Spyware on the loose, how to prevent Spyware?

There are more then a billion internet user nowaday, more then a number as mentioned BILLION, yes BILLION user that own a personal computer that have or even own an internet connection. In everyday news online or even one of the magazines, it has mentioned this name “Spyware” in one or some of the PC user around the world.

What is SPYWARE?

“Spyware” is such an interesting term. If you seperate the name to 2 word that is “SPY” and “WARE“, The word “SPY” of cause would mean a spy like the” most favourite of all Double O Seven, “007″, yes, a spy. While the word “WARE”, is something to do from software or hardware, but in this terms, when the “SPY” and the “WARE” are being combine to one word “SPYWARE”, it would mean it is a software that spy on somebody pc on another. In another words, Spyware is a generic term to describe software that is installed on your computer without your full knowledge, consent and understanding, and that really serves the interests of commercial parties associated with it rather than yours and in other practical terms if one computer displays advertising windows unrelated to the web site that you’re surfing on, or if some extra search tools have appeared in your browser which won’t seem to go away then you probably have been infected with Spyware and also end-up frustrating on whatever thing you do, will be going to the website that you unlikely want to be. I would think it’s terrible and very annoying to do work.

How does SPYWARE get onto my computer?

Spyware can be easyly installed on your computer in a number of ways without your notice as mentioned above or earlier, but all of them involve surfing the net, chances are, when the time you click or agreeing to download one item of software not realising that the download included other less desirable items. Some spyware simply installs itself using some “open doors” on your browser or some call it as a “Back door”. Some of this door maybe harmful as they might open the door for some unwanted visitor name after “Virus”, but some are most likely want to have your personal details that might have stored on your personal computer and also for some SPYWARE is actually opens a door for some website to be known they exist.

Continue reading about how and why and what about Spyware and how to prevent Spyware…

Well, for some reason, SPYWARE are sometimes aren’t just walking their way in through internet connection nowaday, as they may be come from a Software CD that you bought from a Black Market CD. How could this happen? Well, try think for yourself, how and from where is the CD contain the software come from? Yes. Of cause, some of the software that is inside the CD are from the net. Not just SPYWARE, it may contain virus as well.

Situation that led me mention this :

On the First day, there is one customer bringing his PC to one computer technician to check what actually happens to his PC. The Customer mentioned all sort of thing that he had did on his PC also mentioned may be he accidently corrupt his Windows XP System files. So what the technician did after that was, he try to repair the customer’s PC using the Windows XP SP2 CD [if you would like to some steps on how to repair your Window XP, read here] and was done in a few hours, everything was back to normal, and Windows XP booting up normally, working fine. Then he happyly show it to the customer and the customer bring back the PC happyly.

Second Day, the customer bring back the PC back to the same technician and say, “You didn’t do it right. It’s still got problem. How you repair the Window XP? It keeps restart, and i can’t even do thing right.”, but of cause the technician actually did his job and work done in properly. So the technician check the PC again, and notice something not right, as when the time he let the customer pc back yesterday, there was only few software application installed. At first, the technician thought that maybe it might be infected by virus from the internet, but when asked the Customer about internet surfing, the customer mentioned that, he doesn’t own a internet connection at home.

What really happens to the PC?

Here’s what really happens, on that same day, the technician still suspect that the customer’s PC was infected with virus, as he already inspected and diagnosed every single part of the accessories in the PC like video card, RAM, Motherboard, CDRW and also even pull out the Pentium Processor out from the motherboard and test it on another board and all are work fine. Except the last thing he tested, the technician try scanning the hard disk on another PC that have a AhnLab Antivirus Software installed. The customer’s hard disk was confirmed that is infected by virus and Spyware and a quite a number of it too. This incident had led the technician a curious as he heard and knew that the customer doesn’t own an internet connection, so no surfing can be done, he was using the PC at home, so no office data transfer through disketes, but how can it be infected? The technician then requested for some clue or any, actually what have the customer did since he taken back his PC home after the repair yesterday. The customer explained in details and on the last word from the customer, he did mentioned that he did installed some software application from a CD that he bought yesterday while waiting for his PC being fixed. Was a CD be able to have virus asked the customer. The technician he himself also not sure at that moment, not until when he asked the customer to lend him the CD he used and had it scanned with the AntiVirus Software, and the result proven that, the CD that he used, does contain some spyware and virus as well. (Actually not some, its about 70% of the Software on the CD were not virus free.)

