?
Solved

adware / spyware question

Posted on 2003-03-02
30
Medium Priority
?
334 Views
Last Modified: 2013-12-04
Hi
I've been reading-up about spyware / adware, e.g.:

http://www.wired.com/news/privacy/0,1848,49430,00.html
http://www.wired.com/news/technology/0,1282,49960,00.html
http://news.com.com/2100-1023-257592.html

I checked my PC and noticed that I had three different adware programs installed on my WinXP PC without my knowledge.  I have a fully updated Norton AV 2003 but it hasn't stopped them.  I've contected Smantec but no answer yet.

Does anyone know how I can block these programs?

Bristol_City
0
Comment
Question by:Bristol_City
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
  • 6
  • +7
30 Comments
 
LVL 9

Expert Comment

by:MSGeek
ID: 8052146
Yes, you can purchase the full version of Ad-aware 6 from lavasoft.  They claim it will protect against this and pop-ups.   This is a fairly new technology and just like antivirus software may not be foolproof.   I have not purchased it yet myself, but am considering it.   It's bad enough maintaing anti-virus, hardware and software firewalls.
0
 
LVL 34

Expert Comment

by:sramesh2k
ID: 8052508

Anti-virus s/w are capable of detecting malicious code and trojans/viruses only, but not the Adwares.

adaware is the best tool.
0
 

Author Comment

by:Bristol_City
ID: 8052537
thanks. I still have not heard from Symantec ... I would have thought it was a growth market for them.  

It will be a pain to have to buy yet another piece of software.  

BTW I installed adware scanner software and it listed 154 adware programms on my hard drive.  154!
Even if this software is exagerating, that's an incredible amount of programms running on my PC.

Bristol_City
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 11

Expert Comment

by:ghana
ID: 8052544
Another good tool is "SpyBot Search & Destroy" (http://beam.to/spybotsd). It is freeware.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8052682
I would have sugested SpyBot, but it does not have a feature that will run in the background like anti-virus sofware and prevent malicious activity.  Ad-Aware 6 does now have this is you upgrade from the freeeware version.  I agree with the statement that Symantec is nissing a market here, I don't think it will take them too much longer to pick up on this.
0
 
LVL 11

Expert Comment

by:ghana
ID: 8052736
That's right, MSGeek. SpyBot doesn't have a realtime scanner. Do you have experience with Ad-Aware 6 Pro/Plus? I would be interested in the CPU load on a computer running both, antivirus and Ad-Aware 6, with realtime scan enabled.

If you have a modem or ISDN card in your computer you also have to think about antidialer software. That could be the third software with a realtime scan and I'm afraid one day 70% of our CPU power will be used by security software...

0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8052772
I would be interested in the load as well, sorry no experience.  As I stated above I haven't gotten the plastic out yet, but I'm not far from it.  Perhaps it's all an Intel plot to get us to build multi-processor and parallel processor boards?  ;)
0
 
LVL 11

Expert Comment

by:ghana
ID: 8052814
Possible. Do you think we will rename the software category "Antiadware" in "Anti-Intelware" if your assumption will come true some day??
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8053019
;)
0
 
LVL 10

Accepted Solution

by:
LRI41 earned 200 total points
ID: 8053503
I use the new Adware Professional, Spybot , and Pest Patrol
I haven't tried the following one yet:

Lockergnome Windows Digest] Bullhead Graffiti and the Nucleus  
Date: 2/15/2003 11:52:54 AM Pacific Standard Time

Spyware-Guide.com

http://www.spywareguide.com/


{Guide to stopping spies} Spyware Guide provides information about
spyware and adware, something we all despise, right? OK, who
shouted, "No?" You must write spyware. If not, e-mail me; I've
gotta meet you. The site does clearly state that it does neither
agrees nor disagree with the makers of spyware or adware software,
and it is NOT a sounding board for debate. It's there as a
resource to serve the Internet community. Recently, two spyware
programs attacked me; one was from a program that I was testing
for you Gnomies (which I immediately removed it from the review
list), and another came out of nowhere. I looked them up and this
source listed one of them, explaining what it is and how to squash
it. I dropped a line to the folks behind the site telling them
about the second piece of spyware that I encountered, and maybe
it'll be posted soon. Especially nice is the Blocklist File
download [

http://www.spywareguide.com/blockfile.php

Spyware Block List File
What and Why?
Tired of all that Spyware and Adware crap being installed by ActiveX ?
But don't want to loose out on functionality?
We have created a system that blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".
When a page tries to install a component from our list, it will fail.
When a page tries to use a component from our list that was already present on your system, it will fail too!
Other, "friendly" components are not affected.
Download and Installation
The best part of it is that we can pull this off without any programs running on your Pc, without even having to run a program to install the block list! All you need to down is download the -small- registry file below (Right-Click, choose "Save As...") and then double click it to enter it into the registry and activate the protection.
Download Now!
Last Update: 2003-2-12 20:10:52
Check back here often!

