Detect and Remove Spyware

Here's a nasty one:

Trojan FakeAlert  hijacks the desktop background with a graphic alerting the computer user that their computer system has been infected with some type of spyware. Trojan FakeAlert also changes some setting values of windows which include:- disabling permissions so that the computer user cannot change the background graphic and configuring the active desktop to 'show web content'. It is most often installed in conjunction with another nasty rogue anti-spyware program.

Rogue anti-spyware is antispyware that uses malware (malicious software program(s)) or malicious utilities to advertise or install itself or to coerce computer owners to purchase software to remove nonexistent malware. Many times this type of software such as Trojan FakeAlert will often install a trojan horse to download a trial copy of the software, or it will execute other unwanted tasks which is also typical of this type of software. 

In the majority of the cases, the main reason why software makers create these rogues are for the purpose of selling their software.

You can use one of three software products to remove this threat: The PC Tool Internet Security product, the antivirus plus antispyware product spyware doctor with antivirus or last but not least the antispyware product spyware doctor. Either of these solutions will get the job done. It just depends on whether you already have security or not. If you don’t have a firewall, then get the first product. If you don’t have an antivirus, then get the second product. If you just need a good spyware removal program and you have the other security applications, then get the last product. With either of these, Trojan FakeAlert will be history.

Post brought to you courtesy of Computer Tips By Olan

Backdoor.ProRat is a remote administrative trojan. It allows an attacker to take full control of a compromised computer. It also logs all keystrokes to a text file which can be accessed by the attacker. It also hides itself from task manager and process monitors.

Remote Administrative Trojans (RATs) allow a hacker to obtain unrestricted access to another individual’s PC whenever that person is connected to the Internet. The hacker can then perform such operations as transfer files, add, edit or delete files, and even control the mouse and keyboard. Most Trojans are usually distributed as email attachments or integrated\packaged with another software application.

It appears that Backdoor ProRat is not just RAT but also a keylogger. Specifically is it a Remote Access Keylogger. These are local computer software keyloggers coded with an additional facility to transmit recorded data out of the infected computer and transfer the data to the monitor machine at a remote location. Remote communication is supported by one of four ways:

• Data is uploaded to another website or an ftp site.
• Data is periodically emailed to a predetermined email address.
• Data is wirelessly transmitted through the use attached hardware facility.
• It allows the monitor to log into the local machine by way of the internet or LAN/WAN and access the logs stored on the infected computer.

This RAT/RAK is known by PC Tools and can be removed by spyware doctor. If you do not have a firewall you might be interested in looking at the PC Tools Internet Security product which has a firewall, antivirus and antispyware in one product.  Since the spyware doctor technology is part of the PC Tools Internet Security Suite, it should remove the Backdoor.ProRat as well.

Post brought to you courtesy of Computer Tips By Olan

Adware.Cinmus is an adware program that uses a Browser Helper Object which produces pop-up advertisements at random intervals. For more information on Browser Helper objects, see "How To Remove Trojan BHO KQW." Some of the characteristics of this infection:

1. Creates the file acpidisk.sys in %Temp% or…
2. Creates the file pnpmem.sys in %System%\drivers or…
3. Creates the file dosss11.dll in %Temp%

The files above have been known to do any of the following:

• Deleted as a process from disk
• Created as a new Background Service on the machine
• Created as a process on disk
• Executed as a Process
• Copied to multiple locations on the system
• Loaded and Executed as a System Driver File

Since it is a BHO known to PC Tools, the spyware doctor download has the facility to remove this infection.

A word about adware…

When we think about adware, it is any program or software that automatically executes, downloads or displays advertisements on the infected computer. Adware can host adware. In other words, one adware program can be the host to install other adware programs on your computer. This adware is said to have “more adware” as its payload.  Since Adware Cinmus is a Browser Helper Object, it starts its execute in your browser and expands from there.
 

Post brought to you courtesy of Computer Tips By Olan

Many Brower Helper Objects expose visible modifications to an Interner browser's interface, such as introducing toolbars in browsers such as Internet Explorer, etc., however others execute without any visible mods to the interface. This makes it easy for malicious individuals to hide the methods and activity of their internet browser add-on. Since it is a BHO known to PC Tools, the spyware doctor download has the facility to remove this infection.

