A frequently heard
question is "how on earth did I get infected with all that
Spyware in the first place?" Well, you usually get infected because
your security settings are too low. Here are a number of
recommendations that will help tighten them, and which will
contribute to making you a less likely victim:
- Watch what you
download!
Many freeware programs, and P2P programs like Grokster,
Imesh, Kazaa and others are amongst the most
notorious, come with an enormous amount of bundled Spyware that
will eat system resources, slow down your system, clash with other
installed software, or just plain crash your browser or even
Windows itself.
- Go to Internet
Explorer -> Tools -> Windows Update ->
Product Updates, and install ALL Security Updates
listed.
It's important to always keep current with the latest security
fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your
installation of Java VM is up-to-date. There are some well known
security bugs with Microsoft Java VM which are exploited regularly
by browser hijackers.
- Go to Internet
Options -> Security -> Internet, press
"default level", then OK.
Now press "Custom Level"
In the ActiveX section, set the first two options
("Download signed and unsigned ActiveX controls) to
'prompt', and 'Initialize and Script ActiveX controls not
marked as safe" to 'disable'.
Now you will be asked whether you want ActiveX objects to be
executed and whether you want software to be installed. Sites that
you know for sure are above suspicion can be moved to the Trusted
Zone in Internet Option/security.
So why is ActiveX so dangerous that you have to increase the
security for it? When your browser runs an ActiveX control,
it is running an executable program. It's no different from
double clicking an .exe file on your hard drive. Would you run just
any random file downloaded off a web site without knowing what it
is and what it does?
And some more advice:
- Install
Javacool's SpywareBlaster
It will protect you from all spy/foistware in it's database by
blocking installation of their ActiveX objects.
Download and install, download the latest updates, and you'll
see a list of all spyware programs covered by the program
(NOTE: this is NOT Spyware found on your computer).
Press "select all", then "kill all checked",
and you're done. The Spyware that you told Spywareblaster to set
the "kill bit" for won't be a hazard to you any longer. Although it
won't protect you from every form of Spyware known to man, it is a
very potent extra layer of protection. Don't forget to check for
updates every week or so.
There's a board at Wilderssecurity
as well.
Let's also not forget that SpyBot Search and Destroy
has the Immunize feature which works
roughly the same way.
It can't hurt to use both.
- Another brilliant
program by Javacool we recommend is SpywareGuard.
It provides a degree of real-time protection solution against
Spyware that is a great addition to SpywareBlaster's protection
method.
An anti-virus program scans files before you open them and prevents
execution if a virus is detected - SpywareGuard does the same
thing, but for Spyware! And you can easily have an anti-virus
program running alongside SpywareGuard. It now also features
Download Protection and Browser Hijacking Protection!
- IE-SPYAD puts over 5000 sites in your
restricted zone, so you'll be protected when you visit
innocent-looking sites that aren't actually innocent at all. Take a
look at:
http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD
And another site with an enormous amount
of information on computer security, and which is well worth a
visit is http://www.wilders.org/
Finally, after following up on all
these recommendations, why not run Jason Levine's
Browser Security
Tests. They will provide you with an
insight on how vulnerable you might still be to a number of common
exploits.
|
