Keep ‘em out

If you don’t want people spying on your personal information (and let’s be realistic here, who does?), tune in as Windows shows you how to detect and destroy the 007 of the online world - spyware

  • E-Mail
By  Cleona Godinho Published  August 1, 2006

|~||~||~|Spyware programs are small applications that can hide on your computer and gather information without either your permission or your knowledge.

These virtual peeping toms can be easily and inadvertently installed, either by downloading innocent looking software programs such as P2P apps or through ActiveX controls hidden within the source code of participating websites, or via even pop-up ads while you surf the internet.
In addition to performing a detailed check of your browser history, spyware apps install a wide assortment of DLLs and other executables files.

These sometimes send a continuous data stream to the
parent marketing company out from your PC. Even worse, these apps can add Trojan horses to your PC, which leave a backdoor open for hackers to enter your computer and intercept your personal data.

Moreover, spyware can send (and receive) cookies to other adware/ spyware programs and invite these into your computer (even if you have cookies disabled). Spyware apps can even hijack your homepage, reset your browser favourites, reset your auto signature, disable or bypass your uninstall features, monitor your keystrokes on or offline, scan files on your drive, and access your word processor, e-mail as well as chat programs.

The signs
Now that you know exactly what spyware is and the serious harm it can cause, you’re probably asking yourself, ‘How do I know if I have spyware on my PC?’ Good question. To find the answer, check out the ‘How to know if you’re being spied on.’ box to the left of this page.
If your PC displays one or more of these symptoms then you’re personal information is most likely being tracked and distributed.

If you now know you have spyware hiding on your PC, it’s
time to ‘search and destroy’. For this, we recommend using
Ad-Aware SE Personal edition, available for free-of-charge from www.lavasoft.com.

Ad-Aware is a spyware-removal tool that scans your system - including removable drives - for the most common types of advertising spyware and safely removes the offending software. The utility detects small ad programs from firms such as Adware, Aureate/Radiate, OnFlow, Comet-Cursor, Cydoor, Doubleclick and more.

We also recommend using Microsoft Windows Defender, which
is also available free-of-charge from www.microsoft.com.
Windows Defender (beta 2), like Ad-Aware SE, helps protect your PC against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It also features Real-Time Protection - a monitoring system that recommends actions against spyware when it’s detected.

Using Windows Defender, you can choose to run a quick scan of your computer or a full system scan. If you suspect spyware has infected a specific area of your computer, you can customise a scan by selecting only the drives and folders that you want to check.

A quick scan checks the places on your computer’s hard disk that spyware is most likely to infect. A full scan will check all files on your hard disk and all currently running programs, but it might cause your computer to run slowly until the scan is complete. We recommend you schedule a daily quick scan. Then, if you suspect that spyware has infected your computer, run a full scan.

Note: before running a scan, shutdown all open browser windows and apps (including e-mail) and then disconnect your PC from the internet.

To run a quick scan, simply click the ‘Scan’ button on the main window of Defender (pic A). To run a full scan, click the down arrow button next to the Scan button, and then click
Full Scan. Next, click ‘Scan selected drives and folders’, followed by Select.

Choose the drives and folders that you want to scan, and then click ‘OK’. Once you PC is scanned, the app will now give you a list of suspected programs, and their individual threat level and offer advice on how to handle with each (pic B).

Once you’ve cleaned your PC of spyware using Defender, we recommend that you schedule daily quick scans on your PC. To do this, go to Defender’s main window and click
Tools, and then click Settings.
-Under ‘Automatic scanning’, select the ‘Automatically scan my computer’ check box then select the frequency, time of day, and type of scan that you want to run (pic C)
-Choose the type of scan you want; ‘Quick scan’ or ‘Full system’ scan
-Select the ‘Check for updated definitions before scanning’ check box
-To automatically remove spyware or other potentially unwanted software after a scan, select the ‘Apply actions on detected items’ check box
-Under ‘Default actions’, select the action that you want to apply to each Defender alert, and then click Save.

Real-time protection
To help prevent spyware and other unwanted software from infecting your computer, turn on Windows Defender’s real-time protection and select all the options shown. Real-time protection alerts you when spyware and other potentially unwanted software attempts to install itself or run on your computer. You are also alerted if programs try to change
important Windows settings.

To activate real-time protection:
-Click Tools/Settings
-Under ‘Real-time protection options’, select the ‘Turn on real-time protection’ check box
-Select the options you want. To help protect your privacy and your computer, we recommend that you select all the displayed real-time protection options
-Under ‘Choose when Windows Defender should notify you’, select the options you want’, and click Save.

Paying for protection
If you don’t mind sparing some cash for a spyware-removal app from a well-known security firm, we suggest trying out AntiSpyware 2006 from McAfee, which retails for around US $29 (boxed version).

AntiSpyware only works with Internet Explorer and Netscape so if you’re using FireFox, we suggest Windows Defender or another compatible anti-spyware app.

Here’s a useful lesson too: do not buy or download any anti-spyware apps without checking out this list first at Spywarewarrior.com/rogue_anti-spyware. There are many fake anti-spyware apps on the net and this site exposes these imposters.

