vulnerable. And this on not a sport or political site but a religious site. Geeze Louise.....that really sucks. When I visited the political board of that particular site I also invariably would receive soft porn internal emails after the visit but that is aside. It is a for profit faith site, that will not remove any members for any reason under the sun as bottom line is....members spell add revenue, generally. So it is virtually infested with various scammers of all sort and description.

As a aside I do a couple of little things that to my uneducated opinion help. These are all just hurdles which make such things slightly more difficult. They deal in volume and will not target a more difficult pc, it is just to time consumptive. Why bother to write script for a more difficult target when there are thousands available anyway, that's my thinking. These might not help at all but I think they do. I maintain two differing internet prompts and vary useage on both. If I do a financial transaction I invariably will not do it after visiting a general site such as this. I log out and log back in on the other account. I also delete any history(to include add ons cookies and such) after visiting any suspect sites that I actively inteact with. Sites I know are infected...I try to completely stay away from. Updater prompts other than from known recognized sites....absolutely do not use them, and don't trust addresses associated to them that seem OK. Old computers, pretty much, no matter what you do to delete stuff it will still be accessible in some form unless you are a dos master. So to delete the hard drive permenantly, a hard screwdriver and hammer work quite well prior to recycling. The recyclers...they may recycle these things to a third world country where they are not recycled but given away or sent to garbage dumps. People in those places then may access informations and use them.

Have random numbers integrated into your email address. A address that makes no logical sense such as being not a recognizable name helps. Never open suspect or any unrecognizable emails, especially with attachments. Screen your email to junk. Never put your email address online. Never answer emails requests online except on recognized sites. The Nigerian scam I mention above was requesting a email response, after this person says they have given me money, as they like what I say on the internet board, and a loved one had died. I respond and my computer and all its info is theirs. And if I am really stupid I go with their scam and give them account numbers and such to deposit monies into. Never respond anywhere at any time to free offers or to winning a prize. Check adddresses and content of even recognized sites....hackers pay little attention to detail and often on visiting the site there may be internal obvious errors. Addresses are no longer a gimmie on finding a illigetimate site as they use very similiar addresses nowadays. Put verifiable addresses you use on a favorites menu. Do not access sites not on a favorites menu except with the intial order. When on financial sites spend as little time there as possible. Do not ever put any passwords or even names on remember in your computer.

This along with doing virus scam and other checks pretty often now.

Since I am now paranoid.....I will do all those things. Sometimes I forget but virtually any financial institution has safeguards of some sort.

Wireless....keep in mind your neighbor if you live in a apartment may very well have access to your wireless. There are various devices to stop that encryption and such, but I do not know if they are 100%. Some services allow for checking of this I think. If I don't have to use wireless I do not. I could shut it off I guess, but I just put a metal cover over the transmitter if I'm direct. If useing wireless when not at home....be careful about transmitting sensitive information. If you have high speed(which most all now do) unplug it when not in use.

If you can access sites like this to just read of some such, without logging in.....do so, every log in or interaction is a potential entry point. No log in or message written....generally little chance of spy ware and such. Assume every time you do interact you are infected. If you are logged in, and access a safe site but a link within that safe site is infected that may be pretty equal to accessing a email that is infected by email. If you access that same link but are not logged it, it may not have a equal effect.

And if your computer is used for spiritual purposes....do protection mantra or ceremony.

As a aside....if I or others had the time and motivation I don't doubt for a minute the sites/peoples doing such things could themselves be traced using the same methods available to the hackers and then when identified those sites themselves could be hacked and have incorporated viruses introduced to destroy them. But no one seemingly has such motivation. It would I think be relatively easy. Their protections and computer hardware you see is exactly as ours is. Peoples governments and corporations generally work only on the defensive side of it not the offensive as potentially that could be construed as illegal. And/or they would be protecting other for no benefit personally to them. Such as is the mindset clean protect your own yard but not your neighbors. Offensively it seemingly could be easy and most effective. Someday that may occur to people, but maybe not. Give a hacker a clean computer with nothing on it virtually empty, six months, and easily could be found a way and means to destroy them every one of them whereever they arise to include spam. If it gets very very bad to actually influence adds and profitability....then we could see that happen. Till then..... never happen.

