Hoaxes and Scareware
you look at the adverts, please come back by clicking
the back arrow at the top
This page may help you avoid (or clear)
those nasty destructive programs.
See also Here for Basic
There may be times when your
installed anti virus software is unable
to clear a virus and you need to tackle it even before Windows has
A number of companies provide free software that is capable
your machine and cleaning it. Microsoft uses a 'bootable
program'. Defender is like Security Essentials. See
Other 'portable' anti virus software comes from Sophos, Spybot
Destroy, AVG Rescue CD, Avira Rescue System, F-Secure Rescue CD and
A little known program from
check your machine for viruses. See https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
Helpful Guru Bob Rankin has just updated
his recommendations on free and paid AV programs
Leo Notenboom also has an excellent article about
removing PUPs (Potentially Unwanted Prograns) at https://askleo.com/remove-pups/
I use Avast Free. So does Bob Rankin. Avast
- a summary by him. But you have to be prepared to be pestered daily to
upgrade to the pro version. This applies to most other anti virus
software. After all there are riches to be found from this
My own version of this advice is in a
These days we would be very fortunate if we have never been affected by
Malware, or Adware. They can take various forms but are usually about
making money for the person spreading the software. We might have been
downloading a reputable program but inadvertently clicked on something
want. We find that our searches are being sent to somewhere THEY want
you to go,
or they may promise to check your computer for viruses or because it is
Chances are they will find dozens of things wrong, then
suggest you pay for more software to get rid of the problems.
Don't go down
Immediately set about clearing THEIR software.
There are a number of tools to help with this in addition to
your anti-virus software
(which didn't stop the intrusion)
I always have the free versions of the following reputable programs in
readiness for such an event. If you wish to get them go to the links
here, rather than browsing for the programs. To be on the
it is a good thing to have a working Restore point before scanning with
Of course EVERYONE is in the business to make money. The free
ones usually do a reasonable job but increasingly, these days, it will
be suggested that you buy their 'Pro' version that does even more.
The choice is up to you.
to get to the setup, called MBAM.
to get Ccleaner. It clears rubbish but also has an uninstaller and a
to get Adwcleaner. This is a powerful tool which will remove most nasty
intrusions that others miss.
4. I actually pay for the basic version of Iobit Malware, which keeps
improving the way it checks the PC. I have just installed the
update which revealed a text file which showed some of the
What's new in IObit Malware Fighter 5:
+ Optimized IObit Anti-malware Engine - Scan much faster with lower
resource usage. Detect and remove more threats thoroughly for higher
+ New Anti-Ransomware Engine - Protect your important files from
malicious attacks and illegal access by third-party programs.
+ New Download Protection - Scan your downloaded files to keep your PC
away from the malicious files.
+ New Camera Guard - Protect your camera from unauthorized use and
prevent malicious programs from spying on your privacy.
+ Enhanced Scan - Strengthen the scan for Rootkit to protect your PC in
+ Optimized Surfing Protection and added Ads Removal - Protect your
browser from various online threats and remove more annoying ads for
safer and smoother surfing experience.
+ Optimized Plugin / Toolbar Cleaner - Monitor the activities of
Plugins / Toolbars in real-time for safer and cleaner PC.
+ Optimized Update Process - Update database and product version more
timely, stably and conveniently.
+ Brand New UI - Support high DPI displays & high resolution
screens for better experience.
+ Larger Database - Support removing more latest stubborn malware and
+ Better Compatibility - Enjoy full-round protection on latest Windows
One thing I am not
so keen on is the constant nags to install even better versions of
their various tools !
5. As a final check, if I think something is amiss I run the program
Superantispyware. There is a free version of this, too.
I do not have any of these programs loaded at startup but do have
shortcuts on the desktop to them, in case I need them.
I also quite like the Iobit uninstaller (http://www.iobit.com/en/advanceduninstaller.php
) as it clears things from the register that are often left behind by
One program that is spending a lot on publicity lately is Scanguard
A number of reputable writers say to stay clear of that one.
If you have had a number of friends say they have had unusual emails
from you, usually
trying to advertise something.
