trojan

Once again, criminal hackers are targeting a worldwide event to deposit their malicious software on victims' PCs, according to one security vendor.

Within the last six months, MessageLabs has found at least 13 new Trojan horse programs associated with e-mails bearing subjects such as "The Beijing 2008 Torch Relay" and "National Olympic Committee and Ticket Sales Agents."

The problem is, according to a MessageLabs representative, that the hackers' e-mail messages employ an embedded Microsoft Office database file within the zipped attachment. Microsoft said in a recent security advisory that customers not running Windows Vista or Windows … Read more

Editor's note: This article was updated on February 21, 2008. The original was published on February 28, 2007.

Like its mythical namesake (dramatized in Lego), whatever crawls out of a digital Trojan horse will be a nasty surprise. A Trojan horse usually takes the form of an innocuous software program that unleashes a flood of malware or viruses after it's installed and run. Since attacks and ease of removal vary--an ad generator is easier to remove than a stealth rootkit--there's no one-size-fits-all solution. However, there are some common spyware removal techniques that can help you pick your way through the wreckage.

Reboot Windows in Safe Mode

What is Safe Mode? Safe Mode is a diet version of the Standard Mode of Windows that your computer ordinarily runs. Rebooting in Safe Mode loads minimal programs and disables most device drivers that manage hardware like CD drives and printers. The result is a more stable iteration of the Windows operating system that's better suited for disabling malware while you perform a system scan.

How do you use it? If you can, follow the necessary steps for a safe shutdown process and then reboot. When you restart Windows, as the screen begins to load, press F8 repeatedly until the Windows booting options appear. Select "Boot in Safe Mode" from the menu of options. Once in Safe Mode, you should be able to run your installed antispyware software with less interference from the malicious software that the Trojan brought onto your system.

System Restore

What is System Restore? System Restore strings out a safety net if everything goes kaput. Under default Window settings, System Restore saves a snapshot of your computer configuration once a day and on major upgrades that can be used to replace corrupted files. In the event of a Trojan attack, System Restore can revert Windows to a previous, uninfected state. It won't restore everything, like changes to your user profile, but it does reinstate biggies like your Registry and DLL cache.

When do you use it? When purging your computer of spyware, System Restore has an optimal time and place. You wouldn't want your computer including corrupted files as the reference point of the day, so it's important to disable System Restore before you start cleaning. You can reactivate it once your system is spick-and-span.

How do you use it? The paths for accessing System Restore differ by operating system. In Windows XP, disable System Restore by right-clicking My Computer and selecting Properties. Under the Performance tab, select File System, then the Troubleshooting tab, and finally check Disable System Restore. You'll be prompted to reboot. Follow these steps to uncheck the box before restoring your system.

To use System Restore after scrubbing your computer, choose Accessories from the program list in the Start menu. You'll find System Restore under System Tools.

This comprehensive article from TechRepublic demonstrates how to create and use System Restore in Windows Vista.

Scan with antivirus/antispyware apps Downloading diagnostic and removal tools with an infected computer is a huge time sink--spyware can cripple your speed and Internet access. The Trojan's payload could prevent EXE files from downloading or launching. Also, malware can affect the performance of installed security software on your PC. If you store your antivirus/antispyware programs on a CD or flash drive, however, those malware-busting apps can commence their swashbuckling unhindered.… Read more

Update 11:45 a.m. PST: This blog incorrectly described part of what the link downloads. It downloads a Trojan horse. The link does not take viewers to a video.

Moving beyond Valentine's Day as a social-engineering theme, online criminals have started sending out e-mail with a supposed link to a recent interview with Sen. Hillary Clinton. Instead of a video, the link downloads a Trojan horse onto the viewer's computer. Security experts predict 2008 presidential election e-mails and phishing sites will continue throughout the year.

On Thursday in Symantec blog, researcher Kelly Conley writes that the e-mail … Read more

Published by William; Sydney, Australia

In our house, we used to share a computer. I had Spybot - Search & Destroy and Norton Antivirus installed on it, and I became the scanning boss since my parents barely knew how to click a mouse. After about a year, I discovered "DriveCleaner" in the program manager window. I tried uninstalling it, got an error, then saw the progress bar roll backward fairly fast. At least these malware people have a sense of humor.

But then: My computer was exceedingly slow and gave me constant pop-up problems. Stress session. I tried … Read more

Early adopters are an impatient lot, especially Apple boys and girls. With Macworld looming Tuesday (a 3G/GPS iPhone? I will so be in line to get one if or when it comes out) and with reports of impatient iPhoners being hit with a Trojan masked as "leaked" 1.1.3 firmware, you can see that the line between enthusiasm and caution can be thrown to the wind.

While there don't seem to be any lasting or major effects from 1.1.3 Trojan, it made me wonder, when the iPhone is finally opened up for "… Read more

Seen more as a prank than an actual threat, a Trojan horse for the Apple iPhone, first reported on Saturday, has already come and gone. Still, users should be on the look out for a package called "iPhone firmware 1.1.3 prep," described as something you need to install before updating to the new 1.1.3 firmware. Billed as an "important system update," the code does little more than cause annoyance. According to various sources, once the Trojan is installed it simply displays the word "shoes."

However, the Trojan also overwrites several … Read more

Julio knows enough about spyware to recognize it when he sees it. And he does. An afternoon of setting up his friend's wireless home network gets detoured as Julio pulls out every trick he remembers to rid his friend's PC of the offending adware.

However, splintering the Trojan is only half the battle. The other half resides in wireless network security. Will Julio remember all the tricks of making home networks secure?

Read up on it in this week's Spyware Horror Story.

>>See all Spyware Horror Stories