Spyware adware by dominique fruchtman www consultdom com consultdom@comcast net
Download
1 / 34

Spyware Adware - PowerPoint PPT Presentation


  • 451 Views
  • Updated On :

Spyware & Adware by Dominique Fruchtman www.consultdom.com [email protected] SPYWARE What is it? Why is it bad? How do I get rid of it? How do I keep it off? www.pchelp911.com/files/startcop.zip Bad News Corrupt hard drive, damaged operating system

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Spyware Adware' - oshin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Spyware adware by dominique fruchtman www consultdom com consultdom@comcast net l.jpg

Spyware & Adwareby Dominique [email protected]

SPYWARE

What is it?

Why is it bad?

How do I get rid of it?

How do I keep it off?

www.pchelp911.com/files/startcop.zip


Bad news l.jpg
Bad News

  • Corrupt hard drive, damaged operating system

  • Exposure of private information

  • Stolen usernames and passwords

  • Identity theft

    Spyware and adware finds you when you...

  • Visit web sites or open spam, automatically installing on your machine without you knowing

  • Visit a web site and it assigns you a tracking cookie

  • Share music, files or photos with other users

  • Install programs without fully reading license agreements


Spyware stats symptoms l.jpg
Spyware Stats & Symptoms

9 out of 10 Internet-connected PCs are infected with spyware and adware

  • A recent study found an average of 26 spyware and adware traces per scan.

  • Increased pop-up ads

  • Slow computer performance

  • Unexplained home page change

  • Mysterious web search results


Spywaredefined l.jpg

Strictly defined, spyware consists of computersoftware that gathers and reports information about a computer user without the user's knowledge or consent. More broadly, the term spyware can refer to a wide range of related malware products which fall outside the strict definition of spyware. These products perform many different functions, including the delivery of unrequested advertising (pop-up ads in particular), harvesting private information, re-routing page requests to fraudulently claim commercial site referral fees, and installing stealth phone dialers.

SpywareDefined


Spyware vs adware l.jpg

Spyware as a category overlaps with adware.

Many web browser toolbars may count as spyware.

Adware load ads from a server and displays them while you run a program, with your permission

Software developer gets ad revenue

User gets to use the program free of charge.

In these cases, adware functions ethically.

If the software collects personal information without permission (a list of websites visited, for example, or a log of keystrokes), it may become spyware.

Spyware vs. Adware


Spyware barnacles l.jpg

Programs installed with your knowledge do not constitute spyware

Some legit software installs additional programs to collect data or distribute ads

These barnacles can:

Drastically impair system performance

Abuse network resources

Slow throughput/impede internet speed

Difficult or impossible to remove

Spyware Barnacles


Spyware vs virus l.jpg
Spyware vs. Virus

Both:

  • Install without the user's knowledge or consent

  • Cause system instability

    A Virus:

  • Replicates itself, spreading copies to other computers

  • Relies on users with poor security habits in order to spread

    Spyware:

  • Does not replicate

  • Relies on persuading ignorant users to download and install by offering some kind of bait (such as freeware)


Appears harmless even fun l.jpg
Appears harmless, even fun

A common spyware program targeted at children, Bonzi Buddy, claims that:

He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse, search, e-mail, and download like no other friend you've ever had! He even has the ability to compare prices on the products you love and help you save money! Best of all, he's FREE!


Spyware does l.jpg
Spyware does…

  • Start every time the computer boots up

  • Uses CPU cycles and RAM

  • Reduces system stability

  • Runs at all times

  • Cannot be shut down

  • Monitors Internet usage

  • Delivers targeted ads

  • Does not replicate onto other computers

  • Functions as a parasite but not as an infection


A virus goes beyond l.jpg
A Virus goes beyond

  • A virus carries a payload

  • May damage user's system (deleting files)

  • May make PC more vulnerable to further attacks by opening up a "back door“

  • May put the machine under the control of malicious third parties for spamming or denial-of-service attacks.

  • Replicates itself onto other computers.

  • Functions not only as a parasite, but as an infection as well.


Spyware damage l.jpg
Spyware Damage

  • Spyware does not damage the data files

  • Intentionally invades your privacy

  • Steals bandwidth

  • Can cause users to reformat the hard drive

  • Can cause users to reinstall the operating system

  • Can prove expensive in terms of anti-spyware programs


Rapid accumulation l.jpg
Rapid Accumulation

Windows-based computers rapidly accumulate spyware components

Spyware infection (privacy issues aside) include:

  • Substantial loss of system performance – more than 50% in extreme cases

  • Major stability issues – crashes and hangs

  • Difficulty in connecting to the Internet

  • Spyware (often inadvertently), modifies DLLs needed for connectivity


Monetary consequences l.jpg
Monetary Consequences

  • Spyware infection requires professional help more than any other single cause

  • No user awareness of spyware

  • User assumes system performance, stability, and/or connectivity issues relate to hardware, Windows installation problems, or a virus


Additional consequences l.jpg
Additional Consequences

  • Stealth dialers attempt to connect directly to a particular telephone number rather than to a user's own intended ISP

  • The number in question involves long-distance or overseas charges

  • Results in massive telephone bills


Windows system files l.jpg
Windows System Files

  • Targetsoft, for example, modifies system files to make themselves harder to remove

  • Targetsoft modifies the Winsock (Windows Sockets) files.

