eWeek.com has an article online in which Microsoft’s Security Solutions group program manager Mike Danseglio states:
“When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit.”
Danseglio’s comments came from a presentation at the recent Infosec World conference.
While it’s true that many of the more advanced types of spyware can be difficult to remove, they’re not impossible to get rid of. In the end, however, the end-user must keep in mind the cost in time and effort to remove spyware in an existing setup, versus doing a full system restore, update and then data recovery.
Danseglio recommended end-users make use of free antispyware programs such as Spybot Search & Destroy, RootkitRevealer and of course Microsoft’s Windows Defender to protect themselves.
One thing to remember, however, is how many of these programs are primarily designed as reactive scanners, designed to remove spyware after it’s already infected your machine. Windows Defender does, however, run in a proactive scanning mode similar to that of your average antivirus program.
In my experience, however, Microsoft’s antispyware program has allowed just enough borderline spyware through due to legal concerns that I generally recommend Webroot’s Spysweeper for the average consumer’s desktop or laptop.
And, as always, get into the habit of backing up important documents to media that you can keep safe, such as a thumbdrive, CD/DVD or external harddrive.