Click to Print

Infectious Agents

A growing number of uninvited guests are pushing their way onto your PCs. Here are the latest antidotes.
September 1, 2004
URL: http://www.entrepreneur.com/article/72196

Like that unemployed brother-in-law who just wanted to crash on your couch for a few days, chances are, spyware has moved onto your business's PCs and won't go away. In fact, it's probably having adware and Trojans over for a few brewskies.

As with most uninvited guests, there doesn't seem to be a surefire way to get rid of spyware and its buddies permanently. Your anti-virus software will turn away its rowdier friends, and your firewall will keep spyware and its cousin, adware, from broadcasting your most personal details back to their puppet masters, which is no small thing. Trojans in spyware figured prominently in the $2.4 billion that Internet scammers stole from consumer bank accounts between spring 2003 and spring 2004, reports technology research and consulting firm Gartner.

But traditional security solutions can't prevent these intrusive programs from sneaking onto your PC in the first place through spam, supposedly legitimate Web sites, "free" host programs, and a limitless number of other ruses. Once comfortably ensconced, "intrudeware" can still rifle through your directories; hijack your browser; change your search engine; pop up ads; plant unwanted toolbars, cookies, favorites, DLLs and registry entries on your PC; and run enough junk in the background to trash your system resources.

Experts estimate intrudeware is already partying on 90 percent of all PCs, and Dell identifies it as its leading tech support problem. Large ISP Earthlink and spyware blocker Webroot Software teamed up to audit 1.5 million customer PCs; they uncovered an average of 28 spyware/adware exploits and three of the more dangerous Trojan vulnerabilities per machine. While it's been seeping into Internet-connected PCs for years, the leaks have turned into gushers now that thousands of Internet bots have been let loose to find vulnerable PCs to "blast into," says Roger Thompson, vice president of product development for spyware cleaner PestPatrol in Carlisle, Pennsylvania.

And word's out that there's money to be made with pop-up ads and other contextual marketing schemes. While adware lawyers nuance the proposition that your teenager can give informed consent for the takeover of your system, adware companies mix serious financing with hacking techniques to produce new ways to mine your personal data and force-market you. These are commercial ventures with business plans, investment bankers and big-name ad clients, says Thompson. They may also have offshore addresses, front companies and third-party buffers so their ad clients can plead ignorance of their distribution methods.

Let this stuff build up, and it can open your computers to corruption or slow them to a crawl as it did to the PCs of several acquaintances of mine. When I sat down in front of one of these PCs, it took two minutes for a mouse click to produce action. After manually uninstalling the spyware clogging its memory and taskbar, it only ran as fast as an Intel 486.

A disabled Internet connection prevented me from downloading any spyware removal utilities. I've since run a dozen or more on a variety of infected PCs and found them remarkably easy to use, quick acting and technically innovative. But you'll need a combination, depending on the specific bugs attacking you.

The most popular adware antidote is Ad-Aware, while Spybot-Search & Destroy and Spy Sweeper stay memory resident to "inoculate" you against attack. You may find Spyware-Blaster more effective against ActiveX attacks, or that you need a single-purpose solution like CWShredder for certain browser hijackers (BHOs). When all else fails, scanners like HijackThis and StartupList (see "Find the Mole" for download sites) or Starter create snapshots of your system files to send to help blogs.

Fortunately, you can download and try most intrudeware antidotes before you buy, and many, like PestPatrol, have networkable versions. But bad code is mutating so quickly that an ultimate solution may never appear. That's not the fault of intrudeware killers. Holes in ActiveX, Internet Explorer, Microsoft Java Virtual Machine and other Windows components give most malware easy openings.

Don't hold your breath waiting for that to change. Ditto for the legal remedies that Congress, the FTC and state legislatures are formulating. They'll help a little, says Steve Thomas, founder and CEO of Boulder, Colorado-based Webroot, but history shows the government can't protect our PCs for us. We may as well resign ourselves to yet another security arms race, says Thomas, forcing us all to maintain firewall, anti-virus and now anti-spy scanners going forward.

Victim reports in online help chat rooms convince me we'll all need multiple intrudeware blockers constantly updated, frequent scans, and a more intimate knowl-edge of Windows system files.

FIND THE MOLE
These sites provide updates on new spyware threats, free antidotes and help.
  • Counterexploitation: Web ring with support boards for spyware victims
  • NiceFiles: A site that is complementary with SpywareInfo offers free downloads of popular anti-spyware programs
  • PC Pitstop: A free Web-based scan by this adware foe suggests ways to harden your PC settings
  • SpywareInfo: Spyware blog and download site for HijackThis and StartupList, which catalog different system settings in text files that can be sent to help boards
  • Spyware Warrior: Spyware blog reports on new exploits and the efficacy of spyware scanners
  • Starter 5.6.1.38: Full-color utility listing all Windows startup processes, including hidden registry entries

is Entrepreneur's technology editor.