Beware of trojans/spyware etc

Hi all a cautionary tale of whats been happening to me.

It is very valid for SL users as with Lindens saying how secure there system is (don't know if i believe it) trojans and key loggers seem the most obvious reason peoples username and passwords are getting stolen, A trojan its named from the tale of troy its a little program not a virus which just opens a port or whole in your system to download other programs or give access to someone, a keystroke logger simply logs every key you type, and transmits it to someone.

Okay i'm a pretty careful computer user, we have 6 pc's in the house, and it doesn't matter the operating system I keep them updated.

My router has a pretty good firewall.
I have AVG virus killer installed (updated daily)
I have lavasoft adaware updated and run every other day.
Every fix Microsoft or my linux release comes out with I update it

Also every piece of email gets scanned by mailwasher and 99% deleted before I even download it
I also manually configure windows xp firewall for my particulare setup (its not the best but combined with the hardware router firewall its pretty okay)

So you would think im pretty protected?

Wrong

Things started going wrong on my pc, little things, problems, more than usual, these are my babies I look after them.

But by the end of it I was running a loosing battle, even formatting my pc's didn't help it cut down but didn't stop it.

All the pc's of the network had become infected with multiple spyware and trojans backdoor, keyloggers, you name it.

I started recieving emails from banks asking me to input my security passwords etc, now normally we ignore them they are called fishing spam (the hackers etc fish for your details by sending bogus warnings) alot of them were not even my bank...
But and this is where it gets scary and personal, the fishing emails started refering to me by my full name, my full address, thats like a stalker ringing you up at night and saying I know your phone number I know where you live.

Its been hell.
Imagine the following
not being able to surf the web because the urls and adverts have been hijacked
not being able to log in and check your bank balance incase a keylogger copies what you type in
not being able to go anwhere really.
not being able to log onto your online games or tell anyone on yahoo or a forum whats going on incase that info gets back to the people doing it.

To me this was more violating than rape, worse than a terror attack, in fact it was one, when you spend all your life on computers, when you think you know what your doing...


Its over as of this morning, alot of sleepless nights alot of hassle.

I uncovered a statistic that is pretty damn scary
Adaware from lavasoft only catches 40% of spyware

I found the best out there which is spyware doctor by pctools
and yes im putting a link here its free to test your system with them
to see how much is there.
Adaware(free) + spyware doctor will keeep you alot more secure.

I suggest everyone download the pctools spyware doctor and let it run on your system, its not a con its the top recommended spyware remover (adaware comes about 15th) by the computer sites etc you may be quite alarmed by what you find on your own system.

http://www.pctools.com/

Oh and if you think your safe on linux :/ think again, the comunal nature and open source of linux has meant although spyware and viri or trojans took there time to get started, your damned on that model too.

All my computers are now as secure as is possible in this day and age without disconnecting the internet.

Spyware Doctor isn't cheap its about $29.99 per copy and because of my honesty it cost me 130$ to cover all of my pcs one license per machine.
And once secure it didn't stop there I hadto redo and change, memorise new usernames and passwords for everywhere I went online..

We think it won't happen to me, but please listen up, criminals, organised crime and terrorists are begining to see the internet as a viable profit making and a viable target, the old days of walking in a bank and holding it up with a gun may be fading, but the new way of fishing for 50,000 peoples online banking details and then emptying there accounts, of accessing your most sorded details for blackmail, it isn't only the police you need to worry about knowing you go to the hardcore take it in the *** sites . its the people who would use it as leverage, Sims online, Second life, EQ2 etc are all now suffering from organised attacked by the criminal element, they have learnt virtual money can = big money real life.

all they need is one trojan on your system, one program logging every key stroke.

People have gotta wake up, its not the police who will look after you, its not your borders etc or army who will stop these guys, only you can protect your pc.

Now for torrents ...
I use torrents to download old films, tv series etc things you can't get elsewhere to buy, your pretty safe doing that, but I warn you all don't download games or applications, yesterday when I had my system secure I did a test.

