Keep anti-virus software updated (most software is set to update automatically).
Keep current on Windows Updates. Many viruses will simply “slip in” through your internet connection due to security holes and flaws in Windows, even if you are running anti-virus software. Such vulnerabilities in Windows are found almost every week. To run Windows Update, open Internet Explorer, click on “Tools”, then “Windows Update.”
If you have broadband (high-speed) internet such as Charter Pipeline or Verizon DSL, always have your computer(s) behind a router for its built-in firewall protection. We recommend Linksys, Netgear, or D-Link brands. If a software firewall is desired, we recommend ZoneAlarm (www.zonelabs.com).
Use a good anti-spyware program such as Spyware Doctor (www.pctools.com/spyware-doctor/), Webroot SpySweeper (www.webroot.com), Sunbelt CounterSpy (www.sunbelt-software.com), Lavasoft Ad-Aware SE (www.lavasoftusa.com), or Windows Defender (www.Microsoft.com) . Be sure to run regular (daily or weekly) scans and keep definitions updated.
Avoid peer-to-peer (also called P2P, or file-sharing) programs such as Kazaa, Limewire, Bearshare, Ares, iMesh etc. Most if not all of these programs come loaded with spyware.
Be careful with popups and banner ads. Many popups and ads are misleading and will tell you your PC is infected with spyware, prompting you to download software. Often these popups and ads are from the spyware makers – do not be fooled by them. Some of the worst ones will say things such as “Optimize your PC – run a free scan now”.
Be careful what you download. Many free programs, even legitimate-sounding ones, come with spyware. Be sure to do some research before downloading or installing an unfamiliar program.
As for antivirus software, we recommend Norton Antivirus (www.symantec.com), or AVG Antivirus (free version available at www.free.grisoft.com).
We recommend against using most “all-in-one” security suites, such as Norton Internet Security, and McAfee Internet Security. They tend to slow down your PC significantly, and often are too strict, causing problems accessing the internet.
Adware / Spyware / Malware -- What is it?
Adware is a program that runs on your computer, monitors your surfing habits and delivers targeted advertisements, typically in the form of pop-up windows. Spyware is a program that runs on your computer, monitors your Web surfing habits and reports the habits to a remote computer. Both Adware and Spyware purloin precious system resources, resulting in performance degradation. Case in point: A customer presents a machine (Win98SE) complaining that the computer "runs slow." Known Adware/Spyware programs were observed and tools were run to remove these programs. After removal of over 500 files, folders and registry keys and some other tweaking system resources went from 16% (fresh boot) to 88%. In addition to seriously sapping system resources, some Adware/Spyware programs can create Internet connectivity problems, and can even cause system crashes.
What Adware/Spyware can do
Adware/Spyware can do all of the following:
Install a DLL (dynamic link library) file or other executable on your computer.
Infect your computer with a virus. Investigators have determined that the worm known in various venues as W32/Novarg.A, W32/Shimg, W32/Mydoom, or W32/Mimail.R had its genesis in Kazaa and migrated to e-mail.
Communicate continuously with a Web server ("phoning home") to transparently install more programs on your computer, continuously monitor your computer activities, and transmit activity data to the Web server.
Invite other Adware/Spyware programs to enter your computer.
Scan the files on your hard drive.
Change your browser's Home Page and prevent you from re-setting the Home Page.
Insert unwanted sites into your Favorites or Bookmarks folder.
Remove Internet Options from Internet Explorer®, effectively causing you to lose control of your browser.
Hinder removal by providing no un-install option or, in the case of "tricklers", re-install itself after you un-install and re-boot.
Monitor your keystrokes.
Spawn pop-up advertisements even you are not online.
Attempt to disable or actually disable Adware/Spyware removal programs.
Read, write to and delete files on your hard drive.
Re-direct you to knockoff, pornographic or shopping sites.
Interfere with the removal of legitimate programs. After starting to un-install a McAfee application, the un-installer quit, advising that we had to first quit Bonzai Buddy before the un-install could be completed. We later ran Spybot to dispatch the creature back to the jungle.
Cause your computer to freeze or crash.
Cause you to spend money to have a computer technician rid your system of Adware/Spyware. Some forms of Adware/Spyware are much more difficult to remove than a virus.
While the Federal Trade Commission has received complaints about Adware/Spyware, it has done little more than pay lip service to privacy issues. Don't look to the effete, Pecksniffian politicians in Washington or state capitols to protect users. Although poorly drafted measures targeting Adware/Spyware are sporadically hyped by politicians seeking to curry favor with privacy advocates, they serve to benefit only self-perpetuating political interest, not users. First Amendment, definitional and jurisdictional issues conflate to stymie the few intelligent, low key folks who contemplate a viable legislative solution.
According to an article posted on cnet news.com (http://news.com.com/2100-1032-5095051.html, See you later, anti-Gators, October 22, 2003), Gator (now named "Claria") filed a civil action alleging trade libel and other theories of recovery aginst PC Pitstop, a site that classified Gator as Spyware. PC Pitstop settled the action and removed material offending Gator from its Web site. Gator claimed that its programs are not Spyware since users who download Gator products receive clear notice of what will be installed and since users receive value in the form of useful applications, such as file-sharing programs. Spyware on the other hand, according to Gator, is secretly installed and provides no benefit to users. While a settlement does not make legal precedent, it can have a chilling effect on parties similarly situated to the defendant. It has chilled us. Gator has been removed from our list of Adware/Spyware. For the record, if you have installed a Gator product, it is not Spyware, you knowingly installed it and you are enthralled by the functionality of the umbrella program.
