Triware Networld Systems 

Celebrating Over 17 Years Of Around The Clock Superior Network Systems Service & Support!

 

Home
Solution
Technology
Service
Support
Client
Partner
Career
Events
News
   Back ] Up ] Next ]
 
   

 

PUBLIC ENEMY NUMBER ONE OF THE INTERNET

Call it Adware, Bot Code, Malicious Code, Malware, Spyware, or Unwanted Programs.  Here at Triware Networld Systems, we call it Public Enemy Number One of the Internet.  The situation is so bad that four anti-Spyware bills are making their way through Congress as you’re reading this.

Unlike Viruses and Spam, which we covered in one of our white papers, there really isn’t an easy way of preventing and eliminating Adware and Spyware. Even if one really understands emerging technologies and Windows Operating Systems, safety is never a guarantee. The simple mistake of clicking on a bad link in an e-mail or on a Web site could bring you endless, time-consuming headaches.

The way they get in

Peer-to-Peer Networks — used to share files, software, music, movies, games and the like — is just one way to expose you to an unsafe environment.  By design, when you join a Peer-to-Peer Network like BitTorrent, Kazaa or eDonkey, you make your PC vulnerable to a full array of possible infections, including viruses, Adware, Spyware and all other malicious codes under the sun.

Many users wouldn’t consider public Instant Messenger (IM) networks as Peer-to-Peer Networks. But they are.

It is relatively safe these days to use more popular public IM networks like AOL, MSN and Yahoo because providers are aware of the potential for hackers. But the same can’t be said about lesser known IM tools.

Embedded Links, Scripts and attached files traveling via e-mail — mostly originating from spam but sometimes from infected acquaintances — are commonly used to distribute malicious codes.  The subject lines and content of these e-mails can appear to be official and attractive. But they all have one goal in mind: to get users to click on links, scripts or attached files.

Web sites are also capable of infecting your PC with Adware and Spyware without permission and transparent to users.

Even search engines can be dangerous. 

Let’s say you visit a popular, trusted search engine and type in “buying software to prevent Adware and Spyware.” An almost endless list of results will greet you. But beware: some of them can forward you to infecting sites. The same is true with any other search.

Freeware and Shareware can also be dangerous — especially freeware.  I like the concept of shareware to certain degree if it’s well-known, and you do eventually pay for it. But numerous Internet browser toolbars and add-ins include Adware and Spyware.  Many beautiful screensaver have malicious codes hidden in them.  Some will even hijack your default search engines.

Unprotected PCs create yet another opening for malicious codes.  As soon as an unprotected PC gets online, it is vulnerable to the attacks of tens of thousands of malicious codes. No action necessary.

Blended Attacks are another way malicious codes infect PCs. A PC may be equipped with reasonable protection, but if a virus definition or security update is only a bit old, a virus, worm or Trojan horse has the ability to open back doors, disable your protection and even call its mother ship to download more malicious codes. Meanwhile, thousands of unrelated malicious codes are searching for these back doors to join the party uninvited.

What do Adware & Spyware do?

Unleashing an annoying barrage of pop-up advertisements is the most obvious purpose of malicious codes.  But sometimes they pop up so fast that nobody really has the time to enjoy them. So then, one may ask, “What’s the real purpose?”

Tricky messages will sometimes appear in these pop-ups like “It looks like your PC has been infected with Adware and Spyware. Please click here to download a free tool to remove it.” Or perhaps you’ve seen: “Your computer has been corrupted. Click here to buy our tool to clean it.” Sometimes, even when you attempt to close a pop-up, it will send you where it wants to. And even more often, closing a pop-up will lead you to another annoying barrage of pop-up advertisements.

Making the PC a Zombie is essentially the method in which a malicious code can infect and manipulate a host device for a multitude of purposes. Once a Zombie infects a hosted PC, it can use it to organize a Distributed Denial of Service (DDoS) attack on any given Internet target.  The PC becomes one of the tens of thousands of Zombies helping Adware and Spyware scan for new prey, spreading the infection to any unprotected PCs.  And it is doing so at the PC’s expense, slowing it down so it has all of the resources it needs to infect.

Invading your privacy is another skill that Adware and Spyware are well-versed in.  By keeping track of the Web sites you visit, how much time you spend on these sites, what you buy online, what software you use and what type of computer you own, Adware and Spyware can send valuable information back to their masters, who then sell the information to willing buyers.

Stealing confidential data, such as user IDs, passwords, names, credit card and banking account information and stock and mutual fund activity, is another purpose of Adware and Spyware. Certain codes can go as far as to look through your money management software for confidential information.  As if invading one’s privacy isn’t bad enough, malicious codes can also sell this information to many willing buyers.

