Tightening up system security, keeping up to date with security patches, and engaging in safe Internet usage are the three main ways to prevent spyware from entering your computer system. Many of these techniques rely on each other to maintain overall good system security. Don’t rely on just one or two. Use most, if not all, of these techniques. You will end up with a much healthier computer.

[hidepost=1]

Administrator Accounts

It is wise to password protect all your administrator accounts as well as the administrator user account named “Administrator”. There are some forms of spyware and malware that have been spread through these accounts thanks to blank password fields. It is recommended that you use at least an 8-letter/number combination.

You can access user account information in Windows XP by going into the Control Panel > User Accounts. Select a user account and click “Change my password”. Follow the onscreen instructions. In order to change the Administrator account’s password, you will have to boot up into safe mode. Restart the machine and before the windows loading screen appears, press F8. You should then be given a menu of choices. Choose “Safe Mode”. Make sure that you do not allow a system restore if you should be prompted. Next, proceed to the User Accounts as before to change the password.

In Windows 2000, go to Control Panel > Users and Passwords, select the user account and click “Set Password”. Enter the new password in the dialog box that appears, hit ok after you’re done, and hit ok on the “Users and Passwords” window.

ActiveX Security and Safety

Show Caution With ActiveX Controls and Plug-ins. In IE, go to Tools > Internet Options > “Security” tab > Custom Level. Under “ActiveX controls and plug-ins,” set the first two options (“Download signed ActiveX controls” and “Download unsigned ActiveX controls”) to “prompt”, and “Initialize and Script ActiveX controls not marked as safe” to “disable”.

From now on, each time that ActiveX objects want to be executed or installed will alert you with a dialog pop-up. “Yes” will allow the ActiveX object to do its thing, while “no” will stop it from executing and/or installing. You must read every “offered” ActiveX download carefully before you decide to accept it. If it says something to the effect that it will enhance your browsing experience or searching ability, this is a huge red flag, and should not be downloaded and/or executed.

Block Adservers & Spyware Servers

There is an available HOSTS file for your use with common adservers and spyware servers blocked in the appendix of this book. This file contains general ad and spyware servers and does not block site-specific ads (such as ads hosted on the same server as the website). By blocking the server, the ads/spyware never get downloaded onto your computer because the request never actually goes out over the Internet; the request is routed directly to 127.0.0.1. Note that by blocking adservers, you may be depriving website owners from income that keeps their site up and running.

A second effective method to block servers and web addresses is to use Sunbelt Personal Firewall’s (formally Kerio Personal Firewall) built-in web tools (note that this is only available for free as a limited trial). Unlike the hosts file, Sunbelt’s server blocking feature allows for wildcards in domain addresses. For instance, instead of having these entries in your hosts file:

127.0.0.1 ad1.thisadserver.com
127.0.0.1 ad2.thisadserver.com
127.0.0.1 ad3.thisadserver.com
127.0.0.1 ad9.thisadserver.com

Sunbelt can shorten this and cover a lot more entries by adding this line of code: ad([isx0-9].*)?.. *.. * It will block any addresses that start with “ad”, followed by a number between 0 and 9.

Browsing & Downloading Habits

A majority of the spyware, malware and adware usually gets installed from visiting certain websites. These “underground” websites can contain pirated software and cracks, pornography, or game cheats. Surprisingly enough, game sites devoted to flash/shockwave/java games are also major sources for spyware and malware.

Sometimes malware is downloaded directly into your browser cache without your knowledge. If it is a worm, Trojan or virus, real-time AV scan programs can sometimes catch it, however, detection is never 100%. Your best bet is to avoid these “shady” sites.

Whenever you download and install a program from the Internet, it is often a good idea to run virus and spyware scans on it if you are not sure if it contains spware/malware/adware. Some P2P sharing networks, KaZaa being a prime example, have been loaded with all sorts of malicious files, so it may be wise to stave off the downloading from P2P networks that are overrun with junk. Also, should you choose to run P2P applications, make sure that you do not share your entire hard drive. This is a huge security risk, on your part, if everything that is on your computer is made available for download.

