adware / spyware question

Hi
I've been reading-up about spyware / adware, e.g.:

http://www.wired.com/news/privacy/0,1848,49430,00.html
http://www.wired.com/news/technology/0,1282,49960,00.html
http://news.com.com/2100-1023-257592.html

I checked my PC and noticed that I had three different adware programs installed on my WinXP PC without my knowledge.  I have a fully updated Norton AV 2003 but it hasn't stopped them.  I've contected Smantec but no answer yet.

Does anyone know how I can block these programs?

Bristol_City
Bristol_CityAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MSGeekCommented:
Yes, you can purchase the full version of Ad-aware 6 from lavasoft.  They claim it will protect against this and pop-ups.   This is a fairly new technology and just like antivirus software may not be foolproof.   I have not purchased it yet myself, but am considering it.   It's bad enough maintaing anti-virus, hardware and software firewalls.
0
sramesh2kCommented:

Anti-virus s/w are capable of detecting malicious code and trojans/viruses only, but not the Adwares.

adaware is the best tool.
0
Bristol_CityAuthor Commented:
thanks. I still have not heard from Symantec ... I would have thought it was a growth market for them.  

It will be a pain to have to buy yet another piece of software.  

BTW I installed adware scanner software and it listed 154 adware programms on my hard drive.  154!
Even if this software is exagerating, that's an incredible amount of programms running on my PC.

Bristol_City
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

ghanaCommented:
Another good tool is "SpyBot Search & Destroy" (http://beam.to/spybotsd). It is freeware.
0
MSGeekCommented:
I would have sugested SpyBot, but it does not have a feature that will run in the background like anti-virus sofware and prevent malicious activity.  Ad-Aware 6 does now have this is you upgrade from the freeeware version.  I agree with the statement that Symantec is nissing a market here, I don't think it will take them too much longer to pick up on this.
0
ghanaCommented:
That's right, MSGeek. SpyBot doesn't have a realtime scanner. Do you have experience with Ad-Aware 6 Pro/Plus? I would be interested in the CPU load on a computer running both, antivirus and Ad-Aware 6, with realtime scan enabled.

If you have a modem or ISDN card in your computer you also have to think about antidialer software. That could be the third software with a realtime scan and I'm afraid one day 70% of our CPU power will be used by security software...

0
MSGeekCommented:
I would be interested in the load as well, sorry no experience.  As I stated above I haven't gotten the plastic out yet, but I'm not far from it.  Perhaps it's all an Intel plot to get us to build multi-processor and parallel processor boards?  ;)
0
ghanaCommented:
Possible. Do you think we will rename the software category "Antiadware" in "Anti-Intelware" if your assumption will come true some day??
0
MSGeekCommented:
;)
0
LRI41Commented:
I use the new Adware Professional, Spybot , and Pest Patrol
I haven't tried the following one yet:

Lockergnome Windows Digest] Bullhead Graffiti and the Nucleus  
Date: 2/15/2003 11:52:54 AM Pacific Standard Time

Spyware-Guide.com

http://www.spywareguide.com/


{Guide to stopping spies} Spyware Guide provides information about
spyware and adware, something we all despise, right? OK, who
shouted, "No?" You must write spyware. If not, e-mail me; I've
gotta meet you. The site does clearly state that it does neither
agrees nor disagree with the makers of spyware or adware software,
and it is NOT a sounding board for debate. It's there as a
resource to serve the Internet community. Recently, two spyware
programs attacked me; one was from a program that I was testing
for you Gnomies (which I immediately removed it from the review
list), and another came out of nowhere. I looked them up and this
source listed one of them, explaining what it is and how to squash
it. I dropped a line to the folks behind the site telling them
about the second piece of spyware that I encountered, and maybe
it'll be posted soon. Especially nice is the Blocklist File
download [

http://www.spywareguide.com/blockfile.php

Spyware Block List File
What and Why?
Tired of all that Spyware and Adware crap being installed by ActiveX ?
But don't want to loose out on functionality?
We have created a system that blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".
When a page tries to install a component from our list, it will fail.
When a page tries to use a component from our list that was already present on your system, it will fail too!
Other, "friendly" components are not affected.
Download and Installation
The best part of it is that we can pull this off without any programs running on your Pc, without even having to run a program to install the block list! All you need to down is download the -small- registry file below (Right-Click, choose "Save As...") and then double click it to enter it into the registry and activate the protection.
Download Now!
Last Update: 2003-2-12 20:10:52
Check back here often!