How to eliminate Adware & Spyware

There is no easy answer to ridding of Adware and Spyware. Even today, no single software vendor can rid your computer of all traces of Adware and Spyware. Not even a combination of software can completely clean a PC.

In most cases, it takes less time to copy your data, wipe your disk clean and rebuild your PC from the ground up.

However, rebuilding your PC from the ground up is not always an option.  Most PCs come pre-loaded with software that you may not have the CDs or license keys for. You may have also bought software online without ever receiving a CD. And certain software licenses are based on the characteristics of your PC. Wiping your disk clean would mean losing those characteristics.

And needless to say, rebuilding a PC is not a walk in the park — even for those PC users who have all the necessary software. You’re looking at many, many hours of downtime and CD feedings.

It’s hard to completely understand the scope of eliminating Adware and Spyware until you yourself have become infected. The cost of cleaning Adware and Spyware can well exceed the cost of your PC alone because, in most cases, you’ll require a professional to do it.

Below is the procedure we use to clean an infected PC if rebuilding is not an option:

  1. Back up all critical data on CDs, DVDs or other Medias.

  2. Disconnect infected PC from Internet.

  3. Install a combination of well-known anti-virus, Adware and Spyware tools from CDs.

  4. Update all security patches and anti-virus, anti-Adware and Spyware definitions from CDs.

  5. Perform a scan by using each of the anti-virus, Adware and Spyware tools repeatedly until the results are the same after at least two rounds of scanning. Reboot when instructed to do so.

  6. At this point, the PC is usually somewhat usable, and its speed is reasonable. But the PC isn’t always 100 percent clean. It takes a trained and seasoned professional to identify what else is left on the PC and manually clean the remaining malicious codes. During this step, cleaning will most likely take place in the Windows registry, to ensure that a back-up exists if necessary before any cleaning. There isn’t a set formula for this, and it takes an exorbitant amount of time and detective work.

  7. When the PC is finally clean — or at least we think it is — we connect the PC back into the Internet and immediately update all security, anti-virus, Adware and Spyware definitions and perform at least one round of scans with each installed tool.  If all is well, the chances are that the PC has returned to normal.  Otherwise, the PC must be disconnected and returned to Step 5.

If even this procedure fails, one should consider rebuilding the PC.  But before doing so, make sure you have the software and licenses required to rebuild.  It is a must to rebuild behind a firewall in a clean environment. And the first thing you should do after rebuilding your Operating System is update your security patches.

How to Prevent Adware & Spyware

Again, there is no easy solution to protecting your PC from Adware and Spyware. But there are a few things one can do to increase the chances of remaining clean:

  1. Avoid using public peer-to-peer networks, especially lesser known tools.

  2. Avoid clicking on links and attachments via e-mail unless from trusted sources.

  3. Avoid Web sites you do not trust and be careful with search result links.

  4. Do not download freeware and sometimes even shareware.

  5. Keep your Operating System updated with security patches.

  6. Install anti-virus, Adware and Spyware tools and keep the signature files updated.

  7. Install gateway-level firewalls and desktop- or laptop-level firewalls.

  8. Log onto the PC with a non-administrative account.

  9. Remember that nothing is free. Everything has its prices and costs.

Conclusion

In our capitalist society, most commercial activities are driven by profit.  Adware and Spyware makers are not doing this for fun.  Someone is paying them to continue, and someone is making a profit.

One may be surprised to find that companies like JC Penny, Capital One, Vonage Holdings, Monster, Expedia, Priceline.com, Orbitz, Sprint, Sony, Circuit City and Mercedes-Benz are just a few of those using pop-up advertisements, according to the Associated Press.

What is worst, Viruses, Worms, Trojan Horses, Malware, Spam, Adware and Spyware have mutated into blended threats now.  There is no longer a clear separation between them now.  Many malicious codes even come with free software and, in some cases, paid software.

And many entities are knowingly distributing hidden codes for their own benefit without permission or disclosure to end users.

The cure to this problem I suspect is not going to come from government regulations, unless it’s globally enforced (also refer to our Air-Tight, Multi-Layer IT Security Defense Systems™ Solution Matrix).

For now the cure, or shall I say the prevention, must come from some of the practices I have mentioned above and multi-layer defense systems like TNS’s Air-Tight, Multi-Layer IT Security Defense Systems.

 

By Benson Yeung, Senior Partner

Back to Top

Information Request Form

Sign up for TNS News Letter

Information Request Form

Select the items that apply, and then let us know how to contact you.

Request a Senior Partner contact me
Request a Web Meeting and / or Web Demo
Subject
Name
Title
Company
Address
E-mail
Phone

Business Partners

     

© Copyrights Triware Networld Systems, L.L.C. ® 1991-2008