Personal Computer,NetworkingHome Automation,Home Theatre
andGeneral Electronics Consulting

Spyware, Adware and Virus Threats

            Spyware and Adware are programs that are installed on your computer, usually without your knowledge.  Spyware and Adware can do a variety of things, such as:             Spyware and Adware usually infect a computer when visiting Websites that host the Spyware or Adware.  A very high percentage of computers that are used to surf the Internet are infected with at least one piece of Spyware or Adware, and I have found many computers infected with 100 or more Spyware or Adware components.  Although Spyware and Adware are similar to viruses, most viruses are contracted by opening an email attachment, running a program you had downloaded from the Internet or were given by a friend (after their computer was infected) or by inserting a disk or USB drive that is infected.  Spyware or Adware are usually installed on a computer automatically when a Web site that is “hosting” the Spyware or Adware is visited, usually without your knowledge.

            Around September of 2004, the Department of Homeland Security’s Computer Emergency Readiness Team (CERT) was reported to have found Websites of major financial institutions and auctions that were infected with keystroke loggers.  According to what I read, they believe that criminals have found a way to place such software on Web sites, without the knowledge of the WebMaster.  As such, even reputable Websites may cause Spyware or Adware to be installed on your computer.

            In 2011, the first virus to infect Windows, Mac and Linux was released in the wild.  There is now malicious software that affects cellular phones and tablets.

            In May of 2017, the "WannaCry" ransomware worm virus infected hundreds of thoursands of computers, in over 150 countries.  A worm is a special type of virus that can infect other computers on the same network, without anyone doing anything to cause the infection, on vulnerable computers., on the same network.

            In 2019, multiple municipalities were struck by ransomware, costing tens of thoursands of dollars.

            Although major antivirus manufacturers such as Norton and McAfee include Spyware and Adware detection and eradication in their antivirus products, they are relative newcomers to the antispyware and antiadware game.  As such, other solutions should be used in conjunction with your anti-Virus application to help ensure your safety (it is equally important to keep your antivirus subscription and definitions current).  Microsoft offers their own free antivirus and antimalware, Security Essentials (for Microsoft Windows 7) and Windows Defender (for Microsoft Windows 8[.1] and Microsoft Windows 10).

            There are a number of steps you may perform to help ensure you are not plagued by Spyware and Adware.  One is to try to only visit the more “mainstream” sites . . .  although mainstream Websites can be infected with Spyware or Adware, you are less likely to have malicious Spyware loaded from a reputable site than from other Web sites.

            There are a number of tools that identify and eradicate Spyware and Adware.  You must be careful, however, when selecting such utilities, as some anti-Spyware applications (often offered through pop-ups) actually infect your computer with Spyware themselves.  There is a class of such malicious applications called "ScareWare" that bait the user into installing the software (and infecting the computer) by displaying a pop-up indicating something like "Spyware and viruses have been found on your computer.  Click the button below to install malwarename to scan your computer."  Often these applications will list items they have "found" on the computer, although these are usually "false positives" (they are not truly infections on the computer).  These applications are also known as "rogue antivirus" or "rogue antimalware" applications, as they do not actually rid your computer of malicious software but rather infect the computer.  I have seen some pieces of ScareWare that will actually install when clicking anywhere in their pop-up window.  It is best to close these using the close box (the "X" in the top right corner of the window), rather than clicking anywhere within their pop-up window.  Some of these programs can't even be closed in this manner, requiring the user to forceably end the program from the Windows Task Manager (accessed by pressing and holding the <Ctrl> and <Alt> keys together, then pressing the <Delete> key and immediately releasing all three keys).  Many pieces of Spyware, Adware and Malware incorporate "self-presevation" techniques, which can make them very difficult to remove.  An ounce of prevention, avoiding malware by using safe computing practices, can truly equate to much more than a pound of cure.

            I generally suggest three anti-Spyware and anti-Adware applications, Spybot Search & Destroy, MalwareBytes AntiMalware and Ad-Aware (all detect and eradicate both Spyware and Adware).  All are ranked highly in the trade magazines, and are free for personal use.  Commercial users are required to purchase a license for any of these products (as with most anti-Virus packages, and annual renewal is generally required).  Spybot includes a memory resident tool (called "Tea Timer") that will watch for requests to change the System Registry (a technique often used by Spyware and Adware to install components).  Please select this link to view information about behavior of  the Spybot Search & Destroy Tea Timer component.  The commercial version of the MalwareBytes Anti-Malware tool also includes a memory resident portion that will help keep the computer free of infection, proactively (the commercial version of Ad-Aware also includes a similar memory resident tool).

As with antivirus applications, antispyware and antiadware applications use “definition files” that contain the “digital signatures” used to detect threats.  As with antivirus applications, antispyware and antiadware applications must have their “definition files” updated often to detect newer threats (there are thousands of variations of Spyware and tens of thousands of viruses and their variants).

Unlike most anti-Virus programs, which, in most instances, are configured to automatically download updated “definition files” to keep you protected against new threats, Spybot Search and Destroy Ad-Aware and MalwareBytes Anti-Malware, by default, require that the user update the definition files manually (an “update” option is on the opening screen of all three tools).  Both SpyBot Search and Destroy and Ad-Aware can be configured to automatically perform scans, but this is an advanced option that must be configured.

            As I have seen instances where Spyware and Adware is either not detected or not successfully eradicated by Spybot Search and Destroy, but is by Ad-Aware or MalwareBytes Anti-Malware, and vice-versa, I believe that using multiple utilities together is a more effective solution.  Even with your antivirus application, Spybot Search and Destroy, Ad-Aware and MalwareBytes Anti-Malware, some spyware and adware requires additional specific measures to eradicate it.  

            Spybot Search and Destroy, Ad-Aware SE and MalwareBytes Anti-Malware may be downloaded, free of charge, from www.spybot.comwww.lavasoft.com and www.malwarebytes.org, respectively, for personal use (commercial users are required to purchase a license for these tools).  Read and agree to the license agreement for each product, during installation.  Microsoft Windows Defender antivirus and antispyware is included in Microsoft Windows Windows 8[.1] and Windows 10.  If you have difficulties or would like us to help you install and configure antimalware programs and teach you how to use them, please call us at the number below and we can schedule an appointment.  We can also teach you to perform other steps for a complete preventative maintenance strategy to help ensure your computer(s) continue(s) to operate effectively.

            Using an alternate Web browser, such as Mozilla Firefox, Google Chrome or Apple Safari, can also help prevent spyware and adware infections.  Always keep your Web browser and its plug-ins updated, as vulnerabilities are patched often and many authors of malicious software are now exploiting vulnerabilities in Web browser plug-ins (such as Adobe Reader and Adobe Flash Player).  Further, install Web browser plug-ins by visiting the Web site of the manufacturer of the plug-in, rather than installing plug-ins that are offered by pop-ups or while surfing the Internet, as malicious software can be offered, masquerading as a legitimate plug-in or tool.

            I generally suggest that users should update and run their antispyware and antiadware scans at least monthly.  Some types of Web sites are more likely to infect your computer.  If you surf these types of sites, you may need to scan for spyware and adware more often--or, to be safer yet, don't surf these Web sites.

Phone:  503.659.5588       DWPC Home Page