Chances are that your email address has been hacked,
It would certainly be a good idea to change your password.
your email is rejecting your password even though you are certain you
entered it right ? First, make sure that you don't have your
caps lock on ! Passwords are case sensitive. But if you really can't
i is as well to get through to your email program provider and report
it, as it is possible someone has changed it so THEY can get into it.
That could be more serious.
Anti Virus Programs
It pays to shop
around as many are offering discounts
Of course one must also have an anti virus program.There are several
free ones, usually with paid versions offering more protection. Most
offer a free trial.
Most anti virus programs are now written to work with Windows, Apple
Windows, the minimum should be what was called Microsoft Security
Essentials (or what is also called Windows Defender)
It is free and there is no paid version or Apple or Android
It is updated daily via the Windows Update system.
There are many other anti-virus programs vying for the top spot. Most
have free versions and free trials but usually also have paid for
which offer a wider range of protection.
If you cannot tackle the virus problems yourself.the Which report said
Carphone Warehouse did the best job and charged only £25 on
Pcworld charged an average of £95 and missed more. When it
which AV software that tested well they favoured Bullguard and
Microsoft Essentials (free). Personally I have been more impressed with
recently, although it bothers you to upgrade. The Comprehensive version
is £39 and the Premier one is £49. A little less if
you buy 2 or 3 year packages.
Despite all my efforts I managed to pick up a bothersome program which kept on interupting my even flow: I got a browser
hijacker on not just one but two of my PCs ! Next thing I knew my
Google Chrome was looking down the barrel of something call 'Roll
around'. The effect is that whatever site you browse to you see Roll
around adverts. And, worse than that it can lead you to sites that you
would prefer not to visit, some of which are reputed to do even worse
things to your computer.
found and uninstalled the program, then ran that
old favourite, Malwarebytes, which reported a few cases of Roll around,
which I quarantined. I even deleted the words from my registers. But
the adverts continued to appear alongside the contents of the pages I
had browsed for. I expected to find additional add-ons in the Settings
of my Google browser but there were none. I was beginning to run out of
ideas, so restored to a week before and that appears to have fixed it.
So, how did I contract this persistent infection ?
use a Microsoft program to string together
videos and pictures in a format that will play on the family DVD player
(via TV). Unfortunately, the videos I was using were from a camera and
were in the MP4 format. And that is one format that the program cannot
accept. So, my error was to download a free converter, so I could make
the, all into WMV (Windows Video) format. Such free programs are
notorious for including a 'payload' of that kind. And it did.
moral of this tale is to be careful what you download; and use Restore
as soon as you find that your browser is leading you astray.
This sort of thing is becoming all too common and they are becoming ever more difficult to rectify.
have been frequesnt leaks of data including passwords and much more
besides People are frequently advised to change their passwords.
Certainly businesses and
who do on line banking or buy stuff should consider making a
company that provides and on-line password vault called
is enabling people
to check whether the sites they use have been
are three versions of their
Free to Enterprise.. 2017. Even Lastpass has now been hacked.
are advised to open the program directly, rather than any other method
(such as an add on to your browser), to avoid problems. See a report HERE
If you are suspicious about a
file and think it might contain
a virus you can forward it to
a thorough report
But to see what the UK government suggests see https://www.cyberaware.gov.uk/
As good geek Leo says ,
new computer because you
virus. Viruses, however sophisticated, are only software.
ware is still intact. It may be old and slow (and that is
to get a new machine) See
By the end of 2015 the Cryptolocker
cracked. But other versions of Ransomeware have appeared, such as
Wannacry and Petya (June 17) . If you wish to read the full
story of Petya please click
on the Sophos site HERE
Sophos also offers a free anti virus software (but insists that
you get rid of all your current anti malware programs)
And Sophos offers a free malware clearances tool which can be
downloaded from HERE
This has become the biggest money spinner on line. Malware infects your
PC (if you downloaded the
It then encrypts the data (such
as documents and spreadsheets)
and when you try to open them you get a demand for a large sum of money
get the key to open them. A company might be totally
dependent on these
and there is NOTHING anyone can do to break the encryption. If you have
up the files to somewhere outside the machine (another machine, an
hard disk, a flash device or something like Dropbox, you may be able
restore them. But otherwise you are in a fix.
The average price is $300.
