Fix Spyware Problems and Viruses

Anyone that has ever used a Microsoft Windows operating system (Windows 3.1, 3.11, Windows95/98/Me,WindowsNT3.5, NT4.0, Windows2000(NT5.0), Windows XP(NT5.1) or 2003 Server) that got connected to the 'net know the troubles with spyware, trojans, viruses, malware, and phishing schemes.

Maybe your PC just seems a bit slower. Even after cleaning up the tmp files and defragging, things seem sluggish. Maybe your PC just reboots on its own. In any case, you may have fallen victim (like MOST Windows users) to some script kiddie on perhaps a 0 day xploit or a known security hole you neglected to patch.

Fear not, for we have bounty of FREE utilities to thwart said evil.
Did you actually, pay for "protection"? Good luck with that. Seriously.

How much you pay for something means absolutely NOTHING to its effectiveness. All too often, I have to go and cleanup an infected PC that is running Windows (with all the latest updates) and a brand-new copy of Norton Internet Security Suite (With all the current updates).

I have found several free utilties to do the job nicely (but nothing substitues a thorough inspection by someone who actually knows which dll's should be getting run by svchost). And if your machine has been compromised, the only 100% way to get clean is to format and reinstall. Sound drastic? Yep.

Fact is, most spyware is simply cookie tracking, ActiveX components, BHO's for IE and plain old scripting (macro, vbs, etc) that don't just run on their own.

Steps to recovery...

1. WEB BROWSER: STOP using Internet Explorer. I have said this since 1999 (and I have been an active Internet user since 1992). Don't make me go into a diatribe about how IE is NOT a web browser (because it is NOT a standalone application). Microsoft has submitted court documents stating the reliance on the browser when they were defending claims of anticompetitive practice during a lawsuit brought on by Netscape (before AOL bought Netscape). This court testimony is more evidence that Internet Explorer is a shell extension and not really a web browser; common knowledge that there is an inherent security risk in running any shell extension.
   -Use instead: Netscape Navigator, Opera, Safari, Mozilla Firefox...besides being less prone to harmful flaws (by design) than IE, they have TONS of features not available in IE.
2. ANTIVIRUS: Download AVG antivirus from Grisoft. It has rightfully detected infections (NOT false positives) that an up-to-date and brand-new Norton Antivirus failed to discover. I date this poor performance of NAV (norton antivirus) back to a free corporate copy I was given back in 1998 (which is shortly after they bought out IBM's own antivirus product line).
         In 1998, a brand-new copy of NAV with all updates in place failed to locate the Romeo and Juliet virus -- a virus in the wild since 1997 (at a minimum, because the virus was burned to a CD-R by myself in 1997). I dutifully emailed the virus signature to what (used to be called) their security response center. This is 2006, and Norton Antivirus still does not discover that virus.
         I like AVG because it works and it's free. If you want the 'best' antivirus software for a Windows computer, then you must get NOD32. I say it is 'the best' because my experience has been that out of all the current antivirus products on the market:
   1. This one doesn't slow your PC to a crawl while protecting your PC
   2. NOD32 detected and removed more malicious software than Norton Antivirus (or Norton Security Suite), McAffee, Panda, AVG, PC-Cillin or Kapersky.
   3. and you can get a 30 day free trial here: NOD32 FREE 30-day evaluation license.
3. ANTI-SPYWARE: Download and Install Spybot Search & Destroy. AntiSpyware covers ground that Antivirus companies have refused to address. Spyware is NOT someone maliciously "hacking" into your PC. It involves your willingly installation of their garbage. Often this is because you (or someone you know) was downloading silly *FREE* games off the 'net. So why Spybot? WHAT? You heard of a fancy antispyware by Microsoft? Pffft! You heard, WRONG. Microsoft purchased Giant Software on Dec 14,2004. This company had already written the framework and a working model of antispyware. Microsoft called it "Microsoft Antispyware" and put it on their site. Too bad those involved with project were too lazy/careless to remove the labels "Giant Software" all over the program. But I digress, Microsoft simply bought the first company that would sell out and sell out for a "fair" price. I have used the software, scanned an intentionally infected machine and was not impressed. I threw a couple of high-profile spyware bots and services on the Windows based PC. It neglected to find them. I dumped this and went back to Spybot (which is not perfect either--about 65% effective, but it is best of the free).
   

   Buyer Beware! I was offered money to refer people to 'Spyware Nuker', so I decided to research it first. After reviewing the software and reading honest customer response, it appears that 'Spyware Nuker' was a name used by several companies..and is covert spyware being sold as 'anti-spyware'. Avoid any product labeled as 'Spyware Nuker'. Not only is it a waste of $29, but it will infect your PC with garbage.

   If you are willing to spend hard-earned money (and want something more effective than SpyBot Search and Destroy, then try StopZilla. It is very easy to use and about 80% effective. You can get a free demo version here

   For Microsoft Windows 95,98,Me,2000,XP users, I also recommend to run Process Explorer and HiJackThis to pickup things that maybe the other utilz didn't find. And once in awhile, you have to run something like Stinger or LSPFix because spyware can alter the TCP/IP stack and your network connection is killed when antispyware removes the garbage that altered the LSP.

   SPAM-SPAM is unwanted (aka unsolicited) email that you receive. It used to be done just as an annoyance, but for the past couple of years, SPAM has meant big business. While you can load some software on your PC to help get rid of it, SPAM should be irradicated at the mail server. Most likely, you don't run your own email server. If you do, I personally recommend SpamAssassin and ClamAV with Qmail on a Linux box. That solution is free and works pretty well. For those who want an easy-to-implement solution for business, then checkout the enterprise grade anti-SPAM email filtering SpamTitan FREE download that includes an antivirus product for scanning emails. It doesn't have to even run on your email server, so it is more flexible and independent of your email platform.

4. FIREWALLS. Another way (that is pretty simple for anyone) to get at your PC is to access shares and services from a remote location (or as a local application trying to connect to another remote location). Again, this is NOT the territory for Antivirus or even Antispyware. Your PC maye (not typically) need to be accessed from the internet (like say, for a web camera you own or you run a P2P network client app). If you are running Windows XP (Home or Pro) Download Service Pack 2 from Microsoft. [if you are NOT on SP2 or run a version of Windows other than XP or 2003 Server, then PLEASE do yourself a favor and load the FREE version of ZoneAlarm firewall ]
         You may have the benefit of a home natted gateway (like a product from Linksys, Netgear, D-Link, Enterasys--and these are badged incorrectly as 'routers'). Note that, when configured properly, these can protect your computers(s) from unwanted external access, BUT they do nothing for egress filtering. Personally, I like to use IPCop Linux boxes for this sort of thing. It provides an enterprise-grade Intrusion Detection System, while running on discarded computers assembled in 1995. The Linux box also has the benefit of using DansGuardian to filter unwanted content (like pornography) from computers in home, schools, libraries.
         If you want a simple solution (for Home or Business use) that you can install yourself, then purchase iCode-prisma adaptive firewall
5. STAY CURRENT: Check for and install all the latest patches for your OS and the applications you run.
6. MONITOR THE COMPUTER: If you want to know where your spouse/child/workers are web browsing and exactly what and who they are chatting with, then PAY ATTENTION! There are many ways to monitor a computer. Some allow you to actually remotely view the PC in live mode (like looking over their shoulder and watching everything they do). Other programs/devices can monitor mouse movement and keystrokes to be played back at a later time (keyloggers can be defeated by knowledgeable kids).

   I first setup monitoring systems for enterprise back in 1998. There are legal loopholes you must go through properly, and a couple of technical gotchas to be aware of. If you know how to roll your own logger or screen scraper, then you don't need --or want-- a plug-and-play solution. If you want something that will give you all the Big Brother benefits without you having to learn anything about a computer, then check this out:
   

   Easy to Use Filtering and Monitoring Software

   Safekeeper is the complete lockdown security you have been asking for (especially for concerned parents who aren't computer savvy): This software monitors and records all instant message (IM) conversations on ICQ, AIM, Yahoo! and MSN. You can also block Instant Messaging or just monitor who they are chatting with. This software records both sides of the conversation, showing exactly what was said, and you can even print out a transcript. You access these chat reports � or change settings - from any PC in the world (that has an Internet connection). Predator Alert- Know exactly where registered sex offenders live in your neighborhood. If new predators move to your area, Safekeeper will send e�mail alerts to you, including their name, photo & address. Users automatically receive a free, one-year subscription to Family Watchdog, the recognized leader in tracking registered sex offenders. Time Controls- You control when your kids can, or can�t use the computer. Set the hours when they can go online, or use chat and instant messenger. Safety Shield- Safety Shield allows users to block questionable sites with just one click. Remote Monitoring-Check your home computer from anywhere in the world. Change your computer settings, even when you�re away from home.       DOWNLOAD Safekeeper HERE

7. STILL HAVE PROBLEMS?: If you _still_ have problems, then try running a scan from a Knoppix disc/thumb drive or a BartPE disc. If all else fails, backup data and format the drive.