People are reporting serious usability and performance problems with their computers quite regularly these days. The problems start when you are browsing web sites. Even trusted web sites can be a source of trouble.

How?

Malicious software on some web pages (and in some syndicated advertisements,) will probe your PC to try to find software errors (bugs.) Sometimes misleading news articles or photo galleries are used to gather traffic from search engines.

The malicious software is looking for software errors (bugs) that can be exploited to install programs on your computer. If one of these are found, the malicious software will then upload more malicious software into your computer.

Why?

There are a few reasons why various types of criminals are attacking computers in this way:

• To gain access to the network and computing resources of your computer. Once they have the ability to load software into your computer they can take control of it and use it to perform illegal activities such as sending Spam emails.
• To force you to look at advertising or to increase traffic to their web sites. By programmatically forcing your computer to visit specific web sites, criminals can create the appearance that humans are looking at those web sites and even clicking on advertising being served on those sites. This generates advertising revenue for the owners of those sites. You might not even be aware of this as the pages can be loaded into browsers that are hidden from you - or your browser can be programmed to pop-up at random times forcing you to look at the advertisements.
• To track the usage on your computer in the hope of gaining access to your bank account and other online sources of money and information.
• To search your computer for classified information of any kind. Spy agencies and companies engaging in industrial espionage are infecting computers around the world with malware. They are hoping that careless government and corporate employees may have forgotten to remove sensitive information from their PC's.

What should I do?

There are several steps that you need to take on a regular basis to protect yourself from these problems:

• Make sure your computer has all available security patches installed. For over 85% of computer users this translates simply into: Use Microsoft Update at least once a month.

  If you use an Apple Macintosh or Linux distribution you need to use the appropriate update software to ensure that the latest security patches and updates are regularly applied.

  Installing security patches will simply remove as many of the software errors (bugs) as are known to be in your computer. By removing the known bugs from your system you make it very hard for criminals to find a way to get their malicious software into your computer.

• Remove any unused software from your computer. If you have any software installed on your computer that you are not using: That software represents a collection of possible security problems. Rather than trying to keep the software up-to-date all the time - simply remove it as you are not using it anyway.
• If you are using Microsoft Windows and running Windows Update on a regular basis you will get automatically a program called the Malicious Software Removal Tool. It will be downloaded and installed on your computer once every month. This program is designed and maintained by Microsoft as a response to the various major threats that are causing problems around the world.

  Microsoft offers this program for free to all users of Windows (including users of illegal copies of Windows.) If you have not executed Windows Update for a long time (or if you are not allowed to use it because of a licensing issue,) you can still visit the Microsoft web site and download the most recent copy of the tool from this web page:

  The Microsoft Malicious Software Removal Tool:
  http://www.microsoft.com/security/malwareremove/default.mspx

  If your computer is no longer usable you should use a working computer to download the Malicious Software Removal Tool.

  • Copy the tool to a USB key,
  • Take the USB key to the infected computer and insert it.
  • Open a File Explorer on the infected computer and find the Malicious Software Removal Tool on the USB key.
  • Double-Click on the Tool to run it
  • and Follow the instructions.

  In most cases the program will execute fairly quickly and stop. However, it might run for a long time. The time it takes will depend on the number and types of infections on your computer and also on the speed of your computer and the size of all the files your hard disk(s.)

  Very Important: If the Malicious Software Removal tool detects any trouble on your computer you should let it finish a complete scan. It will try to remove any problems it will find - but it might not succeed! Therefore, when it is finished, you need to reboot your computer and run it again. Keep doing this until the program reports that there are no more problems on your computer.

• Unfortunately, every program that is available for helping you track down and remove malicious software is limited in its coverage of problems. Some programs find and remove more problems than others - but none of them are perfect. To get the most complete coverage you need to use different security tools to cover different types of problems. By letting the different programs work together to protect your computer you increase the chances that you will catch (most of) the malicious software that your computer might encounter. Remember also that each of these programs imposes a load on your computer. The more security software you install the slower your computer will get. Therefore you want to make sure that you don't install more security software than you realistically need.

  For 85% of desktop and notebook computer users, the most important security software is Microsoft Windows Defender - which is offered for free to licensed users of Microsoft Windows XP. Windows Defender is included as part of Windows Vista. To get your free copy you should visit the following page on the Microsoft Web Site:

  http://www.microsoft.com/downloads/details.aspx?FamilyId=435BFCE7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en

  There is (at least) one other program that Microsoft Windows users should consider using to scan their computers for malicious software: Ad-Aware from Lavasoft in Germany.

  You can download the free edition of their popular scanner through this web page:
  
  Lavasoft's Ad-Aware:
  http://download.cnet.com/Ad-Aware-Anniversary-Edition/3000-8022_4-10045910.html

  Non-free versions of Ad-Aware have many features of potential interest. They can be purchased from the Lavasoft web site:
  http://www.lavasoft.com/

  For users of Apple Macintosh and Linux computers there is much less risk of trouble due to malicious software at this time. However, the problems will eventually become more frequent. In any case it is wise to equip yourself with the tools you need to identify and remove problems from your system.