This is why google has suddenly found religion....the interference is affecting adds and ability to sell adds. To many sites hacked by governments and others....add revenues go down, less people use them.
A site like esanga goes down, esanga has no add revenue but if enough sites go down, google is affected as well revenue wise. Google could give a flying capital f about human rights activists and their identification. Concurrent with the activists action by China is the other work affecting sites that produce revenue for google. Which is why the corpocracy that is the US government is now getting involved. It affected a corporations bottom line.

The internet within ten years will become solely a financial tool due to recent changes in corporate influence over governmental in the US. The US FCC will allow some changes which will affect a pay as you go status to all internet things. Sites without significant cash flow will simply not have the means to survive. So the freedom you now see in information and things is quickly to change entirely. So this will all be a mote point shortly. So not to worry, the internet as we know it is quickly to end. The inteligencia without money to go along with it....they will find only american idol type stuff and corporate propoganda on it. So it will become virtually useless as is American national media to those such Americans. So we will not have this problem in the US and probably the rest of the world. Like a frog being boiled in the pot...these changes will happen so gradually you will not even notice them. Ten years....barring major US societal change or natural disaster or panademic.

[KeithBC]

What I don't understand is, -why do they do that?

Why? Something like 75% of all Internet traffic is spam. It takes major computer horsepower to send that much traffic. When you consider that only one person in a million is dumb enough to respond to spam, the spammers have to keep their costs down in order to make it worthwhile. So why buy a new computer for several hundred dollars when they can get yours for 25 cents? Once infected, your computer will spend all its free time sending out ads for viagra.

Om mani padme hum
Keith

[BFS]

What I don't understand is, -why do they do that?

Why? Something like 75% of all Internet traffic is spam. It takes major computer horsepower to send that much traffic. When you consider that only one person in a million is dumb enough to respond to spam, the spammers have to keep their costs down in order to make it worthwhile. So why buy a new computer for several hundred dollars when they can get yours for 25 cents? Once infected, your computer will spend all its free time sending out ads for viagra.

Om mani padme hum
Keith

Wow, yes. Never thought of it quite like that.

[Annapurna]

What I don't understand is, -why do they do that?

Why? Something like 75% of all Internet traffic is spam. It takes major computer horsepower to send that much traffic. When you consider that only one person in a million is dumb enough to respond to spam, the spammers have to keep their costs down in order to make it worthwhile. So why buy a new computer for several hundred dollars when they can get yours for 25 cents? Once infected, your computer will spend all its free time sending out ads for viagra.

Om mani padme hum
Keith

I don't understand that.

How can they use my computer?

I'm occasionally getting spam for viagra, but it's caught in the spam box, I don't open them and l delete them and block the user.

Is that enough?

[David N. Snyder]

As long as you have a spam folder and the spam goes there, you are pretty safe. No need to even open your spam folder to see what is there. No need to block them, there are a zillion more coming.

As long as you don't click on ads, pop-up ads, etc., you are pretty safe. If you don't have a spam folder, you can pretty much guess which ones are spam and dangerous, such as:

1. pharmaceutical ads
2. someone in some far off land who just won the lottery or a big inheritance and needs your bank acct. number to "wire" you tons of money.
3. someone who never met you, but wants to chat
4. etc., etc.

And then don't click on any links in those e-mails!

Other than that, the internet is still pretty safe. Online banking is done through a secure "https" line; watch for the https in the browser when you do online banking. If you do online banking, never do it through some e-mail! Do it by going directly to the website.

No ads here at Dharma Wheel!

[mettafuture]

I use Comodo firewall and antivirus. Comodo's notices are a little annoying, but overall, it's a good program. AVG might be a better option. If I remember correctly, it has a free firewall and virus scanner also.

