Antivirus Blog

A common question asked by computer users is, ‘If I have antivirus and antispyware software installed, and I keep my Windows OS up to date, and I also use a firewall, how come I still get computer infections?‘
This question has riddled both computer users and antivirus software developers alike since the widespread use of high-speed internet first occurred. In this article, we’re going to take a look at the two main methods used by hackers to infect a home PC.

First, we’ll discuss the two main factors that contribute to this problem that security software has the greatest time dealing with: reverse engineering and social engineering.

Reverse engineering is the process of picking apart software by studying its means of detection in an effort to find a security flaw or to create a way around it. This method of bypassing antivirus security has been used by hackers for quite some time and is particularly effective against computers that are running outdated antivirus software. Therefore, the best way to protect yourself from reverse engineering tactics is to keep your antivirus software up to date.
An even easier way for hackers to bypass your antivirus security is by using social engineering, a process that exploits the human element to access the computer.

The most typical methods of social engineering are:

• Fraudulent emails
• Email attachments that claim to be very important
• Free offers that contain hidden programs
• Web sites discretely load software onto your machine when you click on a link

Of all the different types of computers that are online, the average household computer with a high-speed internet connection is by far the most targeted for attack. Teenagers are a very high risk group, since they are known to visit just about any website without hesitating. Teenagers are also the biggest users of file sharing software such as Limewire, KaZaa, and torrent clients, where infected files are constantly being distributed.

Additionally, teenagers spend a great deal of time on social networking sites like MySpace and Facebook, which are notorious for being targeted by hackers. ‘Phishing’ is the method of tricking the user into revealing personal information such as usernames and passwords. One popular phishing method is to direct unsuspecting users to an imposter site designed to look like a trusted site where they may already have an account and prompting them to enter their username and password. The information is then collected and relayed to hackers who may have several malicious uses for it. This is a particularly significant threat for those who do banking online or use sites that deal with currency exchange such as PayPal.

Residential computers, in general, tend to have a higher level of virus as well as spyware infections, primarily to do the way that they are used.
If you are running up to date antivirus software and your system still manages to contract infections, it may be due to a ‘liveware’ problem, which means someone that has access to your computer is using it for high-risk activity that may be allowing viruses to bypass basic antivirus detection. Educating everyone in your household about the dangers of using the internet and explaining to them how to go about their business online safely may likely prevent any future infections from occurring.

Spyware is annoying. There are no two ways about it. On the most severe end of the spectrum, some spyware may be used to steal your personal information and rob you blind or even destroy your credit. In milder cases, spyware is just a nuisance that can prove very difficult to completely remove.

No one in their right mind likes spyware. To remove it, there is no shortage of antispyware software that you can use to locate spyware hiding on your system and effectively remove it. However, this process can also get rather exhausting. It can be pretty frustrating to run your antispyware scanner every couple of months only to find a whole new slew of entries. So, how exactly do people end up with spyware on their system to begin with?

File Sharing
File sharing is one of the worst culprits. Attaching spyware to popular files and then distributing them is one of the most effective ways for the engineers of spyware to get their annoying software out there. Programs like Limewire, Kazaa, and several torrent clients are all notorious for aiding in the delivery of spyware. If you choose to use any of these types of services, make sure you know what you’re downloading beforehand. Torrent sites usually have user comments that will help you determine whether or not what you’re downloading is legitimate, but they can’t always be counted on 100%.

Software
Certain types of software, especially freeware, may come bundled with a variety of spyware. In most cases this type of spyware is just the annoying kind that collects data about your usage and relays it to the company that created it, usually for research. But this type of spyware can still hog system resources and you’re definitely better off without it. However, removing this type of spyware may cause the software it came with to stop functioning. Be sure to read the details in the terms of use of any new software that you install. If there is spyware bundled with it that is required in order for the application to run, it will say so somewhere in the terms.

Web Browsing
Sometimes spyware can be loaded onto your computer simply by visiting a website. This is very common among unscrupulous warez sites as well as some pornography sites. Upon visiting such a site, a malicious code will be loaded by your browser and then saved to your computer, which will then cause you to be infected with their spyware. For this reason, you should always use caution when visiting unfamiliar sites. Google recently implemented a feature that warns its visitors before visiting such a site with the message ‘Warning - this website may harm your computer’.

On top of using your best common sense, another great way to protect yourself from these types of threats is by implementing quality internet security software. Many of the leading antivirus software companies offer total security suites that will offer you a great deal of protection, with regard to spyware as well as just about every other type of malicious threat online. Take a look at the reviews online to help you best determine which security software is right for you.

There are several ways that spyware can sneak onto your computer. Visiting some unfamiliar websites may cause your browser to automatically download spyware to your computer. File sharing programs like KaZaa and Limewire are notorious for assisting in the distribution of spyware. Even some legitimate software comes bundled with a less-harmful yet still intrusive type of spyware. In order to fend off spyware, you’ll need adequate spyware detection and removal software. But what if you suspect that your system is already running spyware?

There are a few key things to look for to help you determine whether or not your system has actually been infected with some type of spyware.

Signs that there is Spyware Present

• Flashing icons in the taskbar that were not there previously
• Random, unprovoked browser pop-ups that advertise things like casinos, pornography, or money making opportunities (bizop)
• Antivirus software alerting you about security breaches
• Constant requests from firewalls to grant permissions to random applications that you’re unfamiliar with

What to do After You’ve Been Infected

1. Avoid clicking on any ads or pop-ups that you are presented with. Check for updates for your security software
2. Reboot your computer in safe mode by pressing F8 at the BIOS screen when you start your computer
3. Run your spyware and antivirus scans to check for issues. Be sure to select ‘Full Scan’ so that your entire hard drive is checked.
4. Check your Program Files folder for any new folders that may have appeared. Try uninstalling those programs with the Add/Remove Programs in your Control Panel. In some cases, simply uninstalling the foreign software will solve the problem.
5. Reboot your computer, and run another full scan to see if there are still any spyware/viruses lurking about.
6. Check Your Windows Processes for anything that looks suspicious. Any unfamiliar process names that are comprised of random combinations of letters and numbers might be red flags. Do a Google search of the process name and see what comes up. If it is indeed spyware, you will likely find resources that will confirm it.
7. If you’ve determined that it is indeed spyware, try searching your computer for it, and then end the process and delete the .exe. If it automatically starts up again, youíll have to reboot your computer in safe mode to delete it.

By using all of the aforementioned precautions as well as removal methods, you should be able to completely rid your PC of any and all spyware, and have it running back to capacity. Even though some spyware is more or less just an inconvenience, other types are very malicious and designed with the sole purpose of robbing you.

Having a computer free of spyware is very important for your personal safety as well as your peace of mind. With a clean PC you can surf the web, shop online, and even do your banking with confidence. And you wonít have to deal with the slowed down performance often associated with spyware using up too many system resources.