1. Your computer suddenly becomes very slow

2. Your computer begins to crash often and crashes without any apparent reason

3. Pop-up advertisements appear - sometimes even after you close your Browser

4. Your Browser’s Home Page is changed, without your knowledge or consent

5. Your Browser’s Search Engine is changed without your knowledge or consent

6. You find new Icons that you did not install, on your Desktop or TaskBar or Browser

7. You will also start receiving an increased number of e-mail that address you by name, as if the sender knew you personally! That is when Spyware has already collected information about you! This is a sure sign that your computer needs a Spyware check immediately!

8. Finally (and we pray you never get to see this happen!!) you can be sure your computer is compromised, if there are inexplicable (and usually large) purchases that you have made with your Credit Card, find a large sum of money withdrawn from your Bank account (and you do not having the foggiest idea of having withdrawn/ spent the money!!) or find that your Paypal funds have strangely and suddenly gone down!!

It is impossible to say whether a program you have purchased from a store or downloaded from the Internet contains Spyware, merely by looking at it. However, AntiSpyware and AntiVirus programs, if installed and up-to-date, will scan the downloaded file and issue a warning, if it is infected.

This is an easy one: the problem of Spyware is definitely getting worse. Not only are more Spyware doing the rounds, they use more difficult-to-detect technologies as well.

Certainly. Both Viruses and Spyware are installed surreptitiously onto your Computer.

The most common method adopted by Spyware creators is to covertly have their hideous creations install themselves on your computer, when you install other programs – such as Music or Video sharing programs. One of the most common techniques adopted by Spyware makers to dig into your confidential information is called Keylogging, i.e., intercepting the passwords that you type in, when you log into confidential sites - for example, your Credit Card/ Bank/ Paypal account.

Another method adopted by Spyware is by collecting the URLs of the sites you visit, so as to analyze your browsing habits and target you with advertisements that the Spyware deems fit!

Yet another method used by Spyware is to scan documents on a computer's hard disk. This information is used by the makers of Spyware to rob the user of his/ her money or conduct other illegal activities. Targeting the user for advertisements based on data on the user’s hard disk (under the assumption that the user would be tempted to go in for the products or services offered by such targeted advertisements) is one of the least harmful faces of Spyware!

Not at all! Not all advertisement-inclusive software are Spyware – you may actually prefer to let a few advertisements appear when you run a software, for example if it makes the software significantly cheaper - or even completely free! However if the software goes about collecting your confidential information or begins to track your browsing habits or does nefarious stuff – without your explicit consent or even knowledge, it certainly isn’t up to any good!

As mentioned earlier, many well-known companies incorporate 'Spyware' into their products. For example, if you purchase a hp Printer, the installation program tracks the date you installed the product, so as to remind you that its warranty is due to expire, 30 days before expiry. Although they are technically Spyware since they do not have the explicit sanction of the user, they are not really spyware, as they do not harm you in any way. As long as the data isn’t used to dupe you of your money or peace of mind, calling it Spyware would be too harsh!

For more information on Spyware, check out the link, http://www.antispywarecoalition.org/documents/DefinitionsJune292006.htm

Interestingly, the answer is Yes! Symantec have recently (August 2009) taken the initiative to bring out a list of 100 'Dirtiest' Websites, in terms of infections. The selection is based on number of threats detected by their top-notch Security product, Norton Safe Web.

The Methodology used is briefly explained as;

"To find the dirt, Norton Safe Web crawls the Web and performs analysis of millions of sites, and benefits from a network of more than 20 million Norton Community Watch members that automatically submit suspicious URLs for analysis in real-time. The list of the top 100 Dirtiest Web Sites of Summer 2009 was compiled based on number of threats detected by Norton Safe Web as of August 2009."

Here is a brief of the 'Filthy Facts':

• Average number of threats per site on the Dirtiest Websites list is roughly 18,000, compared to 23 threats per site for all sites rated by Norton Safe Web

• 40 of the Top 100 Dirtiest Sites have more than 20,000 threats per site

• 48% of the Top 100 Dirtiest Web sites feature adult content

• 3/4 of the Top 100 Dirtiest Web sites have distributed malware for more than 6 months

• Viruses are the most common threat represented on the Dirtiest list, followed by Security Risks and Browser Exploits

Here is a link to the page: http://safeweb.norton.com/dirtysites - DO NOT visit any of the sites listed therein!

A Zero Day strike refers to the first day that a new Virus or Spyware strikes Computers, usually on a large scale. This is a much-feared attack, for, at such times, nobody (except the makers of the Virus/ Spyware) knows how to remove it! Traditionally, AntiVirus and AntiSpyware programs work by identifying and removing known threats, but a Zero Day strike is something that is not noticed by them! As a result, Zero Day strikes usually leave large numbers of Computers dead across large parts of the globe, travelling undetected across continents in the blink of an eye. Today’s fast Internet access speeds help such strikes proliferate at dizzying speeds, covering entire continents in their wake.

