Home

Complete Computer Solutions

Phone 01950 469058 Mobile 07881 715560 e-mail:

		How can infection be prevented ?

There are a few simple things you can do to help prevent infection

Keep your operating system up to date
Increase your browser security settings and consider using a third part browser such as Firefox
Only download software from sites you trust
Use anti-virus/spyware software and a software firewall
Use a good quality ADSL/router with a built in hardware firewall

Click here to see an independent review of free anti-spyware software

Click here to see an independent review of commercial anti-spyware software

		Newest additions and updates of spyware parasites (including links to removal instructions)

IE AntiVirus
IE AntiVirus (also known as IE AntiVirus 3.2) is a new rogue anti-spyware program - a fake spyware remover, which uses scare tactics to intimidate the user into buying it's fake full version. IE AntiVirus is a clone of MalwareBell, FilesSecure and IEDefender. Having said that, it's no different than any other rogue on or off the list: IE AntiVirus uses trojans, such as Zlob or Vundo, to enter the system, upon which it uses popups and fake system notifications to falsely inform the user that he is infected and therefore needs an anti-spyware program to dispose of the infection. IE AntiVirus is a scam and should be treated as such: do NOT download or buy it and block IE AntiVirus.com using your HOSTS file.

Antivirus 2009
Antivirus 2009 is a new rogue anti-spyware program. It is also a clone of Antivirus 2008 - also a rogue, and one that's produced more clones than any other recently. The list of these clones is long: System Antivirus 2008, Ultimate Antivirus 2008, Vista Antivirus 2008, XP Antivirus 2008 etc. Like any other of it's predecessors, Antivirus 2009 uses trojans, such as Zlob or Vundo, to spread. These trojans lurk in porn/warez websites disguised as video codecs, and, upon entering the system, floods the user with popups and fake system notifications, supposedly to inform him of an infection. While the system at hand may indeed be infected, Antivirus 2009 will inform the user of this regardless of whether it's true or not. The point of this disinformation is to convince the user he is infected and therefore needs an antispyware program to dispose of the threat. The user might click on one of the popups or notifications, all of which claim they will take him to a legitimate security tool, but try to make him purchase Antivirus 2009's "licensed version" instead. Antivirus 2009 is a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

WinSpywareProtect
WinSpywareProtect is a rogue anti-spyware program, which, not unlike any other, infects the system by using trojans, such as Zlob or Vundo, and uses popups and fake system notifications to prove to the user that he has a problem and needs a program to dispose of it, the program being WinSpywareProtect. These are, of course, completely fallacious statements, and are produced with a sole purpose: to scam the user. WinSpywareProtect is a scam and should be treated as such: do NOT download or buy it and block WinSpywareProtect.com using your HOSTS file.

Antivirus2008
Antivirus2008 is a corrupt anti-virus tool that is widely promoted as a legitimate security application. In truth, it is nothing more than another scam of the countless army of malware parasites attacking computers via internet, daily. Antivirus2008 (also known as Antivirus 2008) is distributed through malicious websites that sell other fake anti spyware tools as well. Antivirus2008 is an unreliable program that displays exaggerated scan results in order to gain a purchase. DO NOT trust this scam and remove Antivirus2008 ASAP if you've been infected.

AntiVirusPro
AntiVirusPro is another misleading corrupt anti-spyware tool, known for professional money-milking. It is a counterfeit program that tries to steal your money by showing you exaggerated error reports and asking you to buy its "full" version. DO NOT trust these scammers, and remove AntiVirusPro immediately if you have encountered this threat in your system.

XPAntivirus
XPAntivirus should be actually called XPVirus, as it is an unwanted corrupt anti-spyware application that infiltrates users' system via false and misleading advertising. Once inside, XPAntivirus 2008 will try to trick you into buying it by claiming you have been infected with spyware and then showing you falsified error reports. XP Antivirus 2008 does not remove any spyware, not does it do anything useful at all. It is designed to milk money from unsuspecting internet surfers. So act accordingly: remove XP Antivirus Protection from your computer immediately!

Internet Security Deluxe
Internet Security Deluxe is a rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. These trojans typically lurk in porn/warez websites, disguised as video codecs. Internet Security Deluxe relies on misleading advertising (popups, fake system notifications) and falsified system scan reports to convince the user he is infected, and therefore in need of an anti-spyware program. Internet Security Deluxe is a scam and should be treated as such: do NOT download or buy it and block internetsecuritydeluxe.com using your HOSTS file.

Infector Trojan
There are no doubts about how dangerous this parasite is. The Infector Trojan is always a tool of the great destruction in the hands of the hacker. After sneaking into the machine, this pest performs a set of actions, which always result in different problems. The main problem is that the anonymous hacker is able to control the infected system remotely; he or she can steal various pieces of important data (passwords, e-mail messages, etc.) or install other malicious programs.