[KeithBC]

I don't understand that.
How can they use my computer?

Nemo described the process by which they get control of your computer. It involves your visiting an infected website, receiving an infected ad, opening an infected email, etc. The infected code downloads the spammers' program onto your computer. Once the program is installed, they can use your computer for whatever they want whenever they want. The spammers' program can communicate over your Internet connection back to its "home" database to get lists of email addresses to send to or instructions for what to do next.

Good anti-virus software will protect you against a lot of these nasty downloads, but it is an arms race. The bad guys are usually one step ahead of the good guys.

And, as the other posts in the thread were saying, the bad guys are no longer high-school students looking for kicks. It is big business, organized crime, and national governments that are doing most of it these days. They are incredibly well-funded and well-organized.

Om mani padme hum
Keith

[Annapurna]

As long as you have a spam folder and the spam goes there, you are pretty safe. No need to even open your spam folder to see what is there. No need to block them, there are a zillion more coming.

As long as you don't click on ads, pop-up ads, etc., you are pretty safe. If you don't have a spam folder, you can pretty much guess which ones are spam and dangerous, such as:

1. pharmaceutical ads
2. someone in some far off land who just won the lottery or a big inheritance and needs your bank acct. number to "wire" you tons of money.
3. someone who never met you, but wants to chat
4. etc., etc.

And then don't click on any links in those e-mails!

Other than that, the internet is still pretty safe. Online banking is done through a secure "https" line; watch for the https in the browser when you do online banking. If you do online banking, never do it through some e-mail! Do it by going directly to the website.

No ads here at Dharma Wheel!

No need to even open your spam folder to see what is there. No need to block them, there are a zillion more coming.

David, a part of my new business contacts is not recognized, and gets stuck in the spam box! I have to check everyday...
quite annoying.

No need to block them, there are a zillion more coming.

Because I block them, or despite of that?

I had to block facebook, as I was getting spammed big time from facebook.

you can pretty much guess which ones are spam and dangerous, such as:

1. pharmaceutical ads
2. someone in some far off land who just won the lottery or a big inheritance and needs your bank acct. number to "wire" you tons of money.
3. someone who never met you, but wants to chat
4. etc., etc.

Yes, I'm getting a lot of pharmaceutical stuff and 'Nigeria' inheritance...

And then don't click on any links in those e-mails!

I didn't dare to, if I remember that correctly...

TY!

[Annapurna]

I don't understand that.
How can they use my computer?

Nemo described the process by which they get control of your computer. It involves your visiting an infected website, receiving an infected ad, opening an infected email, etc. The infected code downloads the spammers' program onto your computer. Once the program is installed, they can use your computer for whatever they want whenever they want. The spammers' program can communicate over your Internet connection back to its "home" database to get lists of email addresses to send to or instructions for what to do next.

Good anti-virus software will protect you against a lot of these nasty downloads, but it is an arms race. The bad guys are usually one step ahead of the good guys.

And, as the other posts in the thread were saying, the bad guys are no longer high-school students looking for kicks. It is big business, organized crime, and national governments that are doing most of it these days. They are incredibly well-funded and well-organized.

Om mani padme hum
Keith

Nemo described the process by which they get control of your computer.

Didn't understand a lot...

The spammers' program can communicate over your Internet connection back to its "home" database to get lists of email addresses to send to or instructions for what to do next.

Are you saying that they are collecting my email adresses and then send them to someone else?

To send them ads? Or more?

It is big business, organized crime, and national governments that are doing most of it these days. They are incredibly well-funded and well-organized.

I apologize for my naivity, but I have no knowledge about this.

What can they do? They send a few ads to my adresses, and then?

I mean, how can they take money from me or anybody?

Sorry, but I lack the basic knowledge... ....

Ty!

[KeithBC]

Are you saying that they are collecting my email adresses and then send them to someone else?

That's only one thing that they can do. What they do with those addresses is they send those addresses back to their "home base" and put them all into one big database, which they use to send spam to.