Thus, even though your Operating System, AntiVirus, AntiSpyware and other programs are up-to-date, a zero day strike can leave your network crippled. There is worse to come: Security products manufacturers need time – usually a few days, sometimes as much as a whole week, before they are in a position to release an update to their products: an update that can remove the zero day virus and repair your Computer, restoring it to its former, healthy status!

Despite the outlook being gloomy, there are a couple of things you can do, so as to minimize the chances of catching a zero day virus. Here are the things you can do:

1. Keep Security up to date. Today, many AntiVirus and AntiSpyware programs check for updates every 15 minutes of so – and download them, if available, from the vendor’s website. Norton AntiVirus products Norton AntiVirus 2009, Norton Internet Security and Norton 360 have what they call “Pulse Updates”, which checks with the Symantec server every 15 minutes of so.

2. Keep an eye on your Computers. Virus-infected systems will behave abnormally: the earlier you spot erratic systems, the better your chances of emerging with minimum damage. This is even more true with Zero Day strikes: your Security products will not show any infection, therefore you need to play it by the ear! Following are tell-tale symptoms of what could be a zero day attack:

   1. A sudden increase in the time one or more Computers take, to shut down and/ or start up

   2. A sudden increase in Internet Bandwidth consumption from one or more machines on the Network

   3. A sudden slow-down in Internet and/ or Network speeds

   4. A sudden increase in unusual error messages

   5. A sudden spurt in Computers misbehaving, freezing and/ or crashing

   6. More than one of the above symptoms

3. If you notice any abnormal activity on one or more machines, immediately plug those machines out of the Network – physically pull out their Network Cords even, so as to minimize the chances of the suspected Virus/ Spyware spreading to other Computers on the Network too

4. Keep an eye on Security News. At WellOiledPC, we have made this easy for you by linking up with Symantec: virtually every page carries Symantec Alerts, which is updated in real time with the Symantec Server! You can help make the world a safer place for computing too, by writing in to Symantec, AVG and other Security product vendors, explaining the abnormal behavior of your Computers!

5. Install Host Intrusion Prevention Systems or Host Intrusion Protection Software: these do not rely on ‘Lists of definitions’ or ‘Signatures to block viruses’. Instead, they identify threats by analyzing the behavior of your system. They work on Rules-based Monitoring, thus preventing intruders from making unwanted changes. With well-written rules, the chances of stopping a Zero Day attack are a lot better than traditional Security products.

6. The more recent Security products heuristically assess potential system damage by studying what a piece of newly-downloaded code can do to your system. Symantec products Norton AntiVirus 2009, Norton Internet Security and Norton 360 work on a mixture of heuristic and list-based identification methods.

7. Monitor Internet and Systems usage – this is information useful if you need to call in experts for analysing what you feel could be a serious breach!

8. Keep a list of dangerous Websites and block the URLs of such websites. Click here for a list of 100 most Dangerous Websites!. For more White Papers on Computer Security, click here!

9. Ensure that you block all dangerous websites, including the list in 6. above! The best protection against security breaches is blocking dangerous URLs, through your Host Intrusion Prevention System!

10. Keep Backups of all important data – this can never be over-emphasized!

1. Your fight against Zero Day strikes should be in place before you are actually hit by one. It is important to not only have an IT Plan ready, the plan should be familiar to Business Unit Heads and other senior personnel. For example, if a Zero Day attack is suspected, the very first strp is to disconnect the suspected Computer(s) from the Internet as well as the Network. Now, if an important Server is suspected, there should be complete agreement between the senior personnel that stopping the spread of the virus is more important than continuing to let the server run. Even if the server hosts the company website or is the e-Commerce Webserver, it needs to be taken down!

Getting senior personnel to agree on the above is one half of the agreement. The other half is the Service Level Agreement (SLA) between the IT Department and the Business Units. The IT Department needs to lay down just how many days they will require to bring up all Computers, the Network and the Internet, during a Zero Day attack. Yes of course, it is difficult to do that, for patches will come from the Security Products vendor! However, the IT Department needs to ensure that alternative measures – spare Servers, Bandwidth, Desktops, Notebooks, etc. are pressed into service to replace those taken out of the Network, until such time that the affected systems are repaired and all data restored!

2. Get in touch with your Security products vendor immediately. They are better placed to understand what's going on and their advice will augment your own Zero Day Strike Plan!

Note that your Security products vendor will need detailed information about the symptoms. Maintaining detailed Logs is thus important! When they study your logs, their response will be one of the following two possibilities:

1. “Oh Yes, we have a patch for that!” – this implies that your patch management program is ineffectual

2. “We haven’t come across this before…” – this usually means you ARE undergoing a Zero Day strike. Therefore the earlier you call in your Security products vendor, the less damage you will incur!

