years ago I wrote the first article called Protection
For Your PC. and the second Protection
For Your PC – Part 2 almost 6 months ago. All of
that information, though 6 months and 2 years old respectively, applies today.
However, in the past 2 years since I wrote the first article, the nasties have
become nastier, the ID theft more rampant, and the scumware writers more adept
at creating Spyware, Malware and other Scumware that is harder to detect and
more invasive into your private life.
gains have been made against this evil that has entered our lives with the
computer age, there are still plenty of scumware writers out there producing
junk to make your life miserable. The scumware writers took a hit when
Microsoft introduced Vista last year,
but they are rapidly trying to get back their hold on the Internet and more
needs to be done to stop them.
evil that was in its infancy a little over 2 years ago, has now been perfected
by the scumware writers to be a large part of the Malware on the
internet. Rootkits are
what I am talking about here, as well as RATs (I know everyone uses acronyms
these days but I will explain what they mean.):
A Rootkit is computer code designed to hide other
computer code (usually malicious) inside it. If you have a rootkit on your
system, it will load before Windows loads in the boot-up sequence, preventing
Windows from ‘seeing’ it so that it will not appear in the File Manager or be
under the control of your Windows OS. The rootkit then can operate
independently of Windows even taking control of Windows. Rootkits
have been used for non-malicious purposes for quite some time, but in this day
and age they are used almost exclusively by the scumware writers to make your
said above,inside a Rootkit is
malicious computer code which could be anything: adware, spyware, or a program
designed to irritate you with pop-ups, and though it is not good for you, they
are less malicious than the inner code that is so destructive these days: RATs (Remote Access Trojans).
RATs (Remote Access Trojans), are also called ‘backdoor trojans’ because they open a ‘backdoor’ on your system. Once open, all of your
private information flows through this backdoor
out to the internet without leaving a trace on your PC. The author of the
RAT receives your personal identifying information, usually including financial
details, credit cards number(s), bank account(s), passwords, and all other
sensitive information on your hard drive. When they get this, they then have
the ability to impersonate you, use your credit card(s), empty your bank
account(s) and even commit future crimes IN YOUR NAME while using your
identity. This is a very lucrative business for them because they can
also sell your personal information on the Black Market getting large sums of
money for the information.
“How does a Rootkit or RAT get into my computer?”. The answer is “easily”.
They can be downloaded as part of a software package or in an email, they can
be a result of an attack by a trojan, or by you clicking on a link or an
innocuous banner or advertisement on an infected web page and lastly by a Drive-By
download. A drive-by download occurs when you innocently visit an
infected website and the website automatically downloads some computer code to
your PC. This is all done silently, without you knowing any of it has
occurred. You find out only when you receive the bills from your credit
card company or check your bank account to find nothing there.
you are either afraid of Rootkits and RATs, or you are
doubting that this will happen to you. You should take the high road and
be afraid rather than
taking the position that it won’t happen to you. Many people who doubted their
vulnerability to this form of Malware, are now trying to put their lives back
together after losing everything. Yes EVERYTHING! A criminal who dropped a RAT on their PC through
one form or another, has maxed-out their credit cards, emptied their bank
accounts, cashed in their retirement funds, sold their house, car(s) and other
assets, as well as impersonated them anywhere the criminal could possibly get
money in the victim’(s) name, leaving the innocent victim penniless and living
Now that I have your attention, there are some easy ways for you
to practice safe computing. These methods are never 100% effective, but
they definitely lower your risk of infection, significantly. You are the only person
who can prevent this happening, because you are the one who can take the
necessary precautions. The first line of defense is the easy part.
For your computer:
Keep all of your software up-to-date including Windows, Office and
all your third party programs.
Download and install all the patches as soon as you are notified
If there is a new version of a software program that you have on
your PC, download and install it,
If you hear of a work-around for a vulnerability that has not been
patched yet from a reputable source, use
2. set your Antivirus software to update automatically either continuously
or daily. If you do that, you will find that when there is
an update you will get it when it is released.
3. obtain an AntiSpyware program that you can run at least once a
week to check for any
malware on your system.
Keep the AntiSpyware program
up-to-date as often as your AV program.
sure you have a Firewall
if possible have a
bi-directional Firewall so that it will notify you if there is a file or
program on your PC attempting to contact the internet. Many programs like web
browsers and email have to contact the internet to function, but it is the
other programs that you need to watch.
set the updates for your Firewall the same
as your AV software, so if an update is released you can download and install
5. If you use XP, make sure it is SP2.
Upgrade to Sp2 as necessary and
keep it up-to-date.
6. Upgrade IE 6.0 to IE 7 for better security.
Download and install all
updates for IE 7
7. In both Windows XP and Vista you
can use a hosts file
to protect your computer. The hosts file prevents your computer from connecting
to any of the bad sites that are listed in it. Please see the instructions for
both XP and Vista here
1. Use the most updated copy of your Email program.
2. If a new version of your email program is released, download and
install it as soon as you hear about it.
3. Use a spam filter in your email program but **make sure you check
the spam folder for email that you want that has been marked spam in error.**
4. Hover your mouse over the links in any email and check the URL in
the status bar of your email client. You will often be able to determine if the
link is legit in this way.
5. Don’t click links in the emails you receive, even if the email is
from someone you know they will often redirect you to a bad site. Phishing
emails are often sent from someone in your address book because they have been
previously infected with the scumware.
6. Watch for phishing emails from places that you deal with such as
eBay or PayPal. If you check in your account messages at that particular
website eg My Summary/Messages at eBay you will find a copy of the email, if it
For Safe Surfing:
1. Do not click on banners, advertisements or links on a webpage
unless you know where the link is going to.
2. Hover your mouse over any link, banner or advertisement and look
at the URL that will appear in the status bar of your browser to make sure the
link is taking you to a safe website.
3. Even if a website is supposed to be safe, it may have been infected
with scumware and links to the bad sites embedded in the pages. Be aware of
this so that you will notice anything that is abnormal.
4. Surf with caution, anything that seems odd probably is. Avoid
ignoring your ‘gut feelings’ about something on the internet, if you think it
might be bad, then don’t go there.
5. There are many more things you can do to keep yourself safe while surfing but they are for another article.
Not every infection is a Rootkit or RAT, and not all will require
a format, there are many out there that don’t. If you think your PC is
infected, the first thing you need to do is get help! There are a number
of forums staffed with trained volunteers that are there to help you identify
what has caused your infection and help you clean your computer.
Unfortunately, these forums can be very busy and often are backed up with other
victims. It sometimes takes time before you receive the help you need,
but bear in mind, the staff are volunteers and you will get their undivided
attention, when they get to your problem. A list of these forums is
Please follow the instructions you find at each forum, as not all
are the same. Then post what the forum has asked for, your problem, and
any helpful information you can think of. Then sit back and wait for a staff
member to help you. In my experience, those that tried to clean their own
PC without help, ended up spending far more time than they would have if they
had waited for help. Their PC ends up in a far bigger mess than if they had
waited at the beginning and it takes much longer to clean their computer than
it would have, had they waited. Often the victim has complicated things
by running every available tool they could find, which has removed vital
information that would have led the helper to the correct information on the
original infector shortening the cleaning process significantly. A helper will
be able to tell you if your computer requires a format, or if it can be cleaned
simply with specific tools the helper knows.
After your computer is cleaned or you have formatted, we would
appreciate hearing all about it at Malware Complaints. We are a forum
that helps you fight back against the scumware writers that have made your life
he**. We help you write letters to the media and your government asking
for legislation to prevent the criminals from taking over the Internet,
allowing all innocent people to surf safely without fear of infection.
Please StandUp and Be Counted To Fight Back against this scourge of the
I will be following with articles about Identity Theft, Rootkits
and RATs. Please stay tuned…