Post brought to you courtesy of Computer Tips By Olan

Back in the early nineties, 84% of virus attacks were aimed at Microsoft Word. This was all down to what are called macros, which are small computer programs that do flashy things like changing the way a display looks or performing calculations.

Microsoft Word allows macros within Word documents, which wasn’t a poor idea to begin with but all went wrong when the virus makers discovered how easy it was to make macro viruses. Their macros do snazzy things too, like adding malicious files and editing other files that determine how your computer runs.

The problem has declined now because the latest versions of Word (2000 on) do a decent job of protecting against Word macro viruses. Older versions (Word 6 and earlier) are poor. Word 7 is somewhere in the middle.

If you run an old version of Word, you should certainly run a virus checker too. If you don’t want to do this, then you must take a lot of precautions over which Word documents you open.
The safest thing to do is open any strange Word documents that you receive by email or on disk in WordPad first. They won’t open properly and the first 30 or more lines will be code garbage, but in the middle you’ll find most of the text of the file, enough to check whether it’s a genuine file that you need to open the proper way.

Modern versions of Word will inform you that a document contains a macro and offer you the option “Disable Macros” before opening. Always choose this option without fail. You can always open the document a second time, with macros enabled, once you’ve established that it’s a genuine document and you need the macros to run.

Microsoft Word Viruses
Cap
Concept
Niceday
Wazzu
Colors
MDMA
Npad

See Also
computer virus removal
Twitter Under Attack Once Again
Windows Live One Care Help You
windows firewall security
Online Computer Support

“Late Sunday night and into the wee hours of Monday we fought off a fourth attack,” said Biiz Stone, co-founder of Twitter, in an update to a blog post he originally published Sunday. “Once again, we secured the compromised accounts and deleted any material that would further propagate the worm.”

The latest attack — which followed a pair of worms Saturday and a third Sunday — originated from a just-registered account labeled “cleaning Up Mikeey,” said F-Secure Corp.’s chief research officer,
Mikko Hyppfonen. Today’s copycat worm infected account profiles of people who clicked on the sender’s name or image in tweets like, “How TO remove new Mikeayy worm! RT!! http://bit.ly/yCL1S.”

“A message like this is particularly nasty, as there were plenty of re-tweets of this malicious message sent by genuine users,” Hypponen said in a blog post just minutes after Monday’s attack began. “The bit.ly link got redirected back to Twitter, to user reberbrerber’s profile & which would infect Twitter users who viewed it.”

Twitter has since deleted the cleaningUpMikey account and the tweets it and other infected accounts spawned.

Also on Monday, Twitter again emphasized that while the worm attacks have been a nuisance, they haven’t stolen any user account information. “No passwords, phone numbers, or other sensitive information were compromised as part of this renewed attack,” the service’s status page said early this morning.

Twitter has not responded to questions posed Sunday about the attacks, specifically about whether it had, or would, contact law enforcement officials. According to some reports, and his own Web site, teenager Michael “Mikeyy” Mooney took responsibility for the worms that circulated on Twitter over the weekend.

In his updated blog today, Stone hinted that the company would take legal action against the worms’ creators. “The worm introduced to Twitter this weekend was similar to the famous Samy worm, which spread across the popular MySpace social-networking site a while back,” Stone wrote. “At that time, MySpace filed a lawsuit against the virus creator, which resulted in a felony charge and sentencing. Twitter takes security very seriously and we will be following up on all fronts.”

In 2005, Samy Kadmkar exploited a bug in MySpace to add as a “friend” anyone who viewed his account profile. He then copied a snippet of JavaScript to that user’s profile to continue the hack. Within 24 hours, he had accumulated over a million friends.

MySpace sued, and in January 2007 Kadmkar pleaded guilty to a single felony count. He was sentenced to three years probation and 90 days of community service.

See Also
spyware removal software
how to remove cipav spyware
malicious spyware removal
remote virus scan
windows 7

The gain spyware was designed by claria corporation to get the details of of user habits about the websites they often visits so that they can display ads based on user habits

How Gain Spyware Gets In Your System
Some versions of Kazaa and other P2P programs have been known to install this. Also, it may download by the means of an ActiveX applet in Internet Explorer. If you click “Yes” to a prompt for this program, it will download and install the E-Wallet app and the GAIN app. Some versions have been known to use a file called “Trickler” to slowly and stealthily install the program and the adware component GAIN.