Unfortunately, unlike Viruses, Spyware are not easy to get rid of, once they get into your system. Safe practices to minimize the risk of Spyware are:

1. Keep your Windows Firewall turned on – it will protect your system from hackers trying to get into your system and taking control of it. For more information on how to turn on your Windows XP System’s Firewall, visit the following link: http://www.microsoft.com/athome/security/sniff/firewall_sniff_xpsp2.mspx

2. Some AntiSpyware programs (like Norton 360) turn off the Windows Firewall and turn on their own Firewall. It is better to let the specialized program's Firewall run and turn off Windows' Firewall

3. Do not visit sleazy sites or sites that promise you unbelievable bargains – for example free copies of popular commercial software/ free copies of the latest desktop operating system or other expensive software!

4. When installing software downloaded from the Internet, make sure you read the EULA (End-user License Agreement). Check out whether the software is Adware (i.e., whether it is supports Advertisements). If it is Adware, read carefully and satisfy yourself that you are okay with the conditions, before installing it

5. Make sure you run one of the following AntiSpyware Programs:

   1. Norton 360 (Commercialware). You can download its time-limited Trialware and purchase it after 30 days, before it expires

   2. Norton Internet Security (Commercialware). You can download its time-limited Trialware and purchase it after 30 days, before it expires

   3. SpyBot (Freeware)

   4. AVG AntiSpyware (Both Time-limited Freeware and Commercial versions are available)

   5. Windows Defender (Freeware – just make sure your copy of Windows is genuine, otherwise you cannot download/ install it!)

Merely running an AntiSpyware program isn’t sufficient. With new Spyware being created all the time, your AntiSpyware program definitions need to be updated. Check weekly – more frequently if you can – for updates to your AntiSpyware program and install them as soon as possible. Remember, your computer is not safe against the latest Spyware, if your Spyware definitions are not the most current one!

In the wake of the explosion of Spyware today, an industry segment dedicated to developing Anti Spyware products has risen. A number of specialist AntiSpyware programs are available, apart from the five mentioned above. The products of this industry help users prevent Spyware from infecting their systems as well as help unfortunate owners of compromised systems to fight back and clean the existing Spyware on their systems.

Like in the case of Viruses, you need to be constantly on the alert against Spyware. There are no ways to predict Spyware break-outs!

As mentioned a few paragraphs ago, the following are the Anti Spyware solutions that are currently available:

1. Norton Internet Security

2. Norton 360

3. SpyBot

4. AVG AntiSpyware

5. Windows Defender

The Table below compares the features of each of these, so that you are in a position to decide what you need to purchase:

AntiSpyware Comparison Table

Norton 360 Features:

• AntiVirus, AntiSpyware blocking & repair

• Protection against a wide range of threats - known and unknown

• 1 year protection for up to 3 household PCs

• e-Mail Scanning

• Anti Phishing

• Online Identity protection

• Web site authentication preventing user from visiting phonies of their favorite sites

• Software Firewall protection

• Automatic data backup and storage

• PC performance tune-ups

• 2 GB secure online storage, with the option to buy more

• AntiSpam and Parental Controls availability as add-ons

• Live Update alerts for new features, product updates and threat advisories, as and when available

• Designed to work with Internet Explorer - no support for Firefox/ Opera/ Apple Safari for Windows/ Mozilla Flock/ Netscape

• With Internet Explorer 8 (Beta), Norton 360 keeps losing the Phishing Filter. IE's built-in Anti Phishing Filter knocks out Norton 360's filter. Symantec needs to correct quickly

• Available in Standard and Professional editions. Professional edition offers 10 GB backup space, while Standard edition offers 2 GB space

Norton Internet Security features:

• Detects and blocks Spyware, Viruses, and Adware

• Automatically blocks intruders and identity thieves

• Automatically blocks intruders and identity thieves

• Automatically filters spam and dangerous phishing email

• Blocks Web sites you don’t want your children to visit

• Gives you control over all incoming and outgoing Internet traffic

• Automatically scans email and instant-message attachments and removes viruses, Trojan horses, and worms

• Includes Norton AntiVirus, Norton Personal Firewall, Norton Privacy Control, Norton AntiSpam, and Norton Parental Control

• Designed to work with Internet Explorer - no support for Firefox/ Opera/ Apple Safari for Windows/ Mozilla Flock/ Netscape

• Link: http://www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=nis2007

AVG AntiSpyware features:

The freeware version of AVG AntiSpyware has the following features:

• Ease of use

• Daily database updates

• Heuristics to detect and block unknown threats

• Automatic cleaning engine

• Link: http://free.grisoft.com/freeweb.php/doc/2/

The commercial version of AVG AntiSpyware has the following additional features:

• Automatic online updates

• Real-time monitoring of the entire Computer

• Self-protection at Kernel layer, guaranteeing gapless monitoring of performance

• Link: http://www1.grisoft.com/doc/products-avg-internet-security-freecnv/us/crp/0

Windows Defender features:

• Available for Windows XP Versions

• Protection against pop-ups, slow performance and security threats caused by Spyware and other unwanted software.

• Real-Time Protection

• Monitoring system that recommends actions against Spyware when it's detected and minimizes Computer down-time

• Link: http://www.microsoft.com/athome/security/spyware/software/default.mspx