Infectious agents: a growing number of uninvited guests are pushing their way onto your PCs. Here are the latest antidotes

Entrepreneur, Sept, 2004 by Mike Hogan

LIKE THAT UNEMPLOYED BROTHER-in-law who just wanted to crash on your couch for a few days, chances are, spyware has moved onto your business's PCs and won't go away. In fact, it's probably having adware and Trojans over for a few brewskies.

As with most uninvited guests, there doesn't seem to be a surefire way to get rid of spyware and its buddies permanently. Your anti-virus software will turn away its rowdier friends, and your firewall will keep spyware and its cousin, adware, from broadcasting your most personal details back to their puppet masters, which is no small thing. Trojans in spyware figured prominently in the $2.4 billion that Internet scammers stole from consumer bank accounts between spring 2003 and spring 2004, reports technology research and consulting firm Gartner.

But traditional security solutions can't prevent these intrusive programs from sneaking onto your PC in the first place through spam, supposedly legitimate Web sites, "free" host programs, and a limitless number of other ruses. Once comfortably ensconced, "intrudeware" can still rifle through your directories; hijack your browser; change your search engine; pop up ads; plant unwanted toolbars, cookies, favorites, DLLs and registry entries on your PC; and rtm enough junk in the background to trash your system resources.

Experts estimate intrudeware is already partying on 90 percent of all PCs, and Dell identifies it as its leading tech support problem. Large ISP Earthlink and spyware blocker Webroot Software teamed up to audit 1.5 million customer PCs; they uncovered an average of 28 spyware/adware exploits and three of the more dangerous Trojan vulnerabilities per machine. While it's been seeping into Internet-connected PCs for years, the leaks have turned into gushers now that thousands of Internet bots have been let loose to find vulnerable PCs to "blast into," says Roger Thompson, vice president of product development for spyware cleaner PestPatrol in Carlisle, Pennsylvania.

And word's out that there's money to be made with pop-up ads and other contextual marketing schemes. While adware lawyers nuance the proposition that your teenager can give informed consent for the takeover of your system, adware companies mix serious financing with hacking techniques to produce new ways to mine your personal data and force-market you. These are commercial ventures with business plans, investment bankers and big-name ad clients, says Thompson. They may also have offshore addresses, front companies and third-party buffers so their ad clients can plead ignorance of their distribution methods.

Let this stuff build up, and it can open your computers to corruption or slow them to a crawl as it did to the PCs of several acquaintances of mine. When I sat down in front of one of these PCs, it took two minutes for a mouse click to produce action. After manually uninstalling the spyware clogging its memory and taskbar, it only ran as fast as an Intel 486.

A disabled Internet connection prevented me from downloading any spyware removal utilities. I've since nm a dozen or more on a variety of infected PCs and found them remarkably easy to use, quick acting and technically innovative. But you'll need a combination, depending on the specific bugs attacking you.

The most popular adware antidote is Ad-Aware (www.lavasoft.de), while Spybot-Search & Destroy (www.safernetworking.org) and Spy Sweeper (www. webroot.com) stay memory resident to "inoculate" you against attack. You may find Spyware-B/aster (www.javacoolsoft ware.com) more effective against ActiveX attacks, or that you need a single-purpose solution like CWShredder (www.lurkhere. com) for certain browser hijackers (BHOs). When all else fails, scanners like Hijack-This and StartupList (see "Find the Mole" for download sites) or Starter (http:// codestuffcjb.net) create snapshots of your system fries to send to help blogs.

Fortunately, you can download and try most intrudeware antidotes before you buy, and many, like PestPatrol (www. pestpatrol.com), have networkable versions. But bad code is mutating so quickly that an ultimate solution may never appear. That's not the fault of intrudeware killers. Holes in ActiveX, Internet Explorer, Microsoft Java Virtual Machine and other Windows components give most malware easy openings.

Don't hold your breath waiting for that to change. Ditto for the legal remedies that Congress, the FTC and state legislatures are formulating. They'll help a little, says Steve Thomas, founder and CEO of Boulder, Colorado-based Webroot, but history shows the government can't protect our PCs for us. We may as well resign ourselves to yet another security arms race, says Thomas, forcing us all to maintain firewall, anti-virus and now anti-spy scanners going forward.

Victim reports in online help chat rooms convince me we'll all need multiple intrudeware blockers constantly updated, frequent scans, and a more intimate knowledge of Windows system files.

FIND THE MOLE: These sites provide updates on new spyware threats, free antidotes and help.