Les Irvin

0
 

Expert Comment

by:Tonrar
ID: 8053569
I currently run Ad-Aware 6.0 with Ad-Watch 3.0 (comes with Pro version)and Norton Anti-Virus on the following machine:

AMD XP 1800+
512 MB RAM

No load nothing.. Ziltch!! I would say almot negligible. Hope that helps!
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 8056047
There are a number of factors here.
First is that a lot of "freeware" packages won't work without the spyware - pkzip for windows for example installs and won't run without the timesync spyware (for which the fix is to redirect its update server to localhost, of course :)
Second is that a lot of "spyware" found by AdAware is in fact things like cookies in the IE cookie directory. yes, they are a privacy threat, but they aren't spyware in any real sense, and in fact aren't any sort of software at all.
Third is that AV software isn't really that good for detecting trojans - hence the Antitrojan software market.
0
 
LVL 10

Expert Comment

by:LRI41
ID: 8057970
4 Anti-Trojan software check out Pest Patrol, but its
not free:

PestPatrol 4.0

http://www.zdnet.com/supercenter/stories/review/0,12070,563571,00.html


ZDNet Review
               
December 10, 2002

When you're on the Internet, you're vulnerable to all kinds of malicious code. Your antivirus software will weed out some of the Trojan horses, and your firewall will stop some malicious users from getting inside your PC. But to rid your system of the other bad stuff--poisoned Java and ActiveX Web scripts, for example--you'll need a program that's dedicated to doing just that. PestPatrol stops password crackers; keystroke logging; ad-serving software, cookies, Trojan horses; and possible distributed denial-of-service attacks, making it a crucial safeguard for your desktop or network server. If you want to keep your computer and data

0
 
LVL 24

Expert Comment

by:SunBow
ID: 8061071
> First is that a lot of "freeware" packages won't work without the spyware

Spyware also comes as trojan with a variety of update programs. Some, from major mfr's and OEMs. It was part of new computer I bought, and is thoroughly embedded on CD, resurfaces every restore or install.

I see a lot above on AdAware type products. Do not neglect the personal firewalls, such as ZoneAlarm, that can more easily catch any product trying to call home. Some ISPs and IMs and other products are loaded with them.

We need somehow to put our feet down on this and make these wares less than worthwhile for those promoting them.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8061781
Sun Bow.. interesting..Are firewalls enough?  Do we block everything, or just port 80?  I like your point and am not trying to be obnoxious, I don't care to create another Abti-virus industry.
0
 
LVL 1

Expert Comment

by:ezlife
ID: 8061970
spybot is the greatest, but if you do some reading you'll find that keeping knowing how to get rid of spyware is pretty ez, you're better off staying on top of it if you really don't want it. I have a firewall but I still check my ports occasionally!!!
0
 

Expert Comment

by:Count_Onnet
ID: 8071114
Several items I've found VERY helpful in the battle against unwarranted adware and spyware:

SPYBOT (already mentioned, but also available from download.com)
http://download.com.com/3120-20-0.html?qt=spybot&tg=dl-2001

SPYWAREBLASTER  (which has the real time protection that Spybot lacks)
http://www.wilderssecurity.com/spywareblaster.html
(Also available from wilders.org is a program called spywareguard, but I haven't used this one yet).

And finally, a gent by the name of Andrew Clover (not the other one) has a clever bit of javascript on his page at http://doxdesk.com/parasite/ that can detect some of the slippery programs that slip by the others.