Malware is becoming common and sophisticated. A contact
got something by clicking on a link in an email from a friend.
had been sent to her by one of their friends (who should have known
She found that Internet Explorer was not usable. Restore did
She managed to use Firefox to download fresh copies of AVG, Ccleaner
Malwarebytes (free). These appeared to clear many items but
continued. She finally ran Superantispyware twice and finally cleared
last bug. I advised to delete all previous restore points,
have contained the infection. But it was a long job and she was
Imagine trying to instruct a newbie to do all this via email.
are weighted in the scammer's favour.
PEOPLE CONTINUE TO
Check your accounts, change your passwords and even
It is imperative
that your computer is made
See Help8 for
more details about Microsoft's
If you come across
a scam/fraud, get as much
as you can
I have just removed
the most difficult virus
tackled (in a friend's computer). It
was from antivira. The instructions are at
There are several steps to take, so print and follow the instructions
In particular not that when disabling it with the program
Rkill I found
it necessary to click on it several times, ignoring the warnings the
continued to send. The reason that I consider it to be the most
is that it disabled Safe Mode, stopped every EXE file from running and
prevented boot of the XP disk from the drive, thus preventing an XP
The program constantly amends Internet Explorer so that it only visits
proxy site (and this must be altered (see the notes on the site above)
it didn't affect access to the net by Firefox. The total time
this virus was around four hours ! Alternative methods for
can be found at
What is Trusteer
Rapport and do I
need it ? Trusteer is a company which specialises in software
banks (and you) from fraud. Many banks in the UK and USA
this software and it is even possible that it will have arrived on your
just because you have done on-line banking. Rapport produces regular
which may popup on your bottom line stating how many times it has
accesses to your PC which might compromise it. Although I
look at these
reports I fail to understand what they are preventing and am even
by the report that the listing does not mean that your machine is
The software is trying to prevent accesses which might enable a crook
copy your bank details and password.
is introduced to users
by a screen that looks like a normal browser warning (IE,
etc) and even mimics Windows Security Essentials warning screen. It
that you download a program called Win7 AV to clear the viruses but, in
infects you further. Watch out for this clever one.
A friend who had a virus infection writes
"After cleaning my PC with AVG and Spybot, I also cleaned it with
Terminator, Superantispyware and Malwarebytes (as you recommended) and
that order. Surprisingly Malwarebytes discovered
what the others didn't.
This illustrstrates that depending on a single virus remover,
one as popular as AVG, is not wise.
Like many people, I
get phone calls saying
This is a scam, originating from call centres in India but
by people in the UK. They try to convince you that you have a virus by
that you look at certain files. They then suggest to the gullible that
pay £90 to download a program (which is actually free) to
virus. Once hey have your card details they are home and dry
There is NO REASON
these days to be without
is the Microsoft centre for research into Malware. It gives great
on new threats and methods of removal. Microsoft Adware
Removal Tool is
incorporated in later Microsoft programs but is still on the net.
Windows Defender, formerly known as Microsoft
AntiSpyware, is a software
product from Microsoft to prevent, remove and quarantine spyware in
Windows. It is included and enabled by default in Windows Vista and
7, and is available as a free download for Windows XP and Windows
Microsoft Security Essentials provides basic
protection for your
home PC that guards against viruses, spyware, and other malicious
It is a free download from Microsoft that is simple to install, easy to
and always kept up to date so you can be assured your PC is protected
the latest technology. It is easy to tell if your PC is secure. When
is green, your computer is OK If it is orange you need to
and follow the instructions. It runs quietly and efficiently in the
so that you are free to use your Windows-based PC the way you want
interruptions or long computer wait times. See
Microsoft SpyNet is the network of Windows Defender
Security Essentials users that help determine which programs are
as spyware. The signatures created for any submitted programs by the
of the product are available to all users, displayed as a bar graph
shows the percentage of people who have allowed, blocked, or removed an
This method of spyware classification allows rare, unknown, or new
to be categorized as most people choose to send their data.