Email Safety

Protect your email address like you would your phone number. This helps cut down on spam and other junk that comes through email. The same goes for your IP address, especially if its static.

Never open email attachments when you aren’t expecting them, and especially from people or email addresses you do not recognize. Either one can potentially contain a virus, trojan or worm. Some forms of malware can access a user’s address book and spam all the contacts with spam and malware through the user’s email account.

If you need to attach a file to an email, make sure you include a description of what the attachment is somewhere in the body of the email. For example, “I am attaching 2 pictures of Bill’s wedding” or “I am attaching a copy of my resumé in Word 2000 format.” Just make it simple, yet descriptive enough so that the email recipient knows what to expect.

There is a problem with emails that arrive in HTML format. With most legitimate sites, it’s no big deal, but with HTML spam, there can be all sorts of junk code in the background that you really wouldn’t want running. There are a few methods to stop this from happening. The first is to disable your email preview pane (found in Outlook, Outlook Express, Mozilla, Netscape, and a few other email clients). If you’re using outlook, go to View and uncheck “Preview Pane”. In OE, go to View > Layout and uncheck “Preview Pane”.

Another option would to go in “Offline” mode after you have finished downloading your messages. That way, if any HTML emails need to go out to the Internet for pictures or whatnot, they can’t because the mail client has gone “Offline”. The last option would be to turn off HTML all together and only accept plain text. In Outlook, go to Tools > Options > “Preferences” tab > E-mail options and check “Read all mail as plain text”. In OE, go to Tools > Options > “Read” tab and check “Read all messages in plain text.

Hidden File Extensions

By default, Windows hides all file extensions for recognized file types (jpg’s, exe’s, zip’s, etc.). This makes it easy for executable malware files to be disguised as a recognized file that doesn’t look harmful. To reveal all file extensions, open up “My Computer” > Tools > Folder Options > “View” tab and uncheck “Hide extensions for known file types.

For example, with file extensions hidden, a file could display as “destroysys.jpg”, a harmless enough looking image, but really be “destroysys.jpg.exe,” an executable that may do an untold amount of system damage. Windows allows periods in filenames, so someone could give the file a false extension, misleading a user to think that the file is something that it’s not. It’s important to know what extensions mean; you can’t just depend on what the file icons look like. Those can be changed easily enough.

FILExt (www.filext.com) is a site that contains information on file extensions, as well as a file extension database.

IE AutoComplete Security Risk

IE’s AutoComplete feature enables users to begin typing website addresses, usernames, passwords, and passwords and have them automatically filled in if they have been entered before. This offers convenience and saves a little time while browsing. However, the downside is that it can be a security risk. Everything that was just mentioned can be accessed by someone using your computer, and sometimes by some forms of spyware. This will allow people to see what sites you have been visiting, gather personal information, and go as far as impersonate you to a degree.

To access the AutoComplete options, open up an IE window and go to Tools > Internet Options > “Content” tab > AutoComplete. Anything that has been checked will be remembered and saved.

IE Search Toolbars

No matter what kind of search toolbar you install I guarantee it has some form of spyware in it. Yes, even the praised Google toolbar that acts as both a search bar and pop-up blocker. It is, however, one of the better pop-up blockers out there. Windows XP SP2′s pop-up blocker is defiantly way too restrictive even with the default settings, so even legitimate pop-up windows are blocked. Google toolbar seems to have a good balance. As for it containing spyware, take a look at this image from the installation procedure:

If you take a close look at the bottom where you have to make a selection to enable or disable something, you’ll notice that enable says, “Anonymous information will be sent to Google.” Translation: statistics on your browsing habits will be sent back to Google. This is a form of data collection. Make sure when you install Google toolbar that you hit “Disable”.

Most toolbars have some sort of spyware or adware bundled. There is yet to be a search bar that is totally free of spyware and adware. Suggestion: avoid them when possible, although there are a few reasonable exceptions, such as Google toolbar.