Thats the answer for abovementioned.

How a SPYWARE can really get into your Computer Windows Systems

In some cases, Spyware does not really directly spread in the manner of a computer virus or worm, in generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities.

The most direct word is by which spyware can get on a computer involves the user installing it or agree on a click. However, users are unlikely to install software if they know that it may disrupt their Windows Systems and compromise their privacy. So many spyware programs deceive the user nowaday, either by piggybacking on a piece of desirable software, or by tricking the user to do something that installs the software without realizing it.

Classically, a Trojan horse also know from the name of Troy, by definition, smuggles in something dangerous in disguise of something desirable. Some spyware programs get spread by this way. The distributor of spyware presents the program as a useful utility — for instance as a “Web accelerator” or “Your PC might be infected by virus,click here to scan” or as a helpful software agent. Users download and install the software without immediately suspecting that it could cause harm to their own Windows System.

For Example :

The BearShare file-trading program, “supported” by WhenU spyware. In order to install BearShare, users must agree to install “the SAVE! bundle” from WhenU. The installer provides only a tiny window in which to read the lengthy license agreement. Although the installer claims otherwise, the software transmits users’ browsing activity to WhenU servers.

Spyware can also come bundled with shareware downloaded thats free or other downloadable software, as well as music CDs or Installer CDs from the Black Market CDs. The user downloads a program; for instance, a music program or a file-trading utility; and installs it; the installer additionally installs the spyware. Although the desirable software itself may do no harm, the bundled spyware does. In some cases, spyware authors have paid shareware authors to bundle spyware with their software, as with the Gator spyware(very well-known) now marketed by Claria. In other cases, spyware authors have repackaged desirable software with installers that add spyware.

Another way of distributing spyware involves tricking users online by manipulating security features designed to prevent unwanted installations. The security features of the design of the Internet Explorer Web browser militate AGAINST allowing Web sites to initiate an unwanted download. Instead, a user action, such as clicking on a link, must normally trigger a download. However, links can prove deceptive: for instance, a pop-up ad may appear like a standard Windows dialog box. The box contains a message such as “Your PC is not optimized fully, Would you like us to optimized for you?” with links which look like buttons reading Yes and No. No matter which “button” the user presses, a download starts, placing the spyware on the user’s system.

Some spyware authors infect a system by attacking security holes in the Web browser or in other software. When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and install of spyware. The spyware author would also have some extensive knowledge of commercially-available anti-virus and firewall software. This has become known as a “drive-by download”, by analogy to drive-by shootings which leave the user as a hapless bystander. Common browser exploits target security vulnerabilities in Internet Explorer and in the Microsoft Java runtime. Given that Internet Explorer remains the most widely-used browser and that many users neglect to update to more secure versions of their software, Internet Explorer provides an attractive entry point for the less scrupulous advertiser or computer-hacker.

Internet Explorer also serves as a point of attachment for spyware programs which install themselves as Browser Helper Object plugins.

In a few cases, a worm or virus has delivered a payload of spyware. For instance, some attackers used the W32.Spybot.Worm worm to install spyware that popped up pornographic ads on the infected system’s screen. By directing traffic to ads set up to channel funds to the spyware authors, they can profit even by such clearly illegal behavior.

So how can I protect my computer against spyware?

Three of the things you need to do:

• Have your Computer configuration set so that your computer tends to resist spyware
• Innoculate your computer by installing spyware resisting software
• Regularly scan you computer with Anti-Spyware and AntiVirus software

These topics are all discussed on this page.

Configuration Options

Step One : if you are running Windows XP then get the Service Pack 2 (SP2) upgrade installed. SP2 contains a number of useful enhancements including a popup blocker and privacy & security improvements.