A good article
discussing the merits of
Security is at
It concludes that you don't need anything else and that includes the
own firewall (Advanced mode)
good is Microsoft Security Essentials
? Can I get rid of my other anti virus /anti adware programs
Bob Rankin's write up at
If you installed Microsoft Windows
Defender on your PC it will be automatically turned off when you
install Security Essentials.
you might as well delete it
is a Firewall ?
complete description of this essential
security element see
Most people know that Windows has its own
is not completely effective (doesn't check outgoing calls) and it is
to add another such as Comodo
free firewall is Zone Alarm from
Zonelabs. Lately I have found that their newest version has selectively
problems with (1) NTL e-mail collection (2) Avast anti virus updates
(3) Google Earth. So I gave it the heave-ho and used Sygate
for a while.
But I found that Sygate was letting everything through and I
to Zone Alarm.
firewall.... and you SHOULD have...
do you know whether it actually stops your computer
internet without your permission. There is a small program
that will check this. But your firewall may be doing this
check. Certainly Zone Alarm does. So, if you use Leaktest,
result is that your firewall should BLOCK it when
it tries to access
about time all ISP's woke up to their
responsibility to protect their customers from
malware. A friend
has been seriously
inconvenienced in this respect and, after getting a second new
in under a year, this one has become infected with a Trojan, probably
a result of being inundated with popups shortly after he got on the
His Norton has said there is no problem but there clearly is
is now completely off the air. It really is not fair of Tiscali to let
down like this and it is costing him dear in cash and worry.
is no good reason why an ISP should let through 1) viruses 2) Spyware
Popups 4) Spam. Mine doesn't and there is no excuse.
I suggest that anyone who is bothered by these things despite heeding
the warnings and installing all the requisite protection they should CHANGE
alternatives to AVG
are Antivir, and Avast!
At one stage the US Government suggested we don't use Internet Explorer
to browse the net as it was so full of holes! Alternatives are Opera
the latest favourite Firefox, free from Mozilla. See the link
top of the page on Web surfing.
It is the one I use
in preference to Internet Explorer. Unfortunately even these Browsers
found that people are getting infected
by simply clicking on a website or clicking on a message which has
on their screen. It says click here to do ...(various
Whether you click Yes or No you still get infected.
would be to go off line immediately, even if you have to pull the plug
of the wall or the modem. Keeping your PC clean of viruses is
not only for you but for the rest of the Internet system. Your
may be among those being hijacked to send the emails and spam! Such
are termed 'zombies'. As well as proliferating the problems the method
used to prevent the rogues being traced. .
It is now possible for any idiot hacker to get hold of
"Phishing" software, which
will 'spoof' you bank's
heading and lead you to click on a link aimed at getting your account
So, think before your click links in email messages, even if
messages are from friends, family or companies. This is especially true
links in email messages from Amazon, AOL, eBay, PayPal, your bank, your
card company, or any other company you normally do business with. If
web site, financial company, or commercial entity sends you an email
you to click on a hyperlink in that email to update your account
DO NOT CLICK ON THAT LINK. This only applies to hyperlinks in email
and web pages, not addresses you manually key in to your browser's
bar. So,to be really safe, if you need to access your account
at Amazon, AOL, eBay, PayPal, your bank or financial institution, your
card company etc and manually enter the address.
available to view and hear you
through your webcam, so be sure you are properly dressed !
(1) NEVER download an attachment to an e-mail (even
from a know address)
if you are unsure what it is. Infected attachments most commonly end in
Scr, Exe, Com and lately may be Zip(ped- compressed versions )of these
(2) Keep your email and web browser programs up-to-date; get the latest
from Microsoft from
(3) Get and keep up-to-date an anti virus program.
(4) Install a Firewall program.
(5) Occasionally run an up-to-date anti Spyware program.
(6) If an e-mail says "Pass this warning on", don't bother, it will be
(7) If you are suddenly invited to 'click here', win cash or take an IQ
don't. Go off line and get back on again.
See below for free
programs that can help.
(8) If you use music file sharing software, expect to get virus
(9) If you get a spam email then DO NOT CLICK ON ANY LINK in it, even
which say you can unsubscribe with it. It is possible that
will lead to a website which will send you a VIRUS ! This is
know how to avoid viruses look
at the following page
is also the home of the Housecall free virus checker.
for virus information is
And PLEASE check with
them that the scary message you are forwarding is not a hoax.
