Protection against Adware and Spyware

Protection against Adware and Spyware

First, let me make my opinion clear: The installation of adware should be illegal and harshly punished. Adware has exploded because it offers big economic incentives for its sponsors. They'll never adequately inform PC users about their software before it's installed. This troubling aspect of adware will never be wished away.

Only software that a PC user specifically consents to should legally be able to install ... and "end-user license agreements" that stretch off the screen should never be counted as consent. (This isn't a knock on "ad-supported software," such as the Opera browser. Such legitimate software is clearly integrated with its advertising and makes it easy to shut off the ads by registering.)

In reality, today's tech-illiterate legislatures will never ban adware ... if they could even think of an effective legal approach to do so. We need to engage the battle on a technical level instead.

To understand adware, you first need to know how PCs get it. The ways that Howes obtained the adware he used in his tests provide us with some perfect examples:

Software downloads

For one group of tests, Howes downloaded and installed Grokster, a popular peer-to-peer file-sharing program, from CNET Installing Grokster and clicking OK in its subsequent dialog boxes loaded 15 separate adware programs, containing 134 "critical" executable components, by Howes's count. This source of infection would compromise even Windows XP with its new Service Pack 2 (SP2).

Drive-by downloads

To set up another group of tests, Howes used Internet Explorer to visit the following Web locations: 007 Arcade Games (a games site), LyricsDomain (a song lyrics site), and Innovators of Wrestling (yep, a wrestling site). This resulted in 23 different adware programs being installed, carrying 138 components, Howes says. Drive-by downloads such as these are now less of a problem for users who've installed XP SP2.

You can't step into the same river twice

For yet another test, Howes visited the wrestling site again, but on a different date. The makers of adware must have signed a lot of distribution contracts with the site in the interim. Howes says his PC picked up 25 adware programs and 153 components on that one visit alone. (You'll notice that I didn't link to the examples I cited above, and I strongly recommend that you avoid trying any of them.)

It's not enough to say "PC users should be more careful." Computer professionals, instead, have a duty and an obligation to prevent adware from infecting their PCs or anyone else's. Here are some steps to take:

Use Giant AntiSpyware (or install the MS beta), Webroot Spy Sweeper, and CWShredder.

At the moment, this is the short list of programs that appear to remove the largest number of adware components. I recommend that you buy the registered versions of these applications and keep them constantly updated. The few dollars involved are well worth it, compared to the damage that can be done by a rogue program controlling your PC.

Microsoft hasn't yet announced whether its version of the Giant application will cost money or be free after the beta period is over ... stay tuned. (Note: The MS beta is incompatible with the MS Media Center Extender and has other 0.9-type issues.)

For prevention, install IE-SPYAD and Spyware Blaster. IE-SPYAD is a list maintained by Eric Howes of approximately 8,900 Web sites that are known to do things like install adware, hijack your browser home page, etc. Merging the list into your Windows Registry puts these sites into IE's Restricted Sites zone. They can't do much of anything to you then. The list, as of this writing, requires manual updating, but Howes hopes to automate the process soon.

Spyware Blaster is freeware by Javacool Software recommended to guard against adware installs. A registration fee of $9.95 USD enables the auto-update feature of the software, which I encourage. Javacool also makes a related program, SpywareGuard.

As commercial anti-adware programs develop their own always-on defenses, they may conflict with alternatives such as Spyware Blaster. Check the maker's documentation for possible incompatibilities before installing multiple products.

Read up on Eric Howes's site. Aside from Howes's postings about his anti-adware test suite, linked to below, a particularly good read is his analysis of so-called anti-adware programs that are actually Trojan horses. People are so desperate to get rid of the adware that's slowing their systems to a crawl, Howes says, that too often they grasp at anything that promises a fix. See his list of rogue/suspect anti-spyware.

For big problems, consider stronger tools. HikackThis, for example, is a deep-analysis utility that examines the Registry and sectors of hard disks where adware often lurks. It's not a tool for novices, but a serious scalpel for those who are faced with major surgery on their PC. It produces log files that can be analyzed by experts, many of whom help PC users by volunteering their time in online forums.

HijackThis quick start

Finally a note from me ... your belief that Ad-Aware & SBS&D offer you great protection is wrong. It is a fact the used together they only offer you at best 47% protection.

Using the above combination will afford you more protection, be aware however, that protection will still only amount to 74%.

However, I can personally & highly recommend you to at least try for yourself ... I'm sure you will be in for a pleasant surprise ... I was, and I am convinced the combination listed above is right for you.
First release
Last update

More resources from muckshifter