When reports say a particular virus makes your computer vulnerable to hackers, what is viewable? I don't keep any personal info on my computer but could a hacker be able to monitor keystrokes and come up with a person's password or credit card number as it is entered on a secured site?

TIA!
EM

Depending on the Trojan, it can include a key logger, or it can leave a back door open, allowing a controller to quite literally take over your entire computer, and from that computer, the local network it is on, and any computers on that network.

In other words, the danger is not only to you, but to others; your computer can be used as a vector, much like someone with a biological virus infects others.

When reports say a particular virus makes your computer vulnerable to hackers, what is viewable? I don't keep any personal info on my computer but could a hacker be able to monitor keystrokes and come up with a person's password or credit card number as it is entered on a secured site?

TIA!
EM

In order for that to happen, it'd be via a "TSR", not a virus. A TSR (Terminate & Stay Resonant) program would have to be on your computer, that would communicate with another computer via the internet. It's possible, but not super likely.

In order for that to happen, it'd be via a "TSR", not a virus. A TSR (Terminate & Stay Resonant) program would have to be on your computer, that would communicate with another computer via the internet. It's possible, but not super likely.

There are many viruses with a Trojan payload that do that right now. It is exactly the way the Russian and Chinese zombie nets work.

It is the nature of a virus to behave as what used to be described as a TSR; the nature of modern operating systems is such that there are many so-called TSRs in the native code, running background processes all the time.

It's not only possible, it happens every day.

Yes, a keylogger, that would do what you described, is possible. Some "bugs" latch themselves into your computer, harvest the addresses in your email, and then begin sending out (e-mailing) random documents that it finds on your hard drive to people.

So, Marge from your old Girl Scout troop, or Pastor Bob from your new church, gets your grocery list from last week, or the receipt for your last online adult purchase.

cool, huh? :(

My question in response to what Williebee said, can a good anti-virus program (I use Avast) help if that happens?

My husband and I were getting emails from a good friend of ours that were strange. When the first email came through from him, it looked legit and I opened it and clicked through. It took me to a legit-looking class reunion sight that then asked for personal info. I stopped at that and closed off. Our friend then called us and said not to click through as it was a virus. I did a scan and yep, it found something right away. I can't remember if it was a worm or virus or what. But we still get strange emails from his address.

My question in response to what Williebee said, can a good anti-virus program (I use Avast) help if that happens?


It might work, or it might not, depending on the virus (etc). Many infections have parts that need to be manually removed, sadly. If possible, I always suggest a restore to an earlier point, even if the antivirus says you're clean. For some viruses, Restore doesn't even help, but that's less common. I have seen a dialer do that! And the antivirus showed clean :rant:

I think my machine is now clean. Knock on wood--no glitches, down time, nor weird melting screen (yeah, I had that once and had to reformat the hard drive).

Terminate and Stay Resident (http://library.thinkquest.org/C005965F/viralinfo/tsr.htm)

A complete antivirus scan of your hard drive should find any trojans (backdoor viruses). IF its virus database is up-to-date! IF you actively scan. It may miss some. It may miss a rootkit, which is a very sneakeriffic backdoor, but not so common.

From what I have seen, most people have trojans.

A firewall will not only keep many things from creeping into your computer, but it can keep trojans from "phoning home" and prevent outside contact with them.

E-mail that seems to be from someone you know but isn't is NOT caused by anything on your computer, and most likely not anything on their computer. E-mail is easily "spoofed" -- made to look like it comes from someone else. Spammers and scammers get hold of e-addies in many ways. Too many people post their e-mail addies openly in forums. Unscrupulous social networking sites will ask for access to your contacts. If you give them your e-mail password, you are sticking it to everyone you know.

"What Matera & The Medi said." Little techno critters are crawling the internet, looking for email addresses to send home to their "master", actually to their master's machines. No humans even need to be involved once the process starts. (Means they don't sleep.)

And sometimes? They help us infest each other:

Think of it this way, You, Bill and Marge are friends. You all have each other's email addresses in your email program (Outlook Express, Outlook, Thunderbird, etc.) and good old Bill gets the bug. The addresses in his mail program get harvested, and some machine in (pick your favorite villain country) sends everybody on his email list messages from all the other folks on his list, with some attachment that says it's from them/for them... Everyone who gets the message, who doesn't have up to date antivirus & anti malware programs, gets infected. And the process starts again.