But, if they have taken over your computer, they can also use it to process that big database and send the emails. The program installed on your computer will receive a part of that big database and spend its free time sending the emails to people you have never heard of. It might even host part of the big database on your disk drive.

Om mani padme hum
Keith

[Annapurna]

How can I find that out and get rid of it?

[Potato]

If you are using Windows, Comodo's free AV and firewall suite is very good.

http://personalfirewall.comodo.com/

You should also install AdAware and SpyBot Search & Destroy, which are programs that find and remove malware. Use both, because each one finds and removes some things which the other misses.

AdAware: http://www.lavasoft.com/products/ad_aware_free.php

SpyBot Search & Destroy: http://www.safer-networking.org/index2.html

If you think you already have a virus or Trojan on your system, you may need to back up all your files and then reinstall Windows with AV and anti-malware programs.

Also, stop using Internet Explorer as your browser. Download and install Firefox, and get the NoScript and AdBlocker Plus add-ons.

Firefox: http://www.mozilla.com/en-US/firefox/upgrade.html

Search the Add-ons link for NoScript and AdBlocker Plus.

[retrofuturist]

Greetings Anna,

Antivirus: Avast
Spyware: Spybot S&D
Firewall: ZoneAlarm

With this combination, I've not experienced any problems on my PC.

Metta,
Retro.

[Nemo]

The current crop of trojans coming out of Russia are not even detectable by any of your security counter measures. I've tested this myself. I've seen these banner ads take over fully updated Windows XP with updated antivirus software active while using firefox. This is uncommon. Only the best can do this. I tracked them to a hosting site in Poland just over the border from Russia. They leave a keylogger in place for a few weeks that takes every keystroke you make and sends it to the server in Poland. Then a simple search program farms any possible banking/credit card info. Your computer is then auctioned off ebay style to be used as a spam email or even possibly a kiddie porn relay. Then the browser redirects and search functions are taken over and eventually you will probably be left in pop up city with a computer to slow to use.

Sadly there is no legal recourse whatsoever. It's still the wild west out there. I prefer it that way. Better than China's idea of the internet.

You must stop using ie 6 or before. Microsoft has said they have no plans on securing the holes in previous browsers. By now even the maladjusted shut ins can download code off the net to exploit those security holes. Then to get infected all you need is for a banner ad to show up on your machine. It executes automatically with no user intervention or clicks needed. Ad resellers like adbrite(especially bad), scanmedios, yieldmanager or media-server are often compromised.

Your illusion of safety is what killed esangha. Updates and back ups are vital. You must do all the security measures mentioned earlier and update Windows regularly.

[Annapurna]

If you are using Windows, Comodo's free AV and firewall suite is very good.

http://personalfirewall.comodo.com/

You should also install AdAware and SpyBot Search & Destroy, which are programs that find and remove malware. Use both, because each one finds and removes some things which the other misses.

AdAware: http://www.lavasoft.com/products/ad_aware_free.php

SpyBot Search & Destroy: http://www.safer-networking.org/index2.html

If you think you already have a virus or Trojan on your system, you may need to back up all your files and then reinstall Windows with AV and anti-malware programs.

Also, stop using Internet Explorer as your browser. Download and install Firefox, and get the NoScript and AdBlocker Plus add-ons.

Firefox: http://www.mozilla.com/en-US/firefox/upgrade.html

Search the Add-ons link for NoScript and AdBlocker Plus.

Thank you! I always use firefox.


To all, thank you as well. I once had Avira virusscanner on and thought I download another one, just to be safer and then I had big problems, and a friends said the 2 get into each others way.

Is that correct? And when I have Avira on, can I use another virus scanner?

[KeithBC]

You can generally only use one anti-virus product at time. They will interfere with each other.

You can (and should) have more than one spyware / adware scanner at the same time. They will not interfere with each other, nor with the anti-virus software.

Om mani padme hum
Keith

[Ngawang Drolma]

I use the most updated form of Norton and reformat about every six months.