The next worse thing to a virus - how to deal with it
- What is spyware?
Spyware is marketing software which runs on your computer, usually without
your knowledge. It falls into two categories:
- Adware - This software uses your computer to
present you with advertising. The most common type generates forests
of pop-up ads, but it can also change your home page and "hijack"
your browser so that when you try to go to a website
you want, instead you're redirected to an advertiser's website.
- Spyware - This is software that keeps track of your
activities on the computer and periodically sends this information to the
marketers. The more harmless type tracks information about your browsing
habits (ex. what type of websites you visit the most), but it could also
potentially keep track of more private information you're typing, such
as account numbers and passwords.
- Where did it come from??????
- Downloaded software- Spyware almost always comes "bundled"
in with other software, usually "free"
software that you download from the Internet. You may find a neat application like
a searchbar, music-sharing software, or screensaver, and when you download and install
that application it also quietly installs a
bunch of spyware. Some of the applications that are most notorious
for installing spyware on your computer are file-sharing applications such
as Kazaa and Gator.
- File-sharing software - Notice that this is
mentioned twice? It's one of the biggest sources of spyware, both spyware
that comes bundled with the file-sharing software and spyware that comes
attached to the shared files.
- Disreputable websites -
You can also pick up spyware by going to the wrong web page. Some web
pages will attempt to download software or ActiveX controls to your
computer, which are actually spyware. If you go to a web page and a window pops up asking you to install
something, make sure you know that the software it's trying
to install is clean before you click OK.
- How do I know if I have spyware?
Some symptoms of spyware are:
- You're seeing lots of pop-up ads, sometimes when you're not even on
- The computer is running unusually slow
- Your "Connect to" dial-up window pops up all the time - ie the computer
is trying to dial into the Internet by itself
- Your home page changes by itself
- You can't access web pages
- You're getting a lot of strange error messages
- Your hard drive light is always on
- When you're on the Internet, the little green screens that show
you're connected are always lit, even when you're not doing anything
If some of this sounds familiar, you may be infested with spyware. Please note
that viruses can cause some of these symptoms, too. If you're seeing this
kind of behavior on your computer, you should check for both
viruses and spyware.
- How do I find, and more importantly GET RID OF spyware?
- Run a spyware scanner. This is definitely the
first step and will usually clear up the problem. The most recommended
spyware scanners are:
Make sure you run the update for your spyware scanner before running the
scan. Be cautious about downloading unknown spyware scanners - some so-called spyware scanners
actually drop more spyware on your system.
- Add/Remove Programs. Some of the more reputable
spyware vendors will provide an uninstall option for their software. To
see if an uninstall is available, click the [Start] button, then click
[Settings] (except on Windows XP), [Control Panel]. Double-click the Add/Remove
Programs icon, look through the list of software in the window that appears,
and if you see a program you know is spyware, click on it and click the [Remove]
button. (If you don't see the Add/Remove Programs icon in the Windows XP
Control Panel, click
the "Switch to classic view" link at the top left of the screen.)
- Advanced Removal. Spyware scanners won't always
be able to remove some of the more invasive spyware. If the same spyware shows
up every time you run a scan or if the scan doesn't show
any spyware but you're still having problems, you may need to be more agressive.
CAUTION! Only try this if you're pretty tech savvy! If not, bring your
computer in to be worked on.
- Hijack This! Hijack This! is a scanner that will check for
anything that's using the same methods spyware uses. Many of the things
it finds are legitimate programs and utilities, so you should NOT just
"fix" everything it finds! Before fixing anything it finds, you should
post a log of your scan to a forum where experts
can look it over and recommend what items you should have it fix. (If
you don't know how to copy the log you probably shouldn't be using
You can download Hijack This! at
http://www.spywareinfo.com/~merijn/downloads.html. There are several
forums on the Internet where you can post logs - many are listed at
If you're a Boreal member, you can also send a copy of your log to
firstname.lastname@example.org and we'll give you
some guidance on what items to have Hijack This! fix. (Please ONLY send
us a Hijack This log if you've already tried running one of the spyware
scanners listed above, and have not been able to completely remove your
- Manual Removal There are manual removal instructions for many
types of spyware at http://doxdesk.com/parasite/.
- How do I keep from getting spyware?
- Watch what you download - Read the License
Agreement for software you're installing. If you find something
buried in the small print saying that by installing this software you
agree to allow them to gather and/or share demographic data, subscribe you
to or present you with advertising, be cautious about this
software! When in doubt, go to a search engine such as Google and search
for the name of the software and "spyware". (Ex. search for "Gator" "spyware".)
If the software is a known
spyware source, you'll find this out in your search results.
- Tighten up your web browser - If you're using
Internet Explorer, you should adjust some of the security settings to
prevent malicious websites from downloading spyware on your machine without
your knowledge. To do this:
- For most versions of Windows, click [Start], [Settings], [Control Panel].
For Windows XP, click [Start], [Control Panel].
- Double-click the Internet Settings icon. If you're in Windows XP
and don't see an Internet Settings icon, click the "Switch to classic
view" link at the top left of the screen.
- In the window that opens, click the [Security] tab, and click on the
[Custom Level] button. Click on the
following settings to check them:
- Under "Download signed ActiveX scripts" click "Prompt".
- Under "Download unsigned ActiveX scripts" click "Disable".
- Under "Initialize and script ActiveX not marked as safe" click "Disable".
- Under "Installation of Desktop items" click "Prompt".
- Under "Launching programs and files in a IFRAME" click "Prompt".
- Click the [Content] tab and click the [Publishers] button. Look
through the list and delete anything you don't recognize.
- Click OK to close the Internet Settings window and save your settings.
- Now, when a web page attempts to load something to your computer you'll
be notified. Before you click OK, make sure you know that the software
it's asking you to install is not spyware!
- Install a spyware blocker. The spyware scanners
mentioned above will detect and remove spyware, but won't prevent it from
being re-installed on your machine. To block spyware, you can install
a spyware blocker such as Spyware Blaster.
Please note that Spyware scanners and blockers are like Anti-virus software
in that they need to be updated on a regular basis. Be sure to run the
"Check for Updates" function regularly with Spyware Blaster and then
enable protection for all unprotected items.