Specializing in...

  • REMOTELY ACCESSIBLE SURVEILLANCE SYSTEMS
  • NANNY CAMERAS
  • WINDOWS PC REPAIR
  • APPLE-MAC SOLUTIONS
  • DEALS ON NEW AND USED PC AND MACS
  • CELL PHONE REPEATERS have bad cell service? click
  • 30-DAY WARRANTY
  • MAKING OUR CLIENTS HAPPY

Our technicians have compiled a list of our favorite FREE software tools for you.
Here's a secret: We use many of these tools during our work.
If you start using all this software, you may just put us out of business!

Disclaimer: All of this software is free, yet can be powerful.
Be sure you know what you are doing before you install anything.

Without further ado, the list.....

.: Malware Defined :.

Malware (malicious software) is software designed to infiltrate or damage a computer or network. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware, adware, hijackers and dialers. This internet garbage not only slows your computer down, it can cause operating system errors, random popups, and redirect your browser to websites without your consent. If you are infected with worms your computer can become a mass-mailing zombie. Even worse, keyloggers can grab confidential information that includes chat sessions, usernames, passwords, bank account information, full names, and even addresses that could be used to create fake online identities. Never give out personal info thru email or instant messages and beware of phishing scams.

McAfee, Inc. Reports on Online Identity Theft Trends
Spyware Researchers Discover ID Theft Ring

The sad thing is that "trusted" websites can no longer be trusted. Malware was once restricted to sites offering free music or porn, but today it's being served up by some of the most popular sites on the web. An average of around 8,000 new URL's containing malware emerged each day during April (2007). What's even more alarming is that 70 percent of URL's hosting such malware are found on legitimate web sites that have been targeted by hackers. The outdated notion that malware only resides in the darker corners of the internet is far from the case now. Users are being exposed to malicious content without them being aware of it. Recently Tomshardware.com was unknowingly hosting a banner ad which was redirecting users to a site where driveby malware was automatically downloaded. The Avast! forums were recently hacked and the injected iframe code was serving up malware. MySpace & Excite.com (search portal) are also serving up malware-laced banner ads.

.: My $.02 :.

To be quite honest all of the guides that I have come across barely touch the surface on thorough removal and prevention. In some cases you may have come across websites that show you how to only remove specific infections. Should you decide to post for help on a message forum you are usually required to run several applications, post the log files, and wait for the "expert" to arrive which could take a few days; in some cases your post may go unanswered. When your computer is hijacked it should be cleaned immediately! All of the information in this guide has been gathered not only from trial and error, but by taking the valuable resources that are scattered all over the web and consolidating them into this complete self-help guide. While I may not go in depth on how to use or configure the programs most of it should be pretty straight forward other than HiJack This. I also realize that there is a lot of information in this guide that may not be considered "n00b friendly", or so much information that you may lose focus. Take your time and do not get frustrated.

Unfortunately, cleaning an operating system that has been infected by malware is no longer as simple as it used to be. Malware has become increasingly more difficult to clean, as malware creators find more ways to avoid removal. They have been known to modify specific files to avoid detection, some files refuse to be deleted using conventional tools, others latch on to critical system files, and in some cases rootkits can mask their detection altogether. I am often asked "What are the best detection and removal tools?" The fact is that no single anti-virus (AV) or anti-spyware (AS) application can successfully remove all malware circulating around the internet. It's not unusual to resort to an arsenal of security products in an attempt to ensure that everything has been properly removed. Everyone seems to have their own idea of the "best", and this guide will highlight my recommendations. It never hurts to be thorough when your personal data is at risk. Furthermore, there are many rogue anti-malware products, from those that are advertised by malware or those from creators who strike deals with malware creators to ignore their software. These products are of unknown, questionable, or dubious value as anti-spyware protection. Please take a moment to review Spyware Warrior's Rogue Anti-Spyware list to make sure that you haven't been duped.

Tech advice:

  • One thing to keep in mind is that you should run scans on each user account that is an administrator.
  • Remember to backup the registry before you edit it manually.
  • Sometimes it's also necessary to repair your Windows XP installation after you've removed malware from your system. All post SP2 updates will need to be reinstalled.
  • If you do not have SP2 in your original XP disc you should slipstream it using AutoStreamer or nLite. Use the Windows XP SP2 network install package.
  • AutoPatcher combines the advantage of both Windows Update (presentation and description of updates and automated installation), and the special administrative updates (portability and installation without the need of an Internet connection). There are versions for 2000/XP/Vista/2003.
  • In some cases your onboard ethernet card may not work in safe mode with networking so I highly recommend purchasing a USB Ethernet adapter with native driver support in XP. It's also useful when troubleshooting a pc without a NIC installed.
  • What about a fresh Windows install? If you reinstall the operating system then you'll need to reinstall Windows updates (unless you have a slipstreamed copy), drivers, software, tweaks, and all of your other peripherals which could easily take take several hours. You then need to figure out how you were infected in the first place in order to prevent it from happening in the future. This is the main reason I rarely recommend a clean install. As long as you take the time to learn how to clean an infected system then a fresh Windows install should be a last resort (unless you have a recent known good image of your drive). If you're looking for a quality backup/imaging program please consider Acronis True Image 10 Home.

.: Adware Spyware & Trojan Removal :.