IMPORTANT this was an educational test I do not in any way condone using pirated software or movies (I am happy to say all the operating systems, every game and every film in my house is original, no i don't have alot of money but I budget it for what I want
I downloaded 10 of the most populare applications, including an operating system, a virus killer, a spyware checker and art programs, I also downloaded 10 of the most recent hacked/cracked games on various torrents (i have a 16mb download connection)
IMPORTANT I did not run or keep any of these on my system I deleted them all this was an educational test.

I scanned them all, 8 of the 10 applications including the virus killer and spyware checker had trojans and backdoor access codes in them, 7 of the 10 games had trojans in them. lol even the hacked verson of windows xp professional had a spyware and keylogger built in .. oh and out of curiosity I downloaded 3 nodvd patches for games I own, all three had trojans :/

I won't be touching torrents from now on maybe im just unlucky, but the statistics are even spyware doctor the best out there can only stop 79% of the ***** the hackers etc are shoveling


Where do you think some the funds come for hardcore stuff like explosives, drugs and guns, these days alot come from online sources.

lets hear your horror stories, or thoughts, also post any results from spyware doctor.

Maybe im just unlucky, maybe all the internet hackers in the world and all the trojans decided I was a good "mark" lol.

It couldn't happen to you could it ?

My advice take the test and if you see any backdoor trojans or key loggers, clean your system DO NOT change your username or passwords until you have cleaned your system otherwise your just sending them your new info.

This is an Advertisement.

It is against the rules to run Advertisements from outside agencies in Second Life Forums

You have been reported.


Pretty long for your first post.

This is not an advertisement I do not work for pc tools and This was an honest warning to all.

Doh!

Okay Marisa uritsky is my alt, I just finished going through my chars to change passwords etc and this one was the one left logged in :/ My actual in game player name is Calranthe charlton (I own bizzare island)

And this was posted as info to people a warning and a hell i've just gone through.

My apology, I honestly thought I was logged in as Cal, I have posted this story on here and my own forum, i'm not an advertiser or someone affiliated with pctools, this is my experience from the last week.

And if you google yourself on pctools spyware like I hadto you will find out all the reviews and charts put it as number 1 or 2, counterspy usually is up there too but im not affiliated with that either.

this was simple because I don't want anyone going through what I did.

And hopefully lindens when they read it will see it.

Yes this is a scary tale but its a true one and something I don't want wish on anyone.

As sad as it sounds i'm beginning to believe getting rid of the forums may be a good idea, I come on here after little sleep and dealing with my pc's to tell everyone what happened.

Hopefully to save someones heartach and hassle, my wife told me yesterday of someone on SLboutique who got hacked etc.

And what do I get, accused of advertisement trolling.

What I actually feel bad about is and now i've got to tell all my friends about adaware, I used to recommend everyone to put that on there system, and NO im not related to that company either!

Adaware is good but It didn't catch any of the real nasty ones.

When you think all the work we put into SL, our accounts, designers, avatars, scripters, island owners, its far more than a game. I know how i'd feel if my account got hacked.

I'm not catering to fears this is actual events that happened to me, I used to be a computer consultant before I retired, all the pc's in the house I built myself, and this really tripped me up.

When I build pc's for friends I always put adaware and avg virus killer on them.

And money has nothing todo with my life on SL, I own an island but everyone that lives on that island, Zsusanna, Raven, Corvus, Storm and all the vendors, shop owners are there for free, its a haven its my friends.


And I just posted this to help people out.

Leave me a message in game if you want any info on this hassle, i'll give any advice I can, the only bonus that counterspy has over spyware doctor (the one I chose) is it has 15 day full functionality trial, only reason I chose SD was SD caught just a few more granted they were only minor cookie spyware and I didn't like the continual pop ups from counterspy (it asks you everything if a program tries sneeze on your registry a pop up comes up lol)

Well I believe you.. If you where running an advert here you would have put an id behind the URL .