Many of them are, (see
list below). You can also check
for hoaxes on www.vmyths.com.
explanation is at
to do if you get a virus
if you have an anti virus program you
should do a full scan. However, no anti virus software is
effective and many are out of date, so you should also run another anti
program from the net e.g.
request about a problem that I suspect
is a virus I immediately search the Internet for the main word e.g.
or "Bagle". Inevitably I am led to helpful 'Forums' or Anti virus
that are having to deal with similar problems. If you get problems,
as regular unwanted pop-ups I suggest that you do a search of the
in this way and look for links to sites that appear to be dealing with
problem. You may find a simple cleaner : There are a number of small
that will clear groups of viruses and there are also tools issued by
virus companies to clear specific viruses: see their sites e.g.
For Bugbear get a fix from
For a tiny virus cleaner for Bagle, Bugbear, Netsky, Sasser,
Zafi, download the remover vcleaner.exe from
Avast also do an
effective free anti virus program.
Network Associates (Mcafee) provide another excellent 750k
(Stinger) which will
check your machine for 30 recent
viruses. Download it from
Windows ME and XP users, when clearing viruses,
should temporarily turn off Restore (go Start, Help, and
Turn off system restore). If you do not do this you
are in danger
of re-infection and your anti virus software will also continue to
an infection. Turning it off (see XP Help) will clear all previous
points, so make sure you restore RESTORE after you
have cleaned up.
problems are caused by, not one
but, a number of 'foreign' files in the computer and one technique to
rid of these things invariably involves downloading a program called
When run on your
computer this program shows a list of the programs (good and bad) that
running in the background so a forum expert can advise which are the
ones and how to get rid of them. They usually also advise the running
the latest versions of programs such as Ad-aware and Spybot and
virus checkers such as the one offered by Housecall (see above). But
Hijackthis log will mean very little to the average computer user and
to be analysed by an expert.
Dialers or Dialers.
Recently I have been
called on to disable a number of these programs. It is difficult to
how they arrive on people's computers but they can have rather
results. One of them constantly contacted a pornography site and others
been know to dial very expensive premium numbers without the knowledge
the person using the computer. In two cases the person had responded to
pop-up, which had invited them to take an IQ test. This connected them
a premium number which remained connected even after the test was
Dialers can cost a great deal of money in phone bills and this is not
until your next bill arrives. I have heard that the
IQ test person,
Neils Jalbo in Denmark, is STILL doing it and
has recently ripped
off one person for £60. Rogue dialers cannot affect people on
friend got a
virus as a result of downloading
an attachment to a very official
looking email purporting to
be an update from Microsoft.
So watch out
! Microsoft NEVER send out updates. You either
have to go and beg
for them or your machine may be scheduled to automatically update. The
of the virus were an error message about memory problems and a disabled
virus program (which prompted the memory error at Startup). This was
by over 90 emails, mainly bounced from non existent addresses and a few
told him he had the virus (Worm Swen A). I cleaned
it by downloading
then installed an up to date anti virus program and did a second
is a common worm (virus)
It doesn't affect Windows 95, 98 or ME but can hit Windows XP.
not received via email but through a weakness in XP's armour. You are
to get it if you have a Firewall active or if you
the latest XP patches. It is not destructive in that it does
files but may cause your machine to 'boot' over and over again, which
it difficult to remove. In order to remove this virus please search
PC for msblast.exe (usually found in system32
folder) Delete it. Then
Click Start and select Run, Type msconfig & click OK. Select
tab. Disable msblast. Reboot machine and enable your firewall
anti-virus software. As an added precaution, perform the next 2 steps:
Client for Microsoft Networks ; Disable File and Printer Sharing. Once
have done the above, get a Patch from an Anti Virus program supplier
If you are unable to get on-line, then the file is small
enough to download
from another PC on to a floppy disc, to install on your PC at a later
Adware : Uses a similar technique to Spyware but is
usually a market research tool. May result in popup adverts.
Virus : The generally used term for malicious
programs which infect computers.