-- NOTE: How about, for the sake of sticking to the OP, let's not let this turn into a discussion of what email client program is better/safer/ faster/whatever, please?

Bottom line? Have a good, up to date anti-virus program running on your computer. Set it for automatic updates and let it do them.

Oh, and if this is your personal machine? Go get a malware scanner, too. Something along the lines of Malwarebytes or Ad Aware. They're free for personal use. (Google is your friend.)

Hey, Modly type folks? This maybe belongs in Tech Help?

Oh, yes! Sorry. I didn't mean to imply that I thought the email problem was due to a rootkit, just that it's entirely possible for a problem to exist after running antivirus packages. But that antivirus programs do help in many cases (do a Restore, lol)...

Techie zombie here - I've seen thousands of cases from users, so I'm not great to judge rarity ;)

just that it's entirely possible for a problem to exist after running antivirus packages.

Oh yeah, the AV sweep kills the bug, and leaves destruction it created behind, kind of like termites,

or a cat.
:)

ETA: By the way -- was this already moved to Tech talk when I mentioned it?
Observant? yeah, I can SPELL it.....

You know if you have even a shadow of a doubt about email -- don't open it, don't keep it, don't click on anything.

If it's someone you know, you can email them. If it's a company you do business with, you can call them using a number that you don't get from the email.

ESL issues, spelling problems. and obvious (as in grade school obvious) sorts of spelling and grammar problems, or dates that are wacky, or overly formal or informal salutations, or email that's ostensibly from a financial institution and inclues expressions of piety are all warning signs that something's not Right. Also wacky dates, and email that does not specifically show your email address in the To field, but says something like Unidentified Recipient.

Those are all warning signs of something not being quite right.

Funny thing is, I'm aware of all that, and this particular email didn't show any signs of it being different. No red flags. Nothing. He notified us a short while later that it was a virus that got all his email addresses from his contact list.

I did close the program, restarted the computer and immediately did a virus scan. That's when I found my computer was infected.

What Williebee said in Post #5 is what happened afterward and is still happening. I just ignore this friend's emails now. Poor guy.

Which brings me around to asking a question similar to what Elaine asked: if say, a hacker got in through the back door and was able to get your passwords through key strokes, and virus scans don't pick it up, would the answer then be to reformat the hard drive? And would you even know this is happening?

...
Spammers and scammers get hold of e-addies in many ways. Too many people post their e-mail addies openly in forums. Unscrupulous social networking sites will ask for access to your contacts.
There's something called "Grouply" that has been hounding Yahoo groups in the last year or two (or three?). It supposedly gives you all these advantages, but you have to give it your Yahoo password. Don't do it.

Then there are things that are harder to control, even if you don't have a virus on YOUR computer:

Viruses that look for info know all the filenames and file types of popular programs, especially finance-related, so they can go straight to scanning these things and sending the info off to be abused. They can also "see" your email addressbook and all your received and sent emails. It can collect the email address of every person you've received from, or that you've sent to, and send these addresses to another computer on the Internet and add all these addresses to spam address collections. Thus your email address can start getting spam because the computer of someone you emailed got a virus.

Then there's dictionary attacks (for email addresses as well as passwords), just google it if interested...

Which brings me around to asking a question similar to what Elaine asked: if say, a hacker got in through the back door and was able to get your passwords through key strokes, and virus scans don't pick it up, would the answer then be to reformat the hard drive? And would you even know this is happening?

That would like be a keylogger program. This is a pretty good article on how to find them and get rid of them: http://wskills.blogspot.com/2007/01/how-to-find-fight-keyloggers.html

Which brings me around to asking a question similar to what Elaine asked: if say, a hacker got in through the back door and was able to get your passwords through key strokes, and virus scans don't pick it up, would the answer then be to reformat the hard drive? And would you even know this is happening?

You might, given enough geekitude, realize that there were background processes running that were unfamiliar to you--if you know the current malware landscape, you will notice process names that alert you.

