Sunday, 30 December 2012

Security advice can expire

Mark Russinovich has drawn my attention to some security advice just published on USA Today. It seems a little dated and is probably more appropriate for someone operating a PC in 1999, not 2013.

There are five sections, the third (security-related) one being related to, "3. The zombie spyware plague".

This makes reference to fake anti-virus malware, which is certainly a current threat, although less so than a couple of years ago.

The solution?
"... running a real antivirus program probably won't help. To stop the pop-ups, you must run an anti-spyware program. There are a number of good ones — I'd start with Ad-Aware."
I'd be interested to see why author Kim Komando thinks that "real antivirus" software can't remove malware, while Ad-Aware can. Especially as Ad-Aware is a real anti-virus product.

It didn't used to be, though. Back in the late 1990s Ad-Aware was labelled as an anti-spyware tool. It was much more limited than fully-featured anti-malware suites. That said, it was often better than regular anti-virus software when handling certain types of threats, such as information-stealing malware like modem diallers.

It is now described by its developer Lavasoft as, "super fast anti-virus combined with our legendary anti-spyware".

The distinction between anti-virus and anti-spyware no longer exists, and has not done so for years.

Anti-malware vendors cannot afford to ignore certain specific types of internet threat, such as Trojans, diallers and so on. They use the umbrella term "anti-virus" just to keep things simple for normal users.

Ad-Aware looks like an effective anti-malware (anti-virus) tool. It's certainly scored well in AV-Test and Virus Bulletin tests in the past.

Registry backups

The initial section, which includes advice on using a tool to clean the Registry, contains the advice of:
"Just make sure you allow it to backup the registry before making changes."
It's a small point but I'd probably want to back up the Registry manually, rather than rely on the tool that could cause the corruption in the first place.

How do you do that on a PC running any version of Windows later than Windows 98?

The author does not tell you how, but the answer is usually to use System Restore. The Windows Backup tool does not make a copy of the Registry, so don't rely on that.

For more information on backing up the entire Registry for your version of Windows, use the following links:
Windows XP
Windows 7
Windows 8 (it appears to be the same as for Windows 7, above)

This Wikipedia entry examines some further Registry backup options.