고정 헤더 영역
상세 컨텐츠
본문
Fighting Spyware May the source be with you, but remember the KISS principle;-) Fighting Spyware ). If you use, you can remove most of spyware types no matter how complex and sophisticated the infection method is. The only exception is encryption based extortionware such as ) Yes, spyware can be complex, extremely annoying and obnoxious as well as extremly difficult to remove (and latest banking and data encryption Trojans are a serious warning). Typically the period between malware gets into your computer and the moment it is detected by AV program installed can vary from hours to several weeks or even months. For some not very popular and regional (or highly specialized, 'government sponsored', etc ) malware it can be years. At the same time while protection of PC using scanning AV program is never enough, paranoia about spyware is completely unwarranted.
Despite tremendous increase in spyware complexity and capabilities in recent years, restoration of OS from a 'healthy' C-drive image using a bootable CD created beforehand on other (non-infected) computer is a sure way to defeat even the most complex spyware. One important lesson that extortionware such as ) taught is that there should always be two sets of backup (say A and B) and each week you should change from one set to another. And that periodic backup to double layer DVD makes perfect sense if the size of your backup image is less then 8GB.
Backup on a USB harddrives can be attacked, backup on DVD is in-penetratable after it was created. Another method to defeat attempts of data-encryption Trojans to destroy your backups is to daily move of your current backup image via FTP or SCP to a different, Linux-based backup computer. Using this 'backup-based disinfection' is a three step approach. You can read about it at Here is the contents:. Formally spyware is any software which uses an internet connection from your computer in the background (as 'backchannel') operating without user knowledge or explicit permission.
That definition actually includes a lot of modern commercial software. The presence of such a backchannel represents a simple way to detect even the most sophisticated spyware and a TCP/IP sniffer often is an adequate tool for this.
For example, you can switch to other computer (and periodic switching between computers is another good practice, as it keeps you 'reference image' tested and up-to-date) and see what communications exist on your 'old' PC or laptop for a week or so using sniffer logs. That actually greatly helps against 'spyware paranoia' (NSA under each bed;-). Spyware is often connected with some way to get an advertising revenue, propagate spam or similar things. In few cases they try to steal and use your financial information (so called banking Trojans). And in very rare cases they want to monitor your activities.
Avira Internet Security 2013 Key Valid Until 2020 Raritan Nj
In any case now spyware became mostly 'for profit' criminal business, and this type of criminals have enough money to pay developers and buy exploits. That means that each new generation of spyware is more sophisticated then previous generations of malware. Interest to this type of programs from NSA and other three letter agencies does not help iether: the methods they develop using government funds and highly paid developers are eventually revealed and then flowing downhill from spooks to financial criminals. Story of malware used to damage Iranian uranium enrichment program is pretty instructive in this respect. See, and for more information. Just those three advanced 'state of the art' of spyware development considerably, creating essentially a 'new era' in malware (as in 'beforeStuxnet' and 'after Stuxnet') In any case we can safely assume that those days few spyware/adware programs are primitive and just uses one Run key to launch itself (and that removal of this key disinfects computer). Generally any use of an Internet 'backchannel' connection should be preceded by a complete and truthful disclosure followed by the receipt of explicit, informed, consent for such use.
Often spyware is disguised as a useful utility (atomic clock, toolbar, free game or other useful utility). In this case the developer does not disclose that in addition to openly stated function it is using PC Internet connection to send information about your activities or even your data to the third party. Typical connected information is the site you visited ( is one classic example). Often spyware deliberately complicates its removal from the computer or tried to reinstall itself by downloading missing components, if one component is removed. The spyware problem is not a pure Windows security problem. Situation is more complex. While the insecurity and architectural flaws of Windows operating system is a problem that aids malware in general, the channel for spreading spyware is usually Web and specifically Google search engine (which for some reason does not mark DNS names that are less then a month old - many ' waterhole spyware distribution sites' belong to this category.
