Introduction

Hackers and crackers, malware writers, and cyber-criminals have a variety of motives for installing malicious software using various methods and techniques to spread their malicious programs: Who Writes Malicious Programs and Why?

Rogue security programs are one of the most common sources of malware infection and scams across the Internet. They infect machines by using social engineering and other common scams to trick a user into spending money on a security program, which claims to remove malware. but actually does the opposite. These infections are responsible for launching unwanted pop ups, advertising for rogue antispyware programs, and downloading more malicious software.

Many variants typically use fake warning messages and alerts on the Internet to indicate that your computer is infected with spyware or has critical errors, which is a scare tactic to trick you into downloading a malicious security application to fix it. The alerts can mimic system messages so they appear as if they are generated by the Windows Operating System.

The problem with these types of infections is that they can download other malicious software so the extent of the infection can vary, which make it more difficult to remove.

Relevant links for rogue programs:

• Anatomy of a malware scam
  
• How does rogue security software get on my computer?
  
• How to Tell If That Pop-Up Window Is Offering You a Rogue Anti-Malware Product
  

Infections are spread by using peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer more in danger of malware, remote attacks, exposure of personal information, and identity theft. Malicious software such as: worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks. Infections also spread through gaming, porn and underground sites. Users visiting such pages may see cool-looking banner ads containing code that can trigger a drive-by download and infection. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Infection can also spread through emails containing links to websites that exploit your web browser’s security holes and by exploiting a vulnerability in older versions of Sun Java Runtime Environment (Java).

Relevant links for malicious software:

• MMO Security: Are Players Getting Played?
  
• Malware Makers Target Online Games to Spread Worms
  
• Microsoft warns game developers of cyber thieves
  
• online game online trade = Trojan Spy
  
• Keygen and Crack Sites Distribute VIRUX and FakeAV
  
• University of Washington spyware study
  
• One in 10 web pages laced with malware
  
• Conficker worm's copycat Neeris spreading over IM
  
• IM attacks get nastier
  
• IM attacks up nearly 80%
  
• Malicious website evolution
  
• Malicious HTML Tags Embedded in Client Web Requests
  
• Rogue Javascript code infecting Web sites
  
• IFrame Hack (PHP Exploit)
  
• Researchers uncover tool used to infect websites, spread malware
  
• One webpage gets infected by virus every 5 seconds
  
• SQL Injection Overview
  
• Threat and Vulnerability Mitigation: SQL Injection
  
  

Prevention

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Free Antivirus

• Microsoft Security Essentials: this is Microsoft's free antivirus/antispyware program. It equips you with protection against viruses, spyware, trojans, rootkits, and worms. It is also light on the computer's performance. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.
  
• AVG Free: this is one of the most powerful, and easiest to use security software. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.
  
• Avast!: this is an advanced malware removal antivirus program. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software.
  
• Avira Antivir: this is an advanced malware removal antivirus program. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software.
  
• Rising Antivirus: this is a lightweight, and great virus destroyer. It removes tough viruses, and even rootkits and trojans get destroyed.
  

Anti-Malware

• Malwarebytes' Anti-Malware is a great malware removal program. It is recommended for anyone's arsenal. There is a paid version, which is highly recommended, but the program will work fully for free.
  

Free Firewalls

• Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  
• Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  
• PC Tools Firewall Plus: free and excellent firewall.
  
• Outpost: another free and excellent firewall.
  

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

Note: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  
• Web-of-Trust is a browser extension for Internet Explorer, Mozilla Firefox, and Google Chrome. It warns you about sites that have a bad activity score, or just plain untrustworthy. It is a free warning tool, and will keep you from going to bad sites.
  
• Disable Autorun: XP -- Vista/7.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like Noscript, can make it even more secure. Opera is another good option. Opera has great built-in security features, and is a newer browsing experience. It also "fast-loads" pages so you do not have to wait a long time for pages to load.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

Links to good prevention information:

• Simple and easy ways to keep your computer safe and secure on the Internet
  
• Microsoft Solutions for Security: The Antivirus Defense-in-Depth Guide
  
• Malware Prevention - Preventing Re-infection
  
• Your Guide To Staying Safe Online
  
• Hardening Windows Security - Part 1 & Part 2
  
• Configuring Internet Explorer for Practical Security and Privacy - How to Secure Your Web Browser
  
• Use Task Manager to close pop-up messages to safely exit malware attacks