Feature
News
8/2/2004
04:39 PM
50%
50%

Special Report: Readers Take The Offensive Against Spyware

Chances are, your users' machines are swarming with spyware and adware. Learn about the most-effective strategies that InformationWeek.com readers are using to combat spyware.

Special Report Table Of Contents:
Introduction
What Is Spyware And Why Should IT Care?
Readers Share Their Spyware Strategies
Strategy 1: Tools, Tools, And More Tools
Strategy 2: Developing Enterprisewide Strategies
Download Software Recommended By Our Readers


Strategy 1: Tools, Tools, And More Tools

The good news for PC users and IT departments is that there are many tools, including free downloads, for combating spyware/adware.

Two popular go-to tools for removing offending software are Ad-aware and Spybot Search & Destroy. Both pieces of software maintain lists of spyware--updated regularly--and conduct simple scan-and-remove processes to clean up individual systems. Best of all, basic versions of both Ad-aware and Spybot are free, leaving PC users no excuse to keep their machines free of unwanted spyware.

"Ad-aware 6 and Spybot Search & Destroy have proved to be most effective," says Rob Reintges, IT/production manager, MGP Direct Inc., of his company's spyware-cleansing experiences. "That, and educating users about the dangers of downloaded software and games and opening E-mail attachments from unknown sources."

According to Reintges, keeping spyware under control in a corporate environment is possible if IT remains vigilant. "I try to follow good security procedures and protocols," he says. "Every PC has a firewall and antivirus software. Both are kept up to date, and we make sure patches are applied. I make sure folks are aware of any new and nasty threats and keep them informed. That's been working for us so far."

Also growing in popularity is SpywareBlaster, another free program. The difference with SpywareBlaster is that it works to keep spyware off your system in the first place, preventing known adware and spyware software from installing. Using SpywareBlaster on the front end and Ad-aware and Spybot on the back end is proving a good solution for many users.

There is a plethora of other tools for finding and removing spyware. Additional reader recommendations include HijackThis, PC Bug Doctor, RegScrub XP, and Spyware Eliminator. (Learn more about these tools in this report's Downloads section.)

The good news is that these tools generally get the job done. "Spyware is easy to eradicate because of the available tools," says Professional Network Services' Lombardi. "At the same time, I think that user education is the key to stopping it. Once spyware receives the exposure that [today's] constant virus attacks receive, people will be more aware and use the available tools to combat it."

Yet many readers also report they've had to resort to more manual processes for ridding machines of spyware. Common practices include examining and editing the system registry or actively tracking the processes that are live and running on a particular system. Such manual processes can be tricky and often involve cross-referencing against a list of known spyware identifiers located through a Google search. But when a system is struck with a particularly onerous problem, manual removal is often the strategy of last resort.

"Periodically, the spyware is of a nature that one of the above will not find it," says Charlie Dias, systems manager, HesseReynolds Sales. "In that case, I need to do a review of the registry and edit it to manually remove the offenders. If I cannot locate the offending software, then I need to restore the registry to an earlier time. Some browser hijackers embed themselves so deep, this is the only way to get them out."

Reports another reader: "As far as fighting these things, Spybot seems to work as well as anything. But I also have begun looking at running processes and doing a manual search of the registry for strange entries under RUN or RUNONCE, just in case it's a new strain of spyware."

As in the virus world, many spyware writers focus their efforts on Windows environments, finding sneaky ways to install and hide software deep within the operating system and registry. One reader even claimed that Windows XP's self-monitoring features make it easier to sneak spyware onto the system.

"Windows XP reports back to the mother ship [Microsoft], and with so many bug fixes, patches, and [other self-healing processes], it is easy to jump into the RPC as another SVCHOST and be undetected," Dias says. Dias prefers to keep his systems--at work and at home--on Windows 98, calling it "the most stable OS platform and also very easy to track, observe, and remove these things. Windows XP is the easiest to hide these things in. These things can easily be disguised as one of the many normal processes of XP."

The worst problem Dias has ever dealt with: a PC with 592 spyware instances on it. Another time, he completed a Spybot cleansing but still went in to manually edit the registry.

"In reviewing the registry, I still removed 22,000--yes with three zeros--registry-tracking entries of visited sites that were collected and I had to remove manually. Between Spybot and myself, we reduced the registry from about 130,000 entries to around 62,000 entries."

Previous
4 of 6
Next
Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 16, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.