Help protect your computer from spyware and other potentially unwanted software with Windows AntiSpyware (Beta)
Published: August 11, 2005
Editor's Note: Past articles by members of the online community are archived for your use. The information may become outdated as technology changes. For the most current information, please search the Web site or post a question in the newsgroups.
Spyware refers to unwanted software that collects personal information, displays advertisements, or changes the configuration of your computer without your permission. It’s responsible for collecting personal information, displaying unwanted pop-up windows, and even slowing down and crashing computers. Spyware can change your browser settings and install additional toolbars to your browser. Often spyware makes it difficult to change your browser settings back to your original preferences. If this isn’t bad enough, it’s also very hard to remove.
Spyware can be installed with other programs, especially file-sharing programs and game download sites. Programs that include spyware sometimes mention it in their license agreement or privacy statement, places where you might click "I agree" without even reading the text. And spyware can also be covertly installed by exploiting security vulnerabilities in your browser or operating system.
You can reduce the chances of catching spyware by installing Windows XP Service Pack 2 (SP2). SP2 includes security enhancements for Internet Explorer and Windows XP that help prevent spyware from being installed on your machine.
The next step is to install Windows AntiSpyware (Beta), a new software program offered at no charge that makes it easier to find spyware, remove it, and help keep your computer secure from future threats. In this column, I’ll explain how to install Windows AntiSpyware (Beta) and how it works to find and remove spyware and help prevent future infections.
How to install Windows AntiSpyware (Beta)
To install Windows AntiSpyware (Beta), you need to be running Windows 2000, Windows Server 2003, or Windows XP, and should be running Internet Explorer 6.0 or later. You need Internet Explorer 6.0 or later. If you’re running Windows XP, you already have Internet Explorer 6.0. If you’re not sure that your system is up to date, visit Windows Update. Complete system requirements are listed at Microsoft Windows AntiSpyware (Beta): System requirements.
To install Windows AntiSpyware (Beta)
1. | Open Internet Explorer, navigate to Windows AntiSpyware, and then click Try It Now. |
2. | Follow instructions to complete the download. (You may have to validate your copy of Windows.) |
3. | When the Installation Wizard is ready to install the program, click Install to begin installing Windows AntiSpyware (Beta). |
4. | When installation is complete, select the check box next to Launch Microsoft Windows AntiSpyware, and then click Finish. |
The welcome page of the Setup Assistant opens, as shown below.
The Setup Assistant walks you through setting up Automatic Updates, Real-time Protection, SpyNet, and an initial system scan.
There are four important steps in the Setup Assistant:
1. | Turn on automatic updates
Spyware authors may alter their spyware programs slightly so that they can't be detected and are hard to remove. Anti-spyware vendors combat this by updating anti-spyware definitions, just like antivirus programs do. Windows AntiSpyware (Beta) can automatically download and install new anti-spyware updates so that your computer is protected against the latest threats. To configure this option, click Yes, automatically keep Microsoft AntiSpyware updated (recommended), as shown below, and then click Next.
 The Windows AntiSpyware (Beta) Setup Assistant can automatically download anti-spyware definitions daily to keep your computer up to date. |
2. | Activate real-time protection
The Setup Assistant offers you the opportunity to sign up for real-time protection. Real-time protection means that while you're on the Web or sending e-mail, Windows AntiSpyware (Beta) will monitor your computer and warn you when you might be installing spyware or other deceptive software. I think it's a good idea to activate real-time protection, because it can intercept and disable many spyware programs before they are installed. To turn on real-time protection, click Yes, help keep me secure (recommended). |
3. | Join the SpyNet community
The voluntary, worldwide SpyNet™ community plays a key role in determining which suspicious programs are classified as spyware. SpyNet participants help to discover new threats quickly so everyone is better protected. Any user can choose to join SpyNet and report potential spyware to Microsoft. To participate in the SpyNet community, click Yes, I want to help fight spyware (recommended), as shown below, and then click Next.
 The SpyNet Community provides a way for Windows AntiSpyware (Beta) users to help each other by reporting new spyware threats. |
4. | Perform a system scan
After the Setup Assistant is finished, Windows AntiSpyware (Beta) offers the opportunity to perform an initial spyware scan. Be sure to click Yes, I want to help fight spyware (recommended).
|
How security agents work
Windows AntiSpyware (Beta) includes security agents. Security agents monitor more than fifty entry points that spyware use to change your computer settings and intercept spyware changes. There are three types of security agents: Internet agents, system agents, and application agents.
With the help of security agents, Windows AntiSpyware (Beta) watches over fifty checkpoints that spyware commonly use to manipulate computers.
