 |
|
|
|
|
Copyright 2005, Rick Macmurchie - June 1, 2005
My computer runs like a bag of manure, its slow, it crashes and I get pop-up adds all the time.
If your computer is not running like it used to, something may be broken but there's a good chance these days that your computer has some sort of 'Malware' running on it.
What is 'malware', 'spyware', 'adware'?
'Malware' is the general term used to describe software programs that have malicious intentions, viruses, worms and Trojan horse programs are the best known types. Recently several new types of programs have emerged to be added to the list of malware programs. Spyware and adware are software that once running on your system watch what you do and may use the information to steal your personal information or just to display targeted advertising.
How does this software get into my computer?
There are a number of ways that these programs can get loaded on your computer, most viruses get in through email attachments or sometimes through programs downloaded using peer-to-peer file sharing programs. Spyware and adware usually come from the web.
Some 'free' programs that are available on the web install spyware, adware or other malware either as a way to generate advertising income from your free use of the software, or in the worst examples to steal personal information for possible identity theft, or to trick you into paying for a removal program.
Other adware and spyware install themselves just by visiting certain web pages either with your permission or in some cases without any sign that they are being installed (by exploiting security vulnerabilities in your web browser.)
What can I do to protect my computer from these programs?
There currently does not seem to be any way to be absolutely safe, the people that are writing these programs are (in some cases) very good at it, and they update their programs frequently to evade detection and removal.
There are steps you can take to reduce your risk, and in most cases these steps will provide enough protection to keep your computer working well even if you can't keep it entirely clean.
Educate everyone that uses the computer to be very careful about downloading and installing new programs.
'There's no free lunch.' If you are considering downloading a 'free' program, ask yourself 'How are they making money from this, why is it free?'
Some programs produced by well known companies like Microsoft, Adobe, Sun and Macromedia are free because these companies profit from selling authoring software and promote the authoring software by giving away the reader or player software. These programs are generally safe, examples include Microsoft Media Player, Adobe Acrobat Reader, Sun JAVA and Macromedia Flash or Shockwave.
Yahoo and Google offer free search toolbars and games that are free because these companies make money from advertising displayed on their site and want you to come back to their web sites as often as possible. The most high profile sites that make their money this way 'live' by their reputation, so generally their software will be safe, but lesser known sites and companies may not be as trustworthy.
Some programs known as shareware, freeware or demo's offer a program for free that may have limited functionality or may stop working after a period of time and offer a fully functional or 'registered' version of the program when you pay. These are often great programs, some of my favourite programs were released in this way, (ex. WinZIP and WinAMP) but you need to read the 'Licence Agreement' very carefully to see what you are agreeing to, ad-ware originally appeared in formerly share-ware programs as the developers looked for ways to make more money from their programs.
If you use Windows XP, consider using
the 'Limited User' account type for users of the computer (like
children) that should not be installing software. To create a 'Limited
User' account, open Control Panel on the Start menu, open 'User
Accounts' and 'Create a new account'. Follow the directions on screen
and choose 'Limited' for the account type.
Keep your operating system (eg. Windows XP) and web browser (eg. Internet Explorer) updated with security (critical) update patches.
If you use Windows or Internet Explorer check the Windows Update web site about once a month for 'Critical Updates'. If you use Windows XP you can turn on automatic updates so that you don't need to remember to check for updates.
If you use Windows XP make sure you have Service Pack 2 installed, SP2 updates Windows and Internet Explorer to make it more difficult for programs to get installed without your permission, and changes that make it less likely that you will accidentally install something that you really didn't want, plus a pop-up add blocker. (You can check your Windows version by right-clicking on the 'My Computer' icon and clicking properties.)
Other web browsers and web browser add-ons also need to be updated, so check the manufacturer's web site for updates or new versions regularly.
Sun's Java plug-in and some other
programs have a built in capability to check for and download updates,
be sure to install the updates when they are available, but make sure
you know what you are updating before you install the update, or you
could be installing an update for a program you didn't want in the first
place.
Install a utility to prevent, detect and remove spyware and adware.
Most anti-virus software is adding spyware and adware detection to new versions, you may have to manually turn on detection of adware and spyware as 'Expanded Threats' in the program options.
Many anti-virus programs don't stop adware and spyware in real-time like they do with viruses so you may have to do a manual scan to find them.
Currently no program seems to detect everything, so using more than one program may be necessary, but it's usually not a good idea to install more than one antivirus program.
