Online Security

A lot of users believe that trojans are the same as viruses. It isn’t true. In contrast to them trojans don’t break operating system and format hard drives. They seem to be peaceful. But it also isn’t true. The sphere of their interests is private information theft. Trojan application usually consists of client application and server. Server part is usually situated on the user computer and client application on the side of owner who created or modified this trojan. The connection between this two parts is realized through some open port. Usually they use TCP/IP protocol but some of them also use ICMP, UDP and other. Trojans are mask and often look like harmless files with such extensions as GIF, HTM and etc. There are some kinds of trojans:

Spy applications (example: Mail Sender)
Remote control applications (example: BackDoor)
Keyloggers
DDos attack emulators
Dialers
Downloaders
Proxy servers
Destructive trojan applications (example: FlashKiller)

In the near future we will describe them in detail.

Computer can not be infected by viruses if user doesn’t open any files or emails.
Some years ago it was true. But today some viruses use more than one method of attack. They find the joint in the armour of different software such as Windows and Internet Explorer. Such viruses find new victims in the global network on their own.

To protect your computer the only thing you need is to install antivirus software.
To detect new viruses your antivirus software has to have their signatures. So you need to update it routinely. But this fact doesn’t guarantee perfect security. To reduce threat you have to install firewall and special software to detect spy applications.

Emails from well known addressee are safe.
It is not truth! The most of email viruses use address books of their victims.

I don’t keep my private information on my computer so it isn’t of interest of spy applications.
The most of spy applications collect not only private information (such as passwords and credit card numbers) but information about users’ actions. All sites you visit and all clicks are registered. This information can be used for different purposes for example context ads. Such applications use system sources and slow down computer performance.

Even the most advanced scanners don’t guarantee that your computer is protected from spy applications so many computers are infected. Such situation can cause troublesome consequences. But some of these applications can be removed without assistance antivirus software.

Here is the list of widespread spy applications which have to be deleted. Some of them have even setup application and can be removed by means Add and Remove Programs menu of Control Panel. From example you detected mwsoemon.exe in the list of current processes. So you can find smth like MyWebSearch Toolbar in the list of installed software and use uninstall button. If there is no such application in this list you can use special software like HijackThis!

This is the list of some spy applications and corresponding processes.

Closing of one of these processes can cause Windows shout down or system instability.

System Idle Process
explorer.exe
taskmgr.exe
spoolsv.exe
lsass.exe
csrss.exe
smss.exe
winlogon.exe
svchost.exe – usually more than one
services.exe

If you stopped any other process Windows would work properly.