|
|  |
How can I prevent SpyWare? How do I get rid of it once I get it?
Print this page
MALWARE PREVENTION
The easiest way to deal with malware is to not get it in the first place, however, if you are just now reading
this document, you most likely already have it, and this guide can be used to prevent future infestations after
you do get your system cleaned up.
Experience and common sense can go a long way in preventing malware infestation. The most important step in
preventing malware installation is maintaining a skeptical attitude when browsing the Internet. If something
looks too good to be true, it probably is. Any "hot deals" had better come from a trusted source. If a warning
starts flashing on your computer, look closely to see if it's a legitimate message from Windows or just an
animated image in a web browser.
Another easy and very important step is to update Windows. Some malware uses holes in Internet Explorer and Windows to install themselves without you knowing. There are many viruses which exploit Windows in similar ways, so it's important to either enable Automatic Update or regularly visit Windows Update.
Users of Windows XP should make sure they have Service Pack 2 installed. It includes many improvements that should make it much more difficult for malware to infect your computer, including a basic firewall. Before installing a major update such as a Service Pack, it is recommended that you back up any critical data. Also make sure that your system is free of malware before installing SP2. Malware can interact with the installation process in undesirable ways, causing your computer to quit functioning. You can get SP2 through Automatic Updates or Windows Update.
Drive-by-Downloads
Internet Explorer can prompt users to download software that gets automatically installed on computers. The intention is that programs, such as Flash, that certain web pages depend on for viewing, can be seamlessly loaded so the user's browsing experience isn't interrupted. However, many malware developers take advantage of this process to foist their wares on unsuspecting users. Let's look at two examples, one legitimate and one malicious:
 
It's important to separate the generic form filler from the content provided by the program in each case. The item on the left identifies itself as "Windows Update," the other "IE Plugin - Once you agree to the License Terms and Privacy Policy - click YES to CONTINUE." The program on the right is imploring you to click yes, not Internet Explorer. It also doesn't really tell you what the program is. Disregarding the second half of its name, it just identifies itself as "IE Plugin." It's not clear where it came from or what it would do if you installed it. This is one major tip-off.
Both products identify their supposed (remember, be skeptical) publisher. The one on the left is from "Microsoft Windows Publisher," the right from "CLICK YES TO CONTINUE." What would a program gain from obscuring its origin, especially by inserting a message in its place that suggests that clicking yes is your only option?
The last unique piece of information is the group that verified the publisher's identity. This bit doesn't tell you very much in either case. Both sound legitimate. However, weighing what else we know, it's safe to say that the program on the right is bad news. The program on the left looks trustworthy.
While our deductions were accurate in both cases, you should also consider what you were doing when you received the prompt. The left prompt appeared while browsing Windows Update, the right prompt showed up on a warez site. It's quite reasonable to expect that OS updates would require something to be installed. When you're looking at something seamy or of questionable legality, you should be on the lookout for possible malware.
Bundlers
Much malware, especially adware, comes bundled with other programs. P2P software (Kazaa, iMesh, and other file sharing programs) are a common source of bundled adware. The following message comes up while installing iMesh:
You can't say the program isn't honest. It lets you know it's ad-supported, which pieces of adware get installed, and what you agree to in the process. Messages about required programs for displaying ads should set off warning sirens in your head. That information alone should be enough to make you stop installation.
MALWARE REMOVAL
While there is no one utility out there that is 100% effective, a great majority of malware can be removed by running
two key malware removal utilities (which are both free for personal use). It is worth mentioning to be careful about which utilities
you choose to use as some will actually install more malware while removing (or only pretending to remove) other malware.
We recommend using Lavasoft's Ad-Aware SE and SpyBot Search & Destroy together with your
preferred AntiVirus Software to remove malware from your computer. We have detailed descriptions and links to download the software
in the next few articles.
We highly recommend using BOTH of these products and also reading the above article on prevention.
OR, Let our professional staff do a complete virus & malware cleanup on your computer for only $25.
(offer valid only to existing Route24.net customers in good standing. Contact Us)
Portions of this article were derived from arstechnica.com
Ad-Aware SE Instructions
SpyBot Search & Destroy Instructions
|
|