  • If you delete the spyware-infected file "inetadpt.dll“, it will interrupt normal network usage


How spyware sneaks in l.jpg
How Spyware Sneaks In

  • The spyware component comes bundled with an otherwise apparently useful program

  • Programs are free, to encourage the wide uptake of the spyware component

  • This applies especially with file-sharing clients such as Kazaa, and other P2P applications

  • Xolox.com is one of the few that is Spyware-free


Internet explorer l.jpg
Internet Explorer

  • Spyware takes advantage of security flaws in Internet Explorer.

  • Internet Explorer installs Spyware via a drive-by download with or without a prompt.

  • A drive-by download takes advantage of easy installation via an ActiveX control or components


Cookies l.jpg
Cookies

  • An HTTP cookie can count as Spyware.

  • A search engine website could assign an ID code to a user the first time he/she visits

  • It stores all search strings in a database with this ID as a key

  • It can use this data to select advertisements to display to that user

  • It can also transmit derived information to third parties.


Inadvertently installing spyware l.jpg
Inadvertently Installing Spyware

  • Granting permission for web-based applications to integrate into one's system can also load spyware. These Browser Helper Objects — known as Browser Hijackers — embed themselves as part of a web browser.

  • Spyware usually installs itself by some stealthy means. User agreements for software may make references (sometimes vague) to allowing the issuing company of the software to record users' Internet usage and website surfing. Some software vendors allow the option of buying the same product without this overhead.


Drastic measures l.jpg
Drastic Measures

Clean Install of Windows

  • Only consider it when a problem has become so severe that the PC has become non-functional

  • You must have a complete back up of your data along with all the setup disks

  • A clean install means erasing all the data from your hard drives, formatting, and re-installing the operating system

  • Always install the latest updates/Service Packs

  • Only advanced users or a computer technician should attempt this remedy


The best cure microsoft to the rescue l.jpg
The Best Cure: Microsoft to the Rescue

  • “Windows Antispyware” may be the best shot at repairing system performance lag

  • You download this program free of charge as of March 2005

  • If you choose not to invest in Windows XP must look for other remedies, but look at the relative cost


Combating spyware l.jpg
Combating Spyware

  • Spyware Removal Programs – buy one

  • Rarely, some free purge a system of spyware, only to install their own

  • Spyware takes advantage of Internet Explorer vulnerabilities

  • Disabling ActiveX in Internet Explorer will prevent some infections. However, websites that make use of ActiveX will no longer work

  • Better than that, use a less vulnerable browser such as Mozilla Firefox (www.getfirefox.com)


Non windows pcs are safer l.jpg
Non-Windows PCs are safer

  • Currently-known spyware does not specifically target non-Windows systems, such as those running Mac OS or Linux

  • Most people online use Windows; there is little financial incentive to bother with Mac and Linux


More prevention l.jpg
More Prevention

  • When you install a free program, use a search engine to see if this program has a reputation for bundling spyware

  • AOL Instant Messenger, has debatable components that can be unchecked at the time of installation

  • It pays not to rush through the installer


Why doesn t virus software help l.jpg
Why doesn’t Virus software help?

Anti-virus products (Norton, McAfee, Trend Micro have lagged in responding to the threat of spyware because:

  • Differences between spyware and viruses

  • Spyware may inform end-users, albeit in hidden legal jargon, what it will do. Spyware originators use this escape clause - "Well, we told the user what our software would do, and they installed it anyway"

  • The difficulty of defining spyware

  • Some spyware comes bundled with legitimate programs that a user agrees to install – removing the Spyware could disable the program


How is a virus different l.jpg
How is a Virus different?

  • Viruses usually originate with individuals.

  • Spyware originates from companies

  • Spyware employs effective legal teams

  • Spyware can sue makers of anti-spyware software for listing their product(s) as spyware

  • This makes scanning for and cleaning spyware different from the anti-virus world

  • Virus writers operate anonymously outside the law and would reveal their identity by suing


Incomplete spyware list classified by effect l.jpg
Incomplete Spyware List, classified by effect

Generating pop-ups:

180 Solutions

DirectRevenue

lop.com (advertising, pop ups, security risk, tries to dial out at random)

Generating pop-ups, damaging and/or slowing computers:

Bonzi Buddy

Cydoor

Gator, Claria Corporation (Ads, pop ups, privacy violation, significant security risk, partially disables firewalls, stability issues, hard to remove)

New.net (security risk, stability issues, common cause of inability to connect)

ShopAtHomeSearch

Hijacking browsers:

CoolWebSearch - a well-known browser hijacker; some variants have a reputation for damaging the TCP stack when forcibly uninstalled

Euniverse

Xupiter


Spyware cont d l.jpg
Spyware, cont’d

Committing Fraud:

XXXDial

Stealing information:

Back Orifice (arguably better categorized as a Trojan Horse, since its open source code militates against secrecy and -- unlike most spyware -- it has no commercial motive. Also has legitimate uses such as remote administration.)

