Spyware among us
If you have not encountered an invasion of spyware, adware and viruses in your computer, you either have very strong firewall and protection software or you are a Mac or open source user. Even these folks get hit once in awhile, so some discussion about the topic is in order.
I came across a great article in Small Business Computing online magazine in which a particular anti-spyware software package called Spy Wall from Trlokom Software was praised. But more important, the article covered the growing threat of spyware and its various permutations. I found their glossary to be particularly impressive:
• Virus: a program that infects other software
• Worm: a program that transmits itself over a network to infect other computers
• Trojan: a malicious program that presents itself as something innocuous or desirable in order to tempt you to install it.
• Spyware: malicious software designed to intercept or take partial control of a computer without your consent.
• Adware: software that serves up pop ups and banner ads or sends marketing data about your computing habits to other sites.
• Keylogger: malware designed to record and relay keyboard strokes. This is a way to detect passwords and financial information.
• Browser Hijacker: a program that alters your computer's browser settings and redirects you to Web sites you had no intention of visiting.
• Rootkit: software tools that conceal running processes, files or system data so that an intruder can maintain access to a system without detection.
If you have ever installed anti-spyware software and still got infected, Rootkit is probably the cause, and apparently this is increasingly the way that spyware hides itself within your system. According to Pat Bitton, a Redwood Technology Consortium member and Tech Beat author, "the average PC has some 70 or 80 items of spyware on it at any given time." Pat's telltale signs of infection include:
- A growing number of pop-ups
- Your home page changes
- Strange toolbars appear in the browser
- Mysterious icons appear on the desktop
- Your PC runs slowly
Pat's second Tech Beat article on this topic suggested some software solutions. As for me, I have used the free America Online spyware protection service with acceptable success, but recently loaded the Spy Wall package just to be extra safe. Sadly, it looks as if more than one protection feature is needed to make sure your system isn't hijacked. For those of us running small businesses who depend on our computing systems, it is a small investment considering the alternatives.
Some other tricks to make sure you can recover from a virus, spyware or adware attack are:
Use a reliable strategy to backup your files (see my Tech Beat article on the topic). I prefer Web-based backups that also protect from fire or other disaster.
Use your system restore feature on your Windows XP systems. It will at least allow you to return to pre-infection status.
Get and use anti-spyware, anti-virus and firewall software to prevent infection in the first place (or at least make it difficult).
Y'all be careful out there, ya hear?
Chris Crawford
www.justiceserved.com
Comments
I'd suggest using System Restore only as a last ditch measure.
I used it once a few years ago because of, believe it or not, a problem I had after using Microsoft Live Update.
In hindsight I probably should of tried to deal with the problem (at MS' suggestion I replaced a driver) by just dealing with the problem but, not being sure what to do, I figured I'd take the easy way out and just use Restore to go return the computer to where it was before I did the driver update.
What a mess. I had a big hassle with Norton Anti- Virus, having to update that program more than I could see any reason for. There were some other problems too, that escape me now.
Worst part was the computer never worked the same again. Finally took care of the problem by reformatting the hard drive some time later.
Posted by: Fred Mangels | January 14, 2007 03:02 PM
Do the spyware programs detect existing spyware, or just detect incoming, and prevent new infections? How do you ensure that you have a clean system to start with?
Posted by: Rose | January 14, 2007 05:47 PM
I believe most scan your system and find spyware or adware. Zonelabs has a free spyware scan where you do it online and don't have to download anything.
I know it picked up Gator on my drive, but I knew Gator was spyware or adware.
Kim Kommando has always recommended using more than just one spyware scanner. She says using one doesn't always detect all spyware.
Posted by: Fred Mangels | January 14, 2007 06:04 PM
Ah, Fred and Rose. Always a pleasure to hear from you.
As to Fred's issue about system restore, I agree that merely using the "wayback machine" to transport your system to an earlier state has several drawbacks. However, I have now learned (slowly) to use system restore to capture my current settings BEFORE I make a major change or load new software into my system. This way, you don't have to go very far back to get a system restoration that doesn't cause other problems.
As to Rose's question, Fred is correct that most anti-spyware products detect problems after they are in your system, and rarely prevent them from getting in to begin with. Logically, it's difficult to prevent infection because spyware enters through normal activities such as opening email and visiting websites (especially "clicking through" an email to a website). One can limit these activities but not avoid them altogether. Spy Wall claims to have a blocking feature but I'd have to see it first before I believe it.
And yes, two anti-spyware solutions are better than one, even though they sometimes cause their own conflicts searching for the same culprits.
The best solution is to be informed and use e-protection.
Thanks for dropping by !!
CHRIS
Posted by: Chris Crawford | January 15, 2007 03:04 PM
The best solution is to be informed and use e-protection.
The very, very best solution is to switch to Linux. You will be oh so very happy. You've got no excuse, Chris -- you've got 10 times the required amount of computer smarts.
But back when I was a slave to Bill Gates I used Spybot Search and Destroy to rescue me from Redmond's kludgy brew of nonsensical software holes. Try it!
Posted by: Hank Sims | January 16, 2007 05:45 PM
Well then the next best solution is a Mac.
Posted by: Mike Buettner | January 16, 2007 07:10 PM
I'll accept that, just because it's so refreshing to hear a graphic designer admit that Mac is "second-best".
Posted by: Hank Sims | January 16, 2007 08:16 PM
Thanks for the post! Thank you to Fred that posted a link to your page.
Posted by: Carol Ann Conners | January 16, 2007 10:11 PM
OK, I admit that Linux rocks and Mac is a more enjoyable computing experience compared to Windoze, but those of us making a living in the world (especially working as contractors in government agencies) must swallow hard and take the bitter Microsoft pill.
Face it, oh enlightened ones, we who seek better alternatives are in the minority. Those poor sods who think in only MS and Windoze terms need help when their boxes get infected with spy-adware and viruses, and help to avoid it if possible.
The good news is that more of my clients are starting to use open source, though none are choosing Macs. Perhaps the migration to Service Oriented Architecture will even promote a few Mac solutions. But that is another blog topic.
Chris Crawford
Posted by: Chris Crawford | January 16, 2007 10:21 PM