Remove spyware manually :

Remove Spyware Manually using Add or Remove Programs

After your spyware removal program has failed to automatically remove the spyware, it is recommended that you reboot your computer and put it into "Safe Mode" by clicking F8 or Shift F8 simultaneously. By doing so, none of the spyware will be loaded into the computer's memory.

While in "Safe Mode" you can begin to manually removing spyware by:

• Clicking the "Start" button that is located on the bottom left hand corner of the desktop.
• From there, scroll the mouse up to the "Control Panel" button and double click this button.
• The Control Panel window will open, and provide you with a variety of tasks you can perform.
• Double click on "Add or Remove Programs"
• The "Add or Remove Programs" window opens and provides you with a list of programs installed on your computer.
• From here it is important to search for the spyware software that was installed onto your computer. Usually they will have names that are obviously associated with advertising such as Dealhelper or Bonzibuddy. You can highlight it by clicking it once.
• Then click the "Change or Remove" button, and follow the instructions to remove the spyware from your computer.
• Afterwards, it is recommended that the computer be rebooted again in normal mode.

From this point, you can run your spyware removal program again to make sure your system was completely cleaned.

Remove Spyware Manually Deleting Spyware Files

Another way to remove spyware manually from the computer is to research on the Internet the files that are specifically installed with a known spyware program.

From here it is just a matter of searching for these files, usually in your Windows "System" folder, and deleting them from there.

This method may cause error messages to appear when Microsoft Windows starts up, as Windows may attempt to run programs that no longer exist.

Remove Spyware Manually using HijackThis

It is also popular for many advanced users to download HijackThis and install it onto their computer.

HijackThis will return a list of all programs installed. You can also use it to manually remove registry entries installed by the spyware software.

Block Spyware Manually in Internet Explorer

Many spyware removal programs allow you to immunize your computer from further attack after it has been cleaned. You can also do this manually in Internet Explorer by blocking these sites as well:

• Start by opening the Internet Explorer browser.
• Click on the "Tools" button located at the top of left hand of the page.
• From this point it is necessary to double click on the "Internet Options" button, and a window will open up.
• From here click on the "Privacy" tab and scroll down to the "Edit" button at the bottom right side of the page.
• The "Per Site Privacy Actions" window will open and from here you can add the addresses of the websites that you which to block.
• Clicking "OK" twice will then save the changes you have made.

Protect my computer from spyware?

As if viruses, worms and spam haven't been bad enough, now Internet users must contend with spyware and adware. It may seem like privacy and security are something that is unachievable when using the internet, but there are ways to protect your privacy and the security of your PC

Spyware is a software program that intrudes into one's computer or network and collects and sends personal information to a third party (generally the owner of the spyware) who might have initiated the program that may be spying on your every Internet move. The information collected may include personal browsing patterns or something as sensitive as your username and various passwords. In a worst case scenario, this could mean a degree of identity theft. Unscrupulous companies sometimes make use of the stolen information to send unsolicited advertisements and other promotions either by pop ups or email and may include the passing of your Internet viewing habits to third parties for additional spamming.

Is their any Spyware in the PC?

Mostly spyware is installed in ways users may not realize so it may be impossible for the consumer to notice the intrusion. The first suspicion of a possible spyware attack often begins when some of the applications begin to run more slowly or when the system locks up on a frequent basis.

Generally a spyware program is installed on a PC using one of two primary techniques. 1) The user unintentionally installs the program by clicking on a link, which actually is attached to the installation of an executable file. 2) Sometimes Spyware installation may appear as an innocuous dialog box. However, any attempt to close the box by clicking the close button will actually trigger Spyware installation. In fact, if this situation occurs, the end user is left with no choice but to restart the system. An empty window with a title bar is a variation of the dialog box trap, where the spyware gets installed when the user tries to close the window.

Additionally, adware and Spyware might be bundled with freeware programs. For example, many of the free file-sharing programs include some form of spyware which is installed when the user attempts to install the original freeware program. Many user agreements for freeware will alert you to the fact that a Spyware program is part of the download, but most users don't take the time to read the fine print.

Once installed, spyware can transmit sensitive information as long as the user remains online. Also, once the spyware establishes itself in a PC, it is especially difficult to completely remove its effects.

Protection

Earlier, antivirus software didn't provide protection against Spyware simply because they were not classified as either a virus or worm. Secondly, Spyware will not actually damage the PC (even though it does decrease performance) or multiply and spread through the user's address book which is why it falls outside the general definition of a virus. However, things are changing and all major antivirus products today come with added Spyware protection. For example, the new versions of Norton AntiVirus 2006 and McAfee VirusScan, can catch many of the popular adware and spyware. Exclusive anti-Spyware software is also available. But, regular updates may be the best way to ensure you are eradicating all current Spyware programs.

Attack Prevention

The two easiest methods of preventing unwanted Spyware is to avoid clicking unwanted links and then thinking twice before beginning freeware installation. If you enjoy the benefits of freeware, make sure it is safe or free from any hidden danger by reading all of the user agreements. Most Spyware programs use popups to scam the end user so it makes sense to install a popup blocker to prevent those unwanted popups. If you see a suspicious looking popup consider rebooting your PC instead of clicking anywhere within the popup. Adjusting the browser settings and installing a firewall can also stop unwanted intrusion to a large degree.

What is spyware?

Spyware are programs, cookies, or registry entries that track your activity and send that data off to someone who collects this data for their own purposes. Usually, those people are marketing companies trying to collect information to help them sell better.

Spyware is usually installed quietly, or even secretly, when you install shareware applications.

Many people feel that spyware is a violation of their privacy.

Excessive spyware programs can slow down your Internet connection by filling the line with their traffic. They can also slow down your computer by using up available RAM and CPU cycles.

What is Tabjacking?

Tabjacking is a form of Internet threat. The tab feature in common Internet web browsers has paved a way for tabjackers to introduce malicious codes into user computers. Specifically, tabjacking refers to hijacking or an incident where a web browser tab falls under the control of an external party and the new tab is brought to a webpage that the external party is supporting or marketing. The controller of the code could also bombard the user with annoying advertising popups, and even worms, trojans and other parasites.

The Tabs Feature

Browsing with multiple tabs under a single window is a special feature now commonly found on today's browsers. The most common browsers that normally offer such features are Mozilla Firefox and Microsoft Internet Explorer 7.

Being able to open more web pages under a single window with the tabs feature makes it easier for users to navigate through the web. It also allows them to quickly switch between active tabs whenever the need to do so arises. However, the ease and smoothness of operations that opening tabs give users can also have its drawbacks. They can also be a weakness for hackers or adware companies to exploit at will.

How Tabjacking Works

The tabs feature has introduced a weak spot which could be utilized by malware as a means to infiltrate computer systems. Upon opening a tab, malicious codes and scripts could be run and executed to "hi-jack" the newly opened tab. The "hi-jacked" tabs will then display or load the adware or other unsolicited content. Quite possibly, tabjackers can also introduce viruses or other malicious content that could infect the computer. Such content will most probably be hidden among legitimate web content and thus detection of such intrusion is usually difficult.

Tabjacking poses a threat to computer users' privacy and security. This is especially true if a "jacked" tab pretends to be a legitimate website and induces the user to enter important personal information such as credit card numbers and passwords. Once a user unknowingly enters such important information on the fake webpage, they become easy victims for identity theft and Internet fraud.

Once a computer's tab has been hi-jacked, advertisement-based content that adware companies create could still persist in the infected computer system. Even if the user restarts or reboots the infected computer system, the tab-based adware could still execute and load without the user's consent.

Tabjacking is used by today's adware companies in response to the ever growing trend of browsing the Internet through in-window tabs. This form of threat is now being studied so as to be able to come-up with solutions and effective countermeasures.

Download Free Anti-Virus Software?

There are quite a few free anti-virus software programs that you can download for free.

Here are the ones we use and recommend:

• ClamAV
• ClamWin
• F-Prot Antivirus
• AVF Anti-Virus Free Edition
• AntiVir Personal Edition Classic
• avast! Home Edition
• BitDefender Free Edition
• BitDefender Linux Edition
• VCatch Basic
• Comodo AntiVirus

What is a logic bomb?

A logic bomb is a program, or portion of a program, which lies dormant until a specific piece of program logic is activated. In this way, a logic bomb is very analagous to a real-world land mine.

The most common activator for a logic bomb is a date. The logic bomb checks the system date and does nothing until a pre-programmed date and time is reached. At that point, the logic bomb activates and executes it's code.

A logic bomb could also be programmed to wait for a certain message from the programmer. The logic bomb could, for example, check a web site once a week for a certain message. When the logic bomb sees that message, or when the logic bomb stops seeing that message, it activates and executes it's code.

A logic bomb can also be programmed to activate on a wide variety of other variables, such as when a database grows past a certain size or a users home directory is deleted.

The most dangerous form of the logic bomb is a logic bomb that activates when something doesn't happen. Imagine a suspicious and unethical system administrator who creates a logic bomb which deletes all of the data on a server if he doesn't log in for a month. The system administrator programs the logic bomb with this logic because he knows that if he is fired, he won't be able to get back into the system to set his logic bomb. One day on his way to work, our suspicious and unethical system administrator is hit by a bus. Three weeks later, his logic bomb goes off and the server is wiped clean. The system administrator meant for the logic bomb to explode if he was fired; he did not forsee that he would be hit by a bus.

Because a logic bomb does not replicate itself, it is very easy to write a logic bomb program. This also means that a logic bomb will not spread to unintended victims. In some ways, a logic bomb is the most civilized programmed threat, because a logic bomb must be targeted against a specific victim.

The classic use for a logic bomb is to ensure payment for software. If payment is not made by a certain date, the logic bomb activates and the software automatically deletes itself. A more malicious form of that logic bomb would also delete other data on the system.

Worm Virus

A computer worm is a program which copies itself across a network.

A computer worm differs from a computer virus in that a computer worm can run itself. A virus needs a host program to run, and the virus code runs as part of the host program. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside.

Well known examples of the computer worm

The original computer worm was (perhaps accidentally) unleashed on the Internet by Robert Tappan Morris in 1988. The Internet Worm used sendmail, fingerd, and rsh/rexec to spread itself across the Internet.

The SQL Slammer Worm of 2003 used a vulnerability in Microsoft SQL Server 2000 to spread itself across the Internet. The Blaster Worm, also of 2003, used a vulnerability in Microsoft DCOM RPC to spread itself.

The Melissa worm of 1999, the Sobig worms of 2003 and the Mydoom worm of 2004 all spread through e-mail. These worms shared some features of a trojan horse, in that they spread by enticing a user to open an infected e-mail attachment.

Mydoom also attempted to spread itself through the peer-to-peer file sharing application KaZaA. The Mydoom worms attempted a Denial of Service (DoS) attack against SCO and Microsoft.

Protecting yourself against computer worms

Computer worms which spread through vulnerabilities in network services can best be protected against by keeping up-to-date in installing patches provided by operating system and application vendors. This includes worms like SQL Slammer and Blaster.

Computer worms which spread like trojan horses can best be defended against by not opening attachments in your e-mail. These infected attachments are not limited to .EXE files. Microsoft Word and Excel files can contain macros which spread infection.

Some people would say that the best way to protect yourself against computer worms is not to run Microsoft software. :-)

Boot Sector Virus

A boot sector virus is a computer virus which infects the boot sector on hard disks, floppy disks, and theoretically also other bootable media such as CD's and DVD's.

A boot sector virus does not need to be able to successfully boot the victims computer to infect it. Because of this, even non-bootable media can spread a boot sector virus.

Once the infected computer successfully boots, the boot sector virus stays in memory and infects floppies and other media when they are written to by the infected computer.

Boot sector viruses have become increasingly less common as floppy disks have become rarer.

Type Of computer Virus

Network Viruses

Network viruses rapidly spreads through a Local Network Area (LAN), and sometimes throughout the internet. Generally, network viruses multiply through shared resources, i.e., shared drives and folders. When the virus infects a computer, it searches through the network to attack its new potential prey. When the virus finishes infecting that computer, it moves on to the next and the cycle repeats itself. The most dangerous network viruses are Nimda and SQLSlammer.

Logic Bombs

The logic bomb virus is a piece of code that are inputted into a software system. When a certain and specific condition is met, such as clicking on an internet browser or opening a particular file, the logic bomb virus is set off. Many programmers set the malicious virus off during days such as April Fools Day or Friday the 13th. When the virus is activated, then various activities will take place. For example, files are permanently deleted.

Companion Viruses

Companion viruses takes advantage of MS-DOS. This virus creates a new file with typically the .COM extensions, but sometimes the .EXD extension as well. When a user manually types in a program they desire without adding .EXE or any other specific extention, DOS will make the assumption that the user want the file with the extension that comes first in alphabetical order, and thus running the virus. The companion virus is rare among Windows XP computers as this particular operating system does not use the MS-DOS.

Boot Sector Viruses

Boot sector viruses generally hide in the boot sector, either in the bootable disk or the hard drive. Unlike most viruses, this virus does not harm the files in the hard disk, but harm the hard disk itself. Boot sector viruses are uncommon at this day and age because these viruses are spread rapidly by floppy disks and not on CD-ROMs.

Multipartite Viruses

Multipartite viruses are spreaded through infected media and usually hides in the memory. Gradually, the virus moves to the boot sector of the hard drive and infects executable files on the hard drive and later across the computer system

What Is A Trojan Horse

A Trojan Horse Virus is a common yet difficult to remove computer threat. This is a type of virus that attempts to make the user think that it is a beneficial application.

A Trojan Horse virus works by hiding within a set of seemingly useful software programs. Once executed or installed in the system, this type of virus will start infecting other files in the computer.

A Trojan Horse Virus is also usually capable of stealing important information from the user's computer. It will then send this information to Internet servers designated by the developer of the virus. The developer will then be able to gain a level of control over the computer through this Trojan virus. While these things take place, the user will notice that the infected computer has become very slow or unexpected windows pop up without any activity from the user. Later on, this will result to a computer crash.

A Trojan Horse virus can spread in a number of ways. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users.

These emails contain attachments. Once the user opens the attachment, the Trojan Horse Virus immediately infects the system and performs the tasks mentioned above.

Another method used by malware developers to spread their Trojan Horse viruses is via chat software such as Yahoo Messenger and Skype. Another method used by this virus in order to infect other machines is through sending copies of itself to the people in the address book of a user whose computer has already been infected by the virus.

The best way to prevent a Trojan Horse Virus from entering and infecting your computer is to never open email attachments or files that have been sent by unknown senders. However, not all files we can receive are guaranteed to be virus-free. With this, a good way of protecting your PC against malicious programs such as this harmful application is to install and update an antivirus program.

How Trojan Works

Trojans usually consist of two parts, a Client and a Server. The server is run on the victim's machine and listens for connections from a Client used by the attacker.

When the server is run on a machine it will listen on a specific port or multiple ports for connections from a Client. In order for an attacker to connect to the server they must have the IP Address of the computer where the server is being run. Some trojans have the IP Address of the computer they are running on sent to the attacker via email or another form of communication.

Once a connection is made to the server, the client can then send commands to the server; the server will then execute these commands on the victim's machine.

Today, with NAT infrastructure being common, most computers cannot be reached by their external ip address. Therefore many trojans now connect to the computer of the attacker, which has been set up to take the connections, instead of the attacker connecting to the victim. This is called a 'reverse-connect' trojan. Many trojans nowadays also bypass many personal firewall installed on the victims computer (eg. Poison-Ivy).

Method To Remove Trojan

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, booting the computer from alternate media(cd) may allow an antivirus program to find a trojan and delete it. Updated anti-spyware programs are also efficient against this threat.

Trojan Horse

Trojan horse payloads are almost always designed to cause harm, but can also be harmless. They are classified based on how they breach and damage systems. The six main types of Trojan horse payloads are:

• Remote Access
• Data Destruction
• Downloader
• Server Trojan(Proxy, FTP , IRC, Email, HTTP/HTTPS, etc.)
• Security software disabler
• Denial-of-service attack (DoS)

Some examples of damage are:

• Erasing or overwriting data on a computer
• Re-installing itself after being disabled
• Encrypting files in a cryptoviral extortion attack
• Corrupting files in a subtle way
• Upload and download files
• Copying fake links, which lead to false websites, chats, or other account based websites, showing any local account name on the computer falsely engaging in untrue context
• Falsifying records of downloading software, movies, or games from websites never visited by the victim.
• Allowing remote access to the victim's computer. This is called a RAT (remote access trojan)
• Spreading other malware, such as viruses (this type of trojan horse is called a 'dropper' or 'vector')
• Setting up networks of zombie computers in order to launch DDoS attacks or send spam.
• Spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware)
• Making screenshots
• Logging keystrokes to steal information such as passwords and credit card numbers
• Phishing for bank or other account details, which can be used for criminal activities
• Installing a backdoor on a computer system
• Opening and closing CD-ROM tray
• Playing sounds, videos or displaying images
• Calling using the modem to expensive numbers, thus causing massive phone bills
• Harvesting e-mail addresses and using them for spam
• Restarting the computer whenever the infected program is started
• Deactivating or interfering with anti-virus and firewall programs
• Deactivating or interfering with other competing forms of malware
• Randomly shutting off the computer
• Installing a virus
• slowing down your computer
• displaying pornographic sites