Zombie : A PC that has been infected with a program
that enables a hacker to distribute Malware (or Spam) without
: The name given to the thousands of PCs infected by Trojans
and turned into Zombies without their owner's knowledge
or Dialers are programs which dial premium numbers
from your computer without your knowledge.
logger : A program which makes a record of
what you type. This is then accessed by someone who can find
things like your banking password or other confidential information
such as a Visa Number. Particularly dangerous and obnoxious
The generic term for all viruses and harmful spyware
Phishing : Emails which appear to be from a bank and
asking you to confirm your account number and password
: Unsolicited advertising.
Spoofing This is where a link on a site is not what
appears to be but leads you to a different site.
Spyware : Programs or 'Cookies' which send
information back to
the 'owner' regarding your surfing habits. Often used for
Trojans : A dangerous program masquerading as
and which allows the perpetrator to remotely control or view your
computer, usually sending out spam, viruses or phishing mail
Worms : Viruses which arrive mainly as email
use your email contacts to spread the infection to others.
They do not require action on your part to replicate. They
may be harmless but can rapidly overwhelm an office network.
which may show up on your
computer is Clickme. This shows as an icon on your desktop
clicked, moves to a different place. Not damaging but very annoying and
to remove as, like many of these programs, it is working in the
and you cannot remove a file which is in use. It is
to start your machine in "Safe
Mode" in order
to do anything about it.
macro vulnerabilities discovered
! What's new about that ? ! Microsoft is encouraging users
Office suite to download patches that will fix a problem discovered in
Word and Excel. Affected Windows versions include: Excel and Word 2000
2002, Microsoft Office XP. Get the details and patches from
me to speed up his Word
program, which had slowed suddenly. Printing took
for ever. I
didn't suspect a virus as he had PCCillin and Norton on the machine.
they were out of date and a virus is what it turned out to be.
thought that a virus would just affect one program but it did.
: To prevent
accidental re-infection with a virus you should delete infected mail
your Inbox and your Deleted folder. I
suggest the following
method. First make sure that your e-mail Display Panel is OFF. Then
click and Delete all suspected emails (with attachments).
you have cleared a virus always restart
your computer because it is very likely to still be in
Almost as bad as viruses and Spam for blocking
up the system are hoaxes. They almost all have dire warnings
you to pass the message on to everyone you know.
site which lists Internet hoaxes and myths is
They are pleased to receive any hoaxes so that
they can track
the occurrence of these. You should forward them to
don't delete the file Jdbgmgr.exe, even
if some e-mail tells you to. It
HOAX. The file relates to Windows Java Debug
it is quite normal for the file to show a small
teddy bear icon by
the side of it. If you have already deleted the file you can get it
by going to the Microsoft knowledgebase article Q322993 for
how to restore your system:
your PC wont collapse if you don't. HOWEVER,
receive an email with an attachment called
should not (of course) download it
and run it because some
crafty soul has confused the whole issue by using it to disguise a
! On my XP machine the file Properties shows the genuine one
dated May 2002 and is 15,120 bytes, though hovering over the file says
is the Sulfnbk.exe
note that your computer SHOULD have the program Sulfnbk.exe, which is a
File name utility (it stands for Set Up Long File Name Backup)
you should NOT remove it. But, no more panic notes about it
circulating these (and blocking up the web)
please check with www.snopes.com.
may be real threats. Most are not.
Anti perspirants cause breast cancer.
suggestion that coughing could help in case of a heart attack.
your ATM calls the police (new Dec 06)
Torch burns your hard disk
an offer of a holiday and finish up with a huge bill.
Sulfnbk below. Asks you to delete a normal file which, of course, you
find because it is a correct file !
trick prevents spam
Certificate Gift Certificate hoax
Tracking System hoax
urges you to look for and delete the perfectly innocent Microsoft
program called Sulfnbk.exe. Naturally you find it and think you are
infected. You are NOT ! Sulfnbk.exe is a normal (but rather
Flower For You
Certificate chain letter
to Give a
Service). This WAS a scam but has been closed down
memory module Flash Drive) to push into a USB socket. Upwards
additional hard drive - internal or external (via USB)
Writers built into most PCs
more if it is dual layer) Re-writeable DVD Disks from 30p.>See
compressed backup of your hard disk use Norton Ghost. This is a utility
for fast and safe system upgrading, backup, and recovery.
Site Navigation Links :- Please click