To learn how to scan for spyware and schedule scans in McAfee AntiSpyware 2006, refer to our picture guide located to the right.

In the main window of AntiSpyware, we recommend you select the option to scan for tracking cookies. This way you can remove tracking cookies that contain your personal information, such as your user ID and details of your recently viewed websites. These files are not necessarily dangerous, but they can invade your privacy and help marketing firms direct their material at you.

Turn back time
McAfee Antispyware lets you rollback any changes it makes. This is very helpful if you have wiped out ‘good spyware’ that is needed by an otherwise useful program (Real Player and Kazaa are typical examples of software embedded with spyware on your PC that won’t run without it).

To restore an app you’ve accidentally deleted, click on the ‘Options’ tab, followed by ‘Restore Programs’. All previously removed programs will be listed. To restore a program, select it and click Restore. Next, click ‘ Yes’ in the Confirmation dialog box.

McAfee SecurityCenter, a separate app, which comes with AntiSpyware 2006, is automatically configured to check for updates every four hours when you are connected to the net and then notify you with alerts and sounds. This means you don’t have to worry about manually updating definitions every day or weekly.

Prevention is best
Considering the lengths some firms will go to in order to ensure their adware or spyware cannot be easily removed, the best protection is prevention. Luckily, stopping spyware is a cinch and won’t cost you a cent.

First off, adjust the security settings of your browser to disable ActiveX controls and raise your security settings. This is especially important if you use Internet Explorer (IE) because unlike Mozilla’s FireFox browser, IE supports ActiveX controls, which many spyware apps use to enter your system.
To do this, open IE, click on the Tools menu and select Internet Options. Next, select the ‘Security’ tab and make sure that it is set on Medium or High, then click the ‘Custom Level’ button at the bottom (pic G).

Next, adjust and set the following options for ActiveX controls
and plug-ins (pic E):
-’Download signed ActiveX controls’ - Prompt
-’Download unsigned ActiveX controls’ - Disable
- ‘Initialize and script ActiveX controls not marked as safe’ - Disable
- ’Run ActiveX controls and plug-ins’ - Prompt
- ‘Script ActiveX controls marked safe for scripting’ - Prompt
Click on ‘OK’ to apply all these essential settings.

Configure your cookies
First, let us explain that not all cookies are bad. Many serve an important function for you on websites when surfing (i.e. by remembering your login information or keeping track of your on line shopping cart).

However some cookies, such as tracking cookies, can monitor your online surfing and transmit a wide range of personal data about you to giant marketing companies and violate your online privacy.

You can adjust your browser’s cookie settings to limit the cookies that you accept. Many people disable all cookies, however this is not always advisable since many websites require a session cookie to function properly.

Session cookies are generally safe because they expire as soon as you leave a website. We recommend that you accept session cookies and adjust your browser’s settings to prompt for others. To adjust your cookie settings for safe browsing in Internet Explorer 5.0 and above (pic F).

Block it
A lot of spyware installs after you click a deceptive link in a pop-up browser window, but if you install a pop-up blocker you won’t even be tempted to click those links. We recommend using the free Pop-Up Stopper available at www.panicware.com.

This app provides basic ad blocking for Internet Explorer and Netscape. The firm’s Pop-Up Stopper is not adware or spyware supported and is free for personal use.
Another important step is to make sure your operating system (OS) is fully patched against any known security vulnerabilities. Visit the Microsoft Windows Update site (http://windowsupdate.microsoft.com) and install any patches marked ‘Critical’. We suggest doing this at least once a month to ensure your OS is fully protected against
known exploits- or else set XP to download and install updates automatically (pic I). To do this, go to Start/Run and type services.msc. Next, choose Automatic Updates from the list and right-click on it and choose Properties. In the ‘Start up’ type list, select ‘Automatic’ and then hit ‘Start’.

For example, a common tactic of spyware (and adware) is to forcibly change your IE startup page to their own site. This is often done by exploiting a vulnerability that was
first patched by Microsoft in January 2001. Despite the availability of the patch, many users have not updated and continue to be taken by this simple ruse. This is just one of literally hundreds of vulnerabilities in the Windows operating systems that leave your system open to malicious marketers and virus writers.

Another way to block spyware is by disabling Windows Messenger. (Note: this is not the same as Microsoft’s MSN instant messenger. Thus disabling it won’t have any effect your instant messaging apps. Windows Messenger can be exploited and used to dish up unwelcome adverts on unsuspecting users. The service is also victim to a critical exploit that could allow hackers to remotely run code on vulnerable systems.

To disable Windows Messenger, click on Start/Run and type services.msc. Navigate to Messenger, right-click on it and choose Properties. In the ‘Start up’ type list, select the Disabled option and click Stop (pic H).

Be alert
Now that you’ve built a strong, secure wall around your system, be very cautious about which apps you let through the gates.

If for instance you’ve downloaded a program, always be sure to read and understand the End-User Licensing Agreement before you install it (very few users actually do and this is a
very real mistake).

Once you’ve taken steps to ensure your system cannot automatically download and run malicious code, either via the
internet or e-mail, you should see a prompt anytime an application attempts to install itself. Do not click
‘OK’, ‘Yes’, or ‘Run this Program’ unless you totally trust the publisher.||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code