Les Irvin

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TonrarCommented:
I currently run Ad-Aware 6.0 with Ad-Watch 3.0 (comes with Pro version)and Norton Anti-Virus on the following machine:

AMD XP 1800+
512 MB RAM

No load nothing.. Ziltch!! I would say almot negligible. Hope that helps!
0
Dave HoweSoftware and Hardware EngineerCommented:
There are a number of factors here.
First is that a lot of "freeware" packages won't work without the spyware - pkzip for windows for example installs and won't run without the timesync spyware (for which the fix is to redirect its update server to localhost, of course :)
Second is that a lot of "spyware" found by AdAware is in fact things like cookies in the IE cookie directory. yes, they are a privacy threat, but they aren't spyware in any real sense, and in fact aren't any sort of software at all.
Third is that AV software isn't really that good for detecting trojans - hence the Antitrojan software market.
0
LRI41Commented:
4 Anti-Trojan software check out Pest Patrol, but its
not free:

PestPatrol 4.0

http://www.zdnet.com/supercenter/stories/review/0,12070,563571,00.html


ZDNet Review
               
December 10, 2002

When you're on the Internet, you're vulnerable to all kinds of malicious code. Your antivirus software will weed out some of the Trojan horses, and your firewall will stop some malicious users from getting inside your PC. But to rid your system of the other bad stuff--poisoned Java and ActiveX Web scripts, for example--you'll need a program that's dedicated to doing just that. PestPatrol stops password crackers; keystroke logging; ad-serving software, cookies, Trojan horses; and possible distributed denial-of-service attacks, making it a crucial safeguard for your desktop or network server. If you want to keep your computer and data

0
SunBowCommented:
> First is that a lot of "freeware" packages won't work without the spyware

Spyware also comes as trojan with a variety of update programs. Some, from major mfr's and OEMs. It was part of new computer I bought, and is thoroughly embedded on CD, resurfaces every restore or install.

I see a lot above on AdAware type products. Do not neglect the personal firewalls, such as ZoneAlarm, that can more easily catch any product trying to call home. Some ISPs and IMs and other products are loaded with them.

We need somehow to put our feet down on this and make these wares less than worthwhile for those promoting them.
0
MSGeekCommented:
Sun Bow.. interesting..Are firewalls enough?  Do we block everything, or just port 80?  I like your point and am not trying to be obnoxious, I don't care to create another Abti-virus industry.
0
ezlifeCommented:
spybot is the greatest, but if you do some reading you'll find that keeping knowing how to get rid of spyware is pretty ez, you're better off staying on top of it if you really don't want it. I have a firewall but I still check my ports occasionally!!!
0
Count_OnnetCommented:
Several items I've found VERY helpful in the battle against unwarranted adware and spyware:

SPYBOT (already mentioned, but also available from download.com)
http://download.com.com/3120-20-0.html?qt=spybot&tg=dl-2001

SPYWAREBLASTER  (which has the real time protection that Spybot lacks)
http://www.wilderssecurity.com/spywareblaster.html
(Also available from wilders.org is a program called spywareguard, but I haven't used this one yet).

And finally, a gent by the name of Andrew Clover (not the other one) has a clever bit of javascript on his page at http://doxdesk.com/parasite/ that can detect some of the slippery programs that slip by the others.

