Jan 24, 2005 (02:01 PM EST)
Spyware And Your PC: Keeping It Out, Getting Rid Of It
Read the Original Article at InformationWeek
So, you suddenly start getting odd emails, your system is acting sluggish, there's extra network activity when there is no reason for it, you're getting a lot of pop-ups. What might be causing these new annoyances?
Spyware is software that's installed without your informed consent. Spyware communicates personal, confidential information about you to an attacker. The information might be reports on your web-surfing habits, or the software might be looking for even more sinister information, such as sniffing out your credit card numbers and reporting those numbers.
Spyware is typically delivered by viruses, Trojan horse programs, and malicious Web sites.
Just as virus scanners can examine your machine to see if it contains virus-laden programs, other software can examine machines for known spyware.
Here's a list of good anti-spyware products I use on a regular basis:
Others can be found at SpyChecker, which lists products that are either entirely free, or fully functional time-limited shareware.
Hints for keeping spyware off your machine:
Keep your system " including all anti-viral and anti-spyware packages—up to date. New spyware comes out every day. Un-patched, un-updated systems are simply asking to be infected. Update the operating system, too.
You can have Windows handle operating system updates automatically. For example, in Windows XP, right-click on "My Computer," then "Properties," "Automatic Updates" and "Keep My Computer Up To Date."
If using Microsoft's Internet Explorer, turn off its ability to run scripts without your permission: In IE, click "Tools," then "Internet Options," then "Security." Select the Earth icon under "Select a Web content zone," and then "Custom Level." Disable "Download unsigned ActiveX controls" "Initialize and script ActiveX controls not marked as safe," "Active scripting," and "Scripting of Java applets," Then set "Java permissions" to "High Safety."
There's a downside to this, alas: with scripting disabled, some of your favorite Web sites—or even some trusted intranet sites—may no longer be usable. But that problem is easily fixed. In IE go to "Tools," "Internet Options," "Security," then "Trusted Sites," "Sites" and enter the URLs of known safe sites requiring scripting, one at a time. Uncheck "Require server verification" for all sites in this zone, then click on "OK." Voila: You're protected where you need to be while totally compatible with scripting on trusted sites. Cool.
You'll want to control what gets started when Windows starts up, as both some viruses and some spyware like to plug themselves into the registry or otherwise run at startup. The free Spybot software does a good job of protecting the startup routine well.
Although you can practice safe computing, using every precaution and proactive action imaginable to prevent spyware problems on your machine, chances are you will make a mistake and a piece of spyware will make it onto the system. You can easily remove most spyware by using one of the above mentioned anti-spyware products.
Another way to protect yourself is to prevent spyware from doing its job of transmitting data off the system.
That's where a decent firewall comes in. Firewalls come in two flavors: software, such as ZoneLabs's Zone Alarm, and hardware. Firewalls can be easily configured to block outgoing communication without permission; see your firewall documentation to find out how.
When you, as a network manager, are called upon to disinfect a user's machine of spyware, reach for and install a few of the listed anti-spyware programs. Make a full backup of the system in question. Run at least two of the anti-spyware programs. Follow the deletion advice of these programs—that's why you made full backups after all.
(For more detail, Security Pipeline has in-depth advice on how to clean spyware off an infected PC.)
Just a personal anecdote: my nine year-old son uses my wife's machine, goes to a bunch of game sites and downloads everything that's not nailed down. My wife hits shopping sites mere mortals hadn't even thought could ever exist. My daughter has hit every teen site in existence.
I have one or two pieces of spyware to clean up each week. My wife has totaled just shy of 2,000 pieces of the stuff. Amazing.
I run anti-spyware software on their machines on a weekly basis. They're always heavily infested with spyware. Listen to dear-old Dad for anti-spyware advice? Pshaw! Be serious, won'tcha?
Ross M. Greenberg (firstname.lastname@example.org)is a freelance technology journalist who wrote several pioneering anti-virus programs, including Flu_Shot, Flu_Shot+ and VirexPC.