How is Adware/Spyware installed on a system? It is typically installed unknowingly by a user, who installs a freeware program, such as Kazaa, Xupiter or Grokster. If you download freeware, read the End User License Agreement (EULA) carefully. You may agree to the installation of Adware/Spyware programs. Consider the following extracts from the EULA for Xupiter, a freeware search agent: To further enhance your media viewing experience, Xupiter reserves the right to run advertisements and promotions based on URLs and/or search terms users enter when navigating the Internet. Our software license requires that users browser start page be set to Xupiter.com in order to continue use of the Xupiter toolbar, from time to time we verify that users start page url is set to Xupiter.com, if it is not we reserve the right to alter it back. Think about it: If you install Xupiter, you agree to relinquish substantial control over your Web browser to Xupiter. If that does not concern you or if you can't live without small purple gorillas, enchanting insects or cute cursor changes, stop reading right now and enjoy the pop-up and pop-under advertisements.
You are much more likely to introduce Adware/Spyware into your system if you download and install file-sharing programs, such as Kazaa, Morpheus and Grokster, than if you abstain from using file-sharing programs. Few people read the End User License Agreement (EULA) before downloading and installing programs. Only a Philadelphia lawyer would read and understand Kazaa's EULA, estimated to contain 5,000 words. Even if one reads and understands Kazaa's EULA, there is more to digest. Some EULAs incorporate by reference other EULAs. Consider the this extract from the EULA, Section 9.1 (Third Party Software) of Kazaa's EULA that provides in part: " During the process of installing the Software, you may be offered the possibility to download or install software from third party software vendors pursuant to licences or other arrangements between such vendors and yourself ("Third Party Software"). In the event you do not wish to download this THIRD PARTY SOFTWARE you should uncheck the appropriate boxes. Please note that the THIRD PARTY SOFTWARE is subject to different licences or other arrangements, which you should read carefully. By downloading and using this THIRD PARTY SOFTWARE you accept these THIRD PARTY SOFTWARE licences or other arrangements and acknowledge that you have read them and understand them." It gets better. Section 10.1 of Kazza's EULA provides: "10.1 This Licence as well as all disputes arising out of or in connection with this Licence shall be governed by the laws of the New South Wales, Australia, without regard to or application of choice of law rules or principles." How many people will pour over the EULAs before downloading and installing programs? How many people can pick up the phone to call a friend who is well versed in the statutes of New South Wales? If you download a file-sharing program, you are getting a pig in a poke, a pig that invades your privacy, can infect your computer with a virus and pokes you with pop-up and pop-under advertisements.
Typical user reaction following installation of file-sharing program
The following was culled from a Google group search, using as the search logic the name of a popular, free file-sharing program: "'Spyware and Adware Avalanche!' You will be swamped with spyware and adware. For a free program you expect flashing ad banners etc... but this?? If you remove the adware and spyware it renders the program useless. Also some of this stuff can't be removed with add/remove programs. Even ad-aware and spybot don't detect everything that this piece of garbage can deliver. I ultimately had to replace my hard drive."
Other vehicles for Adware/Spyware introduction into a system
As mentioned, file-sharing programs are significant hosts of Adware/Spyware, but these insidious programs can be introduced into a system by other means, including:
Security holes in browsers.
Instant Messaging programs.
Browser search bars/toolbars. If you can't live without a search bar, get the Google toolbar bar, the only one that we recommend.
Some seemingly benign programs from well-known commercial entities.
Advertisements (usually pop-ups) displaying dire error messages or offering to stop pop-ups or spam and prompting the user to "Click Now" to immediately get the fix. Even if you click "No", "Cancel" or "Don't install", a program may be downloaded and installed on your system. Don't click on these pop-ups. Use + to close the pop-up window. In addition, don't follow any links in spam for free downloads.
"Drive-by download". A "drive-by download", according to whatis.com, is " (A) program that is automatically downloaded to your computer, often without your consent or even your knowledge. Unlike a pop-up download, which asks for assent (albeit in a calculated, contrived manner likely to lead to a 'yes'), a drive-by download is carried out invisibly to the user: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message." Physical access to a machine.
Adware/Spyware programs that present the potential for serious system performance degradation, invasion of privacy and system crashes include, but are not limited to, the following:
- BDE/Brilliant Digital.
- CoolWebSearch. (Some variants use HOSTS file to block access to anti-Adware/Spyware sites.)
- Xupiter Toolbar.
While dialers don't fit the classic definition of Adware/Spyware, they are included in this discussion since they are installed and run without your knowledge or informed consent, just as Adware/Spyware programs do. If you consider a $1,700 phone bill a matter of some consequence, you will want to know about dialers. Dialers are programs that enter your computer by boring though security holes in your browser or instant messaging program and are typically installed by clicking on a link on an adult or other shady site. They can also be installed if you click on a link in an e-mail message. When the site loads, the dialer is installed. These programs use a dial-up modem connection to call 900 and international numbers, resulting in exorbitant charges (typically $5 per minute or $300 per hour) on your phone bill. These programs can dial anytime that your computer is on and your modem is connected to a phone line. On average, 10% of the machines that come to our shop for repair have a resident dialer. To battle dailers, make certain that you download and install all critical updates and refrain from visiting - or accepting an e-mail invitation to visit - adult sites.