Photos of Larryblakeley
(Contact Info: larry at larryblakeley dot com)
Important Note: You will need to click this icon to download the free needed to view most of the images on this Web site - just a couple of clicks and you're "good to go."An Arsenal to Combat Spyware
By Michelle Delio, Wired News
Story location: http://www.wired.com/news/infostructure/0,1377,63978,00.html
02:00 AM Jun. 25, 2004 PT
As a weapon, "Just say no!" was useless in the war on drugs, but it is the best defense against spyware.
Usually, spyware programs don't leap onto computers by themselves. Somewhere along the line, users initiate the download, accept the installation of software and allow the infestation to take place. There's no way to sugarcoat it: If you've got spyware, it's your own fault.
Spyware collects and transmits data about how you use your computer so marketers can target their advertising pitches. Some spyware applications launch pop-up ads for products that match the sites you visit or the searches you perform. Others can change Web browser preferences, add entries to Internet Explorer's Favorites list and transmit sensitive information like passwords. The sneaky programs often cause application crashes and slowed system performance.
According to Internet service provider EarthLink, which now offers subscribers free spyware scanning, one in three computers scanned by EarthLink harbored some form of snoopy software.
Most spyware programs hitch a ride on other programs that are sometimes useful (like password safes), and sometimes silly (like animal screensavers). Other times, these nasty programs get installed when users visit a site that insists through error messages that they click the Accept Install button, which initiates the infestation.
But these days, because many companies sell and distribute legitimate software through the Net, users can't avoid online installations. So you need a little help when your clicking reflexes are too fast for your better judgment.
Antivirus programs, including offerings from Grisoft, Network Associates, Symantec and Trend Micro, can sometimes catch spyware. Antivirus companies have also started to offer separate programs aimed at stopping spyware. For the most part, these programs do a fair job, but the two best products for catching spyware are Spybot's Search & Destroy and Ad-aware from Lavasoft.
Let's start with the commercial products. The $50 Symantec AntiVirus 2004 caught four out of nine pieces of spyware deliberately installed onto a test machine. McAfee Antivirus scored the same. Trend Micro's $50 PC-cillin caught three spyware programs. AVG Anti-Virus, $34 from Grisoft, did the best, nabbing seven out of nine pieces of spyware.
All the antivirus programs popped up a warning when they detected an attempt to install spyware. In most cases, all the antivirus programs successfully deleted the spyware they spotted after it was installed, but none could fully repair the damage -- they were unable to remove toolbars installed by some of the spyware, or restore registry settings.
In some cases, with more virulent pieces of spyware, Symantec, McAfee and Trend Micro's antivirus applications were unable to fully purge the software from the infected machine. Although the system was reported as clean, the spyware reactivated after a reboot.
AVG did the best job of spyware purging, but struggled to remove components of some variants of a browser-hijacking program called CoolWebSearch, or CWS spyware.
The best of the bunch were Spybot and Ad-aware, which are available as free downloads. Both are dedicated anti-spyware products that removed every trace of all nine spyware programs we purposely installed.
In addition to catching everything, Spybot excelled at restoring registry settings, putting an infected machine back the way it was before the spyware invasion. While Ad-aware did a fine job, it was unable to completely repair infections of several of the lesser-known variants of CWS.
And once installed, Spybot did an outstanding job of protecting a computer from further infection, completely blocking all known spyware from getting onto a machine. (We had to disable this feature during the tests, or we wouldn't have been able to install any spyware.)
Spybot also pops up a warning whenever any application attempts to alter the registry, whereas many spyware products wreak havoc on a Windows PC. Permission to make a registry change can be allowed or denied with a single click. This is an excellent layer of protection against all sorts of malicious software, including viruses.
The free version of Ad-aware does not proactively protect against spyware infestation. You have to start the Ad-aware application and initiate a scan to detect spyware, but the $27 Ad-aware Plus does remain alert in the background, like Spybot, to deflect any attempts at infestation. In tests, Ad-aware Plus protected systems as well as Spybot.
Other steps can protect against spyware. One simple way is to switch from Microsoft's browsers, which have security holes for spyware programs to exploit. A good alternative is Mozilla Firefox. A not-so-simple step is switching to the Mac or Linux operating systems, which don't have spyware problems.
In addition, some companies make a fine distinction between a "legitimate" spyware application and more nefarious ones. These companies make the legalistic argument that because they revealed the details of their monitoring activities in the end-user licensing agreements that come up in the installation process, they can do as they want. But few readers bother to read the fine print before clicking the I Accept button to install, say, that cool weather-tracking application.
Even though these agreements aren't light reads, you should get in the habit of scanning them. If you spot anything about monitoring browsing sessions or collecting information in "order to serve you better," assume you are about to install spyware.