Masquarading as a Spyware remover:

SpyKiller

Complete list here: http://www.spywarewarrior.com/rogue_anti-spyware.htm


Spyware cont d30 l.jpg
Spyware, cont’d

  • Miscellaneous:

  • (Advertising, fake alert messages, possible privacy violation, security risk)

  • MarketScore (Claims to speed up Internet connections: serious privacy violation, loss of Internet connection on some systems)

  • CnsMin (Made in China; privacy violation. Preset in many Japanese PCs as JWord!)

  • Known programs bundling adware:

  • Kazaa

  • Bearshare

  • DivX (except for the paid version, and the 'standard' version without the encoder)


External links l.jpg
External Links

External links

Lavasoft Ad-Aware SE Personal (http://www.lavasoftusa.com/support/download/#free) — (Freeware Version)

Aluria Software spyware removal (http://www.aluriasoftware.com) — Personal and business antispyware

HijackThis (http://merijn.org) (mirrors: 1 (http://spywareinfo.com/~merijn) 2 (http://209.133.47.200/~merijn/) 3  (http://ftp.officefive.org.uk/sites/www.spywareinfo.com/~merijn/) 4 (http://www.richardthelionhearted.com/~merijn)) — offers utilities to remove several spyware problems which Ad-Aware or Spybot Search & Destroy cannot currently fix.

Hitman Pro (http://www.hitmanpro.nl) — A bundle of related spyware removal software, in Dutch.

Microsoft Anti-Spyware (http://www.microsoft.com/athome/security/spyware/software/default.mspx) — (Still in beta as of April 2005)

PestPatrol[5] (http://www.pestpatrol.com/)

Spybot - Search & Destroy[6] (http://www.safer-networking.org)

Spyware Doctor[7] (http://www.pctools.com/spyware-doctor/)

Spy Toaster[8] (http://www.spytoaster.com/)

Spy Sweeper


Communities l.jpg
Communities

 www.forums.tomcoyote.org — Spyware removal help forum, and classroom to teach removal techniques

Google Spyware Removal Group (http://groups-beta.google.com/group/spyware-removal)

Bleeping Computer Spyware Removal Tutorials (http://www.bleepingcomputer.com/forums/tutecat38.html) — tutorials for HijackThis, Spybot, and Ad-Aware.

Geeks To Go (http://www.geekstogo.com/forum) — Hijack assistance and malware removal forum.

Spywareinfo Forums (http://forums.spywareinfo.com/index.php) — help for removing adware, spyware and malware.

SpywareWarrior  (http://spywarewarrior.com/index.php) — forum that came under fire (http://www.netrn.net/archives2/000539.html) in May 2004 for posting information about a spyware company.


Guides l.jpg
Guides

Spyware/AdWare/Malware FAQ and Removal Guide (http://www.io.com/~cwagner/spyware/)

doxdesk.com parasite database (http://www.doxdesk.com/parasite/) — Removal instructions for most common spyware/adware/malware parasites.

Computer Security (http://www.boredguru.com/modules/articles/index.php?storytopic=16) — Tips and tricks for manually removing common trojans, adware and spyware.

Rogue AntiSpyware List (http://www.spywarewarrior.com/rogue_anti-spyware.htm) — list of spyware removal programs to avoid

Prevention:

Financial investors who support spyware  (http://www.benedelman.org/spyware/investors/) A list of investment firms which support large scale spyware companies.

Spyware Prevention and Removal (http://www.pcreview.co.uk/articles/Internet/Spyware_and_Adware_Removal/) How to prevent Spyware and Adware, and a guide to removing it should the worst happen.

Spyware Prevention (http://www.freespywareremoval.info/prevention/) Proactively preventing spyware.

Dealing with unwanted spyware and parasites (http://mvps.org/winhelp2002/unwanted.htm).

The Spyware Inferno (http://news.com.com/2010-1032-5307831.html) - article on the rise of spyware, with a hierarchical list of different kinds of spyware based on levels of danger.


Bottom line l.jpg
Bottom Line

  • Use Windows XP, Service Pack 2

  • Use Mozilla Firefox instad of IE

  • Regularly scan your PC with AntiSpyware

  • Be cautious of downloads

  • Read the EULA carefully

  • Remember: Spyware arrives quickly – if you notice a sudden change in system performance, run a scan immediately


ad