Typical Question – How did I get infected with trojan and virus

Typical Question – How did I get infected with trojan and virus…

http://answers.yahoo.com/question/index?qid=20110923202712AAmHzZF
(I am antibotnet Yahoo ID as webmaster www.bluecollarpc.us)

It

may help a little with orientation with the behavior of malware. A trojan takes control and wants to do something and will rifle actions to get it done. A crash may occur because it is not normal expected behavior of the healthy system as is giving control command in an underhanded way as brute force. Trojans have evolved greatly and they have security software disabling trojans which disable free products and some shareware products as well. There are now Downloader Trojans that install more and more malware as the rootkit usually does. There are backdoor trojans that affect connectivity and control vital areas.

The crash you mention probably did occur from the trojan infection and spyware does this too as opposed to a computer virus or worm. AVG did indicate a trojan infection found.

Viruses take over files to spread themselves. Some are specifically created to destroy computer files, systems, or drive itself. Newer ones have been crafted to steal passwords.

Your problem seems to be you are using the free AVG version which will NOT protect the computer because Real Time Protection is only activated in paid subscription antivirus and antispware products. If you had AVG paid antivirus – it would have blocked the trojan infection from occurring. NOTE today there are many newer and sophisticated trojans that simple antivirus no longer detects all. Antispyware will detect many of these and particularly ones used in spyware installations.

These can happen anywhere on the world wide web at any infected website whether hacked or intentionally a malicious content website. This is called a “drive by infection” meaning the unprotected computer will get infected just by visiting a bad website. This can include and is not limited to virus, trojan, spyware, and botnet infections. You MUST have Real Time Protection activated or there is NO protection.

The free home version scanners are called stand alone on demand scanning as “reactive” protection. Paid subscription security softwares have all this plus the “proactive” Real Time Protection processes (heuristics) that block all infections from occurring in the first place. All that gets past this is generally embedded malware in some software download that can be found by scanning the package FIRST before clicking to install OR will detect it trying to execute when the installer package is double clicked to execute the installation.

Threatfire is great as just the Real Time Protection processes protection themselves for both ativirus and antispwyare catagory threats. You can add that and scan regularly with AVG free. http://www.threatfire.com/
You forgot antispware with Real Time Protection – get free from Microsoft, Windows Defender to add to this package….. http://www.microsoft.com/athome/security/spyware/software/default.mspx

There are only two or three known antivirus and antispwyare programs in the world that have offered free Real Time Protection products, and fortunately they are far from dog programs. They have won several prestigious awards that the big companies have such as the VB100 Award and West Coast Certification to name a couple. I would pick one and install it immediately and keep AVG off to the side as a secondary stand alone scanner.

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/

Comodo Free Anti Virus
http://antivirus.comodo.com/

ALSO
Spyware Terminator
(Antispyware and antivirus. Real time protection added ! )
http://www.spywareterminator.com/
* Fast spyware scanning
* 100% real-time protection
* HIPS protection
* Antivirus protection
* Multilanguage Support

Source(s):

http://bluecollarpc.us/Threats_FAQs.html

Advertisements

BSoD Blue Screen Of Death Helpers

BSoD Blue Screen Of Death Helpers

A typical event and answer….
http://answers.yahoo.com/question/index?qid=20110923213652AA4NDOF

QUOTED

….. (I am antibotnet yahoo id)

It would help everything if you noticed any name of anything and go to BleepingComputer.com. I hear you and understand you understand that you knew better than to keep using the computer without taking the few minutes to create an Emergency CD Repair disk to reinstall Windows to factory fresh after wiping the disk (erase all on it). Generally with the BSoD (Blue Screen Of Death) means you have to reinstall Windows unless you are really savvy with security.

You could try accessing the Windows Registry to delete malware entries manually. Fish through system32 and unknown program installations. HiJackFree can help with these things even though you may not yet be that advanced http://www.hijackfree.com/en/ …..We are talking start up processes items (executables and others) unfamiliar and autorun entries (if worm involved) Active X items as unknowns…. HiJackFree can help simply as it lists all these – what is actually loaded and running in your pc – in each section when you install it and use it anytime.

TRY USB DRIVE PORTABLE ANTIMALWARES…. You will need a USB Drive (sometimes called a thumb drive) and these look just like a USB Media stick but make SURE it is a DRIVE to operate these. They will NOT work on a USB Media stick (same price). About 12 to 22 USD (US Dollars) depending on size. A 2Gigabyte size is plenty of room for these and usually the smallest ones and they sell up to 8 gigs and higher. (These also store files like the usb media stick).

Emsisoft Emergency Kit Scanner (best detections)
http://www.emsisoft.com/en/software/eek/
The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware.

