June 30, 2005

Preventing Spyware and Malware Infections

Preventing Spyware and Malware Infections (Updated 1\13\05)

Spyware has grown out of control. In many cases they have morphed into trojans or viruses embedded in such a way that it makes it difficult to remove the more sophisticated infections. There are even rogue programs that claim to remove spyware, but actually install it. At the same time, many legitimate anti-spyware programs delete all cookies, which are harmless and usually helpful. It's a confusing area, even for computer geeks and it is constantly changing. That said, with a little knowledge, and some free tools, you can be protected and confident that your computer is clean. These are the guidelines I live by and I literally can not get infected even when I try!

First and foremost, while this has been repeated countless times, many have obviously still not heard it, so we will repeat it first. You need a firewall, anti-virus, spam filter and Windows Updates turned on. Once installed and setup, they work alone and need little to no attention. Keep in mind that even on a clean install of Windows (without service packs) you can be infected within minutes without ever opening your browser. On clean installs, keep your internet connection disconnected until you have a firewall and anti-virus installed.

Windows Updates:
In your control panel look for Windows Updates and set it up to automatically update. If you use your computer every day, update every day.

Firewall:
If you have Windows XP with Service Pack 2, it now includes a firewall. While it is not the best one available, it is better then nothing and hence, easier to use then most. Optionally, Zone Alarm offers a free firewall that you can
download from us here. They offer other paid versions with more features, but this is an excellent choice. http://majorgeeks.com/download388.html

Anti-Virus:
Again, there are free alternatives including our favorites AVG Free Edition and Avast Home Edition. These can also be upgraded to a paid version, well worth it for the extra features or just to contribute to the people who protect you for free year in and year out. You can also purchase known brand names like Norton's or Mcafee's at any store or online, but we have always been impressed with the performance of AVG and Avast http://majorgeeks.com/download886.html .

Spam Filter:
I like SpamFighter as a free spam tool. It needs to load a toolbar in Outlook Express, so you need to uncheck "send and receive messages at startup" in Outlook Express since emails can be received before the toolbar loads. Many viruses, trojans and phishing schemes are sent by email, so this is an important step. Note: Phishing schemes are one of the newer scams out there. You get an email that tells you you need to login somewhere that your credit card or bank info is on file and when you follow the link in the email, you go to a exact copy of the website so they can steal your credit card info and more. See next paragraph for avoiding this scam.Don’t surf questionable websites. Free porn is an oxymoron. There is no free porn! When they get done with you, you may have dialers and browser hijacks installed, maybe even random popup ads. Sure, you didn’t hand over your credit card, but you’re going to pay. The same applies if you, or someone using your computer, were out looking for pirated software, downloadable DVD movies, MP3's and so on. Time and time again, I have tested these sorts of websites and more often then not, came away with a trojan and spyware. Many peer to peer programs are loaded with virus infected files, the worst one being Kazaa. These types of things are rarely free. Another good suggestion is to type in web addresses carefully. A lot of these scumbags have purchased domain names people frequently spell incorrectly and when you make that mistake, they got you. When possible, use bookmarks rather then typing in the web address if you visit a website you like and think you may return. http://majorgeeks.com/download4316.html

When a window pops up in your web browser asking to install something, slow down and read it! Many programs can be safe, like Shockwave, but if a window pops up asking you if you would like to install a little purple Bonzi Buddy to surf the web with you, then the answer is no! If the answer is yes, its time to shut off that computer and go outside and meet some real people. You’re using your computer way too much if you need a purple buddy There are plenty of other colors of real people you can go meet When installing a new program, take a minute to skim any agreements (long, legal text you must agree to) and keep an eye out for words like partners, sponsors, 3rd party, advertising and anything that may be related to tracking. Download only from trusted sites that test programs before offering them to the public. Very few websites do this and none I know of test everything, except MajorGeeks.com. A handful of websites test some programs and notify you if they know a program contains spyware. Ultimately, it is up to you to check the program when you install it.When you're not sure, visit any website setting a cookie or installing a program in question and look for a link to a privacy policy. Windows that popup to install a program often offer a link to a privacy policy. Almost every website has one, and many tend to honor these. Don’t be afraid to surf around, download and have a good time. Just use what you have been told above to be informed! So, it’s too late? You have spyware, a dialer or browser hijack? The tools are there for you. Here are most popular, effective solutions:

Ad-aware:
One of the originals in the spyware detection and removal game. The scanner is completely free, often updated and easy to use. For beginners, this program is a best choice. For as little as $9.95, you can buy the pro version that allows you to block spyware before it enters. A link to that is available from our website where you can download the program. http://www.majorgeeks.com/download506.html

SpyBot-Search & Destroy:
This program came out of nowhere competing with Ad-aware and for a while even fond items that Ad-aware did not. Now, the programs are equally as good, though Spybot can be a bit less user friendly and seems to be updated less on average. http://www.majorgeeks.com/download2471.html

CWShredder:
A small utility for removing CoolWebSearch, a browser hijack. It's not quite as simple as just the \r\nname CoolWebSearch. They changed it to many different names and there are well over a dozen variants of this hijack making it the most “popular” hijack out there at this time. Ad-aware or Spybot should get rid of this, but if not, this tool will. http://www.majorgeeks.com/download3019.html

Home Search Assistant And about:Blank:
The latest, most nasty hijacks to show up, forcing your web browser to be redirected to an about:Blank page or some search website. These programs are really mix spyware, homepage hijacks and trojans and are nasty to remove. http://www.majorgeeks.com/download506.html . We suggest you try about:Buster andand follow directions to use them on the download pages.

Spyware Blaster:
This program blocks installation of tracking cookies, ActiveX installs and more. In other words, you can block most problems from even entering your system in the first place. http://www.majorgeeks.com/download2859.html

A Better Browser:
Consider replacing your web browser \r\nwith a free alternative like FireFox or a shareware browser like Opera, for example. While not a 100% fix, Firefox is fast and does not have many of the features (think security risks) that Internet Explorer has. A couple examples of security holes Internet Explorer has are Trusted Sites and ActiveX.

Final Thoughts:
If you are having trouble removing spyware, it may be saved in a checkpoint in system restore, so you will need to disable system restore to remove it. How to disable and re-enable system restore can be found here: If you are using multiple user accounts, spyware can find it's way from one account to the other. Any scans made on one account should be done on the others.
Source: majorgeeks.com