We really need something for IE that blocks sites which has DNS registered less then a month or so ago. Is an interesting option is this respect. Checking can be incorporated into DNS Prefetching: The for Firefox enables DNS Prefetching which is a method of resolving and caching DNS lookups before you actually click on a link. DNS prefetching just resolves domain names before a user tries to navigate, so that there will be no effective user delay due to DNS resolution. One example where prefetching can help is when a user is looking at a page with many links to various other domains, for instance a search results page.
With DNS Prefetching, Firefox automatically scans the content of each page looking for links, extracting the domain name from each link, and resolving each domain to an IP address. All this work is done in parallel with the user's reading of the page.
When a user clicks on any of these pre-resolved names to visit a new domain, they save an average of over 250ms in navigation. Spyware is a more serious problem than just a simple annoyance.
Your privacy is being invaded. That's why you should never store your taxes and banking data on the PC you use for browsing Internet. Use a separate PC. This additional $300 investment is probably the best investment we can make to protect ourselves from viruses and trojans stealing our financial data.
If you have enough technical knowledge you can use two different virtual machine images on the same computer. I also would not recommend to store copies of your bank account password in the browser. Spyware has the ability to install additional software in your machine without your consent that can download this information and decrypt it.
Also just the fact that you are doing on your computer is being watched by unknown third party right now does not provides any comfort. Although you need to understand that browsing Internet is no longer anonymous activity, unless you use VPN or similar methods. Now logs of all your visits are stored somewhere, at least temporary. And usually not only of the sites that you visited. Advertizing plugins such as used by Google also store this information unless you disable Javascript from running or block them in some other way. And advertizing vendors developed sophisticated methods to track your identity even if you disable or periodically destroy all cookies.
Just try to change your browsing session from one computer to another and see that advertizing reflect you previous activity. Email spam and deceptive advertising of sites via Google or other search engine is still the major channels of penetration of spyware into PCs. Google search results is especially nasty and effective channel.
Be careful not to get into 'grey zone' site on the PC that you use for your daily work. If you can't live without browsing grey areas of Internet, buy a Goggle Chomebook (such 11.6' or Android tablet and browse those areas exclusively from them. Or install Ubuntu on one of your old PCs. Using a different Os then Windows represent an additional lawyer of protection - most attacks are still directed toward Windows users and PC with Intel-compatible CPUs and Windows XP-Windows 7-Windows 10 installed. Using a different OS and/or CPU architecture gives you substantial additional protection via 'security via obscurity' effect. Spyware authors like virus authors look for a particular category of gullible and greedy users: despite all this bad experience some people just can't avoid clicking on a 'Get Kool Mouse Pointerz Here' or 'Free Microsoft Office 2013' type of links iether in search results or email;-). Using a email client that disables all 'rich content' and hides attachments such as Thunderbird proves you with free and effective layer of protection against such threats.
Spyware authors like virus authors look for a particular category of gullible and greedy users: despite all this bad experience some people just can't avoid clicking on a 'Get Kool Mouse Pointerz Here' or 'Free Microsoft Office 2013' type of links iether in search results or email;-). Using a email client that disables all 'rich content' and hides attachments such as Thunderbird proves you with free and effective layer of protection against such threats. An ounce of prevention is worth a pound of cure.
Here are some potentially useful methods for those who are using IE Internet browser:. Do not upgrade to versions of Microsoft OS higher then Windows 7. After Windows 7 Microsoft itself went into spyware business in full force. For example now they want to to authenticate to your Pc using hotmail account.
Which essentially gives them free information when and how you use your PC. Although you can enhance your privacy using specific privacy settings windows 10 (see for example or just serach 'how to enhance windows 10 privacy' in any search engine you use) it is definitely more intrusive 'by design' then Windows 7. Probably by at least a factor.
Treat your C drive as disposable. Learn to periodically wipe out your Windows C drive and restore it from 'trusted' backup kept on write protected harddrive or USB drive.
