Spybot-S&DSpybot-S&D

Course: 60-564Course: 60-564Fall 2004Fall 2004

Presented By: Ataul BariPresented By: Ataul BariInstructor: Dr. A. K. AggarwalInstructor: Dr. A. K. Aggarwal

AgendaAgenda

IntroductionIntroduction Download and InstallationDownload and Installation The First RunThe First Run Exploring Spybot-S&DExploring Spybot-S&D Closing RemarksClosing Remarks

IntroductionIntroduction

SpywareSpyware is is rampantrampant in the Internet in the Internet SpywareSpyware

Relatively new kind of threatRelatively new kind of threat Program that surreptitiously monitors an Program that surreptitiously monitors an

Internet user’s actions Internet user’s actions Gather or helps to gather information about Gather or helps to gather information about

a person or organization without their a person or organization without their knowledgeknowledge

Gather information about the user and Gather information about the user and relay it to advertisers or other interested relay it to advertisers or other interested partiesparties

Introduction (Cont’d..)Introduction (Cont’d..)

SpywareSpyware Currently, just about every Internet user Currently, just about every Internet user

has had to deal with the spywarehas had to deal with the spyware Poses Poses serious security and privacy riskserious security and privacy risk Degrades system performance Degrades system performance

By stealing the computer's memory By stealing the computer's memory resourcesresources

By eating bandwidth, as it sends information By eating bandwidth, as it sends information back to the spyware's home baseback to the spyware's home base

Introduction (Cont’d..)Introduction (Cont’d..) Spybot-S&DSpybot-S&D

Spybot - Search & Destroy by PepiMK S/WSpybot - Search & Destroy by PepiMK S/W According to the PC World & According to the PC World &

Download.com, the best privacy software Download.com, the best privacy software availableavailable

Free to download from the Internet Free to download from the Internet Detects and removes:Detects and removes:

Adware and SpywareAdware and Spyware DialersDialers KeyloggersKeyloggers Trojans and other baddiesTrojans and other baddies Usage tracksUsage tracks

Introduction (Cont’d..)Introduction (Cont’d..)

Permanent blocking:Permanent blocking: Threatening ActiveX downloadsThreatening ActiveX downloads Known tracking cookies for IEKnown tracking cookies for IE Threatening downloads in IEThreatening downloads in IE

Fix some registry inconsistenciesFix some registry inconsistencies Provide extended reportsProvide extended reports Provide e-mail list of opt-out addresses Provide e-mail list of opt-out addresses

(to stop unwanted solicitations)(to stop unwanted solicitations) Provide file shredder to securely Provide file shredder to securely

overwrite unwanted files deleted from PC overwrite unwanted files deleted from PC

Introduction (Cont’d..)Introduction (Cont’d..) OS supportOS support

Introduction (Cont’d..)Introduction (Cont’d..) FeaturesFeatures

Introduction (Cont’d..)Introduction (Cont’d..) LanguagesLanguages

Download & InstallationDownload & Installation

DownloadDownload FreewareFreeware Donation appreciatedDonation appreciated Download link:Download link:

http://www.safer-networking.org/en/download/http://www.safer-networking.org/en/download/index.htmlindex.html

Current version: Spybot S&D 1.3Current version: Spybot S&D 1.3 Downloaded file name: spybotsd13.exeDownloaded file name: spybotsd13.exe Downloaded file size: 4.15 MBDownloaded file size: 4.15 MB

Download & Installation Download & Installation (Cont’d..)(Cont’d..)

InstallationInstallation Run spybotsd13.exeRun spybotsd13.exe Select setup languageSelect setup language Decide on the options e.g. additional Decide on the options e.g. additional

languages, skins to change appearance, languages, skins to change appearance, permanent protection. permanent protection.

Creates a program group and desktop Creates a program group and desktop iconicon

By default, activates resident tools (SD By default, activates resident tools (SD helper, TeaTimer)helper, TeaTimer)

The First RunThe First Run

The First run provides options for:The First run provides options for: Creates registry backupsCreates registry backups Search for updatesSearch for updates Download available updatesDownload available updates Immunize the systemImmunize the system Read tutorial Read tutorial Read help filesRead help files Start using the system Start using the system

The First RunThe First Run

Exploring Spybot-S&DExploring Spybot-S&D System usedSystem used

PCPC Windows XPWindows XP Connected to InternetConnected to Internet

Exploring Spybot-S&DExploring Spybot-S&D Scanning the systemScanning the system

Exploring Spybot-S&D Exploring Spybot-S&D Cont’dCont’d

Fixing the problemFixing the problem

Exploring Spybot-S&D Exploring Spybot-S&D Cont’dCont’d

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

RecoveryRecovery

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

ImmunizeImmunize

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Online UpdateOnline Update

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) Advance mode - settingsAdvance mode - settings

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

File setsFile sets

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

SchedulerScheduler

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) SkinsSkins

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) Ignore productsIgnore products

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Ignore cookiesIgnore cookies

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

ToolsTools

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Secure ShedderSecure Shedder

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

ResidentResident

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

IE tweaksIE tweaks

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

ActiveXActiveX

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

BHOsBHOs

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Browser PagesBrowser Pages

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) Host FilesHost Files

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) Opt OutOpt Out

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) Process ListProcess List

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

System InternalsSystem Internals

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..) System StartupSystem Startup

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

Winsock LSPsWinsock LSPs

Exploring Spybot-S&D Exploring Spybot-S&D (Cont’d..)(Cont’d..)

StatisticsStatistics

Closing RemarksClosing Remarks Free, no e-mail address requiredFree, no e-mail address required Easy to use interfaceEasy to use interface Detect other anti-spyware programs Detect other anti-spyware programs

installed in the system, warns for installed in the system, warns for possible false-positive results by thempossible false-positive results by them

Online support not the best, no Online support not the best, no network versionnetwork version

Thank YouThank You Questions ?Questions ?

ReferencesReferences

http://www.pluck.com/noadware.aspxhttp://www.pluck.com/noadware.aspx http://www.reach.ucf.edu/~coursdev/cdrom/html/help/glossary.htmlhttp://www.reach.ucf.edu/~coursdev/cdrom/html/help/glossary.html http://www.safer-networking.org/en/features/index.htmlhttp://www.safer-networking.org/en/features/index.html http://www.safer-networking.org/en/paragraphs/spybotsd_ossupport.htmlhttp://www.safer-networking.org/en/paragraphs/spybotsd_ossupport.html Spybot-S&D Integrated Help filesSpybot-S&D Integrated Help files http://www.spybot.info/en/donations/index.htmlhttp://www.spybot.info/en/donations/index.html http://www.webopedia.com/TERM/S/spyware.htmlhttp://www.webopedia.com/TERM/S/spyware.html