But the average user is going to know something's up when they see unexpected credit card charges, or they know they're using the right passwords but they can't log in, or they get a call from a bank or credit card company or merchant regarding activity that the user did not engage in.

Technically, yes, reformatting the drive should remove the malware; I'd want to engage in fairly drastic low-level formatting, personal. Depending on cost etc. I might even yank the drive, but I'm neurotic.

But then you've got to cancel accounts, call companies, change passwords, etc. And you'll have to watch for identity theft and similar problems for years.

There's some good hard drives out there these days, for pretty cheap. (This is something that goes up and down, based on supply/demand, the materials market...) I'd yank the drive, replace it and load fresh. Then I'd take the old one apart, take all the pretty, shiny disks out of it and turn them into a wind chime, or maybe a mobile for a fellow geek's brand new baby geek. (Mom wasn't as amused as we were. Can't figure out why....)

The shiny disks are real pretty. But I would do a scan with a few alternative malware detectors first.

But, but.... They're fun to play (http://www.youtube.com/watch?v=yISqCAnROh8) with!

:D Great video

You also might find that an unknown process is trying to dial out, if your firewall software shows you that sort of thing.

Before reformatting, run a program like Hijack This! and post your results to a computer security forum. Usually, you (or they) will find the nasty in those startup logs. Hijack This! and programs of that sort let you remove the items 'manually' very easily! The most difficult are the ones that use filenames of real programs, as you might imagine. Even so, if you are determined, you just get a new copy of the real file (once you've figured it out, that is ;) )

*Resisting the huge temptation to say "Get a Mac." Because very soon, it won't make a lot of difference.*

My firewall has been very helpful in bringing odd events -- in or out -- to my attention. Any good firewall protects both ways. ( The Windows junk doesn't.) You need that, and you need to take active steps to maintain your security. Throwing money at Norton or McCrappy and then sitting back and feeling safe is like fastening your seat belt and then driving with your eyes closed.

There's some good hard drives out there these days, for pretty cheap. (This is something that goes up and down, based on supply/demand, the materials market...) I'd yank the drive, replace it and load fresh. Then I'd take the old one apart, take all the pretty, shiny disks out of it and turn them into a wind chime, or maybe a mobile for a fellow geek's brand new baby geek. (Mom wasn't as amused as we were. Can't figure out why....)
I consider this a waste. There are plenty enough hard drives that have physically failed that you can take apart.

I've heard people talk about buying a new computer because the one they got six months ago has slowed to a crawl or "won't get on the Internet anymore" and then they set the old one in a closet for a few years until the market value is so low they can only donate it to a thrift store or take it to "electronics recycling day." Talk about unnecessary waste...

Go ahead and install a new drive, but use the old one as drive D: then do a scan and/or look at the file system. When I suspect something I look at \windows\system and similar directories and sort by date. If there's something not supposed to be there, it's inevitably got a more recent date than all the originally installed files.

What does Hijack This do, save a text file of stats from all running tasks? If that's the case, you better disconnect any modem(s) before booting an infected system and running it.
But, but.... They're fun to play (http://www.youtube.com/watch?v=yISqCAnROh8) with!
What model drive is that? I've got a few drives that size (5 1/4" "full height") but I take them apart to get the strong magnets out. Running the platters like that looks like fun...

My firewall has been very helpful in bringing odd events -- in or out -- to my attention. Any good firewall protects both ways. ( The Windows junk doesn't.) You need that, and you need to take active steps to maintain your security. Throwing money at Norton or McCrappy and then sitting back and feeling safe is like fastening your seat belt and then driving with your eyes closed.

I'm just curious why you disprove of Norton or McAfee? Like what's so bad about them?

I use Norton, but sadly it's inferior to AVG, as is McAfee.

It doesn't recognize or screen nearly as many virus signatures.

Norton is awfully invasive in terms of where it stashes bits of itself, and complicated. For someone not fairly comfortable with their Windows box, I'd suggest looking at some of the alternatives.

Norton/Symantec is a significant resource hog on the machine. McAfee doesn't seem to catch as much as Symantec or AVG (properly kept updated). AND, (I think) AVG anti-virus is still free for personal use.

I've had good results with Kaspersky, as well.

Thanks guys :)