How to remove gain spyware
According to the publisher, Claria, you can remove it VIA the add/remove applet in the Microsoft Windows Control Panel. The adware “should” uninstall after all GAIN supported apps are gone. However if this does not work you may want to download an anti-spyware program. These automated programs can usually remove the E-Wallet Application and the GAIN Spyware App.

See also
windows spyware removal
how to remove cipav spyware
Will Your Device Work with Windows 7
Fix Windows Registry To Speed Up Your Comuter

Spyware is a program that is embedded on a computer and records passwords, Internet visits, cookies and can sometimes control computers services and remotely execute commands. There are many computer programs offered on the Internet for free that have hidden Trojans with spyware embedded in them. Listed below are ten of the most common Spyware programs:
There are mainly two types of spywares

Domestic Spyware is software that is usually purchased and installed by computer owners to watch the Internet behavior on their computer networks. Employers use this software to monitor employee online activities; some family members use domestic spyware to monitor other family members (such as reviewing the content of children’s chat room sessions).

Commercial Spyware (also known as adware) is software that companies use to track your Internet browsing activities. Companies that track your online habits often sell this information to marketers who then hit you with targeted advertising—ads that match your browsing interests and would most likely appeal to you.

List of top spywares

GAIN spyware
Claria spyware
GameSpy Arcade spyware
Hotbar spyware
Ezula spyware
BonziBuddy spyware
WeatherCast spyware
LinkGrabber 99 spyware
TOPicks spyware
Cydoor spyware

See also
top 10 virus removal
Types of Spyware in your computer
17-year-old Attacked Twitter With Worm
How To Protect Yourself from Phishing and Internet Fraud

Registry corruption has become one of the biggest problems a computer owner has to overcome on a daily basis in order to keep his/her PC running at top speed. As well as slowing down a computer, sometimes to an unbearable degree, registry corruption also has the ability to cause a computer to stall, freeze up and suffer a blue screen failure. Unfortunately, it is possible for such a failure to be fatal.

Registry corruption happens when either a software program or a piece of hardware is deleted from the computer. Technically, removing hardware will not corrupt the registry but hardware uses device drivers and these are software programs. Naturally, device drivers will be deleted as part of the hardware removal procedure.

Avoiding Registry Corruption

There was a time it was practical to try to avoid registry corruption by staying away from removing software programs. Such a procedure is no longer practical. There are too many sources of corruption to deal with to make it worth the effort to live in the sheltered world required to keep away from corruption. Instead, it is much more practical to accept the fact registry corruption will occur in your PC’s registry from time to time and be prepared to deal with it.

If one had great resolve, he or she could probably go a very long time without removing any hardware or changing any software from a computer. This is normal software. You see, there is another kind of software everybody needs to delete from his/her computer regularly. This abnormal software is spyware, adware, viruses and all those other types of parasites. Yes, even though they are unwelcome software programs, they are still software programs.

By All Means, Use A Spyware Cleaner

The point is, we don’t want to let spyware and the like remain on our PC’s just to avoid corrupting the registry because this would be a big mistake. Spyware not only has the capability of destroying our operating system, it can also steal our most private information.

Registry corruption used to be a lot easier to work around when we used older operating systems because they simply were composed of much fewer files. If corruption were a problem, adding more RAM would usually take care of the matter.

Bigger Operating Systems Make For Longer Distance For Corruption Workarounds

On the other hand, today’s very large operating systems, namely Windows XP and Vista are equipped with very complex registries and therefore, corruption is harder than ever for the OS to deal with. This is what causes the slow downs and crashes.

Running a good registry cleaner will relieve the operating system of the extra workload registry corruption piles on it. Of course, if left to develop over an extended period of time, registry corruption has the potential of causing major harm to the operating system. So, using a top-notch registry cleaner regularly is not only wise, it is necessary these days.

What all this means is every PC owner needs to run a registry cleaner as part of his computer maintenance routine these days. It really is a bad deal when you consider nobody has asked for anyone to bombard his or her computer with the malicious software known as spyware. Still to ignore registry corruption as a way of seeking justice can result in a destroyed OS and a hard drive reformat!