Clean up spyware-infected PCs: Stage four -- Preventative measures

Once you have the spyware problem under control, what steps can you take to avoid being infected in the future?

Once you have the spyware problem under control, what steps can you take to avoid being infected in the future? Read what the experts have to say, or click here to go back to the scenario.


Kevin Beaver: The strongest defense you can have goes back to the human factor -- teaching people how and why not to click on pop-up ads, installation prompts and more. Unfortunately, as long as humans are involved in computing environments, we're going to have issues -- some unintentional and others not. So, make sure the right technology is in place as well. It's a never-ending cycle of vigilance.

Tony Bradley: To prevent drive-by downloads and other spyware issues, users should avoid suspicious Web sites. Well-known sites are typically safe and malware free, but when users visit smaller sites off the beaten path, they are much more likely to pick up unwanted malware. For more protection, you can also run preventive spyware software such as Lavasoft's Ad-Aware Pro or the beta version of Microsoft Windows AntiSpyware. They have components that actively monitor your computer to guard against spyware installations.

One other step you can take is to use IE-SPYAD from researcher Eric Howes. The list contains almost 9,000 Web sites that have been identified as installing adware, spyware, browser hijackers or other malware. Implementing IE-SPYAD will ensure that these sites do not impact your systems.

Lawrence Abrams: The reality is that spyware, hijackers and other malware are becoming an epidemic like worms, Trojans and viruses. Most people think an antivirus program will cover the whole spectrum of malware when, in reality, they tend to focus on viruses, Trojans and worms. It is important to have a cocktail of defenses running on your computer.

Here are my eight spyware defenses
Note these are in no particular order as they are all equally important.

  1. Windows updates must be applied when they are released.
  2. A corporatewide firewall or local software-based firewall must be protecting every computer.
  3. Internet Explorer settings must be firmly secured.
  4. At least two different spyware removal programs should be installed on each computer, such as Spybot - Search & Destroy and Ad-Aware.
  5. Javacool Software LLC's SpywareBlaster should be installed in order to stop known malicious ActiveX controls from running on each computer.
  6. A good antivirus program should be installed on each computer.
  7. The antivirus, SpywareBlaster and spyware removal programs must be continuously updated for new malware definitions.
  8. Finally, and maybe the most important, create a guide on safe Internet use practices. For example, users should never click on pop-ups saying the computer is infected or they need to run spyware removal software, never open attachments from unknown sources and always read the fine print in software that is installed.
All of this information can be found in the following tutorial: http://www.bleepingcomputer.com/forums/Simple_and_easy_ways_to_keep_your_computer_safe_and_secure_on_the_Internet-tut82.html


Go back to the initial user problems: Spyware infection scenarios


About the experts: Expert bios are available on the scenario page.

This was first published in June 2005

Dig deeper on Network intrusion detection and prevention and malware removal

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close