Tuesday, May 31, 2005

Spyware, Adware and how to kill it!

Introduction

What spyware is all about, and how to get rid of it!

Spyware and Adware are two of the major annoyances for many computer users, slowing down PCs and obtaining information - all done covertly. Most computers connected to the internet will in fact be infected with some form of spyware, with users being blissfully unaware (apart from maybe a few strange occurrences whilst browsing). There are some forms of adware that will actually cost user dearly, which will be covered later on in the article.

Companies and individuals that create spyware applications often make huge sums of money, and yet claim to offer a valuable "free service" to innocent surfers. Spyware and Adware are essentially applications which can be bundled with "free" software or are installed in a sneaky manor, that serve to make someone a lot of money without the user knowing.

Most of these applications will run silently on a PC, causing a variety of nasty effects:


  • Adding affiliate links to many large stores, causing the software creator to earn around 5-15% commission for almost every item you purchase online.

  • Adds extra advertising on webpages, or even replaces existing advertising.

  • Monitoring browsing habits for commercial purposes.

  • Gain access to passwords and credit card numbers

  • Slow PCs down by using up system resources.

  • In some cases, they can dial premium rate numbers to earn the company money.

  • Changing homepages and extra bookmarks

  • Strange icons and new software on the desktop

As you can see, there are plenty of problems caused by spyware and adware, and could even end up costing dearly in sever circumstances. Most users will suffer from slow computers, laden with extra adverting and lack of privacy. Although, credit card details and passwords could be obtained in some circumstances.


Luckily, there are plenty of free software applications that will remove these troublesome leeches. There is no "one size fits all" solution to the growing adware / spyware problem, but the following guide will give you a comprehensive tutorial to securing your system from this comon problem.

How it got there?


How did the spyware/adware get installed originally?

Spyware and Adware are obviously never advertised as such, and have many modes of infection. The most common modes are (but not confined to):

ActiveX Installation:

Windows has a very useful tool for installing applications over the internet, called ActiveX. This allows developers to create applications that can run from within a webpage. Many sites including Windows Update and Shockwave use this tool to install the necessary files on the users computer.

Many pornography, illegal or questionable sites often have pop-up windows claiming to install some "free" component, often suggesting that it is the only way to view the site. These ActiveX applications can often contain dialer programs, which dial premium rate numbers and mount up phone bill costs.

It is true that these dialog boxes must have the "yes" clicked to install the ActiveX program, but there are many sneaky ways to get the user to click this button accidentally. The dialog box always contains the text "Do you wish to install and run".... followed by the product title. Spyware/Adware is sneaky and makes the title of their application suit the flow of text by changing it to something like "Do you wish to install and run a free application that will let you download the latest MP3s and Ringtones?". Many users will fall for this "great, free application"... if only they knew!

Luckily, Windows XP SP2 includes a feature that will not allow an ActiveX control to be installed with the user being 100% sure of it. A bar will pop-up in the Internet Explorer browser window, which must be accepted before the Installation box will even pop up. Many other browsers contain similar features now. If you do not have SP2 installed, visit the Windows Update site now to download it.

Piggybacking:

As the name suggests, the spyware/adware can act as a parasite and hide itself in other supposedly free software. Software such as "gator" or "bonsai buddy" is simply a method of concealing spyware which monitors your browsing habits and adds extra advertising to your PC. Many P2P applications come with these applications as part of the install package, as do some other freeware software packages. These companies will be paid a small amount of money for each person that subsequently has the spyware installed on their PC.

Always be careful when using any software that could install a few nasty surprises when using it. These applications are also able to download and install another other software they want once running.

Security Flaws / Viruses :

Although this method of transfer is far less than the other methods, it is the most dangerous of all. Even with SP2 and all of the latest updates, there are plenty of ways to run a file on a remote computer, all without the knowledge of the user. Viruses are one way to spread spyware/adware, but security holes in software can also run some spyware installers.

Software Solutions

The applications that can secure your PC

There are 5 main pieces of software that will secure your PC, and provide a cover from almost any adware/spyware threat. All of these pieces of software will be covered in the following pages.


AdAware is a free application (although there are move advanced paid versions) which specialises in removing Adware and Spyware only. This is probably the easiest spyware/adware remover for a novice.

SpywareBlaster is protection for IE/Mozilla/Firefox, but it will stop ActiveX controls and harmful items before they can be accepted by your PC.

