"What are all these windows open on my screen?” a campus administrator asked me recently. Unfortunately, windows were appearing on her personal laptop's screen at an alarming rate. She had Adware! Adware sometimes causes advertising banners to appear on your screen in multiple, cascading windows that can appear so quickly that you are unable to use your computer for anything else. Furthermore, when doing a search, advertisements could appear everywhere on your computer. They are pernicious and invasive. And then there are Spybots, which are no fun either. These can be used to collect the keystrokes you make--consider how dangerous this is when typing in sensitive information such as social security numbers or critical passwords--and send them on to others.
Although we came to the brink of reformatting--wiping her hard drive of data and starting over--we were finally able to install the right combination of software to prevent spyware/adware software from taking over her computer. The software programs listed below are all free for individual use. I encourage you to take these steps to immediately protect your computer. If you are undergoing a spyware attack, start with Step 2; this will prevent pop-ups from overwhelming you as you try to take care of the problem. They include the following:
- Update your Windows Operating System . You can do this by pointing your Internet Explorer browser to “Protect Your PC” (http://www.microsoft.com/security/protect/default.asp)
This Web site will allow you to get (download) the latest updates for your particular operating system.
- Install an Internet Monitoring or Firewall program such as Zone Lab's ZoneAlarm (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp), Kerio's Personal Firewall (http://www.kerio.com/us/kpf_home.html) or Agnitum's Outpost Firewall Free (http://www.agnitum.com/download/outpost1.html). A firewall program essentially monitors and restricts incoming and outgoing Internet use. It allows you to see how the Internet is being accessed on your computer. After a few alerts, you are able to identify which program is trying to access the Internet and deduce why. The program can be taught to remember which programs to allow, and which to bar. ZoneAlarm is a free download and includes a short tutorial/wizard to help you configure it. The first few uses of the Internet will require your permission, but you will actually be able to prevent your computer from sending out unauthorized spyware connections. This is important since an unauthorized spyware could further install other software on your computer.
If you do not want a firewall, but still want to know what programs on your computer require Internet access, you can install a monitoring program. For Macintosh computers, you can download BrickHouse (http://personalpages.tds.net/%7Ebrian_hill/brickhouse.html) or Little Snitch (http://www.obdev.at/products/littlesnitch/download.html) While both are shareware ($25), BrickHouse allows you unlimited use as opposed to Little Snitch which allows only three hours of use before you have to pay. Both will allow you to monitor incoming/outgoing traffic on your Mac. Although Macs, as of 11/26/2004, are immune to spyware, these two products will help you keep track of applications that communicate with the software manufacturer via the Internet.
Windows users, who will still need a firewall program to monitor Internet connections even with Windows XP Service Pack 2 installed, can take advantage of the free WinPatrol (http://www.winpatrol.com/) or Spybot's TeaTimer, which is discussed below, to monitor Windows settings changes. Another alternative is JavaCool Software's FileChecker (http://www.javacoolsoftware.com/filechecker.html). Each program provides you with more information to facilitate your decision-making and awareness of spyware/adware/viruses that may need Internet access. In some cases, you are able to halt the process before worse damage occurs or recognize the problem. A rule of thumb is to disallow Internet access unless it is critical to the operation of your machine. This is especially critical after installing something you've just downloaded off the Internet, even if it is coming from C-Net's Download.com, which has some software infected with spyware/adware.
- Disable System Restore : If using Windows XP, you need to disable a feature called "system restore." This is a utility that makes back ups of selected files on your computer. If a virus infected file, or spyware/adware file, is backed up, when you restart your computer, the infected files will be restored. This would prevent a clean-up from taking place. You can find directions on how to disable System Restore online at “Disabling System Restore” (http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm)
- Install several anti-spyware programs --unfortunately, 1 or 2 is not enough--including the following:
- Finally, fix your Windows Registry . If you've had to battle spyware or adware on your computer, then you may have other, long-lasting problems. After cleaning out toxic programs, the Registry on your computer has been corrupted. The Registry is a place where the Windows operating system, as well as other programs, save information about themselves. A corrupt registry means that your machine will start up slowly and/or crash frequently. While there are many "registry cleaners" out on the Web, I would recommend Macecraft's Registry Supreme (http://www.macecraft.com/regsupreme/). Not only is it easy to use, but when I used it on three different systems within it's 30 day evaluation period, it worked flawlessly. And, while not free, it only costs $12.95! And, cleaning your Registry periodically can speed up your system significantly! If you aren't interested in installing RegSupreme, you might try this alternative--although it's not as comprehensive as RegSupreme, it is completely free— EasyCleaner (http://personal.inet.fi/business/toniarts/ecleane.htm). EasyCleaner also offers other options similar to RegSupreme Pro including removing installed programs, checking startup services, and more.
- LavaSoft's Ad-Aware (http://www.lavasoftusa.com/software/adaware/): You'll want the free Personal version for home use, and either the Professional or Plus version for work).
- Spyware Blaster (http://majorgeeks.com/download2859.html): This is a free program that innoculates your computer against spyware/adware.
- Spyware Guard (http://www.javacoolsoftware.com/spywareguard.html): This is a free program (from the same people that developed Spyware Blaster) that monitors for spyware/adware.
- Spybot (http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html): If you activate Spybot's TeaTimer feature, you'll be notified of any changes to your Windows settings and registry (more about the registry in the next section). TeaTimer--like WinPatrol--will enable you to better control what changes are made to your computer.
Between the four programs, you have a greater chance of cleaning out existing spyware and ensuring that no new spyware will find its way into your computer. If you believe your computer is already infested, you will also want to use CW-Shredder (http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html). CW-Shredder , which is free, cleans out particularly pernicious spyware. Of course, Softpedia (http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/) offers others you can use. Another approach to take, especially if you haven't been hit yet, is to innoculate your computer against spyware. Spybot allows you to do this to some degree, but Spyware Blaster, mentioned above, prevents spyware from actually establishing a beachhead on your computer. You can find some free tutorials for installing these programs online at a site calling itself Anti Spyware Toolkit (http://itls.saisd.net/software/spykit/).