Antivirus XP
Antivirus XP is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as Zlob or Vundo, to enter the system. This parasite is a clone of Antivirus 2008, which has been very popular recently - this is more than evident when you count all the clones Antivirus 2008 has produced over the past few weeks. Antivirus XP uses popups and fake system notifications as a means to intimidate the user by leading him to believe he is infected. This is usually false information, but this method is used to create a reason for the user to buy an antispyware program (to be more precise - Antivirus XP). Antivirus XP is a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

AVMaster
AVMaster is a new rogue anti-spyware program. It's essentially a fake spyware remover, which uses trojans, such as Zlob or Vundo, to enter the system. These trojans typically lurk in porn/warez websites, disguised as video codecs. AVMaster floods the user with popups and fake system notifications, supposedly to "inform" him of an infection or multiple infections present on the system. AVMaster neither has the ability to detect spyware nor dispose of it, therefore this information, while it may be true by coincidence, is not to be taken seriously. This is just a method AVMaster uses to trick the user into purchasing it's "licensed version". AVMaster is a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

AntivirusMaster
AntivirusMaster is a new rogue anti-spyware program and a clone of Antivirus 2008 along with quite a few others. This parasite is a fake spyware remover, which uses trojans, such as Zlob or Vundo, to enter the system. AntivirusMaster uses misleading popups and fake system notifications to convince the user he is infected and therefore in need of an anti-spyware program. Not just any program either, but AntivirusMaster. This program is no more than a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

Elhacker Keylogger
From the publisher: 'Ejecutar teclass.exe en el ordenador victima. Se crea un txt en la carpeta c:windowssystem Este txt contiene las teclas caputradas. El nombe del txt es notn?, donde n? corresponde al numero de not's.txt que se van creando. Muy f'¡Â£Â©l de usar pero a su vez muy potente Tambi'©Â®Â guarda la ventana de donde ha guardado a captura.'

Gabest Media Player Classic
It is an illegal advertising program that secretly works in background and displays undesirable commercial information. Gabest Media Player Classic shows advertisements in numerous pop-ups, web browser windows or toolbars. It can get into the system from unsafe web sites. Some ad-supported applications include it as a component. Gabest Media Player Classic doesn't possess any serious threat to the system security, but may severely violate user privacy.

Pakes Trojan
Trojan.Win32.Pakes.bqb is a malicious security threat that is responsible for infecting systems, disabling vital security settings and making way for more malware into your computer. Unsecure websites with embedded malicious code are primary sources of Trojan.Win32.Pakes.bqb infections. If you have been infected with this parasite, use our recommended anti-spyware software to remove Trojan.Win32.Pakes.bqb.

TheRegistrySentinel
TheRegistrySentinel is a rogue registry cleaner. It's essentially a corrupt registry error fixer, which uses trojans, such as Zlob or Vundo, to enter the system. This parasite floods the user with popups and fake system notifications to mislead the user by claiming he has errors in the Windows registry. While this may actually be true, TheRegistrySentinel has neither the ability to detect these errors, nor remove them. TheRegistrySentinel is a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

SpyBro
SpyBro is a rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. Once inside and active, this parasite will flood the user with popups and fake system notifications, supposedly to inform him of an infection. This information is false, but creates a reason for the user to buy the parasite's "licensed version", which is just as fake as the trial. SpyBro is a scam and should be treated as such: do NOT download or buy it and block it's homepage using your HOSTS file.

Antivirus2008Pro
Antivirus2008Pro is a corrupt anti-virus tool that is widely promoted as a legitimate security application. In truth, it is nothing more than another scam of the countless army of malware parasites attacking computers via internet, daily. Antivirus2008Pro (also known as Antivirus 2008 Pro) is distributed through malicious websites that sell other fake anti spyware tools as well. Antivirus2008Pro is an unreliable program that displays exaggerated scan results in order to gain a purchase. DO NOT trust this scam and remove Antivirus2008Pro ASAP if you've been infected.

AntiSpyCheck
AntiSpyCheck is rogue security application and although it claims to be spyware scanner as well as spam filter and popup blocker, it's just another fake tool trying to relieve you from your money. Once in your system, AntiSpyCheck will flood you with fake notifications and popups about fictitious threats in your system, offering to remove it if you buy a full version of the program. Do not fall for that and follow our removal guide to get rid of it immediately. You should also add antispycheck.com (just another knockoff of AdProtect.com) website to your blacklist (your HOSTS file, for example).

Zinaps Anti-Spyware
Zinaps Anti-Spyware is a corrupt anti-spyware tool that presents itself as a legitimate spyware remover, while it actually infects the computer itself and tries to trick the user into buying its full version. Zinaps Anti-Spyware displays an excessive amount of pop-up ads that pushes users to download and purchase the program. DO NOT trust this parasite, as Zinaps Anti-Spyware is a scam designed to milk money from unsuspecting gullible users.

Windows Antivirus 2008
Windows Antivirus 2008 is corrupt security tool which is promoted as anti-spyware. WindowsAntivirus manipulates the name of Microsoft Windows operating system in order to make an image of legitimate application. Windows Antivirus 2008 is not related to Microsoft Corporation in any way. Windows Antivirus 2008 is typical rogue anti-spyware. It is distributed by trojans disguised as video codecs. WindowsAntivirus2008 displays loads of misleading system alerts and uses aggressive tactics to gain a purchase.

		Useful Links

2-Spyware.com ...

Mapping the Mal Web ...

Rootkit Information and Detection ...

Spyware Encyclopedia ...

Spyware Warrior ...

Wikipedia:WikiProject Malware ...

Windows Defender ...

What is the IMPact Index?

IMPact Index is a single metric (number) that enables security and messaging professionals to quickly and easily assess the aggregate, "point-in-time" risk posed by viruses, worms and other malware propagating thru real-time communication channels like IM, P2P, IRC, etc.

		Glossary of spyware types

Adware

Adware is ad-serving system built in computer program. It is used by software developers of ad-supported software, and displays disturbing advertisements whenever the program is running. It does not necessarily harm your computer but its activity can be annoying.

Click here for a list of known Adware Parasites

Cookie

A cookie is a small file used for storing INTERNET related information (such as login information, or previous activity on a web site).

Dialer

These can be really nasty as they use your modem to dial premium rate phone numbers from a host without the users knowledge. It is important to note that if you connect to the internet via broadband only then you cannot be affected by these.

Click here for a list of known dialers

Forced Download

This is a method by which spyware can be downloaded to a computer. Often you will be prompted to click a link which then opens a gateway (often by tempting the user with the promise of some free software) for the installation of malicious code to your PC. Often even if you do not click on the link the gateway can become active.

Hijacker

These attempt to take control of a host computers resources, typical web browsers.

Click here for a list of known hijackers

Keylogger

These monitor keyboard activity on a host computer. They can be very sophisticated and capture all keyboard inputs made by a user, including passwords, e-mails, chat room conversations, web site history, and a users use of programs.

Some of these are legitimate commercial programs installed by employers to monitor the computer use of their workforce (nice).

Click here for a list of known keyloggers

Rootkit

These sit deep within a hosts operating system disabling security features such as firewalls and anti-virus programs. The clever bit is that the fact that these are disabled will not be obvious to most computer users.

They are often used to mask the presence of other viruses/spyware which can then operate with impunity. So in effect a rootkit is a cloaking device for malware.

Click here for more information on rootkits

Rouge Spyware

This is software that pretends to be anti-spyware but is in fact quite the opposite and often will install spyware on a users computer.

Follow this links for a comprehensive list of rouge spyware

Click here for a list of known Rouge Spyware

System Monitor

These monitor a host computers activity without the users knowledge. The program encrypts the collected data in a file that can then be examined at a later date or the file can be e-mailed automatically to a third party.

Trojan Horse

These are malicious programs that get onto a computer by appearing to be something harmless or very desirable. Once installed they will usually open non standard computer ports and download spyware/viruses from remote servers. This can cause a snowball effect as the downloaded programs will often download even more malware to the host. Eventually the computer grinds to a halt.

Click here for a list of known Trojan Horses

		What exactly is spyware ?

The ASC [Anti-Spyware Coalition] drafted a definition of “spyware” in August 2005. The ASC defines “spyware and other potentially unwanted technologies” as those that “impair users’ control over material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; or collection, use, and distribution of their personal or otherwise sensitive information.”

“Spyware” is something of a grey area, so there’s no copy-book definition for it. However, as the name suggests, it’s often loosely defined as software that is designed to gather data from a computer and forward it to a third party without the consent or knowledge of the computer’s owner. This includes monitoring key strokes, collecting confidential information (passwords, credit card numbers, PIN numbers, etc.), harvesting e-mail addresses, or tracking browsing habits. There’s a further by-product of spyware where such activities inevitably affect network performance, slowing down the system and thereby affecting the whole business process.

The reason “spyware” is such a grey area is that it is really just a catch-all term for a wide assortment of malware-related programs, rather than a defined category. Most “spyware” definitions apply not only to “adware”, “pornware” and “riskware” programs, but also to many Trojan programs: Backdoor Trojans, Trojan Proxies and PSW Trojans. Such programs have been around for almost 10 years, when the first AOL password stealers appeared. However, at this time the term “spyware” had not yet been used.

Another reference to spyware is “Adware”. In this case, spyware can exist in the form of malicious backdoor programs that open up ports, initiate an ftp server, or collect keystroke information and transmit it back to the attacker. Spyware can exist in the form of legal (and acceptable) commercial applications that give network administrators a great deal of power both over what they can affect, and see happening on managed systems.

Although such programs are not new, their use for malicious purposes has increased in recent years and they have received much greater attention, both from the media and from “spyware”-only vendors.

		What are the symptoms of spyware infection ?

Well if you use the internet you will almost certainly experienced some or all of the following

Sluggish PC Performance
Pop Up Ads
Mysterious tool bars that cannot be deleted
Changes to your web browser home page settings
Strange and sometimes disturbing search results
Computer crashes

		How does Spyware find me ?

Spyware can be picked up by carrying out seemingly harmless tasks and normal web browsing.

Activities like

Sharing music, files or photos with other users
Visiting media supported web sites
Opening spam e-mail or an e-mail attachment
Downloading free programs such as games, toolbars, media players, utilities
Installing mainstream software applications without properly reading the license agreements

		Useful Tools

HijackThis

HijackThis Log Analyzer Beta 2