Spybot - Search and Destroy can pick up items that the other adware removers can sometimes miss, and is a worth while install.

Antivirus software can remove most trojans that can often accompany spyware/adware, as long as it is updated regularly. Good antivirus software can be picked up for around £20/year, but free versions almost as good are available.

Firewall protection will cover nasty trojans which could allow access to your PC. Windows XP comes with basic protection, but a good secondary firewall with give added protect. Plenty of free products are available, although paid versions do have extra features.

To get complete protection and prevention from spyware/adware, you will need all of the above applications. Any good anti-virus and firewall will do, but only free options will be discussed in this article.

Ad-Aware

How to install, configure and run Ad-Aware

Ad-aware is one of the easiest Spyware removal tools available, and also includes free updates on a regular basis. Ad-aware does not prevent spyware from being installed, but is a good cure for removing it. Once the software has been downloaded and installed, the following screen is presented:



It is important to update the definition files each time you run the software. Click "Check for updates now" and then "connect" once the new window appears. Accept the installation by clicking "OK" and Ad-Aware will then download a file from the main Lavasoft servers which keeps the software up-to-date with any new adware/spyware infections. If you run the application often, there may be no updates for a few days (and a dialog box will pop-up with a message to this effect).

The default settings that come with AdAdware SE are sufficient for most users, but they can be access via the gear wheel icon at the top of the application.

To start the scan, click "Start" and then tick "Perform Full System Scan" and then untick "Search for negligible risk entries". This will make sure all of the system is thoroughly scanned, but no-risk items such as cookies are ignored for the most part. After the scan is configured, click "next" to start the process.

Adaware will then scan your hard disk, registry and system memory for any known spyware/adware applications. It is recommended that you tick all the objects that AdAware finds and click next to quarantine them.

You can always restore or delete items from the quarantine if your system requires some of those files, or delete them to save space.

Spyware Blaster

How to install, configure and run Spyware Blaster

Once Spyware Blaster has been downloaded and installed, the first thing you must do is update the definitions (as with all programs of this type). This is very simple to do, and all that has to be done is click the "update" tab on the left hand side of the application and download the latest update.

After the application has been updated, click on the "protection" tab on the left to view the options for immunising the system.

For Internet Explorer:

The first important box to tick is the "prevent installation of ActiveX based Spyware, Dialers, etc...". This will prevent any harmful ActiveX controls being installed by accident on your system. This is a preventative method, rather than Adaware's cure.

By ticking "prevent spyware/tracking cookies", Internet Explorer will no longer accept cookies from spyware companies or certain intrusive advertising companies. This is worth ticking if you are concerned about your privacy.

For Mozilla/Firefox:

If you use the popular alternative browser, there is an option to block spyware/tracking cookies from the appropriate tab at the top of the application. Only tick this box if you use Mozilla/Firefox.

Restricted Site Protection:

This section allows you to add a large list of "dodgy" sites into the restricted access zone for your PC. This means it limits the security privileges that these sites have when viewed, and greatly help against preventing spyware from being installed. It is highly recommended that you activate this setting.

There are many other tools build into the application, although I don't recommend using any apart from the "system snapshot". This will backup any changes that the program (or adware) could make to certain parts of your system, enabling you to restore them at some point in the future. The interface is very user friendly, and shouldn't be a problem to restore at a later date.

Spybot - Search and Destroy

How to install, configure and run Spybot

After downloading Spybot and proceeding to the install screen, there is an option to install SDHelper and TeaTimer. As the other applications already installed have similar components, it is not recommended to install both of these options (although it would cause no harm).

As always, update the application using the "update" button on the left hand side of the application.

Spybot has two main parts to the program; the first being the "Search and Destroy" component which will scan the most common locations for spyware/adware installs. This is not as comprehensive as Adaware, but can often find things missed. Any entries that Spybot finds are safe to delete via the "fix selected problems" button.

The second part of the Spybot package is the "Immunize" feature, which will install protection again many nasty packages which could infect your PC. This is similar to previous applications, but it may cover some newly discovered threats before alternative programs.

AntiVirus Software

How to download and run AntiVirus Software

Anti Virus software is a must in this day and age of computers, and anyone without such software has only themselves to blame if anything goes wrong. Paid Anti-Virus products are generally superior to free versions, as there are more frequent updates and better support options. If you have important data on your PC, you should really go for a high-end anti-virus product.