Keep fighting the good fight, and good luck!
0
 
LVL 11

Expert Comment

by:ghana
ID: 8071310
Count_Onnet, thanks for your comment. I didn't know SpywareBlaster until now and it seems to be an interesting tool for users of Internet Explorer! But keep in mind, that SpywareBlaster only protects against installation of ActiveX based spyware while browsing with Internet Explorer. It doesn't protect against spyware that is not ActiveX based and it can't detect spyware that is already installed on a computer. Like SpyBot it doesn't have a file system real time protection.
0
 

Author Comment

by:Bristol_City
ID: 8084518
Someone mentioned 'diallers'.  What are they and how do they work?
0
 
LVL 11

Expert Comment

by:ghana
ID: 8086389
Dialers are small programs that are able to establish a online connection via modem or ISDN adapter card. Some dubiously people try to install dialers on the computers of users while they are browsing in the internet. They use vulnerabilities of the browser software or operating system to do that silently without agreement of the user. Those dubiously dialers are coded to dial numbers (in the background so you won't know about it until you get your telephone bill) that have very expensive fees.
0
 

Author Comment

by:Bristol_City
ID: 8087369
Hi
I'm on WinXP and in Windows Task Manager, 'Applications' tab there wan't much running but in Processes there was kazaa.exe.  Why is this not showing in Applications?  How do I prevent it from running (I didn't run it - but it's in the systray).  Presumably it's another spyware type program.
Also, I got an Out Of Memory message, again, not real apps running.
Help!
Bristol_City
0
 

Author Comment

by:Bristol_City
ID: 8087539
Hi
I'm on WinXP and in Windows Task Manager, 'Applications' tab there wan't much running but in Processes there was kazaa.exe.  Why is this not showing in Applications?  How do I prevent it from running (I didn't run it - but it's in the systray).  Presumably it's another spyware type program.
Also, I got an Out Of Memory message, again, not real apps running.
Help!
Bristol_City
0
 
LVL 11

Expert Comment

by:ghana
ID: 8087844
Applications are only a part of the processes. All applications are in processes tab but not all processes in applications tab.

I assume Kazaa will autostart as process or service. If you don't use it then uninstall it:

1. Go to your Control Panel (Start - Settings - Control Panel or Start - Control Panel).
2. Double-click on Add/Remove Programs.
3. Find the program (Kazaa) in the list and click once to highlight it, then click Remove.
4. If it says that it can't uninstall it because it's running, then you'll need to quit out of it first.

To do so:
1. Go to your Task Manager/Task List (you may need to press Ctrl + Alt + Delete to get to it).
2. On the Processes tab, find the program in the list (e.g., kazaa.exe, imesh.exe). Click once on it to highlight, then click the End Process button.
3. Once the program closes, go back to Add/Remove Programs and try again to remove it.
0
 

Author Comment

by:Bristol_City
ID: 8088515
thanks ghana

I did some reading and found a very useful application called System Configuartion Utility.  You probably know this but you can invoke it by typing 'msconfig' in the run field.  I unchecked kazaa in the 'Startup' tab.

Bristol_City
0
 
LVL 11

Expert Comment

by:ghana
ID: 8088599
I've heard about it, but as far as I know it's not available on all Windows platforms. If you only want to disable it instead of removing then this is the best choice.
0
 

Author Comment

by:Bristol_City
ID: 8088607
thanks ghana

I did some reading and found a very useful application called System Configuartion Utility.  You probably know this but you can invoke it by typing 'msconfig' in the run field.  I unchecked kazaa in the 'Startup' tab.

Bristol_City
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8088975
msconfig is available on Win98, ME and XP.

You should run Ad-Aware or SpyBot when you uninstall KAZAA as it leaves a lot behind.
0
 

Expert Comment

by:Count_Onnet
ID: 8092680
Ghana, um...you're right (dangit)!  SpywareBlaster indeed does NOT have real-time protection.  (<oops!>It was a late night!)  I use Spybot and SpywareBlaster together with good effect (along with AVG, ZoneAlarm, and Registry1stAid, all free except the last one.  I like free.<g>)  SpywareGuard (also from wilderssecurity) claims to provide real-time protection, but as I said, I haven't tested that one yet.

(Thanks again for the correction!)
0
 
LVL 11

Expert Comment

by:ghana
ID: 8093089
Count_Onnet, it wasn't my intention to correct you but to specify the meaning of realtime protection in the case of SpywareBlaster. It doesn't have file system realtime protection but it does have realtime protection against ActiveX based spyware.

And of course most of us like free too - if the tools are reliable.   ;-)
0
 

Author Comment

by:Bristol_City
ID: 8093469
Hi folks,

I found this site:

http://www.spywareguide.com/index.php

Bristol_City
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month9 days, 17 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question