Install a Firewall

Basic firewalls have two uses. The first is to monitor connections and programs requesting access to the Internet, which is referred to as an application firewall. This is a good way to see which programs are trying to access the Internet. It’s somewhat surprising to find that most applications actually ask for Internet access at one time or another. Application firewalls usually have 4 basic settings: allow this time, always allow, don’t allow this time, and never allow. These four options give the user the power to control which programs are allowed to access the Internet. It is also a good way to detect spyware that may be floating around on your system. Most often, they request Internet access at one time or another to “phone home”.

The second basic use of a firewall is to block certain forms of spyware and malware, protect from DoS attacks, block random, unrequested, or “background noise” traffic coming from the Internet, all of which can be accomplished for the most part by closing ports from outside intrusions.

In most cases, a single firewall can take care of both situations. Sygate Personal Firewall, Sunbelt Personal Firewall, or ZoneAlarm would be adequate protection. Windows XP SP2’s Internet Security is very good as well, however, it would not be wise to rely solely on this high profile target. First, it is far less customizable than other solutions and tends to be too restrictive, as to the traffic it is blocking. Second, when something is widely used, malicious software writers usually target the largest base of attack, namely, the Windows platform. The long short of it, use a firewall that doesn’t come with the Microsoft tag. It would also be wise to avoid Norton Security products. Newer versions (2002 and above) have been known to cause an array of random issues with Windows XP. Also avoid “System Utility”, or all-in-one packages. They may appear to help, but more often than not, they actually end up causing headaches and have a huge negative impact on your system by eating up system resources. All of the extra and unnecessary “stuff” that is added to the software package is really a bloated set of applications that can be replaced, most of the time, with either freeware or shareware applications that have smaller footprints (meaning, they are not resource hogs).

In any case, if you don’t have a firewall installed, your computer is completely open to attack. In less than 20 minutes, your computer will be full of all sorts of junk, and your security and privacy will be compromised. A firewall is one of the best pieces of software you could install on your system as a preventative measure to spyware and malware infestations.

JVM Security

Make sure your installation of JVM is up to date. There are some well-known security holes in Microsoft’s JVM that can be exploited by browser hijackers. It helps to replace Microsoft’s JVM with Sun’s official JVM. The JRE downloads are for everyday users, while the SDK downloads are for Java developers and programmers.

Software Updates & Patches

Make sure to check for updates for security programs (firewalls, spyware removal tools, and AV tools), your web browser, and Windows often. They usually contain security fixes that would otherwise be open to exploitation.

Use an Alternative Browser

To be concise, avoid using Internet Explorer. It can be a huge magnet for spyware, adware, malware and various hijacks. Just because IE comes preinstalled on your system doesn’t mean it has to be used as your primary browser. The reason IE is such a huge magnet is because of its wide user base.

Alternative browsers contain changes in the speed of browsing, caching, and the way image loading is handled, which are also significant advantages over IE, but lack ActiveX support. Opera and Firefox are two of the most popular alternative browsers. As long as IE is not being used, it is a good choice. There are also a small number alternative browsers that are based on IE, and often have many of the same security exploits that can be taken advantage of as in IE. They should be avoided. Firefox and Opera are the two major accepted alternative browsers that are available for use. However, a note about Firefox: since it is growing in popularity and becoming the second most used browser, it is starting to become a target for adware, spyware and malware. Regardless of the browser you use, keep it up to date against vulnerabilities.

Web pages that still use browser recognition scripts will sometimes force you to use IE on their webpage saying something to the effect of “This webpage does not support your browser.” In other instances where there may not be a recognition script, the page will simply appear not to work correctly. In cases like these, yes, you will need to use IE for the time being. Luckily, this does not happen often and many good web designers are moving towards using coding standards, rather than using sloppy browser-specific coding.

Windows Processes

Check up on what is running in the system processes in the task manager (right click on toolbar > Task Manager > “Processes” tab). Pay special attention to executables (*.exe files). If you don’t know what it is, try running a search for it at www.processlibrary.com or on Google.

[/hidepost]

Like what you read?

If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below: