Beware of Rogue Antispyware and Antipop-up Products
Spyware has become a fact of life for most computer users. From geeks to grandmothers, a bit of innocent web surfing can result in hijacked browsers, invasive cookies, and irritating pop-ups. Most users seek relief through antispyware programs, but if you do not choose your antispyware and pop-up blockers carefully, the cure could be worse than the disease.
If you're looking to combat pop-ups, there are some good free blockers from Google, MSN and Yahoo. The Netscape 7.2 browser has one built in, and the Windows XP Service Pack 2 installation adds one to Internet Explorer. Many good antivirus suites now also come with pop-up blockers, so there is no need to actually buy a pop-up blocker.
The most popular antispyware products are Ad-Aware, Spybot Search and Destroy, and SpySweeper, all of which have free versions (Spybot S&D is donation ware). The free versions will do both scan and clean most spyware, adware and malware, and do a pretty good job. Unfortunately much of their popularity is by word of mouth and a few magazine reviews. However, there is a class of antispyware. Rogue or Suspect antispyware, that advertises through the very pop-ups that they are claiming to remove, and often badger a user with high pressure tactics until they finally agree to accept the download.
One of the hallmarks of these products is that they are free to download and scan, but if you want to clean your system, you must purchase a license. Some of these will produce false positives, claiming spyware infections to further convince the user to purchase the product. The most insidious of the lot, recently called "extortion ware" by some sites, will also use malicious installations, blocking removal and in some cases cause connectivity problems, requiring the user to buy the product to get the uninstaller. In addition, a few of these rogue products will actually be spyware themselves, recording data and reporting back to their vendors sites.
So what do I do?
How do you tell the difference between a legitimate product and a ruse? As a general rule of thumb, if a vendor advertises it rids your system of pop-ups and spyware using a pop-up ad, it should be suspect. Pop-up and banner advertisements often will often claim your system is infected with spyware. While some good commercial antispyware products offer free scans, legitimate ones should not be claiming that they already detec tan infection on your machine. .
According to a survey conducted by WebRoot and AOL, over 90% of computer users have some form of spyware on their machines, so frequent scanning is a necessity. Use one of the free scanner/cleaners first. If you don't know which to use, check magazine sites, such as PC Magazine for reviews.
The website SpywareWarrior.com, lists over 90 applications that have been tested or are suspected to be "products are of unknown, questionable, or dubious value as anti-spyware protection." While not all the products listed on Spyware warrior's site may be bad, you will probably want to steer clear. Another site worth checking out is the Spyware Guide which offers information and tips on spyware problems.
Check out support sites for the experience of others. A Google search on "spyware" will result in dozens of lists and sites. Our March 23rd, 2004 Security Watch Letter featured several free volunteer support sites that deal with spyware and the problems they cause. This article also lists download sources for Ad-Aware and Spybot.
Some of the websites that push rogue antispyware, as well as the ones that spread spyware and malicious code use vulnerabilities in Windows and Internet Explorer to perform "drive by" installs, and display never ending pop-ups . Keeping your PC up-to-date is an easy way to minimize becoming a victim. Since some antivirus products block spyware as well, keeping those up to date helps, as well. If you're AV is out of date, or you need a 2nd opinion, check out our list of free antivirus resources.
Spybot S&D, SpySweeper, and some other reputable products also can inoculate your system against some of these sites. We featured a simple, but effective way to use the Windows security zones and a list of malicious sites to block scripted attacks in our June 22, 2004 issue of Security Watch Letter. The Spyware Guide site also offers a free list you can import to block malicious sites.
Blocking Pop-ups is another way to avoid problems. If you use another operating system, or haven't applied Windows XP SP2, consider installing a 3rd party blocker from MSN, Yahoo, or Google. These utilities won't block the pop-ups from the Windows messenger service (normally plain gray Windows message boxes), but our Nov 11th, 2004 tip can provide some guidance on blocking these messages. However, if your system is up to date, you won't need this tip.
If you find yourself in a situation where you are being harassed by endless popups trying to get you to buy a product (whether it's antispyware, gambling or porn) and you can't close your browsers fast enough, try these tips.
If you've got so many browser windows open that Windows has made a group on the toolbar on the bottom, right click on it and select Close Group. If this doesn't work, close and save all other programs. If you're on a dialup, close the connection. Either click on the Start button and select Shut Down, or press control–alt-delete and select Shut own. When the Shut Down window pops up, select Restart. When your system restarts, your browsers should be gone. If you turn off Scripting in Internet Explorer, or apply SP2 (Win XP users only), this will also prevent whack-a-mole windows.
Keeping your system clear of spyware, adware and malicious programs takes diligence and user awareness. Most users that complain about pop-ups and spyware are unaware of how this stuff gets on their machines. Pay attention to requests to download software to your machine. Don't agree to anything until you read the End Use License Agreement (EULA). If something sounds fishy, close the browser.
< Back Next >
Copyright Larry Selzter PC Magezine