On your topic:
Its easy to infect your system nowadays. Torrents, Usenet, irc leechers. A lot of these sources contain working cracks/hacks included with virus/spyware and other crap. But some dont and thats why we still love leeching!

I also use most stuff from firetrust (Mailwasher, benign,SiteHound http://www.firetrust.com (tell them I have send you so I get my bonus!)). It helps a lot but isnt perfect for all things. Spyware doctor is indeed a good piece of software just as SpyBot, AdAware and even MS Defender.

Now a good firewall (kerio) and virusscanner (nod32) is essential but what is most important is that person behind the keyboard. We are not 100% fool proof and therefor we need tools that try to do that for us.

BEST TIP: Change your password often and never ever give it out to anyone!

Thank you Marisa (incl alt?) for the kind information. I am sure we al need to be kicked again and again that al this can happen us all...

Take care and have a nice day!

/Tina - some wet after al rain that hitted us... its autumn comming.. in Sweden.

As someone who repairs/builds computers - personally, I thank you for putting such a warning out there. Just about every computer that comes across my desk is infected with some kind of spyware/adware/trojan/hijack. I clean them up, put every tool I can manage on the system and send it back out into the wild only to be sent back to me again in a couple of months, bogged down to the point where it takes 15 minutes for windows to boot and wont call up the right web page to save your life...I guess it's good return business in a way, but I worry about these people who send these systems to me and how much information they have GIVEN away.

Yes, none of the tools are 100 percent - PC World Magazine has run several articles and comparisons on this issue and suggest that a combination of tools is always your best defense - so don't fall into thinking that any one program is going to be a fix-all for the problem. From what I have read about the issue, some of these "adware" companies pay off the makers to "de-list" their products, others go to court and prove how they have "mended their ways" and force a de-listing - only to turn the engines back on once they have been de-listed. Don't be fooled, there is BIG money to be had in all of these bothersome issues and why they continue to plague us as they do.

The best thing you can do for your system, besides regularly running all the preventative tools, is to KNOW your system - are you getting unusual crashes? are programs taking too long to load? Are you getting strange pop-ups that all seem to come from the same place? Has your home page been changed? Are there extra characters in the address window of your home page? (yes, some of these sites can force you to load your home page in a pop-over!) - Knowing your system and seeing that something is not right is important in fighting against being taken like this. I've gotten systems in before that are so clean on the inside you could eat off of the parts, yet the hard drives look like they have invited every hacker/spammer/nut in the country into their system - why people will be meticulous about cleaning the outside and ignoring the inside is baffling to me.

And before you think about attacking the system and removing this stuff on your own - beware that some of these things set up camp in your registry file - and if you don't know what you are doing when you mess around in there, you will be formatting and re-installing anyway, because you can do serious damange there - besides, some of them set up camp in such a way that you have to remove several backup copies from the registry just to get rid of it - and if you don't, it will simply re-install itself on the next boot. I have seen these things make up to 14 backups in the registry before to assure that their tracker will stay on your system - so tell me that this is not an important issue - they certainly think it is!

Good advice and well needed - don't let a single response keep you from doing the right thing - and you did do the right thing.

I have had the same, Marisa, the windows spyware killer could not help me and i bought Spyware Doctor too, it has helped me but sadly got infected soon again.
Someone in game adviced me to not use Internet Explorer anymore but Mozilla Firefox wich is a free download. And yes, it works wonderful

I have Spyware Doctor and Norton running in the background, Windows firewall and my isp provider firewall enabled, and i only surf the net with Mozilla. No problems anymore

At US$30 a hit I'll run it and delete whatever it finds manually. Most were cookies which I clear out daily. A few URL's in my favourites collection were infected bu that's about it.

And for those who scan for & find spyware/viruses/etc :

UNPLUG your computer from the Internet before scanning. Some of these lil' suckers are "smart" in that they allow you to remove them but then go & Re-download themselves elsewhere.

I use Adaware does anyone here know how effective it is? It's free BTW.

only catches about 40% after running adaware I still had many dangerous progs on my system.

Agreed, some of these trojans etc are getting close to being expert systems.

While AI is still far off, you can have what is called an expert system, something which knows or is programmed with all contingencies about a certain subject, Oil drilling platforms I believe have Expert systems which monitor everything about oil pressure etc.

Now alot of these trojans or keyloggers morph or mutate call it evolution, they can hid in places, they learn from experience.

Keylogger (A) finds that hiding inside an email folder keeps it hidden as in it survives longer, that little piece of code gets propogated to its friends.

its simplified way of thinking about it but Trojan and viri scripters find it amusing to add a bit of fuzzy code, something like in english
This is normal
goto email folder
hide in file 3405
replicate 10 times
scan for lan computers
ftp to all computers on network
scan Yahoo messenger folder
hijack messenger protocols infect friends list
scan email list
hijack SMTP protocals infect

Thats pretty simple and virus killers will find its pattern ID it log it, quarantine it
BUT
fuzzy code means each of those lines can change shape, change language as it were, numerics etc.


The big problem I think is some idiot and believe me there is probably people working on it, could even be terrorists (after all the west is run on computers) creates a totally morphic viri/trojan, abit like the common cold, we can't cure it because it mutates and thousands upon thousands of strains exist, which adapts and changes faster than the viri labs can handle. especially with so many unprotected pc's out there.


AS for adaware its a good program BUT it doesn't catch alot of the bad stuff, 40% or so is about right.

The person above is right, Adaware + spyware doctor or counterspy or another one and you can sort of get combined protection.

one of the spyware santizing companies has this as there advertising logo
A virus can ruin your pc
Spyware can ruin your life

And that is how it is, worse happens with a viri is your drive gets wasted etc
Spyware can take your passwords, usernames, accounts finances, ebay your whole online life.
That isn't drama or fear tactics its true, if you have specific types of spyware on your system it will copy your details information your online life not just what sites you visit but your date of birth and address, sell it to criminals for identity theft, empty your bank etc

Some people don't like to think about it, but who else is going to protect you ? its totally upto you.

We take our online life for granted, if it was your house you would fit a security system if you lived in a dodgy neighbourhood, well people the whole online world in your neighbourhood, some good, some bad, in real life we lock our doors, shut our curtains but alot don't think that way about online.

I use spybot S&D, Adaware, and run a weekly scan at pcpitstop.com, as well as Avast antivirus.

No problems since I got the new computer.

Wow.




Anyway, another very good way to avoid a lot of nasty stuff is to stay as far away from Internet Explorer as you possibly can. Something else to keep in mind is that there are a LOT of "anti spyware" tools out there that will goad you into purchasing the software based on false positives, and some even install spyware themselves.

An excellent page which lists over a hundred of these applications:

http://spywarewarrior.com/rogue_anti-spyware.htm

Please search the page for whatever anti-spyware tools you use to make sure they are not on the shady side.

Thanks for the post, Marisa - and know that 99% of us see it for what it is.

Agreed on IE. I only use it when absolutely necessary.

Heh, I had a girl at work ask me how to remove MyDoom virus from her PC. She said ran an anti-virus check & it came up. WELL- turns out she used one of those "shady" websites that offer the Free scan of your computer & it told her she had MyDoom & should purchase their software to remove it. Luckily she had a friend come over & check. She had NO virus on her computer. Imagine that!!!

So the best defence seems to be using the following

An Anti Virus Norton Mcafee, or AVG
and 2 recommended spyware tools
Ad-aware
ewido anti-spyware
Pest Patrol
Spy Sweeper
Spyware Doctor
SUPERAntiSpyware
Windows Defender

because one on its own doesn't seem to find them all.

oh and a good firewall.

In 20 years online, I have never had an infection that wasn't promptly detected and dealt with.
This is because I take the threat of virii/spyware/malware seriously, and take steps to prevent it.

My current defenses:

Norton Internet Security Suite - AV & Firewall that work together - A lot of people have said that Norton isn't the best anymore, but I have NEVER had any issues with it, and I have been using the Norton tools since the DOS days.

Adaware Plus - Seems to get the job done, plus Norton also scans for spyware.

Mailwasher - this is a godsend - the folx at Firetrust earn my vote for one of the most useful anti-spam tools out there.

Firefox - using IE is basically like walking down a dark city street at night holding a big wad of cash in your hand. Firefox is a far superior browser, and it's code is much more robust.

I am sure that there are other packages & combinations that will protect your machine equally well, but this is what works for me.

Get a Macintosh.

-Ghoti

Sorry, but this isn't true.

Anyway, there are lots of steps that one can take to avoid downloading infected stuff. Don't use IE, as other people have said. Make sure all of your Windows patches are up to date. Don't download warez or ever run any .exe file you got from P2P. Don't use Outlook or Outlook Express (though they've gotten better recently). If somebody emails you a file, even if you know them, scan it first, and never ever open it if it's an application. Before you download any software, google for "<program name> spyware" first, to see if other people have reported that it contains spyware. For that matter, don't download random crap like Weatherbug at all - they'll just slow your system up anyway. And here's the number one tip:

don't let teenagers use your computer

or, if they do, don't give their accounts administrator access. If you have a partner who behaves like a teenager you might want to consider doing the same thing, or telling them to get their own bloody computer.

That's another tip that works, of course.

Linux being insecure? Yeah I guess if you don't do a yum update then it can be. I run Fedora Core 4 seems ok to me and I haven't had any issues. Just make sure you don't install services that aren't needed. As for me I use

AdAware
Spybot S&D
Hijack This

And that's about it, I clean up computers for a living, used computers for about 17 years and have experience with Networking, fiber optics, and have worked for 2 datacenters. I really use minimal protection and I think some common sense is what a lot of people are lacking. I don't understand how I clean someones system and then suddenly they are reinfected a few months later, what are these people doing downloading P2P programs and clicking "I accept" when a warning pops up saying "This will install spyware on your system" or something? Ignorance is bliss.

Folks...

Just stay off the porn sites, "free MP3" and "free movies". Do not reply to SPAM email or be too curious about what phishing sites do and 90% of malware will stay off your PC. Yes, we know you are doing it!

Last time I was infected (well my computer anyway) was back when I had a BBS running on my Apple ][e and someone uploaded a game with a boot sector virus (Ho Ho Ho and a Bottle of Rum - for those of you old enough to remember). 20+ years without getting screwed is not so bad, is it?

As mentioned by all before me...

Keep your system patched
Keep antivirus up to date
Keep antispyware up to date
Keep a properly configures personal firewall
Run only the services needed
Keep Informed

If it is too good to be true, it probably is...

No one gives out anything for free.

If you want to deal with crooks (stealing software, movies or music) you will pay the price for dealing with crooks.

If you have the technical expertise to run Linux, you are skilled enough to properly secure your Windows box.

If you do all the above and even if you are running Linux, Mac, Solaris, or OS/2 your box can still be 0wn3d by someone, so do not cry and reformat....

Watch your PC like you watch over your wife, husband, BF or GF and you will be fine, fine, fine!

Cheers,

PiN

OK, in all of this rather long thread with lots of pronouncements, let me add my own, which I would say is the most important (especially in a windows environment):

DO NOT RUN DAY TO DAY as an ADMINISTRATIVE USER.

If you can routinely install things with no effort - then so can the bad guys.

Before whining that this makes it impossible to get anything done, remember all you have to do to install something you really want is download it first, then right-click and do a "run as" and chose an actual admin user (and log on).

This also might make you stop and think half a second before trying out that warez from limewire, etc...

It's also good policy on Linux, Macs or whatever OS - run as a non-admin that can't install squat, and only invoke the power of the admin when you really need it.

Practically forcing a default admin user on people (to make it easy) is one of MS's biggest security gaffs.