  Apple Macintosh and Linux users can always use the free Clam Anti-Virus tool to scan hard disks for malicious software. Clam-AV is usually included in the repositories of major Linux distributions. Use your standard software update tool to install it and follow the instructions to scan your hard disk.

A word of caution

There are many security programs available. In fact there are, in a sense, too many - and many malicious software programs masquerade as legitimate security software. Therefore, PLEASE DO NOT INSTALL Anti-Virus or other security software that you are not familiar with! If you see an advertisement for some program that purports to be able to solve all your problems - don't download it! Wait until somebody who has experience with these programs tells you exactly which ones you can trust and benefit from.

Remember also that the legitimate security tools are designed to suit the varying needs of different groups of people. Some security programs, for example, are very sophisticated but produce too many warnings and notices for the average person to tolerate. Other programs might be very simple and easy to use but are simply not very effective or might possibly be too limited in their flexibility for many users. Therefore it's always a good idea to get some advice from a knowledgeable user before installing one of these tools.

Preventing a recurrence

There are a few things you can do to reduce the chance of these problems recurring. Some of them are very easy to do (such as making sure you regularly apply all security patches for your computer,) while others involve making changes in the way you use your computer. Here are some tips:

• Most people only have one user account on their computer and it's an account with Administrative privileges. Also, most people don't use a password to log into their computer. This saves a few seconds of time when you start the computer but it also gives total access and control of your computer to any software that might try to run from any source.

  To restrict access to your computer:

  • Make sure you have two accounts on your computer: Your account and a separate Administrator account. Microsoft Windows systems always have an account called Administrator which is hidden by default. If you forgot the password for this account (and often for convenience sake) you can simply create a new account called Admin. There is no harm in having the two. Make sure you assign a password that you will remember to the new admin account.
  • Verify that you have a password on your account. If you don't already have one, open the User Manager (from the Control Panel,) select your account and click on the Create a Password option.
  • On Microsoft Windows XP systems you need to change the Account Type of your account from Administrator to Limited.
  • On Linux systems all accounts have limited permissions. However, some distributions have the ability to remember the root password. (Root is the standard name of the Super Administrator on Unix-type systems.) Such features are intended to save you the trouble of manually typing the root password when needed. Avoid the use of this feature when using your limited account!
• Always make sure you are using your account (which now has limited permissions,) when you are browsing the web. Programs that try to sneak into your computer without your permission will find that access to your computer is limited.
• For Microsoft Windows users: When you need to install software that requires Administrative Permissions, use the User Manager (from the control panel,) to change your account type back to Administrator. After you have installed the new software, go back again to the User Manager and change the account type back to Limited.
• For Internet Explorer users: Consider installing an add-on such as IE7Pro to allow you to control Shockwave Flash, Active X and other potentially dangerous technology that may be used in a web page.
• For Firefox users: Consider installing add-ons such as Ad Blocker, Flash-Block or No Script. Again, these add-ons allow you to control Shockwave Flash and other potentially dangerous technology that may appear in a web page.
• Firefox users can also change plug-in settings. Select the Plug-ins option in the Add-On settings window. You can, for example, disable Shockwave Flash and Microsoft Silverlight entirely - and re-enable them only when you need them. This allows you to effectively disable most advertisements and videos embedded within web pages. As a side-benefit: disabling Flash and Silverlight can noticeably reduce the load on your PC while you are reading - allowing the computer to run faster.

Note that Browser Add-Ons such as IE7Pro, Flash Block, No Script and Ad Blocker will change the way your browser works - you will have to learn how to use these features to be able to browse the web normally. However, such tools dramatically reduce your risks while browsing.

If you do hit a web page that does manage to find a way to load software into your computer: The use of a password along with limited access permissions for your account will restrict the access that the malicious software will have to your computer - hopefully preventing it from causing too much trouble.

Most Important!

The most important thing you can do to keep your computer safe is to make sure you regularly install the available security patches for your system! You need to run your system Update software at least once a month.

For Microsoft Windows users the program you need is Windows Update. You will find a link to Windows Update in the Tools menu of Internet Explorer. For Linux and Apple Macintosh users: check your system documentation as the program you need to use depends on your distribution.

Most modern operating systems will check for updates automatically and place a small icon in the task tray to let you know when they are available. If you are using a Linux distribution such as Fedora that has a limited product life you will find that this icon will stop working about a year and a half after initial release. As such you may need to download the latest release and upgrade your system manually. See the distribution notes and FAQ's for additional help and instructions.

Additional Information

For more information on high-tech crime check this page from the BBC:

Hi-tech crime: A glossary
http://news.bbc.co.uk/2/hi/uk_news/5400052.stm

Please take a moment to contact BNT Solutions if you have any questions or comments concerning this or any other article on our web site.