PC Man's Antispyware Defense Guide will introduce you to the basics of how spyware works and what you need to do to protect your online identity as well as your PC's integrity from online scammers and intrusive spyware driven applications and websites. You learn how spyware works, how to avoid installing spyware, adware, and other ad driven software, as well as understand the basics of cookies and why your computer can pose as a security risk while you are online. You will also learn how and why personal information is so valuable to the developers of spyware based programs.

Key Terms And Definitons

When discussing the topic of spyware, adware, and other internet problems, it is necessary for you to understand a few basic key terms and definitons.

Listed below are several key terms that provide an explanation and overview of how spyware gets into a PC and why it poses as a security risk.

Active X    

ActiveX is a Microsoft developed technology that permits Internet applications to use a more powerful platform to run server based programs and are compatible with the Internet Explorer only.  When prompted to install an ActiveX control from any web server, ensure that is from a trusted source, and one specifically authorized by you. Most dialers and hijackers are installed through the ActiveX technologies.
Spyware   

Spyware

Spyware is a global term associated with any kind of intrusive software known to collect personal information and send it from your computer to another source across the Internet, without your knowledge or authority. You can normally identify spyware based components by reading the End User License Agreements that normally accompanies all software products.

Adware    

Adware is a less serious form of spyware as it does not transmit any personally identifiable information across the internet. Adware merely displays ads based on the websites you visit and other Internet activity Adware can be just as intrusive as spyware, so be careful which programs that have "neat" or "useful" features. These are readily and freely available for download, but most programs come bundled with some sort of adware built-in.

Keylogger Program    

Keylogging programs record the your keystrokes and sends the information back to a hacker or other source for further processing. This often leads to online identity theft and other case of online fraud and scams.

Tracking Cookie   

Cookies are very small files used all over the Internet and useful for companies that want to hear about each time you visit a website that contains their advertisements. Cookies are useful for customizing websites that you may visit regularly, but they should be generally cleared out of the your computer at least once per week.

Browser Hijacker    

A browser hijacker is a tiny program, file, or windows registry setting that changes the homepage and search pages of Internet Explorer. If your browser's homepage that has been changed without your authorization, chances are it's been hijacked by a program quite often by an ActiveX installation control.

Antivirus Program    

An anti virus program is application software that detects viruses and prevents them from being downloaded off the Internet or installed in your machine. Antivirus programs require weekly updates to ensure the program is protecting your data and files from the latest viruses and other security threats. Most antivirus programs do not have the ability to scan for spyware, although most antivirus developers are incorporating some kind of antislavery defense into their packages.

Software Firewall    

A software firewall is an application that detects and blocks unauthorized hacker attempts and prevents Trojan viruses from being downloaded into a machine. A software firewall places a barrier between your computer and the Internet.

What Spyware Is

Spyware is commonly referred to as any software application that attempts to deliver unsolicited advertising based on websites the end user visits. Spyware is also commonly referred to as malware, adware, scumware, and nastyware. It gets these names because of the intrusiveness of the software and how it has been designed. This kind of software is meant to track your personal information including the websites you visit, how often you visit a particular site, as well as various types of data that fuel the advertising engines in the particular software. Spyware will track your surfing, send the collected information back to a central server, and the central server will then communicate with the software to deliver advertisements to an infected PC. The end result is nothing but intrusive, unwanted, and often annoying advertisements.

Quite often spyware based programs will have a feature that actually takes over a web browser's homepage. This process is referred to as browser hijacking. It means that when you load your web browser it automatically takes you to unwanted websites; typically this website is of an advertisement and may include any number of advertisements directing you to adult based websites, illegal gambling sites, or softwae e-stores that sell illegal software. When your browser gets hijacked, it will require more than a simple setting change to resolve the issue. In fact, when you change the homepage back to your original, a simple reboot or program restart is all the spyware needs to kick back in and over take your browser once again.

Spyware generally tracks a variety of information using different modules or advertising engines. This process not only slows down the speed of your computer, but can also cause problems including frustrating browser hangups and crashes. Quite often for beginner users, the only remedy to return the machine to proper working order is to consult a PC technician that can do some basic and advanced diagnostics and scans of the computer. For more immediate users spyware can be removed through completing a simple virus and anti-spyware scan with the proper tools.

Quite often a spyware infection is so bad that only a certified PC technician using advanced techniques for modifying the window system registry can remove the traces of installed spyware. Unfortunately, this process never guarantees a positive outcome; however, it's important to note that a fully qualified technician will have the tools necessary to get your data and files back in working order.

Spyware can generally be very difficult to remove. In fact, even if the removal processes are successful, there's a chance the spyware could return if your system is not adequately protected with a spyware defense tool such as Safer Networking's Spybot Search and Destroy program. Trend Micro's free online antivirus scanner labelled House Call does a superior job at scanning and removing known spyware components from an infected system.

How Spyware Works

The following illustration shows how typical spyware infections work and the resulting effects:

Phase One - Spyware Enters The Computer

Spyware normally enters a PC through this phase. Either the computer user has unknowingly download a file from a website or clicked on a link within a webpage that downloaded an ActiveX control.

The following illustration shows what happens when you click on a link that attempts to install an ActiveX control through Internet Explorer:

Once permission is granted for the piece of software to get installed, the program can make modifications to the Windows registry so that it has the appropriate permissions to be executed on a periodic basis. Again, all this can happen if you click on a link in a webpage too quickly, and your PC is not properly secured with a firewall, real time virus scanner, and antispyware applications.

The second way spyware can be loaded into your system is by installing a third party application that contains known spyware. There is a magnitude of available freeware based programs out there all claiming to serve a functional purpose. Some may claim to make it the most simplest way to store passwords and fill out forms in webpages. Other spyware programs may claim to be an antispyware utility, but actually contain malware based components. Malware is short for the term malicious software, which is illegal software comprised of knock off or look-a-like style components found in legitimate applications. Falcon Antispyware is one example of malware that, when gains entry into a PC system gets loaded with spyware components. Disguised as legitimate software, Falcon Antispyware was made into a piece of malware that used spyware techniques to try and persuade you to purchase the software by rediecting you to a phony website where you could purchase a fake version of the real software. Once infected, the Falcon spyware program displayed an icon in the windows task bar that when provoked informed a user that their PC was infected, and they needed to run security software immediately to remove the infections.

File sharing programs such as Kazaa, Limewire, and BearShare, are all known to be bundled with some spyware components. Although these kinds of programs claim to have no real spyware based components included with them, these types of peer-to-peer file sharing applications are especially loaded with several different spyware components that tracks user's surfing habits while connected to any server the program uses to distributes files, programs, and data through.

Although peer-to-peer applications and file sharing networks are not illegal, if you install any of these programs there will be a considerable slow down in a PC's performance. This performance slow down is not caused by the actual peer-to-peer software, it is caused by the bundled components that install along with the software.

If you run file sharing programs on a regular basis it is advisable for you to run ant ispyware scans at regular intervals to detect any installed spyware components. It is also important to note that a large amount of free ware applications are bundled with some type of spyware and unfortunately the use of those particular application constitute your acceptance of the license agreement accompanied with the software. I highly recommend you to investigate the origin of a particular application before installing it into your system to avoid problems.

To reiterate, if a product claims to be a freeware application, do your homework and search the Internet to find information about the software before you install it onto your system. After all preventative maintenance is about the best medicine for a problem that will never go away.

Phase Two  - Spyware Tracks Your Surfing Habits The More You Use An Infected Program

To understand the second phase of how spyware works you will need to understand the processes behind any spyware based client application. If you install a file sharing program such as Kazaa, you have also installed advertising components and other modules that are indirectly associated with Kazaa. These components are able to track your surfing habits, and collect personal information. Since the spyware is a separate portion of the actual program, you really don't have to run the original Kazaa application to see advertisements because it's not Kazaa that is causing the problem, it is the third party components that are tracking your surfing behaviors.

Unfortunately, this is a global problem, and since there is no real authoritative figure who governs the Internet and the activity will continue to exist and, perhaps, get worse as more people fall victim to spyware threats. So your best defense if your computer is at this Phase is to get rid of the software that you think caused the problem, reboot the computer, and run an antispyware scan.

Phase Three - Spyware Tracks Your Surfing Habits The More You Use An Infected Program

The third phase of how spyware works involves the collection and transmission of personally identifiable information across the Internet. Once spyware components get installed and run on a regularly basis, the components will obtain enough information about you to create what is known as a market profile. This is where your information is then sold back to a larger company who sends you ads based on the criteria included in your market profile. The more spyware spies on you, the more money these advertising companies can make because they are able to direct the most suitable advertisements to your end with hopes of you purchasing the lame product or service being advertised. There are also internet criminals known to prey off the personal information from Internet users. They are more than likely able to steal credit card and bank account information, as well as other financially related information in hopes of financial gain.

Phase Four - Spyware Causes Problems

Obviously phase four of how spyware works is not necessarily limited to the end of the entire cycle. It is more prevalant in all cycles because the more spyware you have installed in the system, the slower your computer is going to run, and the more personal information it can collect. Each spyware installed program eats up portions of memory and proccessor usage often resulting in a user having to restart the machine to solve the problem. Although this procedure may solve the problem, it is normally a temporary solution, as the spyware continues to remain resident the moment you may have restarted the system. As stated in a previous section, common symptoms of a spyware infected computer includes a browser being hijacked,  highly visible 3rd party toolbars showing in the web browser, remote dialer software being activated by somebody across the Internet, as well large variety of unauthorized popup advertising. Since spyware is normally unnoticeable and untouchable during an active Windows session, your sluggish PC will have programs that cannot open or crash unexpectedly. The bottom line is that once spyware has been installed, your PC and personal information is liable to suffer as the aftermath. You will need to ensure your PC's is equipped with an antispyware utility that can be used to remove spyware from a system.

How To Identify An Infected PC

Spyware can trick you into thinking you are getting a program that simplifies a particular computer task Unfortunately, these "make it easier" programs add extra functionality to your computer and simplify how you surf the web, they are most likely spying on you at the same time tracking your surfing behaviours, tracking the websites you visit, among other things. It is not always an easy thing to do when identifying an infected PC.

If you are having problems viewing websites through a web browsers chances are your system is infected with spyware.

Performance issues are also an indicator that there's spyware installed in a system. If a PC is running slower then what it used to chances are its infested and you will need to clean out the system with an anti-spyware cleaner.

Get Lost Green Alligator

Gator was a form filling tool developed by the now defunct GAIN corporation and at one point appeared to be a useful form filling application. In fact I used it for many months, before I actually investigated what spyware actually does. The program attempted to save personal information from webpages that a user visits (including and not limited to name, address, phone number, username and password logins, etc). Since the software was a form filling application it collected information that the end user inputted, thus fueling the advertising components within the software.

Unfortunately those cute little green alligator eyes and name are quite deceiving. Gator and all GAIN products are spyware or adware because they collect personally identifable information about what you're buying online and track the websites you visit. This information is transmitted back to a central server where ads are delivered to the infected end-user's desktop.

The only thing I liked about the Gator software was when it was completely removed from my system! If you need a program to fill forms for you automatically there are a number of free utilities that do a much better job and do not invade your pivacy whatsoever. One such program is entitled RoboForm, probably the best form filling software ever invented.

Introduction To Cookies

Cookies are tiny data files located on your hard drive that contain information related to websites you visit. For example, a cookie may store your login information for a particular website or certain customizable features of the website you are visiting such as page themes and colors, etc. Most web browsing applications can be setup in such a way to not accept cookies.

Cookies also store configuration settings that are specific to the website you are trying to load. Although cookies pose as a security threat, a good firewall application helps block a possible intruder from obtaining information in the cookies residing on a computer.

Deleting cookies is also one of the best ways to optimize your PC's performance. The more cookie files built up into a system, the harder your web browser is going to need to work to try and fetch websites that you regularly visit.

For some people cookies are an invaluable tool to save time completing repetitive tasks on websites; for other people including large corporations and businesses, cookies tend to pose as a security risk in their entire system infrastructure.

How To Remove Spyware

It is not a difficult to a perform a scan to see if there are any spyware applications installed in a system. There are plenty of free tools that will scan a PC for infections. One such program entitled Spybot Search And Destroy provided by Safer Networking actively scans for known spyware and adware components. This free utility is available as a free download from the Safer Networking website.

PC-cillin Internet Security 2006 Trend Micro's PC Cillin Software does a good job at removing spyware threats in addition to it's top-notch virus removal capabilities.  It is available for a thirty day trial download.

That's the end of this guide.