There are two very good programs
currently available for detecting, preventing and cleaning up adware and
spyware, they happen to be free. The
Yahoo Toolbar, and
Spybot Search
and Destroy are both excellent programs, they have some overlap in
what they detect but there are things that one will find and the other
will not. (Spybot Search and Destroy can probably be
most quickly be downloaded from
Download.com) Both of these programs have options that
block known bad software and web sites so that your computer is more
likely to stay clean.
If you are still using Windows 95, 98,
ME, NT4 or 2000 consider upgrading to Windows XP
Versions of Windows previous to Windows XP will never get the security
upgrades that have been added to Windows XP in Service Pack 2.
(It necessary to upgrade your computer to run Windows XP but
generally if you have at least 256mb RAM memory and 10Gb of free hard drive
space Windows XP will install and run, even if a bit slowly)
How do I remove these programs if they are already on my computer?
Many of these programs deliberately try to prevent you from removing them from your computer, in some cases you will need to call on professional help to remove the most stubborn ones, it may even be necessary to reinstall Windows in some cases because changes to the system configuration may break internet access during removal.
It should be reasonably safe to use the removal tools in your antivirus software and the removal functions in the Yahoo Antispy and in Spybot Search and Destroy. There are extra steps that you can take to improve the chances of successful removal.
The first thing to do, is to check 'Add/Remove Programs' in Control Panel to see if there are any programs installed that you don't want. Try removing any programs that you don't want or need, be sure to read any messages very carefully, often the wording of the messages will be convoluted to try and trick you into cancelling the uninstall.
Once you have tried (successful or not) to remove the program in the normal way, you should continue with the following steps to clean up as many remaining problems as possible. (These instructions are specific to Windows XP)
Print these instructions for reference as the next steps will close your web browser.
Save any files you have open and close any programs you have open.
Press
Ctrl+Alt+Del - (On some systems a Windows Security dialog
will pop up, click Task Manager)
Click the Processes tab to display a list of the programs currently running on your computer.
Right-Click on explorer.exe and click End Process Tree (This will end all tasks started by explorer.exe, which is the Windows desktop, including your web browser)
Repeat step 5 for each process in the list except taskmgr.exe and anything listed with a user name of SYSTEM, LOCAL SERVICE or NETWORK SERVICE (Some clever malware programs will restart themselves making it very difficult to close everything, this may make it necessary to repeat all steps 1-11 in 'Safe-Mode' {See Below})
Click
File then 'New Task (Run...)' type C:\Program Files\Yahoo!\YPSR\yspr.exe and
click OK (This will start the Yahoo! Anti-Spy program.)
Click 'Begin Scan', let the scan run and then click 'Remove All' to start the removal of the detected items. (If prompted to reboot, do not reboot.)
Return
to Task Manager (Repeat Step 3 if necessary) then click File, 'New Task
(Run...)' type C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe and
click OK (This will start Spybot Search and Destroy, if
it's the first time you've run it it will start with a wizard and lead you
through the update, immunize, and scan.)
When the scan is complete click 'Fix selected problems' to start the removal of detected items.
Spybot Search and Destroy may not be able to remove everything and may want to run again on reboot, select to not run again on reboot and instead repeat all steps 1-11 in safe mode {See Below}
If you are not able to remove everything, even in Safe Mode, don't panic, try using the computer you may have gotten rid of enough that the computer runs normally again. If the system still has problems, you should probably call on the services of a professional who can use a program like Hijackthis (Best downloaded from spychecker.com) and other more complicated manual cleanup to get rid of remaining pests.
|
Starting Windows XP in Safe Mode To start Windows XP in safe mode, restart your computer and press F8 just before the Windows logo appears, it can be difficult to get the timing right so it's best to turn on the computer and just press F8 repeatedly until the boot menu appears and pick Safe Mode from the menu. See Microsoft's page for detailed instructions. |
|
Java (at least as far as computers are concerned) is an add-on for web browsers that allows programs to be run as part of a web page within your browser. Java was developed as a system that would allow a single version of a program to run on any computer or web browser rather than having to have different versions of a program for each operating system and web browser. Java programs come in at least two types, scripts and compiled programs (Applets). Script instructions can be read in the source of many web pages, the compiled Java applets require a Java Virtual Machine to run. Microsoft used to include a Java Virtual Machine with Internet Explorer but they do not anymore, so you may need to install one from the Sun Microsystems Java.com web site. Java was specifically designed to be safe, limiting what scripts and applets can do on your system, but security problems are sometimes found and fixed so it is important to keep your Java up to date (the current version will automatically tell you when an update is available). |
Back to the article Index ● Back to the Great White North Home Page
Rick Macmurchie
Phone: (250) 658-6319
E-Mail: rmac@novatone.net