Step Two : You can alter the settings in your browser to be more restrictive on what web sites can and can’t do. Assuming you’re using Internet Explorer, go to the Tools Menu and click “Internet Options”. The Internet Options dialog box should open. Select the “Security” tab. One the window which now displays you see the various web zones shown at the top, (Internet, Local Intranet, Trusted Sites and Restricted Sites. Internet should be selected automatically. In the lower part of the screen is a section called “Security level for this zone”. In this area there will be a vertical slider displayed and a button “Custom Level…”. If not click on the “Default Level” button and the window should to be as described. This slider allows you to set the general level of security. The recommended level is Medium. If it is set to Low or Medium-Low then reset it to Medium. You could also try High, but if you do then a number of web sites won’t work correctly. If you choose this route then when you encounter a web site you’d like to use you must add it to your Trusted Sites list. To do that, when you have the website displayed, copy the URL (the entry in the Address bar that begins “http”)

Innoculate your computer against spyware!

We are basically adding to our computer’s ability to resist spyware by setting it in advance to resist certain types of spyware like having a better shield for your trooper to fight with Spyware and Virus. Important, just remember to keep it up-to-date, either by purchasing their Autoupdate facility or by manually checking for latest updates for your AntiSpyware or Antivirus Software, let’s say, most recommeded once or twice a week.

Install & Run the SpyWare Scanners

The final step is to install and run one or more of the programs which search your computer for spyware and then remove it. You will probably be surprised when you first run one of these programs to find your computer is already infected. The good news is that there are a wide choice of anti-spyware programs to choose from, the bad news is that none of them detects all spyware and that there are a number of them on the market which are just out to make money from you - they offer free scans and then “find” spyware when none is to be found! …. they lie in order to get you to buy product.

So how do we know a good one? We go to a reputable source who has nothing to gain from mis-leading us and see what they have to say. He did some work to compare all the main players in this market, to see which ones really worked well, which ones were OK and which ones were out to rip people off. He also found that a number of brands were nothing short of copies of some of the others with slightly amended screens.

So which shall i recommend? In my opinionI , i recommend that you install the two best anti-spyware programs which came out of the tests. However since i am making a recommendation on Microsoft, Microsoft themself has bought one of them and is busy updating it to its own branding and style. They are providing a download in the form of a beta, so although we list it below, you should be prepared to update it regularly. The good news is that both are free to home users, and you must have an Original Installed Microsoft Window XP, as they will detect whether your PC is using a Genuine copy before you can download their Microsoft Anti-Spyware.

List of Anti-Spyware and Antivirus Software recommendation.

• AhnLab - Over 70% of user in Korea use this Software to date. AhnLab Antivirus are also listed in Microsoft Website List of AntiVirus Software
• Ad Aware from Lavasoft
• Beta version of Microsoft Anti-Spyware

Additionally, the latest release of ZoneAlarm Security Suite includes anti-spyware featrues. To get started I suggest you download Ad Aware Personal edition from their official website and get that running. The user interface uses some icons rather than words for the configuration links but basically it’s self install should be ok for most people. Note that Lavasoft do have other versions with extra features, but as a first try I suggest using the free copy. After a month if you are pleased of their products and want to try some of the paid service then that’s up to you.

Scedule your Scans

One of the things you soon realised, is that running these scans takes quite some time and may even stop you from using your PC, and while they’re running the rest of your computer feels like its moving turtle(as some AntiVirus Scanning may take up almost 60 ~ 90% of your resouces). Therefore you want to run these scans when you don’t need to use the computer for anything else. You could run them at night if you don’t mind leaving the machine on, while you are sleeping or perhaps just sometime when you’d rather watch some drama series that i’d recommended, but however you choose to organise it, you should aim to run scans about once or 2 times a week. This is the sort of area which you have to put in the initial effort to get set-up but which shouldn’t require too much effort after that beyond downloading the latest updates.

!! IMPORTANT NOTICE !!

Always keep Windows firewall switched ON always, anti-virus and spyware software up-to-date. Most products have automatic updating which is preferable; if auto-update isn’t available check for updates weekly using the ‘check for updates’ feature common in the AntiSpyware or AntiVirus software products that you installed. Most attacks use newly found vulnerabilities so your protection needs to be the latest and as most up-to-date as possible.

Hope this post will help.

