Ill Intentions: Adware & Spyware Applications (Part II)

By Ronald Pacchiano | Posted October 15, 2003

Last week, a reader asked a question regarding Adware and Spyware, and whether or not anti-virus packages like Norton AntiVirus and McAfee VirusScan are effective at protecting your system from them. So we spent most of last week's column explaining how Adware and Spyware differ from traditional viruses. Now that we have a pretty good understanding of what Adware and Spyware are, we can move on to how you can identify and remove them from your system.

This week we'll talk about what signs you should look out for that might indicate that your system has become infected by these applications, and we'll show you some of the utilities we've used over the years to remove them from our systems.

How do you know if you are being spied upon, and what can you do to prevent it? Here are a few of things you should implement to help minimize your chances of getting infected.

For starters, you should always be using a good anti-virus package like Norton AntiVirus or McAfee VirusScan. As we said last week, even though these programs don't specifically target Adware and Spyware per se, many anti-virus programs can catch prolific spy software because they are often classified as "Trojan Horses." They are also very good at identifying and preventing any repurposed Trojan horses from being installed onto your system.

Making sure that your anti-virus software is always running in the background and that your anti-virus definitions are always up to date will go a long way toward minimizing your chances of getting infected. As a matter of fact, the latest edition of Norton AntiVirus 2004 has been enhanced to further protect you against certain non-virus threats such as spyware and keystroke-logging programs.

The best protection against a virus is to know the origin of each program or file you load onto your computer or open from your e-mail client. From time to time, you may get an e-mail message warning of a new virus. Unless the warning is from a source you recognize, chances are good that the warning is a virus hoax. You can check whether a virus is a hoax or not by visiting the Symantec Security Response online database and searching for the virus.

You should also be careful about what software you install on your system. Be sure to carefully read the EULA (end user license agreement) for any piece of shareware or file sharing package (like KaZaA) you plan on installing. These types of applications are often littered with adware and spyware. How do you think these companies get funding to let you use their applications for free?

I also recommend installing a personal firewall on your system. Firewalls will alert you to both the inbound and outbound activity on your network, and will also allow you to control exactly what type of traffic is allowed to pass through. Many firewalls offer very detailed logs which record and warn you of any suspicious activity. Keep any eye out for any programs you do not recognize that try to send data out of your system.

A telltale sign that your system might be infected is if you start to notice a considerable drain on system resources. Poorly written spy software will almost always put a drag on system resources. Watch out for insufficient system resources, running out of memory, lots of hard disk activity, or a screen that "flickers." A flickering screen can sometimes be caused by some spy software programs, as they continually take snapshots of the computer screen.

Ad-Ware
One of the best programs I've come across in the last few years for dealing with the threat of adware and spyware software is made by LavaSoft and is appropriately named Ad-Ware. It is available in three different packages: Ad-Ware, Ad-Ware Plus, and Ad-Ware Professional.

The standard edition of Ad-Ware is free. It is a multi-component detection and removal utility that consistently leads the industry in safety, user satisfaction, support, and reliability. With its ability to comprehensively scan your memory, registry, hard drive, removable drives, and optical drives for known data mining, aggressive advertising, and tracking components, Ad-Ware provides the user with the confidence to surf the Internet knowing that his or her privacy will remain intact.

Ad-Ware is also a small download and is very simple to use. The program can be downloaded for free. The Plus and Professional editions of Ad-Ware have enhanced functionality that not only allows you to remove privacy threats from your computing environment, but prevents them from reaching your system in the first place, as a real-time monitoring agent is always watching over your system. Ad-Ware also has support for mapped drives and is fully customizable.

SwatIT
Another good spyware removal utility is called SwatIT. Like Ad-Ware, SwatIT is a completely free program that scans your computer for Trojans, Worms, Bots, and other Hacker programs. SwatIT can detect and remove over 4000 different Trojan programs plus variants. It doesn't work on adware, though, so you should install both applications on your system. You can download SwatIT online.

Stop-The-Pop-Up
One of the ways you can come into contact with adware and spyware programs is through those annoying popup windows. They have a tendency to redirect you to malicious sites and covertly download malevolent applications onto your system. One of the best ways to thwart popup windows is by using a popup block such as the freeware Stop-The-Pop-Up, which can also be downloaded online.

In addition to preventing popup windows from, well, popping up, Stop-The-Pop-Up will also recognize and kill hostile activeX controls from companies known to develop spyware or adware — Gator, GAIN, C2, Comet Systems, Cydoor, and Marketscore are all on Stop-the-Pop-Up's blacklist. The banner ads in ICQ pro 2003 and MSN Messenger 4.6-5.0 are removed as well.

While these utilities (and others like them) are very effective at protecting your privacy, there is only so much they can do, and they work most effectively when used in conjunction with a bit of common sense. So don't be lulled into a false sense of security just because you have one or more of the applications installed. They are helpful, but there is no such thing as 100-percent protection.

One final note, while you should be able to effectively protect your home office PC. However, other PC's — like the ones in a small office, for example — might have purposely been "infected" by your employer. In a work environment it is always best to assume that you are being monitored. Many companies have taken to installing key loggers and screen capture programs on their systems to monitor the activity and Internet usage of their employees. While morally I might not agree with it, many companies are well within their rights to do this. So just keep this in mind next time you find yourself goofing off at the office.

If you're interested in learning more about adware and spyware, visit the Spyware Guide. The Spyware Guide was created to provide an all-inclusive and updated resource on spyware applications, what they do, and how they're used. Resources available include which software applications can detect and defeat spyware, an extensive database of all known spy software and adware applications, contact information, and other privacy-related products.

Adapted from PracticallyNetworked.com, part of the EarthWeb.com Network.

Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date