480 likes | 615 Views
What You Don ’ t Know Will Hurt You . Spyware and Computers in Public Libraries Aaron Schmidt, Thomas Ford Memorial Library www.walkingpaper.org. Outline of Talk. Assumptions What ’ s the Problem? Explanation of Spyware Removal Prevention Further Study. Assumptions.
E N D
What You Don’t Know Will Hurt You Spyware and Computers in Public Libraries Aaron Schmidt, Thomas Ford Memorial Library www.walkingpaper.org
Outline of Talk • Assumptions • What’s the Problem? • Explanation of Spyware • Removal • Prevention • Further Study
Assumptions • You have some PCs with an Internet connection • You have inexperienced patrons browsing the web • You want to serve them well • Comfort downloading and installing simple programs
What’s the Problem? Popups Hijacked homepages Redirected searches Slow Operation Search bars
More signs you have spyware Your phone bill includes expensive calls to 900 numbers that you never made—probably at an outrageous per-minute rate. You enter a search term in Internet Explorer's address bar and press Enter to start the search. Instead of your usual search site, an unfamiliar site handles the search.
More bad signs A new item appears in your Favorites list without your putting it there. No matter how many times you delete it, the item always reappears later. Your system runs noticeably slower than it did before. If you're a Windows 2000/XP user, launching the Task Manager and clicking the Processes tab reveals that an unfamiliar process is using nearly 100 percent of available CPU cycles.
Task Manager • Control-Alt-Delete
Signs of spyware A search toolbar or other browser toolbar appears even though you didn't request or install it. Your attempts to remove it fail, or it comes back after removal. You get pop-up advertisements when your browser is not running or when your system is not even connected to the Internet, or you get pop-up ads that address you by name.
Even more signs you have spyware When you start your browser, the home page has changed to something undesirable. You change it back manually, but before long you find that it has changed back again. Everything appears to be normal. The most devious spyware doesn't leave traces you'd notice, so scan your system anyway. http://www.pcmag.com/article2/0,1759,1522648,00.asp
What is Spyware? • Malicious small programs downloaded by computer users which often record, collect and sell browsing habits.
Spyware Possibly more insidious Downloaded from Web Virus Overall more destructive Self-replicating Delivered via email Spyware or Virus? Let’s call it all ‘malware’
So, you want to clean up a Windows PC? Follow these (many) steps and be wary of branching out!
Clearing Your Windows Internet Cache • Open IE • Tools - Internet Options - History/Delete Files/Cookies
Or, Use a Program Ccleaner is included in your disc
Have a Heart to Heart with Bill • http://www.windowsupdate.com
Be aware of XP Service Pack 2 • XP SP2 might not play so well with current software configuration • Built in security features • Firewall • Popup blocker
Scan for Viruses • http://housecall.trendmicro.com/ • http://www.trojanscan.com • http://www.symantec.com
Disabling Windows System Restore 1. Click Start > Programs > Accessories > Windows Explorer 2. Right-click My Computer, and then click Properties. 3. Click the System Restore tab.
Disabling Windows System Restore • You must be logged in as an Administrator. • Turning off System Restore will delete all previous restore points. You must create new restore points once you turn System Restore back on. • Check the "Turn off System Restore" or "Turn off System Restore on all drives" check box
Remove MSFT Java • Select Start > Run and Enter "RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall" in the Open box, and click ok. • Click Yes to confirm that you want to remove the Microsoft VM • When prompted, reboot the computer • Remove the following items: (Systemroot is where windows is installed (usually C:\Windows) • The \%Systemroot%\Java folder • The file java.PNF from the \%Systemroot%\inf folder • The files jview.exe and wjview.exe from the \%Systemroot%\system32 folder • The registry subkey HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Java VM • The registry subkey HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ InternetExplorer \ AdvancedOptions \ JAVA_VM
Install Sun Java • http://java.sun.com/getjava/index.html
Spyware Remover? • There are many FAKE spyware removal programs. • http://www.spywarewarrior.com/rogue_anti-spyware.htm
Adaware http://www.lavasoftusa.com/software/adaware/ Spysweeper http://www.webroot.com/products/spysweeper/ Spybot Search and Destory http://www.safer-networking.org Gratis Triple Antibiotic Approach
Spybot Search & Destory • Quick and easy
Adaware • A bit slower
Almost done… • Right-click for option to select all • Double-click for more info
Spybot and Adaware • If both are installed, you may get a warning • Spybot may clean out Adaware’s quarantine folder
Spysweeper • Could take 15 or 20 minutes to run
Almost done… • You’re getting the picture by now.
Other Spyware Removal Programs CWShredder Kazaa Begone Kill2Me
Effective Searches for Help • Name of spyware • Removal • Hijack • Spyware • For instance: "cool web search" removal
Windows Registry? • A central database used to store information necessary to configure the system
Regedit • Start – Run • Type “regedit” • Click “okay”
Prevention • Impossible! • Ghosting software • Deep Freeze • WinU • Fortress
Get an alternative browser! • Many pieces of spyware (the majority?) are designed to work with Internet Explorer. • Try Firefox http://www.getfirefox.com
Dump RealPlayer • Or get an ad free version from the BBC http://www.bbc.co.uk/radio/audiohelp_install.shtml
Watch where you surf!! • Think twice before clicking anything • Click the red X rather than ‘no’ or ‘cancel’
General Spyware Removal Tools 1. Adaware 2. Spybot Search & Destroy 3. Spy Sweeper Windows Registry Tool 7. Hijack This Included on your disc Other Utilities 8. CCleaner 9. McAffe Stinger 10. Plug n' Pray 11. Shoot the Messenger Specifc Spyware Removal Tools 4. CWShredder 5. Kazaa Begone 6. Kill2Me
Further Study Spyware Warrior -http://www.netrn.net/spywareblog http://tomcoyote.org
Contact Info • AIM: thommyford • e: aaron@lisnews.com • w: http://www.walkingpaper.org