The Spyware and Malware War
| | September 1, 2009
|
Viruses and spyware used to be two separate types of problems, infecting your computer with their malicious code. These problems were handled best by anti-virus and anti-spyware manufacturers, respectively. In the past few years, these threats have merged into one field, known as malware. Malware can imbed Trojans, backdoors, rootkits, bots, keyloggers, and many other nasty types of malicious code onto your computer. Usually the makers of malware do it for monetary, informational, or identity theft reasons. Sometimes it is done for the purpose of utilizing your computer to attack others. Whatever the reason, malware infections cause problems for your computer. Problems such as slow downs, program crashes, pop ups, strange messages, fake alerts (informing you that you are infected and need to buy their poisonous product to clean it), and many other symptoms, are often the result of a malware infection.
Cleaning off a bad malware infection is currently well beyond the ability of most end-users, and really needs to be done by professionalls. At Madison Computer Works, we use as many as five different products to properly clean and root out malware infections. The powerful cleaners, methods and tools we use to clean out infections and stabilize your operating system are not the same products you need to prevent an infection or re-infection.
As anti-virus/anti-spyware manufacturers have gotten more powerful, the manufacturers of malware have gotten more innovative in their method of infection, and the invasiveness of their products. Since anti-malware products require a definition file to recognize malware, the producers of spyware today spew out over 10,000 newly infected sites every day, many with brand new code. Just going to a tainted web site (by mistake or otherwise) can instantly run an embedded script on the web page, infecting your computer. Security software manufacturers can take up to two weeks to identify new infections and add them to your anti-malware’s definition file to prevent that specific infection. No matter how good your anti-malware software is, without a definition file to prevent these new infections, you can get infected.
At this time, having a strong anti-virus/anti-spyware product alone is not enough. Currently, we have found the best method to protect your computer against malware is by having both a strong anti-virus/anti-spyware product and by “sand-boxing” your internet browser. This two-prong prevention method seems to be keeping our customers from getting multiple re-infections.
Sandboxing a browser sets up a virtual simulated environment for your browser to operate within. Your browser works just like it always has, but when spyware attempts to make changes to your Windows or Internet Explorer files or settings, it instead only affects the simulated environment and not your actual Windows programs or files. When you exit the browser, it empties the virtual environment sandbox. When you relaunch your browser, you start again in a clean sandbox environment. MCW recommends that you have the full Sandboxie program professionally installed along with a strong anti-malware product (like Norman Security Suite or Spy Sweeper), to get them properly configured. Sandboxie doesn’t rely on definition files to prevent infections while surfing the internet, doesn’t have to be renewed for an annaul fee, and can be installed on all your computers with the single purchase (for residential use- commercial must buy a license for each computer).
With Sandboxie installed properly, you can surf the internet like you need to. If you wish to download a file, by default Sandboxie allows file saves and changes to your Desktop, My Documents folder, and Favorites. If you wish to have other directories to save files in, you can add them to the configuration. Generally it is safest to download a file to your computer, exit your sandboxed browser, scan the downloaded file, and then install it.
You can make changes to your browser and system by temporarily disabling the sandbox and launching your Internet Explorer, but you should only surf the Internet with your Internet Explorer sandboxed. You can always tell if you are in a sandboxed browser by the # signs at the top of your browser screen when you open your browser.
At MCW, we have found that once you are infected, you most likely will need to have the malware professionally cleaned off and your operating system stabilized. Our specialized cleaning tools are not the same products you will need installed to be properly protected from getting infected. The current “best protection products” we know about in this Malware war are Norman Security Suite or Webroot’s Spysweeper with anti-virus (for AV/AS prevention), and Sandboxie (the best virtual environment sandbox we have found to prevent instant infection through your browser). With these products properly installed and configured, our customers are the most protected they can be in this malware war that rages across the Internet today.
Please talk with an MCW representative for more information on Norman, Webroot, Sandboxie, or anything else discussed in this article. Let our expertise help you to safely navigate the minefield that surfing the Internet has become.
|
...computers that work for you!
|
| 
