The Henna Page Tech Pages
Shields up! Part 3
Reducing the Risks of Adware and Spyware
by Roy Jones © 2004 - 2007
Much of what’s available for download on the Web appears to be free. That is, you don’t have to pay for some of the neat little widgets, screensavers, toolbars, and other programs you find being offered on many Websites. That was true in the early days of general public access to the Web, but the days of the Internet “free lunch” are long past. There are still some things that are truly free, but many of the supposedly free tools and toys are really lures that have hooks in them that can be difficult to remove.

What I’m referring to is what is known as “spyware” and “adware.” These are programs that can be loaded along with that “cool screensaver” you just installed on your computer, allowing a remote user to do things such as track your movements around the Web, make popup ads appear out of nowhere on your computer, “hijack” your browser, that is, reset your homepage and make it impossible for you to set it back or start auto-dialing your modem to connect to an online porn dialup service that charges your phone bill some truly frightening rate per minute. What’s even scarier is that spam in general and spyware in particular are being used increasingly by organized gangs who steal identities and financial data online using spyware programs loaded without the user’s knowledge.

If you’ve read any of my other articles on taking care of your computer, you know I have little faith in government or industry’s ability or desire to deal with the problem. I believe that as the owners and operators of these amazingly powerful little data crunching machines, we, the users, have to assume the main burden of reducing the risk of adware and spyware and keeping our computers clean.

All together now, let’s repeat the Henna Page computer safety mantra:
“The responsibility for my computer’s security is mine and mine alone.”

Here are some simple, non-technical measures you can take to reduce the risk of a spyware or adware infection:

·    Be aware that anyone offering free software on the Web is likely to be doing so as part of a marketing strategy. If that’s the case, you can expect to be asked  to release some information about yourself as part of your terms of use.

·    Be careful of what you download from the Web. If you’re looking for freeware or shareware programs, get them from a reputable site, for example http://www.tucows.com or http://www.snapfiles.com. These sites have links back to the developer’s pages so you can do a little research and be more certain of exactly what it is you’re about to install.

·    Read the fine print. Before you subscribe to or install anything, read the terms of service (TOS) or the end user license agreement (EULA) when it comes up and don’t click the “OK” button until you’re sure you know what you’re about to agree to. Some EULAs contain clauses saying you agree to installation of some software other than the main product or that you agree to usage statistics or other information being collected and transmitted to a remote party. This kind of data collection could be nothing but harmless anonymous marketing data, but it could be something more. You need to read all the documentation on the software to make an informed choice.

·    Turn off the HTML option in your e-mail client software. When you open an e-mail message and see a full color page complete with hyperlinks, what you’re looking at is really a Web page sent in the form of an e-mail message. When you open that message, you could be triggering a script that records your e-mail address as “live,” setting you up for more spam from the same source. Also, the Web server that hosts the message could install a “tracking cookie” on your computer that could help give away information about your online activities. If your e-mail client software is configured for text-only, the Web processes never run, unless you follow the hyperlinks in the text file to visit the site.

·    Use a pop-up blocker. All the major browsers have built-in pop-up blocking. You can also install a third-party popup blocker in your browser. The installable popup blockers usuall come as part of a "tool bar," but be careful, some of the “search bars” and “toolbars” that advertise their ability to handle pop-ups are spyware themselves. One third-party toolbar that is reasonably safe is the Google Toolbar, which you can download at: http://www.google.com/options/index.html.

·    Be careful with your online browsing. Most commercial Websites install a cookie on your browser, and some can be very useful in helping you connect to frequently used services, or creating a more personal experience on the site, but some cookies are hostile. You can configure your browser to ask you before accepting a cookie and you can manage the browser’s cookie file, removing some or all of the cookies from the system.

Ok…so you’ve done all the above and more but you still have problems with pop-ups or you suspect some clandestine process is running on your computer. What to do you do?

Arm yourself and prepare to repel invaders!!
   
Spyware removal tools are available free on the Web. Two of the heavy hitters among scanner-type spyware removers are Sypbot Search and Destroy and AdAware. You can download Spybot at http://www.safer-networking.org/en/index.html. AdAware is at: http://www.lavasoftusa.com/software/adaware/.

Both these tools work similarly to anti-virus software. They use pattern files to identify spyware files and spyware-related changes in the system and remove them. The pattern files are updated regularly and both Sypbot and AdAware can be updated from their manufacturer’s online files with a couple of mouse clicks.

I do a lot of Web searching for work and research, and I pick up a fair amount of spyware that gets loaded in the background, so I keep an updated copy of AdAware on my computer and run a full scan weekly.

Two other useful free tools are the “Browser Helper Object Demon” and “Hijack This.”

Browser Helper Object Demon, or BHOD, is specifically for Internet Explorer users. It identifies the files associated with plug-ins to Internet Explorer and presents them as a list along with buttons to disable or enable each.

If you have Adobe Acrobat or the Acrobat reader installed on your computer, BHOD will probably identify it as a “helper object” called AcroIEHelper.ocx. If so, that means you’ve enabled browser integration for Acrobat in Internet Explorer so any PDF file you open from the Web will display in your browser. If you took my suggestion and installed the Google Toolbar, you will see that identified in the BHOD output screen too. If you see anything else, click the “disable” button to turn it off, because it’s probably spyware. If, after disabling a process in BHOD, you find some plug-in you need has disappeared from Internet Explorer, you can re-enable the process using the “enable” button in BHOD.

"Hijack This" takes a little more skill and knowledge to use, but it’s a good tool for finding and killing spyware. To make the best use of Hijack This, you have to be fairly knowledgeable about the various processes that run on your computer and recognize them and their supporting files by name, but some things are obviously non-essential and probably spyware and can be removed safely. Hijack This creates backup files that allow you to retrace your steps and restore anything that shouldn’t have been deleted. 

All this just touches the surface of the growing spyware/adware problem, but it’s enough for you to get started on cleaning up your computer and hardening it against future infections. If you want to look more deeply into this and other computer security issues, I recommend http://www.securityfocus.com. Use their site search tool to locate current articles on security-related subjects.
 
You can e-mail specific computer questions to Roy Jones at streetleveltech@hotmail.com.

Back to The Henna Page Tech Pages Index

Can't find what you want here?  Try The Henna Page Main Index.