Stopping PC Spyware

Spyware cleaners fall short; follow these steps to stamp out spyware permanently.

smiling-happy-woman-computerSometimes the truth hurts, but here it is anyhow: You may struggle with spyware on the job home, and on family and friends’ computers for the next several years. Spam will be choked down to a manageable stream this year, but spyware will fill the difference, costing you precious hours cleaning the infected (and re-infected) computers of your family and friends.

My home office laboratory is the spyware front line. I normally download programs for testing, then run a blend of pop-up blockers, spam guards, Registry rooters and cookie cleaners. I’ll quarantine 635 Registry spyware droppings one day, delete 31 spyware cookies the next and begin all over again the next week. I’ve tested dozens of new utilities and dutifully download the latest version of each.

The bottom line is they’re all great; they all help. But they’re all incomplete. Running antispyware utilities is merely part of the option. There are a slew of other things you can do, and have your users do, to curb the problem. Follow our handy 10-step guide to get started.

1. Know thine enemy.

If you define spyware as any miniature cookie left behind by an innocent Web site, your discouragement won’t ever end. Scumware of all kinds will cause you grief, but the four major types are:

Spyware: an application surreptitiously assembling info about your computing habits that will send the data to some unknown website – aka “key loggers” or “keystroke capture parasites.” (Not to be confused with “malware,” which contains viruses, worms and Trojan horse applications.)

Adware: an program that pops up ad windows and banner ads at random or based on current browser content – aka “popups.”

Hijackers: applications that alter your browser home page, default search engine and even redirect you from websites you attempt to reach – aka “jackers” or “switchers.”

Cookies: small files that path data like Web site preferences and passwords for repeat visits. Spyware collects and spreads this advice without user knowledge – aka “tracking cookies.”

Adware is the most irritating, but hijackers and spyware do the most damage. Scumware purveyors claim we all “agree” to their garbage, but of course we do not. Yet, lots of this stuff is benign; educate friends and family to bear several cookies and save the 911 calls for aggressive pop-ups, browser home page redirects and suddenly sluggish systems.

2. Get off Internet Explorer

1-1216221367ByEeWe can not charge Microsoft with a crime for creating spyware. But the layout of Windows, and particularly Internet Explorer, surely makes it an accessory. Encourage friends and family to switch to options Firefox or Opera, which both block popups by default. Firefox is free and accessible here; Opera costs a few dollars.

Need proof Internet Explorer is the trouble? On my primary test PC running Windows XP Home, I use Internet Explorer and Outlook Express. There were 739 spyware hazards found. On my personal PC, running Firefox and Mozilla’s Thunderbird e-mail application, there were 11 spyware examples. Each of those 11 was an Internet Explorer exploit or cookie that snuck in the few times I had to use Internet Explorer for specific Web sites.

But Microsoft is currently making noise about antispyware applications (see “Giant Microsoft development?” next page), and XP Service Pack 2 has reduced the ability for most spyware to cripple a system entirely.

Unfortunately, some sites demand Internet Explorer, and users who are greatly intertwined with Microsoft’s Outlook e-mail client must use it. But there are methods to impede spyware using Internet Explorer. First, disable Microsoft ActiveX support. In Internet Explorer, click on Tools > Internet Options > Security > Custom Level, then click the check boxes that drive ActiveX controls to ask permission before running.

Then install the Google Toolbar, which also blocks pop-ups. It works on Internet Explorer 5.5 and higher, so you may need to update the browser. Also, run pop-up blockers designed to function inside Internet Explorer, including StopZilla, 123Ghosts Popup Killer, Ad Killer, Ad Muncher and Anti Popup Pro .

3. Discourage downloadings.

Walk this line carefully: Don’t let friends and family – especially the tech neophytes like your grandma – download anything. Then download and install the Google Toolbar for them. Explain why it is different from the weather station and smiley faces for their e mails.

People need to download “free” programs from the Web, but teach them the difference between a site they visit for utilities (like or ) vs. websites that appear in pop-up ads and spam.

Resolve not to get frustrated; accept that instruction is only going to operate halfway. Spyware purveyors do a fantastic job convincing innocents to download spyware daily. Describe how what resembles a Google ad on the side of a browser page, or the link their good buddy sent them, is actually a social engineering masterpiece of spyware diffusion. Sensitize your users to the most obvious risk signs, such as banner ads popping up offering a free spyware test (a unkind mistreatment of trust).

4. Teach back up and restore principles.

Because many users won’t heed your warnings, instruct them how to regain from download disasters. People have too much on their computers now to resist back up alternatives. An external hard disk, tape system or CD writer full of back up data can facilitate the sting of a spyware-ridden system and put things right with a restore to an earlier, spyware-free copy point.

Instruct users how to create restore points in XP and to place one before every download from a Web site that’s not a brand name portal. Disk space should not be a problem on newer PCs, but even if users fill up their hard disks, removing some restore points is much simpler than cleaning a spyware infection.