Keep fighting the good fight, and good luck!
0
ghanaCommented:
Count_Onnet, thanks for your comment. I didn't know SpywareBlaster until now and it seems to be an interesting tool for users of Internet Explorer! But keep in mind, that SpywareBlaster only protects against installation of ActiveX based spyware while browsing with Internet Explorer. It doesn't protect against spyware that is not ActiveX based and it can't detect spyware that is already installed on a computer. Like SpyBot it doesn't have a file system real time protection.
0
Bristol_CityAuthor Commented:
Someone mentioned 'diallers'.  What are they and how do they work?
0
ghanaCommented:
Dialers are small programs that are able to establish a online connection via modem or ISDN adapter card. Some dubiously people try to install dialers on the computers of users while they are browsing in the internet. They use vulnerabilities of the browser software or operating system to do that silently without agreement of the user. Those dubiously dialers are coded to dial numbers (in the background so you won't know about it until you get your telephone bill) that have very expensive fees.
0
Bristol_CityAuthor Commented:
Hi
I'm on WinXP and in Windows Task Manager, 'Applications' tab there wan't much running but in Processes there was kazaa.exe.  Why is this not showing in Applications?  How do I prevent it from running (I didn't run it - but it's in the systray).  Presumably it's another spyware type program.
Also, I got an Out Of Memory message, again, not real apps running.
Help!
Bristol_City
0
Bristol_CityAuthor Commented:
Hi
I'm on WinXP and in Windows Task Manager, 'Applications' tab there wan't much running but in Processes there was kazaa.exe.  Why is this not showing in Applications?  How do I prevent it from running (I didn't run it - but it's in the systray).  Presumably it's another spyware type program.
Also, I got an Out Of Memory message, again, not real apps running.
Help!
Bristol_City
0
ghanaCommented:
Applications are only a part of the processes. All applications are in processes tab but not all processes in applications tab.

I assume Kazaa will autostart as process or service. If you don't use it then uninstall it:

1. Go to your Control Panel (Start - Settings - Control Panel or Start - Control Panel).
2. Double-click on Add/Remove Programs.
3. Find the program (Kazaa) in the list and click once to highlight it, then click Remove.
4. If it says that it can't uninstall it because it's running, then you'll need to quit out of it first.

To do so:
1. Go to your Task Manager/Task List (you may need to press Ctrl + Alt + Delete to get to it).
2. On the Processes tab, find the program in the list (e.g., kazaa.exe, imesh.exe). Click once on it to highlight, then click the End Process button.
3. Once the program closes, go back to Add/Remove Programs and try again to remove it.
0
Bristol_CityAuthor Commented:
thanks ghana

I did some reading and found a very useful application called System Configuartion Utility.  You probably know this but you can invoke it by typing 'msconfig' in the run field.  I unchecked kazaa in the 'Startup' tab.

Bristol_City
0
ghanaCommented:
I've heard about it, but as far as I know it's not available on all Windows platforms. If you only want to disable it instead of removing then this is the best choice.
0
Bristol_CityAuthor Commented:
thanks ghana

I did some reading and found a very useful application called System Configuartion Utility.  You probably know this but you can invoke it by typing 'msconfig' in the run field.  I unchecked kazaa in the 'Startup' tab.

Bristol_City
0
MSGeekCommented:
msconfig is available on Win98, ME and XP.

You should run Ad-Aware or SpyBot when you uninstall KAZAA as it leaves a lot behind.
0
Count_OnnetCommented:
Ghana, um...you're right (dangit)!  SpywareBlaster indeed does NOT have real-time protection.  (<oops!>It was a late night!)  I use Spybot and SpywareBlaster together with good effect (along with AVG, ZoneAlarm, and Registry1stAid, all free except the last one.  I like free.<g>)  SpywareGuard (also from wilderssecurity) claims to provide real-time protection, but as I said, I haven't tested that one yet.

(Thanks again for the correction!)
0
ghanaCommented:
Count_Onnet, it wasn't my intention to correct you but to specify the meaning of realtime protection in the case of SpywareBlaster. It doesn't have file system realtime protection but it does have realtime protection against ActiveX based spyware.

And of course most of us like free too - if the tools are reliable.   ;-)
0
Bristol_CityAuthor Commented:
Hi folks,

I found this site:

http://www.spywareguide.com/index.php

Bristol_City
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.