Spyware, Adware, and Viruses
Spyware and Adware are general terms
for programs that surreptitiously monitor your actions. While they
are sometimes sinister, like a remote control program installed
by a trojan, software companies have been known to use spyware to
gather data about customers. The practice is generally frowned upon.
These programs are not considered viruses. Viruses replicate themselves
across a network, or the Internet as a whole. The virus payload
may be destructive, like code to delete files, or it could simply
try to overwhelm a network by copying itself. Worms on the other
hand, are viruses that replicate themselves without human intervention.
If the victim has to open an e-mail attachment to get infected,
it's a virus. But if it scans for new victims and attacks by itself,
it's a worm.
The following topic was written by
AntiSpyware Expert Tony Klein and has been posted
in numerous security forums. Hopefully, these tips and tools will
help you understand how to stay safe and prevent any future infections.
SO, HOW DID I GET INFECTED IN THE FIRST PLACE?
You usually get infected because your security settings
are too low.
Here are a number of recommendations that will help tighten
them, and which will contribute to making you a less likely
1) Watch what you download!
Many freeware programs, and P2P programs like Grokster,
Imesh, Kazaa and others are amongst the most notorious,
come with an enormous amount of bundled spyware that will
eat system resources, slow down your system, clash with
other installed software, or just plain crash your browser
or even Windows itself.
2) Go to IE > Tools > Windows Update > Product
Updates, and install ALL Security Updates listed.
It's important to always keep current with the latest security
fixes from Microsoft.
Install those patches for Internet Explorer, and make sure
your installation of Java VM is up-to-date. There are some
well known security bugs with Microsoft Java VM which are
exploited regularly by browser hijackers.
3) Adjust your security settings for ActiveX
Go to Internet Options/Security/Internet, press 'default
level', then OK.
Now press "Custom Level."
In the ActiveX section, set the first two options ("Download
signed and unsigned ActiveX controls) to 'prompt', and 'Initialize
and Script ActiveX controls not marked as safe" to
Now you will be asked whether you want ActiveX objects to
be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be
moved to the Trusted Zone in Internet Option/security.
So why is activex so dangerous that you have to increase
the security for it?
When your browser runs an activex control, it is running
an executable program. It's no different from double clicking
a .exe file on your hard drive.
Would you run just any random file downloaded off a web
site without knowing what it is and what it does?
And some more advice:
4) Install Javacool's SpywareBlaster.
SpywareBlaster will protect you from all spy/adware in it's
database by blocking installation of their ActiveX objects.
Download and install, download the latest updates, and you'll
see a list of all spyware programs covered by the program
(NOTE: this is NOT spyware found on your computer)
Press "select all", then "kill all checked",
and you're done.
The spyware that you told Spywareblaster to set the "kill
bit" for won't be a hazard to you any longer.
Although it won't protect you from every form of spyware
known to man, it is a very potent extra layer of protection.
Don't forget to check for updates every week or so.
Let's also not forget that SpyBot Search and Destroy has
the Immunize feature which works roughly the same way.
It can't hurt to use both.
Download Spybot Search and Destroy
5) Another brilliant program by Javacool we recommend
It provides a degree of real-time protection solution against
spyware that is a great addition to SpywareBlaster's protection
An anti-virus program scans files before you open them and
prevents execution if a virus is detected - SpywareGuard
does the same thing, but for spyware! And you can easily
have an anti-virus program running alongside SpywareGuard.
It now also features Download Protection and Browser Hijacking
6) IE-SPYAD puts over 5000 sites in your restricted zone,
so you'll be protected when you visit innocent-looking sites
that aren't actually innocent at all.
Finally, after following up on all these recommendations,
why not run Jason Levine's Browser Security Tests.
They will provide you with an insight on how vulnerable
you might still be to a number of common exploits.
To add to Tony's excellent advice above,
you may find these additional programs and security sites helpful
in spyware prevention and removal:
7) Three free programs available to scan and
remove spyware from your system.
Download and install Adaware
Update the program before scanning (do NOT skip this step.)
Reboot your PC after scanning and cleaning with Adaware
Download and install Spybot Search & Destroy
Update the program before scanning (do NOT skip this step.)
Reboot your PC after scanning and cleaning with Spybot Search
A comprehesive Tutorial by the Author of Spybot Search & Destroy:
Microsoft AntiSpyware Beta:
A Special Tool for Coolwebsearch and it's many variants is
Just download it, click the 'check for update' button and download
any updates that may be available.
Click the 'Fix' button to run it.
Alternate download for CWShredder at Major Geeks site:
See also this full article by the Author of CWShredder
The CoolWebSearch Chronicles, The story of a thousand hijacks
8) Scan for Viruses and common trojans online
Panda's Active Scan
Trend Micro (PC-cillin) - Free on-line Scan
RAV Antivirus Online Scan
eTrust AV web scanner (Computer Associates)
9) Some Security Sites worth reading and bookmarking
for reference and to help you get started in your PC Security.
Home Computer Security
Protecting Your Home Network
Home Network Security
Malicious Code Propagation and Antivirus Software Updates
National Institue of Standards and Technology
Computer Security Resource Center
Stay Safe Online
Protecting Your Privacy & Security on a Home PC
IE-SPYAD: Restricted Sites List for Internet Explorer
Working with Internet Explorer 6 Security Settings