Spyware Protection

Seek and destroy embedded bugs.

by James P. Davis

mbedded stealthily on the hard drives of many computers—even those protected with conventional antivirus software—are tiny unfriendly programs variously called spyware, malware or adware. Most are simply nuisances, triggering unsolicited pop-up advertisements or surreptitiously changing your default Web page so you’ll visit specific commercial sites.

But others are frighteningly malicious. They covertly gather sensitive data from computers they infect and transmit them via the Internet to unscrupulous people who try to profit from that information. Other spyware bugs browse through a computer and delete or even modify files. Read on to find out how to protect yourself from these threats.

Spyware is technically a virus, but unlike most viruses its usual goal is not to destroy data but to steal them. Spyware tracks where you browse or triggers pop-up screens designed to make online sales.

Spyware can enter a computer in several ways—via freeware and shareware software, spam e-mail, attachments or Web pages (see accompanying article, “Surf Safely”).

Most general antivirus programs, even those that claim to wipe out spyware, are rarely totally effective because this breed of pest is unique and requires special attention. Spyware bugs are often parasites attached to legitimate programs; this makes them appear to the antivirus product more like a normal program and thus avoid detection. In addition, unlike virus writers who earn nothing but scorn for their efforts—and often go to jail if they are caught—spyware writers are well compensated for their skills by illicit marketing firms and so are among the best and brightest programmers.

INFECTION SYMPTOMS
How do you know if your computer is infected? Often you don’t.

The most effective spyware programs display no symptoms, so the computer user is unaware dirty tricks are being secretly perpetrated while the machine is running. Less-sophisticated spyware, however, causes various symptoms. The most common are persistent pop-ups that appear even when you aren’t surfing the Internet or are unrelated to the content you are browsing. Other symptoms include sluggish computer performance, unauthorized changes to your Internet browser’s default home page, the sudden appearance of new browser toolbars and even random crashes. In addition, dial-up Internet users may suddenly discover unidentified 900-number telephone toll charges caused by spyware programs known as dialers.

The only sure way to discover whether your computer is infected, and to thoroughly cleanse it, is to run an antispyware product. Such software doesn’t just scan your hard disk; it also checks the Windows registry (that’s the control center of an operating system) and examines each background application. If a bug is identified, the software usually gives you three options: ignore it (in the event you recognize what you found isn’t really spyware), quarantine it (if you’re not sure what it is and want to cordon it off for safety) or delete it.

If you search the Internet for antispyware software products, you’ll find scores of links for products whose prices range from free to hundreds of dollars. Many cost less than $50. Most that carry a price tag offer users time-limited evaluation copies; a few are free, but they lack the more powerful extras of the products you pay for.

If you’re wondering why an antispyware publisher would offer its product not only without an evaluation time limit but at no cost, consider this: If users like the free product, they are apt to pay for the upgraded personal version; in some instances, they will recommend that their employers buy the much more expensive enterprise edition for the whole company. So, ironically, they too use software as a marketing tool—but without malicious furtiveness.

To determine which antispyware product is best for you, take advantage of the evaluation offers and try them out. Fortunately, most are easy to use and require little, if any, technical expertise. While most are reasonably effective, each works slightly differently. Following is a list of some of our favorites.

Spy Sweeper by Webroot Software has an easy-to-use interface with several customizable scan options. In addition to effective detection and removal functions, it provides real-time defenses to prevent spyware from installing itself. It offers free updates and online and phone technical support for a year. It comes in two formats: single copies for home- or small-office use and an enterprise edition for medium to large offices. The single version costs $29.95 for a one-year subscription. The enterprise edition’s price is determined by the size of the organization. (www.webroot.com)

Microsoft Windows Defender can be downloaded free by licensed Windows users. It’s simple to set up and run. During installation, the user must select to enable or disable the following three options: automatic updates, real-time monitoring and joining a project called Spynet, a voluntary global community of Windows Anti-Spyware users who submit suspicious applications and software for analysis. When a threat is confirmed, the applications-detection signature is updated and distributed to all users via the automatic update function.

The product provides an easy-to-use console, customizable scan options and real-time monitoring. The detection rate is good. The product is available only for Windows XP, Server 2003 and Vista—not for Windows 2000. Microsoft also provides two free support incidents to all users.

To download, do a Google search for it because the URL is extremely long.

Spybot Search and Destroy, maintained by volunteers, is another free application. (Donations are accepted.) The program offers the option to apply either an easy or an advanced interface for customized scanning and spyware removal. Its detection accuracy level is average. It is updated weekly. A downside: It needs to be reinstalled each time a new version is released. Product support includes online tutorials, e-mail help and a frequently asked questions file. (www.safer-networking.org/en/download)

CA Anti Spyware (formerly eTrust PestPatrol) by Computer Associates provides comprehensive protection using real-time monitoring. It also scans on demand and at scheduled times. Updates are automatic. If it discovers a pest, it alerts the user and provides a link to a pest database to provide additional information. A homes/small businesses without a network edition is available, as well as one for organizations with a network. It costs $29.99 a year and includes free updates via the Web and e-mail. Telephone support is available for $29.95 per incident. (www.pestpatrol.com)

While it may be a nuisance to select, download and run software to defend yourself against spyware, there seems to be no alternative. It’s the price we pay for the convenience of today’s powerful computers. And remember, it’s not enough to have software protection; you must schedule regular computer scans.

James P. Davis, CPA/CITP, is a senior accountant and information technology consultant with Colby & Co., Chesapeake, Va. His e-mail address is jdavis@colbycpa.com.