Security agents also let you know when changes are made by unknown programs so that you can allow or block the change. For example, some spyware programs change the browser home page. Windows AntiSpyware (Beta) assigns a security agent to watch your browser home page and lets you know when spyware tries to change it. Each security agent in Windows AntiSpyware (Beta) watches a series of checkpoints for spyware. Sometimes checkpoints may conflict with programs that need to modify your system or access the Internet, or checkpoints may slow your system down. In these cases, you can turn off specific checkpoints or an entire security agent. When you turn off an entire security agent all of its checkpoints are disabled. For example, the Internet agent checkpoints include your wireless connection, Windows Messenger service, and Internet proxy server settings, among others.
To turn a security agent on or off
1. | Click the Real-time Protection icon on the right of Windows AntiSpyware. |
2. | Move the mouse pointer over the security agent that you want to turn on or off. |
3. | Click Activate to turn the security agent on, and Deactivate to turn the security agent off. |
To turn a security agent checkpoint on or off
1. | Click the Real-time Protection icon on the right of Windows AntiSpyware. |
2. | Click the Security Agent (Internet, System, or Application) of the checkpoint that you want to turn on or off. |
3. | Click the Checkpoint that you want to turn on or off and click Activate or Deactivate. |
To view a history of all of the events that have triggered a checkpoint or agent to intercept spyware, click the Real-time Protection icon, and then click View all events.
How to remove spyware from your computer
Windows AntiSpyware (Beta) can perform a quick scan or a thorough scan. To perform a quick scan, in the Windows AntiSpyware (Beta) window, click Run Quick Scan Now. A Quick Scan runs for several minutes and detects most common spyware. To see additional options, click Scan Options. Scan options lets you run a full system scan that checks memory locations, running processes, and all drives and folders, as shown below.
Windows AntiSpyware (Beta) performs a full scan for spyware.
Some spyware programs permanently damage Windows when removed. Windows AntiSpyware (Beta) can create a restore point before you remove the spyware if you click Create restore point. When you’re ready to remove the spyware, just click Continue.
Windows AntiSpyware (Beta) can perform regular scans at scheduled times by using its built-in scheduler.
To access the Scan scheduler
1. | Click Scan options on the right of Windows AntiSpyware and then click Spyware Scan. |
2. | Under Take me to, click Scan Scheduler. |
When Windows AntiSpyware (Beta) detects spyware on your computer, you can choose to Remove, Ignore, or Always ignore it, as shown below.
Windows AntiSpyware (Beta) assigns a threat level to spyware before deciding what to do with it.
Windows AntiSpyware (Beta) reports a threat level to help you decide how vulnerable your computer is. You can also view additional information about the spyware program.
Get the latest Windows AntiSpyware (Beta) definitions
Getting the latest Windows AntiSpyware (Beta) definitions is easy. Just click File and then Check for updates. Windows AntiSpyware (Beta) will also download the latest definitions every day automatically if you selected that option in the Setup Assistant.
Because threats adapt quickly, often a new definition is available only within days after a previous update.
How to use the advanced tools
Windows AntiSpyware (Beta) includes advanced tools that help manage your personal information and computer settings. Windows AntiSpyware (Beta) can restore Internet Explorer settings in case spyware infects your computer and also help keeps your personal information private by removing spyware from many programs like Internet Explorer, Microsoft Office, Windows Media Player, and even Windows.
To restore your original Internet Explorer settings
1. | In the Windows AntiSpyware (Beta) window, click the Advanced Tools icon. |
2. | Under System Tools, click Browser Restore. |
3. | Select the check box of each setting you want to restore and click Restore. |
To securely remove personal settings
1. | Click Advanced Tools. |
2. | Under Privacy tools, click Tracks Eraser. |
3. | Select the check box of each program settings you want to erase and click Erase Tracks. |
You can use System Explorers in the Windows AntiSpyware (Beta) Advanced tools to view and modify settings that are usually hidden and hard to change in Windows XP. System Explorers can show you what hooks are set for file execution in the operating system and what programs are set to start when you start your computer. You can then choose to block them from startup or permanently remove them from startup and send them to SpyNet for analysis.
To use System Explorers
| • | In the Windows AntiSpyware window, click the Advanced Tools icon, and then click System Explorers. |
Windows AntiSpyware (Beta) is pre-release (beta) software distributed for feedback and testing purposes. Microsoft does not provide technical support for beta releases (see below for information about how to gain access to newsgroups). If Windows AntiSpyware (Beta) is causing an issue with your system, we recommend removing it by using Add or Remove Programs and even using System Restore if the problem persists. More information about Windows AntiSpyware (Beta) is available at:
http://www.microsoft.com/athome/security/spyware/software/default.mspx.
Although formal support is not offered for this beta, check out the support newsgroups where you’ll find other enthusiasts and Microsoft Most Valuable Professionals waiting to help. See you there.
 | Justin Harrison is an Expert Zone columnist and Director of Asteract Studios Limited. In the past he has worked for GE Energy and has worked with the Casual Games team at Microsoft.
|