Related Post

What Spyware really do - Read Here

Breaking News From CNN on Online Attacks common for businesses, as mentioned

Nearly nine out of 10 U.S. businesses suffered from a computer virus, spyware or other online attack in 2004 or 2005 despite widespread use of security software, according to an FBI survey released on Thursday.
Those attacks inflicted average damages of $24,000 on businesses and other institutions even as antivirus software security tools have become standard, the survey found.
Though 98 percent of respondents said they used antivirus software, nearly 84 percent said they had suffered a virus attack in the 12-month period covered by the survey.
Three-quarters said they employed anti-spyware tools, but 80 percent said they had dealt with a spyware attack.
Other types of security problems, such as network sabotage or unauthorized pornography, were less common and less costly.
Some 44 percent of attacks came from within the organization, the survey found. Of those coming from outside, nearly a quarter could be traced to China.
The high number of China-based attacks is “an unusually troubling statistic, especially when considering the potential impact of industrial espionage and state sponsored cyber warfare efforts,” the report said.
But the report’s authors cautioned that online attackers often route traffic through several computers to cloak their identities. An attacker in Romania, for example, might direct malicious code through a poorly defended computer in China before sending it on to a U.S.-based business.

Read more on CNN News About Spyware Related News 20 January 2006

Some old News about Spyware related Attack on PCWorld.com as mentioned,

With the title “Widespread Internet Attack Cripples Computers with Spyware” date April 21,2005, interesting and might learn 1 or 2 things from here,

An insidious new Internet attack that hijacks a victim’s Internet connection and stealthily installs a barrage of adware and spyware is targeting businesses and organizations across the United States.
The two-pronged attack, which has been ongoing since early March, has afflicted an estimated 20,000 computers, according to Ken Dunham, director of malicious code at IDefense, a Virginia-based Internet security company.
It starts with an assault known as DNS poisoning: Domain name system servers, which guide Internet traffic, are fooled into directing anyone heading to any .com Web site–for example, www.cnn.com or www.americanexpress.com–to a malicious Web site that the attackers control. That Web site then surreptitiously installs a wide range of adware and spyware on the victim’s computer.
Companies suffer from the attack in a number of ways. First, the Internet connection for anyone using the poisoned DNS server–often the entire company in the case of smaller businesses–is completely disrupted. All Web traffic and e-mail trying to go to any .com site gets hijacked for as long as the DNS server remains compromised.
Even after the DNS server is fixed, the company has to clean the adware and spyware from any affected computers, an onerous task that can keep IT people like David Parsons, who supports about 7000 people in his help-desk job at a Boston hospital, extremely busy. Parsons says his hospital was “slammed for about two days straight” by the DNS poisoning attacks starting March 29.
Dunham conservatively estimates that 3000 DNS servers at a range of U.S. companies, including at least two with more than 8000 employees, were compromised over the past month.
“It’s a very sophisticated attack,” Dunham says. His company sent out a high-level threat warning to its clients, which includes Fortune 500 companies and government organizations.
Dunham notes that both DNS poisoning attacks and the types of spyware and adware involved have been around for some time. But, he says, “this [attack] certainly is unprecedented in terms of the methodology and the sheer scope of adware and spyware installed.”
However, Web surfers at home generally are not vulnerable to this type of attack. Most ISPs use a type of DNS server called BIND, which is not directly affected by attempts at DNS poisoning. But older BIND servers can contribute to the problem by passing the attack along to vulnerable Windows DNS servers.

Want to read more about “Widespread Internet Attack Cripples Computers with Spyware”, read from their website here.

NewsGet On Net

:: Hacker “illwill” gets 2 year Prison
- William Genovese, Jr., 29, pleaded guilty last year to one count of unlawful distribution of trade secrets for putting Microsoft’s source code for its Windows 4.0 and Windows 2000 programs on his Web site and selling it. :: Read More On CNN.com :: Date : 27th January 2006 CNN Headline
:: HOW TO: Annihilate Windows Spyware - Step 1

The three main programs that can be used to remove 99% of all spyware are AdAware, Spybot Search & Destroy and more recently Microsoft’s AntiSpyware. If you have spyware problems, I recommend trying these three first, before scouring your system for other, hard to cure spyware infections. These programs are easy enough to use, but if you run into any problems please leave a comment. In Spybot S&D, be sure to turn on the immunization feature as well as Real Time Protection in Microsoft’s AntiSpyware.

Read More on paulstamatiou Webpage

:: More News on related post will be updated here.

Related Post
Kama Sutra Worm Attack - XBlog post on Kama Sutra Worm

Technorati Tag : antispyware | spyware | virus | microsoft | Tips | antivirus | download | software

You may be the one to comment first. Please leave your message below.

You must be logged in to post a comment.