Jan 24, 2005 (02:01 PM EST)
Spyware And Your PC: Keeping It Out, Getting Rid Of It

Read the Original Article at InformationWeek

So, you suddenly start getting odd emails, your system is acting sluggish, there's extra network activity when there is no reason for it, you're getting a lot of pop-ups. What might be causing these new annoyances?

Spyware.

Spyware is software that's installed without your informed consent. Spyware communicates personal, confidential information about you to an attacker. The information might be reports on your web-surfing habits, or the software might be looking for even more sinister information, such as sniffing out your credit card numbers and reporting those numbers.

Spyware is typically delivered by viruses, Trojan horse programs, and malicious Web sites.


Anti-Spyware Tips

- Use anti-spyware programs such as Ad-Aware or Spybot. See the article to the left for recommendations.

- Don't click on links within popups—pop-up windows are often spyware activators. Clicking on a pop-up link may install spyware software on your computer. Close the popup with the "X" on the titlebar and not the "close" link, if any, within the window.

- Adjust your browser properties to kill popup windows These are often generated by some kind of malicious active content.

- Be wary of free downloads. Many sites offering customized toolbars or other goodies are come-ons. Don't download programs from sites you don't trust or know. You may well be exposing your computer to spyware by downloading some of these programs.

- Choose "no" when asked unexpected questions. Be careful of an unexpected dialog boxes asking whether you want to take a given action. Always close the dialog box by clicking the "X" icon in the titlebar.

- Don't follow e-mail links offering anti-spyware software. Don't trust 'em! These links may actually install the spyware they claim to be keeping off your system.



Just as virus scanners can examine your machine to see if it contains virus-laden programs, other software can examine machines for known spyware.

Here's a list of good anti-spyware products I use on a regular basis:

Others can be found at SpyChecker, which lists products that are either entirely free, or fully functional time-limited shareware.

Hints for keeping spyware off your machine:

Keep your system " including all anti-viral and anti-spyware packages—up to date. New spyware comes out every day. Un-patched, un-updated systems are simply asking to be infected. Update the operating system, too.

You can have Windows handle operating system updates automatically. For example, in Windows XP, right-click on "My Computer," then "Properties," "Automatic Updates" and "Keep My Computer Up To Date."

If using Microsoft's Internet Explorer, turn off its ability to run scripts without your permission: In IE, click "Tools," then "Internet Options," then "Security." Select the Earth icon under "Select a Web content zone," and then "Custom Level." Disable "Download unsigned ActiveX controls" "Initialize and script ActiveX controls not marked as safe," "Active scripting," and "Scripting of Java applets," Then set "Java permissions" to "High Safety."

There's a downside to this, alas: with scripting disabled, some of your favorite Web sites—or even some trusted intranet sites—may no longer be usable. But that problem is easily fixed. In IE go to "Tools," "Internet Options," "Security," then "Trusted Sites," "Sites" and enter the URLs of known safe sites requiring scripting, one at a time. Uncheck "Require server verification" for all sites in this zone, then click on "OK." Voila: You're protected where you need to be while totally compatible with scripting on trusted sites. Cool.

You'll want to control what gets started when Windows starts up, as both some viruses and some spyware like to plug themselves into the registry or otherwise run at startup. The free Spybot software does a good job of protecting the startup routine well.

Although you can practice safe computing, using every precaution and proactive action imaginable to prevent spyware problems on your machine, chances are you will make a mistake and a piece of spyware will make it onto the system. You can easily remove most spyware by using one of the above mentioned anti-spyware products.


Special Report: Putting Spyware In Front Of The Firing Squad
Spyware is emerging as the biggest threat to privacy and productivity on the Internet. In a package of articles, we show you how to identify it, get it off your individual PC or enterprise network, and policies and technologies for keeping it off.

Another way to protect yourself is to prevent spyware from doing its job of transmitting data off the system.

That's where a decent firewall comes in. Firewalls come in two flavors: software, such as ZoneLabs's Zone Alarm, and hardware. Firewalls can be easily configured to block outgoing communication without permission; see your firewall documentation to find out how.

When you, as a network manager, are called upon to disinfect a user's machine of spyware, reach for and install a few of the listed anti-spyware programs. Make a full backup of the system in question. Run at least two of the anti-spyware programs. Follow the deletion advice of these programs—that's why you made full backups after all.

(For more detail, Security Pipeline has in-depth advice on how to clean spyware off an infected PC.)

Just a personal anecdote: my nine year-old son uses my wife's machine, goes to a bunch of game sites and downloads everything that's not nailed down. My wife hits shopping sites mere mortals hadn't even thought could ever exist. My daughter has hit every teen site in existence.

I have one or two pieces of spyware to clean up each week. My wife has totaled just shy of 2,000 pieces of the stuff. Amazing.

I run anti-spyware software on their machines on a weekly basis. They're always heavily infested with spyware. Listen to dear-old Dad for anti-spyware advice? Pshaw! Be serious, won'tcha?

Ross M. Greenberg (greenber@catskill.net)is a freelance technology journalist who wrote several pioneering anti-virus programs, including Flu_Shot, Flu_Shot+ and VirexPC.