Giant AntiSpyware wasn’t a huge name until Microsoft purchased it. The Microsoft AntiSpyware Beta is essentially the Giant AntiSpyware utility. Will Microsoft give the final version away free? We don’t understand. Will it roll the utility into a fresh security patch? It hasn’t said. Waiting for Microsoft to fix spyware, however, reminds us of “Waiting for Godot.”

5. Create a spyware removal CD.

Recall your Boy Scout days and be prepared for the next call for help. Make your own spyware tool kit by burning a half-dozen spyware utilities to CD. When you go to clean a spyware machine, finding and waiting for utilities to download wastes time that’s better spent with your own family. CD ROM discs are affordable, so make additional copies and give them to your users. On mine, I have three free utilities, with three trial versions of commercial utilities. The applications range from 2M to 10M bytes, so you’ll have plenty of room on a standard CD.

6. Run at least two spyware cleaners.

1-1257610735H3nJYou know from experience that no spyware cleaner even comes close to wiping every piece of malicious code. All utilities have blind spots that spyware programmers manipulate. Every seller says its merchandise catches everything, but whenever I clean a hundred risks with one utility, a second always locates another dozen or so.

Every spyware cleaner tests the Registry, but because spyware follows Microsoft rules for Registry entries, nothing can clean it entirely. Only when you think you have spyware defeated, the Task Manager process list will begin to grow as spyware hiding in the Registry revive, especially after a reboot.

Run several utilities, run them consistently, vary them and ensure they are all updated. Paid cleaners provide more constant signature file updates, but even freeware adds new capabilities frequently. Run, upgrade, run, upgrade, repeat. I clean a system, reboot into Safe Mode and clean it with another tool, then reboot again.

7. Close desktop computer communication problems.

Every spyware upload means more future issues as spyware upgrades communication holes and adds new “characteristics.” Blocking the outgoing messages enhances your users’ quality of life.

Some, but not all, resident antispyware utilities block spyware uploads. Commercial products are a bit better. But installing a personal firewall additionally will block uploads. ZoneAlarm and Sygate Personal Firewall are both outstanding.

Nearly all name brand routers sold now additionally include firewall protections. Search for products that do stateful packet inspection of incoming and outgoing packets. A mixture of personal firewall and router controls isn’t overkill, particularly for users who can’t resist the bait of spyware-load websites.

8. Deal with DRM.

One reason spyware will be around for the next several years is that companies are increasing their use of digital rights management (DRM) on amusement files and software authorization license files that let specific programs run. The holes we leave open for these apps will be manipulated by spyware for years. Tracking cookies, such as frequent buyer perks for online stores, make Web sites easier to use. The problem is, they look merely like spyware, making it hard to kill the bad files without killing the good files, also.

The same is true for emerging entertainment player applications. The music files you download now and attempt to write to an MP3 player tomorrow needs to check you’ve got the right to play the files on that cellular apparatus. Your new spyware protection software might block the DRM query to the authority database. Isn’t one definition of spyware an program that sends system information to a third party without consent? That definition applies to company program license files and DRM program licenses equally, at least on an program-interface level.

One solution would be to avert DRM programs like music players, notably those from Microsoft. If you prefer your music, get a resident commercial spyware utility that updates its spyware database consistently because it’ll coordinate protection with the music services.

9. Leverage AOL membership.

Spyware protection from AOL, free for download for AOL members, is another useful addition from AOL as it continues to regain relevance. I found scanning speed to be slower than many other spyware cleaners, but the application found seven additional spyware cases after CounterSpy and SpyBot were through.

AOL offers some valuable protections for families, such as parental controls, but its browser is dependant on Internet Explorer and thus suppose. At least AOL helps its members with toll free tech support for times you’re unavailable.

10. Advocate a Macintosh or Linux system.

Spyware attacks Microsoft operating systems chiefly, entering through Internet Explorer holes and hiding inside Windows weak points. Some spyware, notably malicious cookies, functions within any browser, but that is a tiny fraction of the spyware universe.

Microsoft applications for example Internet Explorer, Word, Outlook and Media Player execute applications automatically when downloaded, permitting spyware simple access. Linux and Mac operating systems do not enable this automatic execution, making them more spyware resistant. Worse, Windows lets any user (or spyware) load dynamic link libraries into the kernel, while system administrator privileges for Linux are needed for that amount of system access.

Is the hassle of changing a buddy’s operating system or whole computer worth avoiding the hassle of spyware? Not to most people, but Apple and Linux will welcome you if spyware becomes overly painful.

Because you’re carrying a CD full of anti spyware utilities already, throw in a CD of the Knoppix bootable Linux OS. Use it to check badly infected systems still operate booting up and analyzing the system, and let your relatives and buddies see how Windows-like modern Linux has become.