Windows XP Cookbook (Cookbooks)

Problem

You want to protect yourself against spyware from spying on your Internet activities, delivering blizzards of pop-up ads, and hijacking your home page so that you're sent to a different home page than the one you've set and you're hijacked even when you try to reset the home page.

Solution

Protecting yourself against spyware involves changing the way you use your PC, changing your security settings, and using antispyware software (for details on using anti-spyware software, see the Using downloadable software section later in this recipe).

Be careful about what you download

Before you download any file, know exactly what you're downloading. Do you know other people who have tried the program? Have they reported spyware problems? Who made the software is it from a large, reputable company, or an unknown startup? Only download software from reputable companies that have no reported problems with spyware.

Before you install any software, use System Restore to create a snapshot of your system. That way, if the software you download also includes spyware, you can use the restore point to restore your system to its previous spyware-free state. See Recipe 19.4 for information about System Restore.

Consider getting an alternative browser

Internet Explorer has more security holes than other browsers and is more closely tied to the operating system. This makes it easier to slip spyware onto your system using techniques such as drive-by downloads. Switch to an alternative browser, such as Firefox (http://www.mozilla.org/products/firefox), for better security.

Change your Internet Explorer security settings

If you want to keep Internet Explorer, change the security settings to prevent drive-by downloads and other dangers. You can turn off the automatic downloading of ActiveX controls and scripting, for example. For details, see Recipe 13.11 on handling Internet Explorer security settings.

Keep your system up to date

Spyware authors exploit loopholes in Windows and Internet Explorer in order to plant spyware on your system. But if you keep your system up to date, you'll close many of those loopholes and stave off infection. It is especially important to install Windows XP Service Pack 2 (SP2), because it closes many loopholes in Windows.

In addition to SP2, make sure you download and install the latest Microsoft security patches. Download them by going to Microsoft Update at http://windowsupdate.microsoft.com/, or by turning on Automatic Updates (see Recipe 2.16).

Kill pop ups

Spyware frequently spreads via pop ups. If you click a pop up, you may get infected by spyware. And, of course, spyware infestations can deliver more popups, sometimes in swarms. So killing pop ups will help keep you free from spyware. For details on how to do it, see Recipe 13.11.

Use a personal firewall

A personal firewall will protect you in two ways. Its inbound protection will help prevent spyware infections. But more importantly its outbound protection will stop spyware from "phoning home" and sending information about you to a web site. Unlike the firewall built into Windows XP, ZoneAlarm (http://www.zonealarm.com), McAfee Personal Firewall (http://www.mcafee.com), and Norton Personal Firewall (http://www.symantec.com) all provide outbound protection. Of the three, only ZoneAlarm includes a free version.

Using downloadable software

There are many pieces of antispyware software you can download, some of which are free. The two best free ones are Ad-Aware (http://www.lavasoftusa.com/software/adaware/) and Spybot Search & Destroy (http://www.spybot.info). Both of them do a very good job of scanning your system for spyware, and then killing what they find.

But they both have a drawback their free versions don't offer significant real-time protection. (Spybot offers some basic real-time protection.) So they can't stop you from becoming infected; they can only kill spyware after you've already gotten invaded by spyware. Ad-Aware has a for-pay version that offers real-time protection, and you can pay for that.

But a better bet is either Microsoft Windows AntiSpyware (http://www.microsoft.com/athome/security/spyware) or Webroot Spy Sweeper (http://www.webroot.com). Both offer real-time protection as well as spyware scanners and killers. As this book went to press, Microsoft Windows AntiSpyware was still in beta, and pricing was not set. So it may or may not be free. Spy Sweeper is free to try, but $29.95 if you decide to keep it.

No matter which spyware detector you use, though, you should use more than one. No single piece of antispyware software can detect and kill all spyware, so a combination of two or more is best.

Using a graphical user interface

Download Microsoft Windows AntiSpyware (http://www.microsoft.com/athome/security/spyware, and follow the installation instructions. The default settings as a general rule work fine, and so mostly they can be left as is. However, the software could end up changing your home page, your default search engine, and similar settings, without telling you, and so you should change that. (Note: the beta version of Microsoft AntiSpyware changed these settings, but there is a chance that the final version will not.)

The problem is caused by the software's feature that is designed to prevent home-page hijacking. When a piece of spyware tries to hijack your home page or search page, Microsoft AntiSpyware is designed to restore your home page or search page to your original settings. However, rather than restoring the setting to your home page, Microsoft AntiSpyware instead changes them to Microsoft's MSN.com page, and it similarly changes your search engine of choice to the MSN search engine.

To instead have Microsoft AntiSpyware use your own settings:

  1. Run Microsoft AntiSpyware.

  2. Click Advanced Tools.

  3. Click Browser Hijack Restore.

  4. From the list that appears, select Start Page and click Change restore setting to a new URL.

  5. Type in your home page URL and click OK.

  6. Select other pages that you want to keep as your own, instead of Microsoft's, such as Search Page, and follow steps 4 and 5.

Discussion

Spyware has become perhaps the most prevalent pest on the Internet. It can silently record all your Internet activity and report on your travels; hijack your home page and search engine; inundate you with swarms of popups; and much more, including installing so much junk that it can disable your computer. A related problem is adware, which is software that displays advertising on your PC. Some people consider adware a part of spyware, while others differentiate between the two pests.

Home-page hijackers have become increasingly common as well. This type of spyware hijacks your home page. When you start your browser, you're sent to an unfamiliar home page that usually includes a blizzard of popups.

Whether you call the pest spyware, adware, or a home-page hijacker, all have become serious problems. You fight adware and home-page hijackers in the same way you fight spyware.

Spyware can infect your PC in several ways. But it usually happens when a piece of spyware rides on the back of a free program you install. The Gator eWallet is notorious for the spyware it installs, and file-sharing software, especially Kazaa, can install spyware on your system as well.

Spyware can also be installed via drive-by downloads, in which a web site takes advantage of a security hole in Internet Explorer to download and install software onto your PC without your knowledge. They can also be installed via ActiveX downloads, when you approve the download of an ActiveX control before knowing what the download actually does. Spyware can also get on your system when you click a pop up merely clicking on the pop up can initiate a download. And spyware can also infect you via email, when you open an infected attachment.

State and federal governments have proposed a variety of laws that claim to crack down on spyware, but the truth is, none of them can possibly eliminate the problem; the laws are weak and full of loopholes. So your best bet for protecting yourself is to follow the advice in this recipe.

See Also

Harvard researcher Ben Edelman maintains the best site (http://www.benedelman.org) on the Internet for finding out behind-the-scene and financial and legal aspects of spyware. SpywareInfo (http://www.spywareinfo.com) is a very useful site for general spyware information, and has a free spyware newsletter to which you can subscribe.

Категории