ClamWin Portable (Antivirus, more) [FREE]
http://portableapps.com/apps/utilities/clamwin_portable
Antivirus to go…. ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
NEWS: ClamWin Portable 0.97.1 (anti-virus) Released | PortableApps.com …
ClamWin Portable 0.97.1 (anti-virus) Released. Submitted by John T. Haller on June 17, 2011 – 7:46pm. logo ClamWin Portable 0.97.1 has been released. …
http://portableapps.com/news/2011-06-17_-_clamwin_portable_0.97.1_released

Microsoft

Standalone System Sweeper (Beta) [FREE]
http://connect.microsoft.com/systemsweeper
Note “beta” means it is actually still a test version with ability of feedbacks from the community for any bugs found they need to correct. It then is released as normal “alpha” version.
NEWS:
Microsoft ships free malware cleaner that boots from CD or USB
ZDNet (blog)
June 1, 2011, 10:15am PDT In a move aimed at cutting down on support call costs, Microsoft has released a malware recovery tool that boots from a CD or USB stick. Ryan Naraine is a journalist and social media enthusiast specializing …
http://www.zdnet.com/blog/security/microsoft-ships-free-malware-cleaner-that-boots-from-cd-or-usb/8712

SUPERAntiSpyware

Portable Scanner (Antispyware) [FREE]
http://www.superantispyware.com/portablescanner.html
Follow the instructions below to download the SUPERAntiSpyware Portable Scanner. The scanner features our complete scanning and removal engine and will detect AND remove over 1,000,000 spyware/malware infections. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled. The scanner contains the latest definitions so you DO NOT need Internet Access on the infected system to scan.

Source(s):

http://bluecollarpc.us/Help_Center.html
http://portableapps.com/

What is Active X ? Active X Revisited

What is Active X – Revisited

One of the greatest misconceptions about Active X is that many novice computer operators (newbies) think it is malware. That’s a shame because it is and was a wonderful invention for the Windows Operating System and is registered and copyrighted and trademarked with a history – that whole nine yards….

HISTORY OF “OWNERSHIP”: http://en.wikipedia.org/wiki/ActiveX
SEE (Information)
http://www.active-x.com/articles/whatis.htm
http://support.microsoft.com/kb/912945

What it does is acts like a strong man in the operation, navigation, and on websites to deliver content – and when. There is like frames as well and much else in websites as example, and all in the blink of an eye unless on dial up which you can see loading and displaying many times. When you Go To some website and it is loading in the browser to display – as it is displaying all parts of the webpage instantly almost – there are various parts of like sidebar items, if you will, and that is kind of what is delivered by an Active X employed as to streamline the load and display of a webpage – like text first, graphics next, and extras later. All in the blink of an eye. Active X, unlike a Java Script like a familiar drop down menu that may be on a webpage, will deliver some sidebar type content on the page and structured to do so. Generally this is on commercial paid-for website design pages. Generally you will never see any Active X employed on a Personal Website.

Now, where the rumours and fears and alarms go – these are based on real events and that is malware trojans and malware toolbars that virtually all MISUSE an Active X or even reverse engineered (pirated, decompiled, unlawful re-coded/programmed), customised.

I like to brag a little being in Windows Computer Security and webmaster of the BlueCollarPC originally at .net now at .US and since 2005 because there are so many deviants from profession sloughing the public for big bucks and especially like Forums hosing for a buck at donate forums and may include links to Forum Administrator and Forum Moderator owned PC Repair Shops that have no clue to Active X that there are actually FIVE DIFFERENT Active X applications – and worse – virtually all in IT Security don’t even know that.

You wonder why data breaches of all our citizen’s private records are happening in the millions upon millions ? That’s why. Too many persons in Computer
Security are full of it. I have been to many Donate Forums in malware removal in their “boot camps” (Train to be one of their official privileged designated forum helpers) and would not dare put my hand, name, or internet reputation to theirs as finding out what they employ as “malware removal help” to Users computers. So, again, I am not talking through my hat making stuff up. I would guesstimate at least 85 percent of all malware help available on the web can not pass “Compliance” in IT Security though many say they do and are “Microsoft MVPs” ! BUYER BEWARE ! This is only ONE thing they have no clue to. Why important ? Because of the vast hundreds of thousands of spyware packages that misuse Active X in many ways including the even transparent displayed ‘Downloaded Program Files’ (C\Windows/Downloaded Program Files) Active X items. I know my XP and Vista machines like the back of my hand ! Do they ? Obviously not !

You can take this to the bank and who told you…..

There are actually FIVE, count them five, Active X items ….

1) Active X
2) Active X Object
3) Active X Helper Object
4) Active X Control 
5) Active X Control Object

Inevitably, they enter a registry key in the Windows Registry HERE :
HKEY_CLASSES_ROOT

Now in Internet Explorer settings, you can set the browser to ask Permission for each time any Active X item on a webpage is detected – clicking OK allows the Active X item to control and deliver the designated content. This is a good way to become familiar and actually see how many normal websites you visit employ Active X in their website designs. Probably just over half or more do – commercial sites like News, Media, shopping sites, etc.

The free Mozilla Firefox was the rave by UNINFORMED people who claimed it was safer than Internet Explorer and was based on the notion that Firefox does not allow any Active X to run on any site visited. The ensuing cross-infections and Java exploits as password stealing viruses through Firefox for one put a stop to their wildfire spreading of dis-information of computing security. They costed enough people a pretty penney no doubt in ID Theft type activites by cyber crime. Internet Explorer is still the safest browser in the world and has been far ahead in security technologies as anti-phisher, Protected Mode, various secure site additions and so on (list extensive).

Promoting TRUE Computing Security knowledge and practices has always been the history of our BlueCollarPC websites – the original .Net and alternate .Org and finally currently to www.BlueCollarPC.US for the new decade. (The other two were left expire – I no longer own them since about 2009) . I do intimate I have been offered three different prestigious Posistions since 2005, but alas am a 100 percent disabled individual donating what time I can when able to and had to unfortunately decline as health does not permit.

 

%d bloggers like this: