Hi All,
This thread has been put together in the hope of providing useful computer related information to members. If you know of any useful information that could be added to this thread, please PM me or one of the other administrators.
We would like to thank member: Joem for putting together the posts regarding what is spyware, what is a virus, how to detect spies, what is a firewall and the list of virus and trojans.
The contents of this thread are as follows:
1. What Is A Virus?
2. What Is Spyware?
3. What is a firewall?
4. How To Detect Spies?
5. Spyware & Trojan List
6. How To Take A Screenshot?
Full Version: Useful Information
Get Paid Forum - Get Paid Discussion > Internet & Online Business Related General Interest Topics (Miscellaneous) > Internet & Computer Related Topics
What Is A Virus?
A virus is a file that can infect other files in a computer or a network and can produce undesired side-effects. These effects can range from harmless messages to data corruption or destruction. Some viruses can format your hard disk or destroy the FAT (File Allocation Table) and the disk directories, others can generate minor effects such as occasional displaying of on-screen messages, erasure or modification of data, music or interference or difficulties with printer output.
It is estimated that there are more than 25,000 known viruses in the computer environment. Possible sources of virus transmission are diskettes, CDs, network cables, telephone cables (with a modem) and the Internet.
Closely related to computer viruses are Trojan Horses and Worms.
A Trojan Horse is a program that performs some undesired action while pretending to do something else. One common class of Trojans are fake login programs - collecting accounts and passwords by prompting for this info just like a normal login program does. Another is a disk defragmenter that erases files rather than reorganizing them. A Trojan Horse differs from a virus in that the former does not attempt to reproduce itself.
A Worm is a self-propagating virus. The worm disguises itself as an email attachment. This attached file is the actual worm code, and it propagates by locating valid email addresses. The worm modifies wsock32.dll and patches itself into this file so that two APIs Connect() and Send() can hook into the worm’s code. Win32/SKA.A can see all network activities on the current machine. When someone posts an email message to another user or to a news server, the worm sends a copy of its email message with an attachment of its code. These types of chain letter worms are very successful because people usually trust messages they receive from friends and associates. 32-bit worms are much more successful than viruses that spread relatively slowly. A worm can infect 100000s of machines around the globe in a single day.
There are four main classes of computer viruses: file infectors, cluster infectors, macro viruses and system infectors. About 85 percent of all known viruses infect files containing applications such as COM or EXE files under DOS and spreadsheet programs or games. Cluster infectors modify the file system so that they are run prior to other programs, but they do not actually attach themselves to programs. The third category, macro viruses, are independent of operating systems and infect files that are usually regarded as data rather than as programs. System infectors store themselves in the boot sector on floppies or a master boot record (MBR) for hard disks and hence are invoked whenever the disk is used to boot the system.
A virus must be executed by someone, perhaps unwittingly, in order to spread. Such as booting from an infected floppy disk. System infectors are loaded each time an infected disk is used to boot the system. This can happen even if a disk is not equipped with the files needed to truly boot the computer, as is the case with most floppies. With PCs, the initial infection typically occurs when someone boots - or reboots - a computer with an infected floppy accidentally left in drive A. It is always a good habit to check and remove any floppies that might be in the drives before booting your machine.
We recommend that you take all necessary precautions with e-mail messages that include attached files. Unless you know its source, delete it without opening the attachment.
Viruses
We can differentiate the following types of viruses:
• Boot viruses
• DOS viruses
• Hoaxes
• Java viruses
• MS Excel viruses
• MS Word viruses
• PalmOS viruses
• Script viruses
• Trojan horses
• Windows viruses
• Worms
Types of infections
Damaging the hardware under Windows 95/98
Virus attacks took a big step in 1998 when the Win95/CIH became the first virus to damage system hardware, specifically the flash BIOS. CIH, like Win95/Anxiety, implements a PE infection mechanism based on VxD calls. Because the virus executes its damage routine in Ring0 (system level), you can't prevent the damage caused by the port commands (e.g. IN, OUT).
Infecting Kernel32.dll
Virus writers have written several Win32 viruses that attack kernel32.dll, which most PE applications load and use to access the most important Win32 API set, such as file functions. These viruses work by patching the export address of one exported API (e.g., GetFileAttributesA) to point into the virus code that the virus has appended to the end of the DLL image. Because 32-bit DLLs use the PE file format, virus writers can easily infect this type of file. These viruses can be per process resident (i.e., the viruses run actively as part of a process or several processes). As a result, each process that uses kernel32.dll, which is any process that uses the basic Win32 file functions and directory functions, links to the virus code. The infected DLL attaches to every program that has kernel32.dll imports. Whenever the application calls the API with the attached virus code, the virus code gets control in the address spaces of the infected application.
Every system DLL contains a pre-calculated checksum that the linker places in the DLL's PE header. Unlike Win95, NT recalculates this checksum before it loads DLLs and drivers. If the calculated checksum doesn't match the checksum in the DLL's header, the system loader stops with an error message at the blue screen during system boot. However, this doesn't mean that a virus writer can't implement such a virus for NT. The Win32/Heretic virus was the first of its kind to implement proper kernel32.dll infection. As a result, the virus ran on NT. The Win32/Kriz virus also used this method and uses the CIH damage routine, but the damage routine doesn't work under NT because the virus runs in Ring3 (user mode).
Kernel-mode driver viruses
This type of virus adds x number of bytes to the end of applications that run in user mode. The virus modifies the entry point so that it points to the start of the virus code. The virus tries to install the virus driver to the system and uses hard-coded IDs to call native APIs. It can monitor all file access and infect applications on the fly. It can infect anything it wants. Fortunately these kind of viruses are hard to program and are scarce.
Complex Win32 viruses
These viruses use polymorphic engines to make detection of virus code extremely difficult. Some implement polymorphic engines that can change the virus code from byte to byte in different generations. So you can't use a constant search string to detect the virus code unless you use antivirus modules such as code emulation. Another approach to polymorphic viruses is writing metamorphic viruses. These viruses consist of small modules that viruses can place in a virtually endless order using various sets of instruction sequences that differ in code but have the same result when executed. Several of these viruses consist of pieces of assembly code that is encrypted multiple times.
Counter measures
Infected DLLs can be hard to clean from the system because applications map these files from the disk to memory, and you can't modify these files once they load. Whereas you can boot an infected Win9x machine from a clean system diskette, it's much more complicated when you're using Win2000 and NT with NTFS. In these situations, you need to use utilities such as NTFSDOS that can boot the system for write access. Windows System File Checker (SFC) will fix the modified system components automatically. To use SFC, type sfc.exe from the command prompt. SFC is not a virus security feature, but it helps reduce the risk of spreading viruses under Win2000.
Backups of all software (including operating systems) should be made regularly.
Prevention includes creating user awareness, implementing hygiene rules, using disk authorization software or providing isolated 'quarantine' PCs.
Detection involves the use of anti-virus software to detect, report and disinfect viruses. See the Simply the Best Anti Virus page for programs.
Containment involves identifying and isolating the infected items.
Recovery involves disinfecting or removing infected items and recovering or replacing corrupted data.
Techniques to detect viruses
String search
The first step in detecting a virus in a file is to search for a unique piece of its code or of its data within files. This method is used for simple viruses. Although the string search technique is not considered foolproof it is still the basis of most anti virus programs.
Algorithmic search
This technique consists of determining whether a file has been infected by observing certain parameters that commonly appear in infected files.
Vaccination
This consists of recording file characteristics in the file itself or in separate files. This information is later used to determine whether the file was modified, which almost always implies a virus attack.
Investigation method
This method is very effective for unknown viruses and tries to discover viruses that are active in memory, but have not been discovered by a conventional memory scan. It basically consists of testing the virus so as to discover its
infection capacity.
Anti-stealth method
It consists of controlling the system resources first, before any other application, and therefore does not allow itself to be manipulated by other applications. This isolation system only makes sense when the virus is in memory, i.e. when it is active, as this is when we try to avoid the effects of the virus on the system.
Precautions
1. Be careful when downloading software or other items.
2. Don't run programs directly from the Internet unless you trust their source..
3. Avoid opening files attached to e-mail messages, unless you trust their source.
4. Scan new programs before running or installing them onto your system.
5. After you have an anti-virus program installed, keep it on auto-detect and keep the virus signature files up to date. Most programs offer an easy online updating option.
Disinfecting a virus
You should never work with a virus in memory. A virus or any other program can only get into memory when it is run. When you run an infected program, the virus is activated, and that is what we want to prevent by booting from a clean, virus-free boot diskette. When a virus is active in memory, it interferes with the operations performed and, at best, it could re-infect cleaned files if you go on working with the computer (without re-booting) after the disinfection is finished. Click here for the latest Anti virus software.
Some necessary program features:
A good anti-virus program will check RAM, boot sectors and system files. It should: have an auto-detect function which scans your system in the background, scan email attachments, documents and spreadsheets when opening them, enable you to scan any area of your system, on demand or scheduled. It should scan for all sorts of (unknown) viruses such as Trojan horses.
NEW CHANNELS FOR SPREADING
Beside the usual e-mail forwarding, the writers of viruses have found new channels to spread their ill intended work. We, being a shareware directory, even received the following submission:
Description - A New Special Report which explains one, How to Effectively Remove the Klez Virus from an Infected System, both by Automated and Manual Process.
Comes along with Rock-Solid Tips on How to Protect a System from the Potential Viruses and also provides Information about an E-book which explains about Virus Protection in depth.
OS - Windows 95/98/NT
category - Utilities: Antivirus
company - UltimateVirusProtection.com
download_url - http://www.ultimatevirusprotection/HowTo.exe
email - support@ultimatevirusprotection.com
fee - $0.00
full_url - http://www.ultimatevirusprotection/HowTo.exe
info_url - http://www.ultimatevirusprotection/howto.htm
name - UltimateVirusProtection.com
program_name - How to Make Klez Virus Writers Leave Their nice Work And Break Their Heads
size - 467k
version - 1
A virus is a file that can infect other files in a computer or a network and can produce undesired side-effects. These effects can range from harmless messages to data corruption or destruction. Some viruses can format your hard disk or destroy the FAT (File Allocation Table) and the disk directories, others can generate minor effects such as occasional displaying of on-screen messages, erasure or modification of data, music or interference or difficulties with printer output.
It is estimated that there are more than 25,000 known viruses in the computer environment. Possible sources of virus transmission are diskettes, CDs, network cables, telephone cables (with a modem) and the Internet.
Closely related to computer viruses are Trojan Horses and Worms.
A Trojan Horse is a program that performs some undesired action while pretending to do something else. One common class of Trojans are fake login programs - collecting accounts and passwords by prompting for this info just like a normal login program does. Another is a disk defragmenter that erases files rather than reorganizing them. A Trojan Horse differs from a virus in that the former does not attempt to reproduce itself.
A Worm is a self-propagating virus. The worm disguises itself as an email attachment. This attached file is the actual worm code, and it propagates by locating valid email addresses. The worm modifies wsock32.dll and patches itself into this file so that two APIs Connect() and Send() can hook into the worm’s code. Win32/SKA.A can see all network activities on the current machine. When someone posts an email message to another user or to a news server, the worm sends a copy of its email message with an attachment of its code. These types of chain letter worms are very successful because people usually trust messages they receive from friends and associates. 32-bit worms are much more successful than viruses that spread relatively slowly. A worm can infect 100000s of machines around the globe in a single day.
There are four main classes of computer viruses: file infectors, cluster infectors, macro viruses and system infectors. About 85 percent of all known viruses infect files containing applications such as COM or EXE files under DOS and spreadsheet programs or games. Cluster infectors modify the file system so that they are run prior to other programs, but they do not actually attach themselves to programs. The third category, macro viruses, are independent of operating systems and infect files that are usually regarded as data rather than as programs. System infectors store themselves in the boot sector on floppies or a master boot record (MBR) for hard disks and hence are invoked whenever the disk is used to boot the system.
A virus must be executed by someone, perhaps unwittingly, in order to spread. Such as booting from an infected floppy disk. System infectors are loaded each time an infected disk is used to boot the system. This can happen even if a disk is not equipped with the files needed to truly boot the computer, as is the case with most floppies. With PCs, the initial infection typically occurs when someone boots - or reboots - a computer with an infected floppy accidentally left in drive A. It is always a good habit to check and remove any floppies that might be in the drives before booting your machine.
We recommend that you take all necessary precautions with e-mail messages that include attached files. Unless you know its source, delete it without opening the attachment.
Viruses
We can differentiate the following types of viruses:
• Boot viruses
• DOS viruses
• Hoaxes
• Java viruses
• MS Excel viruses
• MS Word viruses
• PalmOS viruses
• Script viruses
• Trojan horses
• Windows viruses
• Worms
Types of infections
Damaging the hardware under Windows 95/98
Virus attacks took a big step in 1998 when the Win95/CIH became the first virus to damage system hardware, specifically the flash BIOS. CIH, like Win95/Anxiety, implements a PE infection mechanism based on VxD calls. Because the virus executes its damage routine in Ring0 (system level), you can't prevent the damage caused by the port commands (e.g. IN, OUT).
Infecting Kernel32.dll
Virus writers have written several Win32 viruses that attack kernel32.dll, which most PE applications load and use to access the most important Win32 API set, such as file functions. These viruses work by patching the export address of one exported API (e.g., GetFileAttributesA) to point into the virus code that the virus has appended to the end of the DLL image. Because 32-bit DLLs use the PE file format, virus writers can easily infect this type of file. These viruses can be per process resident (i.e., the viruses run actively as part of a process or several processes). As a result, each process that uses kernel32.dll, which is any process that uses the basic Win32 file functions and directory functions, links to the virus code. The infected DLL attaches to every program that has kernel32.dll imports. Whenever the application calls the API with the attached virus code, the virus code gets control in the address spaces of the infected application.
Every system DLL contains a pre-calculated checksum that the linker places in the DLL's PE header. Unlike Win95, NT recalculates this checksum before it loads DLLs and drivers. If the calculated checksum doesn't match the checksum in the DLL's header, the system loader stops with an error message at the blue screen during system boot. However, this doesn't mean that a virus writer can't implement such a virus for NT. The Win32/Heretic virus was the first of its kind to implement proper kernel32.dll infection. As a result, the virus ran on NT. The Win32/Kriz virus also used this method and uses the CIH damage routine, but the damage routine doesn't work under NT because the virus runs in Ring3 (user mode).
Kernel-mode driver viruses
This type of virus adds x number of bytes to the end of applications that run in user mode. The virus modifies the entry point so that it points to the start of the virus code. The virus tries to install the virus driver to the system and uses hard-coded IDs to call native APIs. It can monitor all file access and infect applications on the fly. It can infect anything it wants. Fortunately these kind of viruses are hard to program and are scarce.
Complex Win32 viruses
These viruses use polymorphic engines to make detection of virus code extremely difficult. Some implement polymorphic engines that can change the virus code from byte to byte in different generations. So you can't use a constant search string to detect the virus code unless you use antivirus modules such as code emulation. Another approach to polymorphic viruses is writing metamorphic viruses. These viruses consist of small modules that viruses can place in a virtually endless order using various sets of instruction sequences that differ in code but have the same result when executed. Several of these viruses consist of pieces of assembly code that is encrypted multiple times.
Counter measures
Infected DLLs can be hard to clean from the system because applications map these files from the disk to memory, and you can't modify these files once they load. Whereas you can boot an infected Win9x machine from a clean system diskette, it's much more complicated when you're using Win2000 and NT with NTFS. In these situations, you need to use utilities such as NTFSDOS that can boot the system for write access. Windows System File Checker (SFC) will fix the modified system components automatically. To use SFC, type sfc.exe from the command prompt. SFC is not a virus security feature, but it helps reduce the risk of spreading viruses under Win2000.
Backups of all software (including operating systems) should be made regularly.
Prevention includes creating user awareness, implementing hygiene rules, using disk authorization software or providing isolated 'quarantine' PCs.
Detection involves the use of anti-virus software to detect, report and disinfect viruses. See the Simply the Best Anti Virus page for programs.
Containment involves identifying and isolating the infected items.
Recovery involves disinfecting or removing infected items and recovering or replacing corrupted data.
Techniques to detect viruses
String search
The first step in detecting a virus in a file is to search for a unique piece of its code or of its data within files. This method is used for simple viruses. Although the string search technique is not considered foolproof it is still the basis of most anti virus programs.
Algorithmic search
This technique consists of determining whether a file has been infected by observing certain parameters that commonly appear in infected files.
Vaccination
This consists of recording file characteristics in the file itself or in separate files. This information is later used to determine whether the file was modified, which almost always implies a virus attack.
Investigation method
This method is very effective for unknown viruses and tries to discover viruses that are active in memory, but have not been discovered by a conventional memory scan. It basically consists of testing the virus so as to discover its
infection capacity.
Anti-stealth method
It consists of controlling the system resources first, before any other application, and therefore does not allow itself to be manipulated by other applications. This isolation system only makes sense when the virus is in memory, i.e. when it is active, as this is when we try to avoid the effects of the virus on the system.
Precautions
1. Be careful when downloading software or other items.
2. Don't run programs directly from the Internet unless you trust their source..
3. Avoid opening files attached to e-mail messages, unless you trust their source.
4. Scan new programs before running or installing them onto your system.
5. After you have an anti-virus program installed, keep it on auto-detect and keep the virus signature files up to date. Most programs offer an easy online updating option.
Disinfecting a virus
You should never work with a virus in memory. A virus or any other program can only get into memory when it is run. When you run an infected program, the virus is activated, and that is what we want to prevent by booting from a clean, virus-free boot diskette. When a virus is active in memory, it interferes with the operations performed and, at best, it could re-infect cleaned files if you go on working with the computer (without re-booting) after the disinfection is finished. Click here for the latest Anti virus software.
Some necessary program features:
A good anti-virus program will check RAM, boot sectors and system files. It should: have an auto-detect function which scans your system in the background, scan email attachments, documents and spreadsheets when opening them, enable you to scan any area of your system, on demand or scheduled. It should scan for all sorts of (unknown) viruses such as Trojan horses.
NEW CHANNELS FOR SPREADING
Beside the usual e-mail forwarding, the writers of viruses have found new channels to spread their ill intended work. We, being a shareware directory, even received the following submission:
Description - A New Special Report which explains one, How to Effectively Remove the Klez Virus from an Infected System, both by Automated and Manual Process.
Comes along with Rock-Solid Tips on How to Protect a System from the Potential Viruses and also provides Information about an E-book which explains about Virus Protection in depth.
OS - Windows 95/98/NT
category - Utilities: Antivirus
company - UltimateVirusProtection.com
download_url - http://www.ultimatevirusprotection/HowTo.exe
email - support@ultimatevirusprotection.com
fee - $0.00
full_url - http://www.ultimatevirusprotection/HowTo.exe
info_url - http://www.ultimatevirusprotection/howto.htm
name - UltimateVirusProtection.com
program_name - How to Make Klez Virus Writers Leave Their nice Work And Break Their Heads
size - 467k
version - 1
What Is Spyware?
To explain what spyware is, we'll first explain what adware is. Adware is 'freeware', whereby ads are embedded in the program. These ads will show up when you open the program. Most adware authors provide the free version with ads and a registered version whereby the ads are disabled. As such, you the user have the choice, you either use the freeware with ads served or you purchase the registered version.
Spyware, however, is published as 'freeware' or as 'adware', but the fact that an analysis and tracking program (which reports your activities to the advertising providers' web site for storage and analysis, the 'spyware' agent) is also installed on your system when you install this so-called 'freeware', is usually not mentioned. Even though the name may indicate so, spyware is not an illegal type of software in any way (see our analogy). But what the adware and spyware providers do with the collected information and what they're going to 'feed' you with, is beyond your control.
Hardware spyware
Nowadays spyware can even be found accompanying hardware you buy and install in your system. Yes, the software you install with hardware purchased from certain manufacturers (some even well-known) may include spyware agents.
Spyware categories
• Adware networks
The backbone for big time spyware are ad serving networks that pay publishers of games, utilities and music/video players per download, to include their ad serving programs. Ad serving networks are DoubleClick, Web3000, Radiate, SaveNow, GAIN.
• Stalking horses
A number of programs that enable the adware networks to function on desktops are bundled in many popular programs and often (not always!) presented in installation disclosure screens as desirable add-ons to their Trojan horse hosts. All collect information. Included in TopText, Cydoor, OnFlow, Medialoads, Delfin, WebHancer, New.net.
• Trojan horses
These popular Internet downloads usually come with the ad serving network basic software and at least one stalking horse. Included in KaZaa, Grokster, Morpheus, Limewire, AudioGalaxy, iMesh, DivX.
• Backdoor Santas
Stand-alone programs that incorporate similar approaches have no links to ad serving networks and collect information from users. Included in Alexa, Hotbar, Comet Cursor, eWallet, CuteFTP, BonziBuddy.
• Cookies
Netscape Navigator and Internet Explorer will still send out existing cookies even after disabling cookies in the browser settings. You must manually delete any/all cookie files on your system to eliminate being tracked by third-party ad networks or spyware or adware providers.
Spyware threats
Spyware threats come in different flavors. The spyware agent can be malware (modifies system settings, and can perform undesirable tasks on your system), hijacker (redirects your browser to web sites), dialer (dials a service, most likely porn sites, for which you are billed!), trojan horse (is attached to a program, and performs undesirable tasks on your system), collectware (collects information about you and your surfing habits). WOW!
In addition to doing a detailed check of your browser history, spyware can install DLLs and other executables files, send continuous data to the parent, leave a backdoor open for hackers to intercept your personal data or enter your computer, can install other programs directly on to your computer without your knowledge, can send/receive cookies to other spyware programs and invite them into your computer (even if you have cookies disabled), and they can add Trojan horses to your system. Most spyware and adware programs are independent executable files which take on the authorization abilities of the victim. They include auto install and auto update capabilities and can report on any attempts to remove or modify them. WOW!
Spyware programs can reset your auto signature, disable or bypass your uninstall features, monitor your keystrokes, scan files on your drive, access your applications, change homepages in addition to displaying advertising content online or offline. They can read, write and delete files and even reformat your hard drive and they do this while sending a steady stream of information back to the advertising and marketing companies. The majority of these programs once installed can not easily be deleted from your system by normal methods and often leave components behind to continue to monitor your behavior and reinstall themselves. WOW!
In addition to being included with software products many spyware programs can get installed on your computer while you surf the Internet! WOW!
ALL THIS MAKES SPYWARE HIGHLY UNDESIRABLE,
AND IT SHOULD BE BANNED FROM THE INTERNET AND YOUR COMPUTER SYSTEM AS OF TODAY !!!
SimplytheBest.net will do its best to screen spyware programs and we do not list them in our shareware directory. It's up to you to decide if you do or don't mind to have spyware agents on your system, but OUR shareware directory does not list spyware infested programs. However if we're not sure we mark suspected spyware with this link: SPYWARE?, which brings you to this page.
Spyware perpetrators
Alexa | Aureate/Radiate | BargainBuddy | ClickTillUWin | Conducent Timesink | Cydoor | Comet Cursor | eZula/KaZaa Toptext | Flashpoint/Flashtrack | Flyswat | Gator | GoHip | Hotbar | ISTbar | Lions Pride Enterprises/Blazing Logic/Trek Blue | Lop (C2Media) | Mattel Brodcast | Morpheus | NewDotNet | Realplayer | Songspy | Xupiter | Web3000 | WebHancer | Windows Messenger Service
Spyware promotors
Downloadalot
Cleaning
If you are cleaning your system manually, using some of the tips mentioned above, you do this at your own risk. Editing the Registry without some basic knowledge may result in your computer not starting up anymore. And reinstalling Windows may be the only way back.
WARNING!
If you ever encounter software that will scan your entire computer identifying any corrupt, potentially harmful or redundant files, verifying your registry and system integrity and locating errors on Windows startup, we advise you to run for your life! Especially if the software offers to do it for you online and for free! DON'T GET TEMPTED BY THE SUGAR -
!
Blocking
• ZoneAlarm
A personal dynamic firewall that allows you to block spyware communication. With Stealth mode enabled, the firewall renders your computer invisible to the Internet and to potential intruders. Mind you, we find that ZoneAlarm itself wants to know too many details about its users.
• Outpost
A personal firewall that supports plug-ins. Includes intrusion detection, ad blocking, content filtering, e-mail guard and privacy control.
• Spyware-Guide.com provides a Spyware Block List File which blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".
Spyware resources
• And.doxdesk.com
• Cexx.org
• Theinfomaniac.net
• ThiefWare
Justice?
What do you think about this?
• If you hack into a bank's computer systems and you get caught, you go to jail.
• If you write a worm or virus and spread it around, if you get caught, yes that's right, you go to jail.
• If you write a program that spreads a spyware agent on everyone's computer system (without their permission) and steals their private information (without their permission) and manipulates their Internet experience (without their permission), and you use other people's web sites to show your advertising (without their permission) and you make lots of money from their work in the process (without their permission) and if you get caught, guess what, you don't go to jail, you may get rich instead.
Possible actions
You may want to take action against any of the above or another (let us know if you found one not listed on this page). The Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices. To file a complaint, go to the FTC web site, call 1-877-FTC-HELP, or write to: Federal Trade Commission, CRC-240, Washington, D.C. 20580.
Several senators have been trying to get several new privacy laws passed. These laws will not get passed unless the American public strongly supports these legislations. Complain to your congressman! Find and contact your Congressman: http://www.house.gov/writerep/.
Currently the FTC has stricter regulations for deceptive advertising than they do for privacy issues. Where an advertisement must be fully qualified as to claims of what a product can and cannot do, the FTC only "encourages" a business to have a privacy policy and there are no regulations as to qualifying what information can be gathered or what its purpose or use will be. Only recently have they begun to address the issue of privacy statements. Businesses are not regulated as to what information they can or can not gather nor what they do with the information. Information about consumers are considered assets that can be sold, transferred or acquired at will.
If your complaint is against a company outside the US, file your complaint at http://www.econsumer.gov/.
You may never see any action as a result of your complaint, but if the stream of complaints keeps on, just maybe some action will be taken to guard us all from this kind of 'attack' on our privacy and our lives.
To explain what spyware is, we'll first explain what adware is. Adware is 'freeware', whereby ads are embedded in the program. These ads will show up when you open the program. Most adware authors provide the free version with ads and a registered version whereby the ads are disabled. As such, you the user have the choice, you either use the freeware with ads served or you purchase the registered version.
Spyware, however, is published as 'freeware' or as 'adware', but the fact that an analysis and tracking program (which reports your activities to the advertising providers' web site for storage and analysis, the 'spyware' agent) is also installed on your system when you install this so-called 'freeware', is usually not mentioned. Even though the name may indicate so, spyware is not an illegal type of software in any way (see our analogy). But what the adware and spyware providers do with the collected information and what they're going to 'feed' you with, is beyond your control.
Hardware spyware
Nowadays spyware can even be found accompanying hardware you buy and install in your system. Yes, the software you install with hardware purchased from certain manufacturers (some even well-known) may include spyware agents.
Spyware categories
• Adware networks
The backbone for big time spyware are ad serving networks that pay publishers of games, utilities and music/video players per download, to include their ad serving programs. Ad serving networks are DoubleClick, Web3000, Radiate, SaveNow, GAIN.
• Stalking horses
A number of programs that enable the adware networks to function on desktops are bundled in many popular programs and often (not always!) presented in installation disclosure screens as desirable add-ons to their Trojan horse hosts. All collect information. Included in TopText, Cydoor, OnFlow, Medialoads, Delfin, WebHancer, New.net.
• Trojan horses
These popular Internet downloads usually come with the ad serving network basic software and at least one stalking horse. Included in KaZaa, Grokster, Morpheus, Limewire, AudioGalaxy, iMesh, DivX.
• Backdoor Santas
Stand-alone programs that incorporate similar approaches have no links to ad serving networks and collect information from users. Included in Alexa, Hotbar, Comet Cursor, eWallet, CuteFTP, BonziBuddy.
• Cookies
Netscape Navigator and Internet Explorer will still send out existing cookies even after disabling cookies in the browser settings. You must manually delete any/all cookie files on your system to eliminate being tracked by third-party ad networks or spyware or adware providers.
Spyware threats
Spyware threats come in different flavors. The spyware agent can be malware (modifies system settings, and can perform undesirable tasks on your system), hijacker (redirects your browser to web sites), dialer (dials a service, most likely porn sites, for which you are billed!), trojan horse (is attached to a program, and performs undesirable tasks on your system), collectware (collects information about you and your surfing habits). WOW!
In addition to doing a detailed check of your browser history, spyware can install DLLs and other executables files, send continuous data to the parent, leave a backdoor open for hackers to intercept your personal data or enter your computer, can install other programs directly on to your computer without your knowledge, can send/receive cookies to other spyware programs and invite them into your computer (even if you have cookies disabled), and they can add Trojan horses to your system. Most spyware and adware programs are independent executable files which take on the authorization abilities of the victim. They include auto install and auto update capabilities and can report on any attempts to remove or modify them. WOW!
Spyware programs can reset your auto signature, disable or bypass your uninstall features, monitor your keystrokes, scan files on your drive, access your applications, change homepages in addition to displaying advertising content online or offline. They can read, write and delete files and even reformat your hard drive and they do this while sending a steady stream of information back to the advertising and marketing companies. The majority of these programs once installed can not easily be deleted from your system by normal methods and often leave components behind to continue to monitor your behavior and reinstall themselves. WOW!
In addition to being included with software products many spyware programs can get installed on your computer while you surf the Internet! WOW!
ALL THIS MAKES SPYWARE HIGHLY UNDESIRABLE,
AND IT SHOULD BE BANNED FROM THE INTERNET AND YOUR COMPUTER SYSTEM AS OF TODAY !!!
SimplytheBest.net will do its best to screen spyware programs and we do not list them in our shareware directory. It's up to you to decide if you do or don't mind to have spyware agents on your system, but OUR shareware directory does not list spyware infested programs. However if we're not sure we mark suspected spyware with this link: SPYWARE?, which brings you to this page.
Spyware perpetrators
Alexa | Aureate/Radiate | BargainBuddy | ClickTillUWin | Conducent Timesink | Cydoor | Comet Cursor | eZula/KaZaa Toptext | Flashpoint/Flashtrack | Flyswat | Gator | GoHip | Hotbar | ISTbar | Lions Pride Enterprises/Blazing Logic/Trek Blue | Lop (C2Media) | Mattel Brodcast | Morpheus | NewDotNet | Realplayer | Songspy | Xupiter | Web3000 | WebHancer | Windows Messenger Service
Spyware promotors
Downloadalot
Cleaning
If you are cleaning your system manually, using some of the tips mentioned above, you do this at your own risk. Editing the Registry without some basic knowledge may result in your computer not starting up anymore. And reinstalling Windows may be the only way back.
WARNING!
If you ever encounter software that will scan your entire computer identifying any corrupt, potentially harmful or redundant files, verifying your registry and system integrity and locating errors on Windows startup, we advise you to run for your life! Especially if the software offers to do it for you online and for free! DON'T GET TEMPTED BY THE SUGAR -
!Blocking
• ZoneAlarm
A personal dynamic firewall that allows you to block spyware communication. With Stealth mode enabled, the firewall renders your computer invisible to the Internet and to potential intruders. Mind you, we find that ZoneAlarm itself wants to know too many details about its users.
• Outpost
A personal firewall that supports plug-ins. Includes intrusion detection, ad blocking, content filtering, e-mail guard and privacy control.
• Spyware-Guide.com provides a Spyware Block List File which blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".
Spyware resources
• And.doxdesk.com
• Cexx.org
• Theinfomaniac.net
• ThiefWare
Justice?
What do you think about this?
• If you hack into a bank's computer systems and you get caught, you go to jail.
• If you write a worm or virus and spread it around, if you get caught, yes that's right, you go to jail.
• If you write a program that spreads a spyware agent on everyone's computer system (without their permission) and steals their private information (without their permission) and manipulates their Internet experience (without their permission), and you use other people's web sites to show your advertising (without their permission) and you make lots of money from their work in the process (without their permission) and if you get caught, guess what, you don't go to jail, you may get rich instead.
Possible actions
You may want to take action against any of the above or another (let us know if you found one not listed on this page). The Federal Trade Commission (FTC) handles complaints about deceptive or unfair business practices. To file a complaint, go to the FTC web site, call 1-877-FTC-HELP, or write to: Federal Trade Commission, CRC-240, Washington, D.C. 20580.
Several senators have been trying to get several new privacy laws passed. These laws will not get passed unless the American public strongly supports these legislations. Complain to your congressman! Find and contact your Congressman: http://www.house.gov/writerep/.
Currently the FTC has stricter regulations for deceptive advertising than they do for privacy issues. Where an advertisement must be fully qualified as to claims of what a product can and cannot do, the FTC only "encourages" a business to have a privacy policy and there are no regulations as to qualifying what information can be gathered or what its purpose or use will be. Only recently have they begun to address the issue of privacy statements. Businesses are not regulated as to what information they can or can not gather nor what they do with the information. Information about consumers are considered assets that can be sold, transferred or acquired at will.
If your complaint is against a company outside the US, file your complaint at http://www.econsumer.gov/.
You may never see any action as a result of your complaint, but if the stream of complaints keeps on, just maybe some action will be taken to guard us all from this kind of 'attack' on our privacy and our lives.
What Is A Firewall?
A firewall is a program or hardware device that filters the information coming in through the Internet connection into your local network or standalone computer system. If an incoming packet of information is flagged by the filters that are in place it is not allowed to pass. Without a firewall all your computers are directly accessible to anyone on the Internet, while you are connected. Usually a firewall will allow to set filters for all your servers, such as FTP, mail, Telnet, and so forth.
Firewalls typically use one or more of these methods to control traffic flowing in and out of the network:
• Packet filtering
Packets are analyzed. Only packets that make it through the filters are forwarded to the requesting system.
• Outbound filtering
Some firewalls only work in one direction. They examine packets your computer is receiving, not the ones it sends. Hostile applications such as trojan horses, worms and viruses can use your Internet connection to send sensitive information from your system. So your firewall should at least have a mechanism for filtering outbound traffic.
• Proxy service
Information from the Internet is retrieved by the firewall and then forwarded to the requesting system and vice versa.
• Stateful inspection
A method that compares certain key parts of a packet to a database of trusted information. If the comparison yields a reasonable match, the information is allowed through, otherwise it is blocked.
Implementing a firewall
There are a few ways of implementing a firewall, whereby in all methods the location of your servers and workstations play a major role in optimized security.
1. the safest method is to use a dedicated system with a built-in firewall for all your Internet server services and not to attach that system to your LAN. This method is very safe, but no system on the LAN has Internet access.
2. you can place the server/firewall on the same LAN as your systems but restrict the flow of traffic through the server. In this case local systems can go through the server/firewall to access Internet services, but no one can come in from the Internet to the local LAN. Unless someone reconfigures the firewall to support two-way traffic.
3. if you use multiple servers you should separate the servers/firewalls from your local systems. Set up your Internet server/firewall to handle the routing for the local systems and the local Internet servers separately. Local systems need one-way access to the Internet, while the local Internet servers need two-way access. You do run the risk of someone penetrating your firewall and changing router tables to get access to your LAN.
4. a second firewall can be added. This provides a backup to the first firewall in the event its router tables are compromised. In this way even if someone gets through the first firewall, the second one will stop or at least slow down the intruder.
Firewalls alone are no longer sufficient protection, because they're static devices. This means that intruders can use valid, legal packets to attack your network and compromise your security. You should use additional tools for complete protection, especially for Windows NT and the TCP/IP protocol. To spot potential problems before intruders exploit them from inside or outside your network, you can implement security tools such as port scanners, vulnerability testers, log analyzers or intrusion detectors.
Possible firewall protection
• Backdoors
Some programs have features that allow for remote access.
• Denial of service
The hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable requests, a hacker causes a server to slow down or even crash.
• E-mail bombs
Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. That's an e-mail bomb.
• Macros
To simplify procedures applications may allow you to create a script of commands. This is known as a macro. Hackers create their own macros that, depending on the application, can destroy your data or crash your computer.
• Operating system bugs
Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that a hacker can take advantage of.
• Redirect bombs
Hackers can change (redirect) the path information takes, by sending it to a different router.
• Remote login
When someone is able to login to your computer and control it somehow. This can be from accessing your files to running programs on your computer.
• SMTP session hijacking
SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited e-mail (spam). This is done by redirecting the e-mail through the SMTP server of an unsuspecting host, making the sender of the e-mail difficult to trace.
• Spam
Be careful of clicking on unknown links in e-mails, because you may accidentally accept a cookie that provides a backdoor to your computer.
• Source routing
In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network.
NCSA Certification
NCSA has a certification program that tests firewall products against a standardized suite of attacks while still letting authorized users accomplish business functions. NCSA certification provides an objective way for you to evaluate the level of security a firewall provides.
Setting filters for a firewall
You can set filters based on various conditions. Some of these are:
IP addresses
Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four octets in a dotted decimal number. (f.e.: 202.62.24.124). Any IP address can be blocked.
Domain names
All servers on the Internet have readable names, called domain names, beside their IP address. These two are linked using a DNS (domain name server) server. A firewall can be setup to block access to certain domain names, or allow access to specific domain names only.
Protocols
Protocols are usually in text format, and describe how client and server are to establish communication. Some protocols that you can set firewall filters for:
• IP (Internet Protocol) - the main delivery system for information over the Internet
• TCP (Transport Control Protocol) - used to break apart and rebuild information that travels over the Internet
• HTTP (Hyper Text Transfer Protocol) - used for Web pages
• FTP (File Transfer Protocol) - used to download and upload files
• UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
• ICMP (Internet Control Message Protocol) - used by a router to exchange information with other routers
• SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
• SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
• Telnet - used to perform commands on a remote computer
Any server machine makes its services available to the Internet using ports, one for each service that is available on the server. A Web server is typically available on port 80, or port 8080, while the FTP server is usually available on port 21. Any port can be filtered.
Specific words and phrases
The firewall will search through each packet of information for an exact match of the text listed in the filter. You can include as many words, phrases and variations as you need to setup a correct filter.
Ping
A method for determining whether a system is connected to the Internet at a particular address. You ping a system by sending an Echo Request packet. If the target is connected, you'll receive a 'pong' in response. Most operating systems have this program. Try entering the command:
ping domain.com (any domain name or IP address)
Operating System Fingerprinting
By sending or receiving a special packet, one can determine whether a system is connected to an IP address and which operating system it is running.
Port scanners
TCP and UDP use port numbers to identify higher layer services. Systems administrators use port scanners to determine what TCP/UDP services are available on a server. A basic rule of server security is to disable any service that the system isn't using because any open TCP/UDP service offers intruders a possible entry into your system. You can use a port scanner to ensure that only the desired TCP/UDP services are running.
Port numbers 0 through 1023 are well-known ports that systems administrators usually use for system processes or for programs that privileged users are running. If attackers exploit a well-known port, they can potentially gain control of a server. Attackers use several generic schemes to scan ports.
TCP connect() scanning is the most basic form of TCP scanning. An attacker's host issues a connect() system call to every interesting port on the target machine. If the port is listening, connect() will succeed; otherwise, the port is unreachable and the service is unavailable. This scheme is fast and doesn't require any special privileges.
TCP SYN scanning attempts to set up a TCP virtual connection. Establishing a TCP virtual connection requires a three-way handshake, in which one host sends a TCP segment with the synchronize (SYN) flag set, the other host responds with a segment that has the acknowledge valid (ACK) and SYN flags set, and the first host responds with a segment that has only the ACK flag set. In SYN scanning, a querying host sends a SYN segment to every port. If the server responds with a SYN-ACK segment the service is available. If the server responds with a reset (RST) segment the service is unavailable.
TCP FIN scanning - the attacker's querying host skips the three-way handshake and sends a finish (FIN) segment to all interested TCP ports. Sending a FIN segment closes an open TCP connection. If the port is open, the system is supposed to ignore the FIN because there is no existing connection; if the port is closed, the system generates an RST segment. Lack of a response identifies an active port to an attacker. This method doesn't work well on most Windows systems because Microsoft's TCP implementation always sends a RST in response to a FIN.
FTP bouncing uses the FTP PORT command and the upload capability at an FTP server behind the firewall. This attack lets a client connect with other systems that otherwise wouldn't be accessible.
UDP Internet Control Message Protocol (ICMP) port unreachable scanning is one of the few UDP scans. UDP is a connectionless protocol, so it's harder to scan than TCP because UDP ports aren't required to respond to probes. Most implementations generate an ICMP port_unreachable error when a user (or intruder) sends a packet to a closed UDP port.
You can perform port scans by using several tools that employ a combination of methods to detect attacks. The FTP and HTTP services are vulnerabilities simply because they're always running. The medium risk vulnerability FTP service is susceptible because it has anonymous access enabled, and the HTTP service is high risk because attackers can exploit the $DATA hole in Microsoft's Internet Information Server (IIS). This vulnerability affects many IIS installations because an attacker can download the Active Server Pages (ASP) source by appending a ::$DATA string to the URL. This action can expose usernames and passwords that systems administrators have hard-coded within scripts.
Many port scanners suggest possible fixes, such as shutting down the service or installing a hotfix. Although shutting off the service might not be an option, knowing that a vulnerability exists helps you balance the risk exposure with the benefit.
Vulnerability testing
Vulnerability testing is similar to port scanning, but you use vulnerability testing for specific Operating Systems rather than TCP/IP communications protocols. Many security vulnerabilities are OS specific, so a good rule of secure management is to avoid advertising your servers' OS. However, clues such as .asp file extensions, use of .htm rather than .html, and home pages named default.htm usually identify an IIS server to an attacker. In addition, many tools help attackers determine a system's OS, and to use these tools attackers need only the server's IP address. Systems administrators are well advised to use software to examine their systems for OS vulnerabilities. Most vulnerability testers will also tell you where you can get more information, such as pointers to Microsoft articles and links to hot fixes and service packs, and suggest corrective measures, such as instructions for updating the Registry to secure your systems. New OS vulnerabilities appear all the time. You need to do scan security frequently with an up-to-date database of OS vulnerabilities.
Hardware firewalls
Hardware firewalls are secure and not expensive anymore. The router is connected to a cable or a DSL modem and functions as gateway, DHCP server, virtual server and applications server. You configure the router via a browser interface that resides on your computer by entering its local IP address. You can set many filters for each of the functions of the router.
Software firewalls
A software firewall can be installed on a standalone computer with an Internet connection. This computer is considered a gateway because it provides the main or only point of access between your computer and the Internet.
A firewall is a program or hardware device that filters the information coming in through the Internet connection into your local network or standalone computer system. If an incoming packet of information is flagged by the filters that are in place it is not allowed to pass. Without a firewall all your computers are directly accessible to anyone on the Internet, while you are connected. Usually a firewall will allow to set filters for all your servers, such as FTP, mail, Telnet, and so forth.
Firewalls typically use one or more of these methods to control traffic flowing in and out of the network:
• Packet filtering
Packets are analyzed. Only packets that make it through the filters are forwarded to the requesting system.
• Outbound filtering
Some firewalls only work in one direction. They examine packets your computer is receiving, not the ones it sends. Hostile applications such as trojan horses, worms and viruses can use your Internet connection to send sensitive information from your system. So your firewall should at least have a mechanism for filtering outbound traffic.
• Proxy service
Information from the Internet is retrieved by the firewall and then forwarded to the requesting system and vice versa.
• Stateful inspection
A method that compares certain key parts of a packet to a database of trusted information. If the comparison yields a reasonable match, the information is allowed through, otherwise it is blocked.
Implementing a firewall
There are a few ways of implementing a firewall, whereby in all methods the location of your servers and workstations play a major role in optimized security.
1. the safest method is to use a dedicated system with a built-in firewall for all your Internet server services and not to attach that system to your LAN. This method is very safe, but no system on the LAN has Internet access.
2. you can place the server/firewall on the same LAN as your systems but restrict the flow of traffic through the server. In this case local systems can go through the server/firewall to access Internet services, but no one can come in from the Internet to the local LAN. Unless someone reconfigures the firewall to support two-way traffic.
3. if you use multiple servers you should separate the servers/firewalls from your local systems. Set up your Internet server/firewall to handle the routing for the local systems and the local Internet servers separately. Local systems need one-way access to the Internet, while the local Internet servers need two-way access. You do run the risk of someone penetrating your firewall and changing router tables to get access to your LAN.
4. a second firewall can be added. This provides a backup to the first firewall in the event its router tables are compromised. In this way even if someone gets through the first firewall, the second one will stop or at least slow down the intruder.
Firewalls alone are no longer sufficient protection, because they're static devices. This means that intruders can use valid, legal packets to attack your network and compromise your security. You should use additional tools for complete protection, especially for Windows NT and the TCP/IP protocol. To spot potential problems before intruders exploit them from inside or outside your network, you can implement security tools such as port scanners, vulnerability testers, log analyzers or intrusion detectors.
Possible firewall protection
• Backdoors
Some programs have features that allow for remote access.
• Denial of service
The hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable requests, a hacker causes a server to slow down or even crash.
• E-mail bombs
Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages. That's an e-mail bomb.
• Macros
To simplify procedures applications may allow you to create a script of commands. This is known as a macro. Hackers create their own macros that, depending on the application, can destroy your data or crash your computer.
• Operating system bugs
Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that a hacker can take advantage of.
• Redirect bombs
Hackers can change (redirect) the path information takes, by sending it to a different router.
• Remote login
When someone is able to login to your computer and control it somehow. This can be from accessing your files to running programs on your computer.
• SMTP session hijacking
SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited e-mail (spam). This is done by redirecting the e-mail through the SMTP server of an unsuspecting host, making the sender of the e-mail difficult to trace.
• Spam
Be careful of clicking on unknown links in e-mails, because you may accidentally accept a cookie that provides a backdoor to your computer.
• Source routing
In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network.
NCSA Certification
NCSA has a certification program that tests firewall products against a standardized suite of attacks while still letting authorized users accomplish business functions. NCSA certification provides an objective way for you to evaluate the level of security a firewall provides.
Setting filters for a firewall
You can set filters based on various conditions. Some of these are:
IP addresses
Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four octets in a dotted decimal number. (f.e.: 202.62.24.124). Any IP address can be blocked.
Domain names
All servers on the Internet have readable names, called domain names, beside their IP address. These two are linked using a DNS (domain name server) server. A firewall can be setup to block access to certain domain names, or allow access to specific domain names only.
Protocols
Protocols are usually in text format, and describe how client and server are to establish communication. Some protocols that you can set firewall filters for:
• IP (Internet Protocol) - the main delivery system for information over the Internet
• TCP (Transport Control Protocol) - used to break apart and rebuild information that travels over the Internet
• HTTP (Hyper Text Transfer Protocol) - used for Web pages
• FTP (File Transfer Protocol) - used to download and upload files
• UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
• ICMP (Internet Control Message Protocol) - used by a router to exchange information with other routers
• SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
• SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
• Telnet - used to perform commands on a remote computer
Any server machine makes its services available to the Internet using ports, one for each service that is available on the server. A Web server is typically available on port 80, or port 8080, while the FTP server is usually available on port 21. Any port can be filtered.
Specific words and phrases
The firewall will search through each packet of information for an exact match of the text listed in the filter. You can include as many words, phrases and variations as you need to setup a correct filter.
Ping
A method for determining whether a system is connected to the Internet at a particular address. You ping a system by sending an Echo Request packet. If the target is connected, you'll receive a 'pong' in response. Most operating systems have this program. Try entering the command:
ping domain.com (any domain name or IP address)
Operating System Fingerprinting
By sending or receiving a special packet, one can determine whether a system is connected to an IP address and which operating system it is running.
Port scanners
TCP and UDP use port numbers to identify higher layer services. Systems administrators use port scanners to determine what TCP/UDP services are available on a server. A basic rule of server security is to disable any service that the system isn't using because any open TCP/UDP service offers intruders a possible entry into your system. You can use a port scanner to ensure that only the desired TCP/UDP services are running.
Port numbers 0 through 1023 are well-known ports that systems administrators usually use for system processes or for programs that privileged users are running. If attackers exploit a well-known port, they can potentially gain control of a server. Attackers use several generic schemes to scan ports.
TCP connect() scanning is the most basic form of TCP scanning. An attacker's host issues a connect() system call to every interesting port on the target machine. If the port is listening, connect() will succeed; otherwise, the port is unreachable and the service is unavailable. This scheme is fast and doesn't require any special privileges.
TCP SYN scanning attempts to set up a TCP virtual connection. Establishing a TCP virtual connection requires a three-way handshake, in which one host sends a TCP segment with the synchronize (SYN) flag set, the other host responds with a segment that has the acknowledge valid (ACK) and SYN flags set, and the first host responds with a segment that has only the ACK flag set. In SYN scanning, a querying host sends a SYN segment to every port. If the server responds with a SYN-ACK segment the service is available. If the server responds with a reset (RST) segment the service is unavailable.
TCP FIN scanning - the attacker's querying host skips the three-way handshake and sends a finish (FIN) segment to all interested TCP ports. Sending a FIN segment closes an open TCP connection. If the port is open, the system is supposed to ignore the FIN because there is no existing connection; if the port is closed, the system generates an RST segment. Lack of a response identifies an active port to an attacker. This method doesn't work well on most Windows systems because Microsoft's TCP implementation always sends a RST in response to a FIN.
FTP bouncing uses the FTP PORT command and the upload capability at an FTP server behind the firewall. This attack lets a client connect with other systems that otherwise wouldn't be accessible.
UDP Internet Control Message Protocol (ICMP) port unreachable scanning is one of the few UDP scans. UDP is a connectionless protocol, so it's harder to scan than TCP because UDP ports aren't required to respond to probes. Most implementations generate an ICMP port_unreachable error when a user (or intruder) sends a packet to a closed UDP port.
You can perform port scans by using several tools that employ a combination of methods to detect attacks. The FTP and HTTP services are vulnerabilities simply because they're always running. The medium risk vulnerability FTP service is susceptible because it has anonymous access enabled, and the HTTP service is high risk because attackers can exploit the $DATA hole in Microsoft's Internet Information Server (IIS). This vulnerability affects many IIS installations because an attacker can download the Active Server Pages (ASP) source by appending a ::$DATA string to the URL. This action can expose usernames and passwords that systems administrators have hard-coded within scripts.
Many port scanners suggest possible fixes, such as shutting down the service or installing a hotfix. Although shutting off the service might not be an option, knowing that a vulnerability exists helps you balance the risk exposure with the benefit.
Vulnerability testing
Vulnerability testing is similar to port scanning, but you use vulnerability testing for specific Operating Systems rather than TCP/IP communications protocols. Many security vulnerabilities are OS specific, so a good rule of secure management is to avoid advertising your servers' OS. However, clues such as .asp file extensions, use of .htm rather than .html, and home pages named default.htm usually identify an IIS server to an attacker. In addition, many tools help attackers determine a system's OS, and to use these tools attackers need only the server's IP address. Systems administrators are well advised to use software to examine their systems for OS vulnerabilities. Most vulnerability testers will also tell you where you can get more information, such as pointers to Microsoft articles and links to hot fixes and service packs, and suggest corrective measures, such as instructions for updating the Registry to secure your systems. New OS vulnerabilities appear all the time. You need to do scan security frequently with an up-to-date database of OS vulnerabilities.
Hardware firewalls
Hardware firewalls are secure and not expensive anymore. The router is connected to a cable or a DSL modem and functions as gateway, DHCP server, virtual server and applications server. You configure the router via a browser interface that resides on your computer by entering its local IP address. You can set many filters for each of the functions of the router.
Software firewalls
A software firewall can be installed on a standalone computer with an Internet connection. This computer is considered a gateway because it provides the main or only point of access between your computer and the Internet.
How to Detect Spies
Make no doubt about it, online spying is becoming more prevalent and more sophisticated. It is important to understand that there are different levels of spying. For example, Alexa, popular software owned by Amazon.com, would be called a “BackDoor Santa” it doesn’t actually log your keystrokes or take system snapshots but it does record some surfing activity. However, programs like Spector are very skilled at stealthily gathering information including passwords, surfing history, and even chat logs and e-mails. If you haven’t done so already take a moment to read our Introduction to Spyware located here.
So who do you know if you are being spied upon? We list the key points below on how to monitor your system and check for the signs of spy software.
1) Work Environment: Assume you are being monitored. Most workplaces have the right to do this so by default get used to the fact that someone is monitoring you. There are several ways employers can monitor employees. Some use activity logging software to see what programs are being accessed and for how long. Naturally many will use spy software programs also known as “snoop ware” or a key-logger to take snapshots and log all keystrokes. An employer may actually monitor internet traffic as it moves across an intranet.
2) Anti-Spy Programs: A popular way to find out if someone is spying on you. Anti-Spy programs look for signatures or traces that are specific to certain spy software. Some simply do text string scanning to find them, and others i.e. (X-Cleaner from Xblock) actually extract and attempt to remove the spyware. Be careful of the ones that use only text string scanning. Text string scanning can give false positives and in some cases it actually it can accidentally target anti-spy software! You can try a free online scanner right on this site, just click here.
Of course Anti-Spy software can be a double-edged sword! Many spies will actually buy anti-spy software to scan and check to make sure their spyware is not being detected. There is a hidden arms race that rages between spyware vendors and anti-spy companies.
3) System Resources: Poorly written spy software will almost always put a drag on system resources. Watch out for poor system resources, running out of memory, lots of hard disk activity or a screen that “flickers”. This is caused by some spy software programs as they take snapshots of the computer screen that requires system resources.
4) Machine Access: Watch for people trying to gain access to your machine. Many software programs that are designed for spying require physical access to the target machine.
5) Installation Monitors: Currently on the market are software programs that will log every installation that occurs on your machine. It is best to leave these hidden on the system. It is possible to catch the installation of many spies in this way.
6) Anti-Virus: Many anti-virus programs can catch prolific spy software because they are often classified as “Trojan Horses”. Keep spy software up to date and make sure it is running in the background. This might not protect you against from some spy software but it will let you know if any repurposed Trojan horses are installed. Keep in mind that Trojans (see below) like NetBus or DeepBO are also classified as spy software because they open up a system to outside connections. Don’t be lulled into a false sense of security because you have one installed. They are helpful but there is no such thing as 100% foolproof protection.
7) Personal Firewall: In today’s treacherous Internet it is very helpful to also run a personal firewall. Firewalls will alert you to both inbound and outbound activity. You can control what is allowed in and out of your system. Watch for suspicious programs you do not recognize trying to send data out of your system.
8) Downloading Smarts: Simply put use common sense when downloading and avoid sources you cannot trust. If you are someone who frequents “warez” or crack sites you will more than likely encounter a Trojan or virus.
9) Common Sense: Be careful about what you install on your system. Don’t run e-mail attachments and read the EULA (end user license agreement). Keep an up to date anti-spy package on your machine.
10) Spy Software: Ironically you can monitor for spy software by installing spy software on your system first! Since spy software can record all keystrokes it can monitor and record the installation of another spy software. Again this turns into a virtual arms race, but keep in mind that many spy programs are vulnerable to anti-spy attacks.
Make no doubt about it, online spying is becoming more prevalent and more sophisticated. It is important to understand that there are different levels of spying. For example, Alexa, popular software owned by Amazon.com, would be called a “BackDoor Santa” it doesn’t actually log your keystrokes or take system snapshots but it does record some surfing activity. However, programs like Spector are very skilled at stealthily gathering information including passwords, surfing history, and even chat logs and e-mails. If you haven’t done so already take a moment to read our Introduction to Spyware located here.
So who do you know if you are being spied upon? We list the key points below on how to monitor your system and check for the signs of spy software.
1) Work Environment: Assume you are being monitored. Most workplaces have the right to do this so by default get used to the fact that someone is monitoring you. There are several ways employers can monitor employees. Some use activity logging software to see what programs are being accessed and for how long. Naturally many will use spy software programs also known as “snoop ware” or a key-logger to take snapshots and log all keystrokes. An employer may actually monitor internet traffic as it moves across an intranet.
2) Anti-Spy Programs: A popular way to find out if someone is spying on you. Anti-Spy programs look for signatures or traces that are specific to certain spy software. Some simply do text string scanning to find them, and others i.e. (X-Cleaner from Xblock) actually extract and attempt to remove the spyware. Be careful of the ones that use only text string scanning. Text string scanning can give false positives and in some cases it actually it can accidentally target anti-spy software! You can try a free online scanner right on this site, just click here.
Of course Anti-Spy software can be a double-edged sword! Many spies will actually buy anti-spy software to scan and check to make sure their spyware is not being detected. There is a hidden arms race that rages between spyware vendors and anti-spy companies.
3) System Resources: Poorly written spy software will almost always put a drag on system resources. Watch out for poor system resources, running out of memory, lots of hard disk activity or a screen that “flickers”. This is caused by some spy software programs as they take snapshots of the computer screen that requires system resources.
4) Machine Access: Watch for people trying to gain access to your machine. Many software programs that are designed for spying require physical access to the target machine.
5) Installation Monitors: Currently on the market are software programs that will log every installation that occurs on your machine. It is best to leave these hidden on the system. It is possible to catch the installation of many spies in this way.
6) Anti-Virus: Many anti-virus programs can catch prolific spy software because they are often classified as “Trojan Horses”. Keep spy software up to date and make sure it is running in the background. This might not protect you against from some spy software but it will let you know if any repurposed Trojan horses are installed. Keep in mind that Trojans (see below) like NetBus or DeepBO are also classified as spy software because they open up a system to outside connections. Don’t be lulled into a false sense of security because you have one installed. They are helpful but there is no such thing as 100% foolproof protection.
7) Personal Firewall: In today’s treacherous Internet it is very helpful to also run a personal firewall. Firewalls will alert you to both inbound and outbound activity. You can control what is allowed in and out of your system. Watch for suspicious programs you do not recognize trying to send data out of your system.
8) Downloading Smarts: Simply put use common sense when downloading and avoid sources you cannot trust. If you are someone who frequents “warez” or crack sites you will more than likely encounter a Trojan or virus.
9) Common Sense: Be careful about what you install on your system. Don’t run e-mail attachments and read the EULA (end user license agreement). Keep an up to date anti-spy package on your machine.
10) Spy Software: Ironically you can monitor for spy software by installing spy software on your system first! Since spy software can record all keystrokes it can monitor and record the installation of another spy software. Again this turns into a virtual arms race, but keep in mind that many spy programs are vulnerable to anti-spy attacks.
Spyware & Trojan List
123Messenger
123Search
2020Search
2nd-thought
2Spy!
3rdEye
764 Dialer
7FaSSt
A Better Internet
AB System Spy
Absolute Keylogger
AccessPlugin
AceSpy
AcidBattery
Aconti
Actions Monitor
Activity Logger
Activity Monitor 2002
ActualNames
ACXInstall
AdBreak
AdGoblin
Adult Chat Dialer
Adult-Links
Advanced Keylogger
AlertMobile Pro
Alexa Toolbar
Amitis
Aornum
Apophis
AppsTraka
AproposMedia
Ardamax Keylogger
ASpam
Assasin Trojan
AtomicLog
Aureate
BadTrans.B
BargainBuddy
BDE
Beast
Belkin PCSpy
BillByCall
BizDefender
Black Box
Blaster Worm
BlazeFind
BonziBuddy
BookedSpace
Boss EveryWare
BroadCast PC
BrowserAid
BrowserToolbar
BuddyLinks
Bulla
ButtMan
C2.lop
Call Online Two
Catch Cheat Spy
Chat Watch
Chota
Clearsearch
ClearStream Accelerator
Click Till U Win
ClickTheButton
ClientMan
CnsMin
COM
Com Policy
Comet Cursor
Comload
CommonName
Computer Snooper
ComputerSpy
Conducent
Content Monitor
Coolbar
CoolCat
Coolsavings
CoolWebSearch
Covenanteyes
CrashCool
CrossKirk
ctor.dll
Cyber Informer
Cyber Predator
Cyber Snoop
Cydoor
Cytron
DailyWinner
Delfin Media Viewer
Desktop Detective 2000
Desktop Spy
DialerFactory
DialerOffline
Dogpile Search Toolbar
Dotcomtoolbar
Download Plus
DownloadReceiver
DownloadWare
DSK Trojan
DTr
Dynamic Desktop Media
E-mail Password Logger
e-Surveiller
eAnthology
EasyBar
EBlaster
el Espia
Email PI
Email Spy Pro
eXactSearch
ezSearchBar
Ezula
Family Key Logger
FamilyCam
FarSighter
Fast Tracker
Fastseeker
FavoriteMan
Fearless Key Spy
FlashTrack
Flyswat
Forbes
FreeScratchAndWin
Gator
Ghost Key Logger
GhostLog
GlobalDialer
God2
GoHip
Golden Eye
Gratisware
GSim
Guardian Monitor
GURL Watcher
H@tKeysH@@k
Hacker Spider
Hacker Wacker
HaczYK
Haldex
Hanuman
Hatred-Fiend
HelioS
Hiddukel III
HighSpeed Connector
Home Keylogger
HotActionDating
HotBar
Httper
Huntbar
HXDL
I am BigBrother
i Wonder
IBIS ToolBar
IBS
ICU Surf
IEAccess
IEfeats
IEFeatures
IEPlugin
IETray
iGetNet
Ikitek Key Logger
ILookup
IM Web Inspector
In the Know
Ineb Helper
InetSpeak
InLook Express
Internet Marketing Toolbar Pro
Invisi Eyes
Invisible Keylogger 97
IPInsight
iProtectYou
IRTTHPack
ISearch Toolbar
iSpy
iSpyNOW
ISTbar
KeenValue
key count
Key Spy Pro
Key Thief
Keyboard Collector
Keyboard Guardian
Keyboard Logger
Keyboard Monitor
KeyKey
KeySpy
Keystroke Monitor 2.0
Klez Worm
ksLogger
LinkReplacer
Lirva
Lithium
LoadFonts
Look2Me
Magicon
MAILSENDER
MarketScore
Masterbar
MasterDialer
MateWatcher Pro
Memory Meter
Mendware
Messenger Spam
Mind-Control
MindControl
Minibug
Mirar
ModemSpy
MoM
MoneyTree
Mostrar Dialer
MPGcom
Musqkito Marketing
My Little Spy
MyDoom
MySearch
n-Case
NavExcel
Net Devil
Net900
NETObserve
NetPal
NetSpy
NetTrack & Spy
NetVizor
NetworkEssentials
New.Net
NewtonKnows
Noptify
NowBox
OnFlow
Online Recorder
Online-Dialer
Optix
P2P Networking
PAL Keylogger Pro
PAL PC Spy
PasTmon
PC Activity Monitor
PC Activity Monitor Net
PC Bloodhound Professional
PC Spy
PC-Parent
Perfect Keylogger
Permedia Ads
Pest
PluginAccess
Portal of Doom
Power Key Logger
PowerStrip
Probot
Proces Logger
Proclaim Dialers
PRW
Purityscan
PWD Trojan
Quickflicks
RadMin
RapidBlaster
Real Spy Monitor
Realbar
Realphx
Realtime-Spy
RedHand
Remote Control Pc 2000
remote password stealer
ReWind
Safenet
SafeSearch
SafeSurfing
Save Keys
SaveNow
SC-Keylog
SCBar
Seach Assistant
SearchAndBrowse
SearchBarCash
Searchex
SearchExplorer
SearchitBar
SearchSquire
SecondPower
SentryCam
ShopAtHomeSelect
ShopNav
Show Bar
Silent Spy
Slammer worm
SmartBrowser
Snape
Snapshot Spy
Spector
SpotOn
Spy Guardian Pro
SpyAgent
SpyAnytime PC Spy
SpyAnywhere
spyAOL
SpyAssault
Spyblast
SpyBuddy
SpyCapture
SpyGraphica Professional
SpyRex
SpyTech Shadow
Spywarenuker
SSKC
Starcross
StarDialer
STARR
Stealth Activity Reporter
Stealth Keyboard Interceptor
Stealth Keyboard Logger
Stealth Redirector
Stop Popup Ads Now
StripPlayer
Sub Seven
SubSearch
SuperBar
Surf Control
Surf Spy
Surfairy
SurferBar
Surfmonkey
Sys Detective +
Syscpy
SysMon
System Spy
System Supervisor
SystemVXD Dialer
Tdak Searchbar
Tellafriend
TGDC
The Snake Trojan
TIBS
Tiny Keylogger
TinyBar
ToolbarCC
TOPicks
Total Monitor
TradeExit
Tranzhva
TSCash
TV Media Display
Twain-Tech
TypO
UCmore
UCSearch
Ultrasoft Key Interceptor
Unknown Dialers
Virtual Bouncer
VLoading
VX2.cc
W32.Hawawi.Worm
W97M_SPY.A
Wazam
Weaddon.dll
Web Behavior
WebHancer
WebMail Spy
Websense
Whazit
WildTangent
Win Key Genie
Win-Spy
Windows Remote
Windows Spy
WinGuardian
Winpup
WinRecon
Winshow
WinSpy
Winvestigator
WinWhatWhere
WNAD
Wonderland
WurldMedia
X-Diver
X-Driver
XDialer
XLoader
XLog
XPCSpy
Xupiter
XXXDial
xxxtoolbar
ZipClix
To find out what they do and how to remove them please visit http://www.spywareguide.com and click the option on the left "List of spyware".
If you know of any spyware or trojans that need to be added to this list, please PM me and I will add them.
123Messenger
123Search
2020Search
2nd-thought
2Spy!
3rdEye
764 Dialer
7FaSSt
A Better Internet
AB System Spy
Absolute Keylogger
AccessPlugin
AceSpy
AcidBattery
Aconti
Actions Monitor
Activity Logger
Activity Monitor 2002
ActualNames
ACXInstall
AdBreak
AdGoblin
Adult Chat Dialer
Adult-Links
Advanced Keylogger
AlertMobile Pro
Alexa Toolbar
Amitis
Aornum
Apophis
AppsTraka
AproposMedia
Ardamax Keylogger
ASpam
Assasin Trojan
AtomicLog
Aureate
BadTrans.B
BargainBuddy
BDE
Beast
Belkin PCSpy
BillByCall
BizDefender
Black Box
Blaster Worm
BlazeFind
BonziBuddy
BookedSpace
Boss EveryWare
BroadCast PC
BrowserAid
BrowserToolbar
BuddyLinks
Bulla
ButtMan
C2.lop
Call Online Two
Catch Cheat Spy
Chat Watch
Chota
Clearsearch
ClearStream Accelerator
Click Till U Win
ClickTheButton
ClientMan
CnsMin
COM
Com Policy
Comet Cursor
Comload
CommonName
Computer Snooper
ComputerSpy
Conducent
Content Monitor
Coolbar
CoolCat
Coolsavings
CoolWebSearch
Covenanteyes
CrashCool
CrossKirk
ctor.dll
Cyber Informer
Cyber Predator
Cyber Snoop
Cydoor
Cytron
DailyWinner
Delfin Media Viewer
Desktop Detective 2000
Desktop Spy
DialerFactory
DialerOffline
Dogpile Search Toolbar
Dotcomtoolbar
Download Plus
DownloadReceiver
DownloadWare
DSK Trojan
DTr
Dynamic Desktop Media
E-mail Password Logger
e-Surveiller
eAnthology
EasyBar
EBlaster
el Espia
Email PI
Email Spy Pro
eXactSearch
ezSearchBar
Ezula
Family Key Logger
FamilyCam
FarSighter
Fast Tracker
Fastseeker
FavoriteMan
Fearless Key Spy
FlashTrack
Flyswat
Forbes
FreeScratchAndWin
Gator
Ghost Key Logger
GhostLog
GlobalDialer
God2
GoHip
Golden Eye
Gratisware
GSim
Guardian Monitor
GURL Watcher
H@tKeysH@@k
Hacker Spider
Hacker Wacker
HaczYK
Haldex
Hanuman
Hatred-Fiend
HelioS
Hiddukel III
HighSpeed Connector
Home Keylogger
HotActionDating
HotBar
Httper
Huntbar
HXDL
I am BigBrother
i Wonder
IBIS ToolBar
IBS
ICU Surf
IEAccess
IEfeats
IEFeatures
IEPlugin
IETray
iGetNet
Ikitek Key Logger
ILookup
IM Web Inspector
In the Know
Ineb Helper
InetSpeak
InLook Express
Internet Marketing Toolbar Pro
Invisi Eyes
Invisible Keylogger 97
IPInsight
iProtectYou
IRTTHPack
ISearch Toolbar
iSpy
iSpyNOW
ISTbar
KeenValue
key count
Key Spy Pro
Key Thief
Keyboard Collector
Keyboard Guardian
Keyboard Logger
Keyboard Monitor
KeyKey
KeySpy
Keystroke Monitor 2.0
Klez Worm
ksLogger
LinkReplacer
Lirva
Lithium
LoadFonts
Look2Me
Magicon
MAILSENDER
MarketScore
Masterbar
MasterDialer
MateWatcher Pro
Memory Meter
Mendware
Messenger Spam
Mind-Control
MindControl
Minibug
Mirar
ModemSpy
MoM
MoneyTree
Mostrar Dialer
MPGcom
Musqkito Marketing
My Little Spy
MyDoom
MySearch
n-Case
NavExcel
Net Devil
Net900
NETObserve
NetPal
NetSpy
NetTrack & Spy
NetVizor
NetworkEssentials
New.Net
NewtonKnows
Noptify
NowBox
OnFlow
Online Recorder
Online-Dialer
Optix
P2P Networking
PAL Keylogger Pro
PAL PC Spy
PasTmon
PC Activity Monitor
PC Activity Monitor Net
PC Bloodhound Professional
PC Spy
PC-Parent
Perfect Keylogger
Permedia Ads
Pest
PluginAccess
Portal of Doom
Power Key Logger
PowerStrip
Probot
Proces Logger
Proclaim Dialers
PRW
Purityscan
PWD Trojan
Quickflicks
RadMin
RapidBlaster
Real Spy Monitor
Realbar
Realphx
Realtime-Spy
RedHand
Remote Control Pc 2000
remote password stealer
ReWind
Safenet
SafeSearch
SafeSurfing
Save Keys
SaveNow
SC-Keylog
SCBar
Seach Assistant
SearchAndBrowse
SearchBarCash
Searchex
SearchExplorer
SearchitBar
SearchSquire
SecondPower
SentryCam
ShopAtHomeSelect
ShopNav
Show Bar
Silent Spy
Slammer worm
SmartBrowser
Snape
Snapshot Spy
Spector
SpotOn
Spy Guardian Pro
SpyAgent
SpyAnytime PC Spy
SpyAnywhere
spyAOL
SpyAssault
Spyblast
SpyBuddy
SpyCapture
SpyGraphica Professional
SpyRex
SpyTech Shadow
Spywarenuker
SSKC
Starcross
StarDialer
STARR
Stealth Activity Reporter
Stealth Keyboard Interceptor
Stealth Keyboard Logger
Stealth Redirector
Stop Popup Ads Now
StripPlayer
Sub Seven
SubSearch
SuperBar
Surf Control
Surf Spy
Surfairy
SurferBar
Surfmonkey
Sys Detective +
Syscpy
SysMon
System Spy
System Supervisor
SystemVXD Dialer
Tdak Searchbar
Tellafriend
TGDC
The Snake Trojan
TIBS
Tiny Keylogger
TinyBar
ToolbarCC
TOPicks
Total Monitor
TradeExit
Tranzhva
TSCash
TV Media Display
Twain-Tech
TypO
UCmore
UCSearch
Ultrasoft Key Interceptor
Unknown Dialers
Virtual Bouncer
VLoading
VX2.cc
W32.Hawawi.Worm
W97M_SPY.A
Wazam
Weaddon.dll
Web Behavior
WebHancer
WebMail Spy
Websense
Whazit
WildTangent
Win Key Genie
Win-Spy
Windows Remote
Windows Spy
WinGuardian
Winpup
WinRecon
Winshow
WinSpy
Winvestigator
WinWhatWhere
WNAD
Wonderland
WurldMedia
X-Diver
X-Driver
XDialer
XLoader
XLog
XPCSpy
Xupiter
XXXDial
xxxtoolbar
ZipClix
To find out what they do and how to remove them please visit http://www.spywareguide.com and click the option on the left "List of spyware".
If you know of any spyware or trojans that need to be added to this list, please PM me and I will add them.
How To Take A Screen Shot (SS)?
- Click the Print Screen key on your keyboard (you'll think it didn't do anything, but that copies the screen), open Word or a graphic program, click on paste and save.
How do I move it from one place to another?
- You must place this image on server and then link to it to the place you want to display it.
How to get a screenshot of only the webpage and not the whole screen ( toolbar, taskbars, etc )
-All you have to do is hold alt and hit Print Screen. This will take a screenshot of just the active window. Active window means the one you last opened from the toolbar. Then just paste it on Paint or a graphic program and save.
- You can also use a free screen-shot program...without ADs...
Go to Google and search:
Gadwin PrintScreen v. 2.6
It's a good program that allows you to choose whether you want to take a shot of the whole page / or just the current window.
- Click the Print Screen key on your keyboard (you'll think it didn't do anything, but that copies the screen), open Word or a graphic program, click on paste and save.
How do I move it from one place to another?
- You must place this image on server and then link to it to the place you want to display it.
How to get a screenshot of only the webpage and not the whole screen ( toolbar, taskbars, etc )
-All you have to do is hold alt and hit Print Screen. This will take a screenshot of just the active window. Active window means the one you last opened from the toolbar. Then just paste it on Paint or a graphic program and save.
- You can also use a free screen-shot program...without ADs...
Go to Google and search:
Gadwin PrintScreen v. 2.6
It's a good program that allows you to choose whether you want to take a shot of the whole page / or just the current window.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.