Saturday, February 11, 2006

How to protect your Windows PC from Spyware, Malware and Rootkits

This is a typical scene everytime I visit a non-techie's house.

Non-techie: Manoj, my PC is running dog slow.
Me: Have you been using a file sharing application or downloading apps from the web?
Non-techie: Yes

What ensues is a thorough scan of the person's computer to find and quash spyware, malware and adware. I have great news - there is a new star on the horizon, a type of program that can hide itself from even the administrator and wreak havoc on your system. It is called the Rootkit.

You might recall that Sony-BMG came into a lot of flak a few months ago. This was because their audio CDs installed an undetectable software on Windows machines that bore characteristics very similar to malicious rootkits. The program would track your usage of any Sony-BMG copy protected CD and would transmit your usage data to a Web service. This was their first attempt at an Active Copy Protection mechanism, designed to deter the ripping and sharing of music. I'll summarize by saying that the company is still recovering from this PR nightmare.

Not all is lost for Windows users though. Here is how you can protect your computer from these malicious tools:

1. Disable Autorun
Low tech but very useful nonetheless. If you have a Windows PC, a feature called Autorun provides CD vendors with the opportunity to run a program everytime you insert the CD into the computer. This feature was exploited by the Sony CDs to install their copy-protection program on machines and you should disable it.

Hopefully, you trust me and will download this file to your computer to disable autorun: noauto.reg. Double click on the file once it has download and reboot the machine to disable Autorun. For the curious and paranoid, the contents of noauto.reg are:

REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CdRom]
"Autorun"="0"

2. Install an anti-spyware program on your machine
In the Anti-spyware release, Microsoft's Windows Security team has a winner. You can install it from here: Anti-Spyware Beta

Good luck with protecting your PC. As always, if you can't figure something out about your PC, feel free to contact me.

No comments:

Post a Comment