Four-step Defense Against Spyware and Parasites
by Marty R. Milette
Published on this site: September 22nd, 2005 - See
more articles from this month
Everyone knows about spyware, parasites and other malware.
I won't review them all here but what you may NOT know about
is a PROVEN, FOUR-STEP Defense that will virtually guarantee
that your computer is protected in a practical, simple manner.
Let me spoil the secret before you even read the article!
The steps are:
- Install a good anti-virus program.
- Install Spybot Search and Destroy.
- Install Microsoft Anti-Spyware.
- Keep everything up to date!
Can it really be that simple? YES!!!
How do I know? This is exactly what I have done to clean,
disinfect and keep over 300 computers at two different companies
keeping them operating parasite-free for the past two years!
Here are the details...
- Install a good anti-virus program.
If you are running any computer without a good anti-virus
program these days you're committing cyber-suicide!
It doesn't really matter which one you use. There is suchstiff
competition between companies to keep up every oneis pretty
much about the same or at least it will be very quickly.
So don't sweat it. Use ANY one you want but just be sure to use one!
(I personally use McAffee, and receive virus-laden emails
every couple of days that are automatically deleted.)
- Install Spybot Search and Destroy.
I don't generally recommend products, but make the exception
in this case because this program REALLY WORKS and is FREE!
(I DO encourage you to make a donation!)
Get it here: http://www.safer-networking.org/en/download/
Another tip: DO USE the "Tea Timer" continuous
protection. It is turned off by default so when you see
the prompt to enable it please do! It is much easier to
PREVENT a problem, than to try and cure it later.
- Install Microsoft Anti-Spyware.
Many people believe that just because they have ONE particular
anti-spyware program, that they are covered.
DEFINITELY NOT! Spyware is one case where you absolutely
MUST use both a belt and suspenders.
You will find that there are many bits of malware that Spybot
S&D catches, but Microsoft doesn't and vice versa.
Also, one product may catch the parasite, but only the other
one can successfully remove it.
Microsoft Anti-Spyware is available here:
http://www.microsoft.com/athome/security/spyware/software/
If you have a LEGAL copy of Windows, the download is FREE!
(But be warned that they WILL CHECK your windows, and you
must download and install the checking too. No big worries.)
- Keep everything up to date!
Last, but certainly not least, you absolutely MUST keep
your operating system, anti-virus and anti-spyware products
updated.
Microsoft releases patches and updates to all currently
supported versions of Windows almost weekly. Use the "Automatic
Update" feature to make sure you get them, or check
manually at least once a week through Internet Explorer's <Tools><Windows Update"> menu
option.
Don't forget about keeping the other products updated also.
In previous versions of Spybot Search and Destroy, you needed
to do this manually.
- Removal and Cleaning
Ideally, these four steps should be done just after the
system is first set up and before it ever hits the Internet
but if this isn't the case, don't be surprised at all the
viruses, parasites and malware you may find.
If this is the case, my recommended removal and cleansing
method is a 'top-down' approach from the simplest and safest
method down to the more difficult and dangerous.
(Legal: Everything in this article is "At Your
Own Risk".)
- See if the application has a menu entry or an "Uninstall"
or "Remove" option anywhere. Most legitimate software
(but ones that may carry parasites as extra baggage) may
be able to be removed (at least partially) this way.
- Under the Windows Control Panel, select the "Add/Remove
Programs" applet -- look for, and "Uninstall"
anything thatmay be related to the malware. Be aware that
many "innocentlooking" applications carry spyware,
malware and parasites.Remove anything in any way resembling
problems exposed through either of the anti-spyware programs.
- Use the removal features of the anti-virus and anti-spyware
applications. I recommend doing this AFTER theprevious two
steps, because sometimes the applications willbe removed
more 'cleanly' by reversing their original installation process.
Note: After performing any step, be sure to repeat
the scan with the anti-virus and/or anti-spyware program
to see if the problem was really fixed. You should continue
trying to remove the problem until the scan comes up clean.
This may also mean rebooting your computer between removal
attempts.
Spybot Search and Destroy will prompt you to reboot and
attempt removal during the reboot if it encounters a particularly
stubborn bug.
- In some cases, no amount of scanning/cleaning/rebooting
can remove the malware. In this case, you have two options:
a) Boot the computer into "Safe Mode" and
re-attempt the Spybot and Microsoft scan/removal process.
(To get your computer to boot into Safe Mode - press <F8>
just after restart - and select "Safe Mode" from
the boot menu.)
This may allow you to remove applications that are run automatically
at start-up, but that protect themselves by preventing the
file from being deleted while the bug is running.
b) Boot the computer into Safe Mode, Run "Regedit"
or "Regedt32" and try to clean the parasite by
searching the registry for strings that the anti-virus programs
have found.
Note: I won't provide detailed instructions on registry
editing because if you don't know how to do it already you'd
probably better not try! It can mess you up
Marty R. Milette is a Microsoft Certified Professional
with over 20 years of IT experience. He holds CTT+, MCT, MCSE+I,
MCP+SB, MCSD, MCSA and A+ certifications, publishes articles,
developed and delivered training to the US Military in Europe.
Mr. Milette operates over 200 web sites, including "All
My Best Hotels" (http://www.ambh.com)
and is available for training and consulting assignments throughout
Europe. A Canadian citizen, lives with his wife and son in
beautiful St. Petersburg Russia. Contact at: m
a r t y @ m i l e t t e . c o m
|
