Back to Your Profit Biz

Bookmark this Page!

Is Your Computer At Risk?

The Different Malware "Programs" That Can End Up on Your PC

By Bob Haslam

Adware.

The least dangerous and most profitable malware (profitable for its distributors, that is). Adware displays ads on your computer usually through installation of a cookie or as part of a free software program. The general idea that adware publishers hide behind is that if the user chooses to allow cookies or install infected software on his or her machine, it's not really malware, which is the defense that most adware companies take.

AOL Parasites.

An AOL parasite exploits certain AOL software vulnerabilities in order to attack or flood computers running it, steal particular passwords, account details and other valuable information of this software users, log all their keystrokes and capture online chat conversations. A typical AOL parasite is similar to the Internet worm and therefore is able to spread through messages with harmful links or infected attachments.

Backdoors.

Backdoors are much the same as Trojans or worms, except that they do something different: they open a "backdoor" onto a computer, providing an open network connection for hackers, malware to enter, or for viruses or spam to be sent out through. These programs open a port and make sure that it stays open for what ever the installer feels like doing with your machine--with out your permission of course.

Browser Hijackers.

A browser hijacker is a malicious program, usually a web browser plug-in that modifies web browser settings in order to change default home, search or error page and redirect a user to specific Internet sites. A browser hijacker also can record the different web pages that the user visits and send this information out through a backdoor Internet connection. Almost all browser hijackers are created for commercial, advertising or marketing purposes. Most browser hijackers are installed without explicit user consent and often have the ability to block their removal. All browser hijackers are security and privacy risks.

Browser Plugins.

Browser plugins can be harmful parasites or completely legitimate applications. Malicious browser plugins are very similar to spyware, adware and browser hijackers and often have some of their functions. They can be installed without explicit user consent and often block uninstall attempts. Some malicious browser plugins have feature rich toolbars and other additional tools, which often helps them to trick users into leaving them in the system, as such tools do not look related to actual threats.

Dialers.

Dialers dial telephone numbers via your computer's modem. Like keyloggers, they're only malware if you don't want them. Dialers either dial expensive premium-rate telephone numbers, often located in small countries far from the host computer; or, they dial a hacker's machine to transmit stolen data.

Exploits.

Exploits attack specific security vulnerabilities in software that resides on your hard drive. Microsoft is always announcing new updates for its operating system. More often than not, the updates are really trying to close the security hole targeted in a newly discovered exploit.

Flooders.

Flooders are programs that attempt to overload a server connection by sending overwhelming intrusive attacks such as: Denial of Service attacks, Ping of Death attacks, ICMP attacks, or http overload attacks. These programs are designed to shut down or severely disrupt a targeted website.

Keyloggers.

This nasty malware logs your keystrokes or whatever you type and either emails or directly sends the results to the installer. Malware keyloggers are out to steal sensitive information such as passwords and financial details and are usually used for financial or identity theft.

Mail Bombers.

A mail bomber can be installed on any computer connected to the Internet. It usually runs not on the affected system, but on the hacker’s PC. However, a mail bomber can also be installed on a compromised computer in order to use it as an illegal mail server. Mail bombers often get installed by other parasites like viruses, trojans, backdoors or remote administration tools. They get into the system without user knowledge and consent. Such mail bombers do not have any uninstall functions and can be controlled only by their authors or attackers. They use a huge amount of system resources and can easily crash an infected PC.

Rats.

A remote administration tool (also called a remote administration trojan) works in the background and hides from the user. It is similar to a backdoor, but does not replicate itself. The person who controls it can monitor a user’s activity, manage files, install additional software, control the entire system including any present application or hardware device, modify essential system settings, turn off or restart a computer, or completely reconfigure a system.

Rootkit.

The malware most likely to be installed by crackers (bad hackers) on other people's computers. The rootkit is designed to camouflage itself in a system's core processes so as to go undetected. It is the hardest of all malware to detect and to remove. Many experts recommend completely wiping your hard drive and reinstalling everything fresh, although some anti-virus programs can detect and remove some of these. If you have more than one MBR (Master Boot Record) on your PC, you probably have a root kit installed--without your permission of course.

Sniffer.

A sniffer is a computer program that monitors and analyzes network traffic transmitted from one network location to another. A sniffer captures each packet sent, decodes it and allows its user to view its content. It is a networking tool used by system administrators and network managers, who use it for troubleshooting and monitoring purposes or to detect network intrusion attempts. A sniffer is not a parasite or viral application. Sniffers also can be used by malicious persons to intercept and steal user sensitive information transmitted over a network--including a home network. This information can be various login names, passwords, bank account details, credit card numbers, identity details and other valuable data that is not strongly encrypted. A sniffer can be installed on any computer connected to a local network. It often runs on a hacker’s PC, as a person who sniffs must be located between packet sender and recipient. A sniffer can also be installed on a compromised computer in order to intercept network traffic of both remote and local computer users.

Spyware.

Spyware is software that spies on you, usually tracking your internet activities in order to serve you targeted advertising. It is possible to be both adware and spyware at the same time.

Trojans.

A dangerous kind of malware that is designed to rapidly spread itself. While Trojans rarely destroy computers or even files, that's only because they have bigger targets: your financial information, your computer's system resources, turning your computer into a spam email server, and sometimes even massive denial-of-service attack launched by having thousands of computers all try to connect to a web server at the same time. Some variations are next to impossible to remove from your PC and can only be isolated in your anti-virus vault along with the infected files.

URL Injectors.

This software "injects" a given URL in place of certain URLs when you try to visit them in your browser. This is also known as a "browser hijacker". Usually, the injected URL is an affiliate link to the target URL. An affiliate link is a special link used to track the traffic an affiliate (advertiser) has sent to the original website, so that the original website can pay commissions on any sales from that traffic. Url injectors can also be used to steal affiliate commissions from the infected PC.

Viruses.

Viruses are self-replicating programs that can range from a minor annoyance to totally destroying your computer. They can be spread in several different ways such as by email, on media disks, or by visiting a malicious web site. New viruses are released daily and there are now over 50,000 known viruses.

Wabbits(also called a Nuker).

Wabbits are not an Elmer Fudd mispronunciation ( Warner Bros. cartoons) in case you have never heard of one. Wikipedia states that wabbits are rare malware programs. It's not difficult to see why they are so rare: they don't spread to other machines. A wabbit replicates itself like a virus, but it does not have any instructions to email itself or pass itself through a computer network in order to infect other machines. This malware is designed to focus on rendering a single machine useless and is also sometimes called a Nuker.

Worms.

A variant of viruses. The difference between viruses and worms is that viruses hide inside the files of real computer programs (like the macros in Word or the VBScript in many other Microsoft applications). Worms do not infect a file or program, but they do work well on their own.

Protecting Your PC

Malware is more than plentiful on the internet and getting worse each day. A local TV station recently purchased a new "clean" computer and tested it online for only two hours by randomly surfing. After the two hours were up, they checked the new PC to see how much malware was picked up on this machine. They were astonished to find out that over 350 separate malware programs were now residing on the brand new hard drive! Not good for your online privacy or peace of mind to say the least. Five years ago, all you needed to be safe online was an anti-virus program. Now you also need a firewall and anti-spyware software to stay safe.

Firewall.

This is the first step needed to be taken to help protect your PC. I have several computers that are used for various online activities. One of these is used 24/7 for traffic exchange programs to drive traffic to several websites that I own. This particular computer has been hit by almost all of the above (no wabbits or worms, but the rest were on the hard drive at various times until removed) due to this high risk online activity. I tried several different firewalls with poor results and switched firewalls about five months ago. There hasn't been a problem since. Zone Alarm ® nailed all the open ports shut permanently and has saved countless hours of malware removal on this machine. Zone Alarm has helped free up time for more important tasks. Download ZoneAlarm Pro Here

Spyware Protection.

You need to do more than just scanning for spyware and adware to protect your PC. You also need to prevent unwanted software from coming back. One effective way to prevent spyware and adware from returning is to install an anti-spyware prevention program such as:

SpywareBlaster
SpywareGuard

SpywareBlaster and SpywareGuard are great, free programs from JavaCool. You should install and use both, as they protect your PC in different ways. SpywareBlaster "inoculates" (blocks) your Internet Explorer browser against the installation of unwanted spyware and adware from the internet. SpywareGuard actively monitors your PC and prevents spyware infestations. Both are easy to install and update.

Spyware Removal.

Finding a good spyware removal program can be a daunting task. There are well over 250 programs on the market. Unfortunately, around 200 of these do not meet advertising claims. In fact, some of these so called "spyware removal" tools actually add spyware or ad-serving software to your hard drive. Some even provide false removal information and most of these use high pressure sales/scare tactics. The sad truth is that there are only a handful of reputable anti-spyware products available. Spywarewarrior.com has a list of these crappy programs available. You should be very wary of purchasing any spyware program on this list and consider replacing them as soon as possible if they are already on your hard drive. There is another problem with even the reputable anti-spyware programs. They simply do not detect all spyware. The spyware and adware writing programmers are out-pacing the spyware removal programmers with increasingly more sophisticated malware programs. Independent testing has shown that even these proven programs can miss between 15% and 50% of spyware on your PC. It seems as though the spyware removal companies are reluctant to share new threat finds with each other--not wanting to give up any of their market share. Most objective security experts agree that you need at least 2 spyware removal programs to stay relatively safe. Three spyware removal programs increase the odds that you may find all spyware residing on your PC. If you cannot afford to purchase 3 spyware removal programs, there are 2 good free programs available. Spybot Search and Destroy is an award winning free removal tool that seems to find spyware that other removal programs miss. Ad-aware SE Personal Edition is another good free spyware program to help protect your PC.

To help keep your computer safe, you should also have a good commercial malware/spyware removal program also. The top programs usually use a yearly subscription for their customers with free updates. The following "pay for" spyware removal programs found and removed the most malware during recent testing:

Spyware Doctor
Webroot Spy Sweeper

Copyright © 2005 Bob Haslam Your Profit Biz  This article may be freely used as long as the author's information and the links are retained as is and the content is not altered.