For home users, there are plenty of free products which are usually suffice:

AVG Anti-Virus is a popular choice, and is quite comprehensive for a free solution. There are regular updates it can has proven reliability.

AntiVir is another popular choice for home users, but is less common than AVG.

Firewall Software

The importance of Firewall Software

Firewall software is incredibly important with the number of viruses around, and hackers who could gain access to your PC. There are many insecure PCs that fall victim to software exploits and holes which could be prevented by having firewall protection.

Windows XP does come with a basic Firewall, which is somewhat improved with Service Pack 2. It is very important that this is enabled using the steps shown below:


  1. Download Service Pack 2 from Windows Update if you have not already (http://www.windowsupdate.com)

  2. Restart the PC

  3. Run "wscui.cpl" from the Run command on the Start Menu (without the quotes)

  4. Manage security settings for "Windows Firewall" and make sure it is enabled

  5. Restart

It is highly recommended to use a 3rd Party firewall which can allow specific applications access to the internet (or deny them). This is the most useful tool to detect and prevent Trojans, and other hacking attempts.

The Shields Up webpage from GRC can perform an instant test on your PC to check how secure your computer is. Information such as your Username, information about your computer, and in some cases access to all your files (with very insecure computers) could be visible to a hacker.

ZoneAlarm is a popular Firewall with a free version, which slightly less features than the Pro version, but still enough to safely protect a PC.

SyGate Personal Firewall is free for personal use and very easy to use.

Conclusion

A summary for Spyware / Adware removal

The following steps should keep your PC in tip-top condition if followed correctly:


  1. Download, Install, Update and Run: (all are free or have free versions)


  2. Do not use P2P applications unless you know what you are doing, these are a massive problem with spreading viruses, trojans, adware and spyware. There are many, many disguised applications around. Only a few percent of people will use P2P legally, and its not worth it for the problems you will get.

  3. Be careful with E-Mail Attachments. Don't open an attachment from someone you dont know, as these are another massive problem for spreading harmful programs. Even if the attachment is from someone you know, save it and then virus scan it first.

  4. Educate yourself on a PC. There are many free computer training courses around, as well as friendly forums where you can freely talk about any computer related items. A computer novice can be just as destructive as a virus, so make sure you brush up on the basics.

  5. Don't install any ActiveX controls you can't verify. As explained above, many websites will trick you into downloading these to earn money from affiliate programs.

  6. Secure Internet Explorer Settings by using the SP2 security center (run "wscui.cpl" to access it).
From pcreview - an article from a good collection of useful tips and techniques. The site also hosts a busy and active forum- well worth joining.

Sunday, May 22, 2005

Firefox now part of corporate PC setup.

I have been using Firefox for over 6 months now and I only use Explorer when I really have to.

10% of my callouts can be solved by installing Firefox. It cuts down on support resource usage and is very positively received by our clients.
We have actually been actively recommending Firefox for about five months and now our special corporate PC setup service now includes the installation of Firefox and making it the default browser.
The minor inconvenience of no ActiveX is easily compensated for by the lack of browser hijacks.

Get Firefox!

Database tool kit and Conversion Utilities

Node-net has compiled a great bunch of conversion utilities from accross the internet and posted them here.
You need to convert Access to MySQL, MSSQL to MySQL, PDF to Text, etc. then look no further.
This formidible tool-kit has proven invaluable to us here at node-net and we wouldn't leave home without it.

Sunday, May 08, 2005

Guide to UK ADSL Services

Node-net has published a handy guide to ADSL in the UK. Everything you need to know about ADSL services and technology.
It covers the benefits of ADSL, the services available, glossary, ADSL supplier list, and a comprehensive FAQ section.
This compliments the RFID Guide published last week. This is a laymans guide to Radio Frequency Identification chip technology.



Saturday, May 07, 2005

VOIP services take off

Skype the internet telephony services reaches 100 million downloads.

This service has become so popular that some carribean countries are talking about making it illegal as their state owned telecoms companies are feeling the pinch.
Skype offer two new services SkypeIn and SkypeOut.
SkypeIn allows suscribers have their own phone number in a choice of differant countries. The service is 30 Euros a year or 10 Euros a quarter. It comes with voicemail, CallerID, encryption and lots of other freebies.
SkypeOut comes in various flavours and gives very cheap international calling rates to landlines.