First we'll start out by installing WinRAR unless you already have a compression/decompression tool installed. Before you run any of the removal tools below you should go to Add or Remove programs in order to uninstall malicious programs. If you have any anti-virus/spyware applications installed that are not listed in this guide please uninstall them as well. I also recommend that you disable the System Restore temporarily if you are infected; any trojans, spyware, etc. you may have picked up could have been saved and can possibly reinfect you. Since the System Restore is a protected directory your tools can not access it to delete files that can trap viruses and other applications inside. Once you are certain that your system is malware free you can enable it again.

Download the items listed in steps 1. thru 5. to a flash memory drive (or other removable media) using a clean pc, or simply reboot the infected pc to Safe Mode with Networking and download them. Booting to Safe Mode is important because it disables most drivers, running applications, and is less vulnerable to attack. For these reasons, Safe Mode is the optimal setting for performing any sort of malware-related troubleshooting. However in some cases you will be unable to boot into Safe Mode if your pc has some nasty infections. Should this be the case I recommend you run everything in the rogueremoval kit first while in Normal Mode. Now you should be able to boot into Safe Mode with Networking and run everything again. The Winsock Fix (also in the Rogue removal kit) comes in handy in case you lose your internet access and cannot pull a valid IP from your modem or router.

During the installation of some programs listed below they will offer a custom install so that you can disable 'start with windows'. You should only have one anti-spyware application running at all times in the background otherwise it can lead to program conflicts and becomes a huge drain on system resources.

Note: Please choose 'complete scan' when using these anti-malware tools.

  1. Rogue removal kit (updated 1-6-08) - contains several tools that remove a plethora of trojans and other rogue applications that are not detected or properly removed with conventional tools. This includes those with fake security alerts that goad the end user into downloading and/or purchasing rogue anti-spyware products. Please check the README and follow the directions. In addition, do not be alarmed if some AV programs (AntiVir, Dr.Web, Kaspersky, etc.) detect certain executables in this kit as a "RiskTool". AV programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
  2. SUPERAntiSpyware - must be installed in normal mode. However if you want to run SAS (in normal or safe mode) without having to install anything, and you already have SAS installed on another pc, you can simply copy the entire SUPERAntiSpyware folder from c:\program files\ to a flash memory drive. Otherwise you can acquire it by downloading my rogueremoval kit. The pay version offers real-time protection, scheduling, automatic updates, and much more.
  3. AVG Anti-Spyware - can be installed and run in Safe Mode. This uses the Ewido engine and has excellent detection rates. AVG Anti-Spyware set up contains the free as well as the paid version of AVG Anti-Spyware. After installation a free 30 day trial version containing all the extensions of the full version will be activated. At the end of this trial these extensions are deactivated and the program becomes a feature-limited freeware version.
  4. a-squared - Remove infections of Trojans, Spyware, Adware, Worms, Keyloggers, Rootkits, Dialers and other malicious programs. This is a 100% free version.
  5. F-Secure Online Scanner - uses multiple scan engines: AVP (Kaspersky) + Libra (modded F-Prot) + Pegasus (Norman) + Draco (Ad-Aware) + Orion (in-house heuristics) + Blacklight (in-house rootkit). In case you cannot access the internet, or you simply want a 2nd or 3rd opinion, use the Kaspersky Standalone VRT and/or Dr.Web's CureIt. Both are updated multiple times each day.
  6. Hijack This - (also in the Rogue removal kit) should be placed in its own folder, preferably in the root of c:\ (ex. c:\hjt) where it can safely save backups and be accessed by other user accounts. Do not run Hijack This from the desktop, a temp folder, or a sub-folder of C:\documents and settings. Use with extreme caution! If you aren't sure about which items to remove you may email your log to me, or analyze your own using Acsell's guide, Bleeping Computer's HJT Guide and HiJackThis.de Security. Of course you can also visit popular support forums such as MajorGeeks, Bleeping Computer, MalWare Removal, Spyware Warrior, TomCoyote, and SWI for advice, however be sure to read the stickies at the top of the forum before posting a HJT thread.

Additional tools:

  • CounterSpy v2 - must be installed in normal mode. More powerful and effective than ever, CounterSpy's award-winning spyware detection and removal is now merged with our all-new VIPRE antimalware technology to create the industry's first hybrid antispyware engine. This is a 15-day trial.
  • Process Explorer - shows you information about which handles and DLLs processes have opened or loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
  • AutoRuns - This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. It's more comprehensive than HiJack This and has a better UI.
  • Pocket KillBox & Unlocker - allow you to get rid of files that refuse be deleted.

Note: You may have noticed that Spy Sweeper, Spyware Doctor, Spybot, and Ad-Aware are not mentioned in this guide. At one time all of them were considered premier tools. A lot has changed over the years, and all have inferior detection/removal capabilities compared to the programs and tools that are listed above. Please do not waste your time using them.

Webroot: Why bad management scared off the Spy Sweeper maker's core team

.: Virus Removal :.

It should be noted that running antivirus applications from a number of different vendors on the same computer may cause problems due to interoperability issues. System issues that can result from running more than one antivirus application in your environment at the same time include:

  • Memory overhead. Many antivirus applications use active agents that stay resident in memory, reducing the amount of available system memory.
  • System crashes or stop errors. Such crashes and errors can be caused by antivirus applications attempting to simultaneously scan the same file.
  • Performance loss. As antivirus applications scan files for malicious code, system performance may decrease. Scans are repeatedly performed when multiple applications are used, which may lower your system performance to an unacceptable level.
  • Loss of system access. Antivirus applications attempting to run concurrently may cause the system to halt during startup. This problem is more common in older versions of Windows, such as Microsoft Windows NT and Windows 9x.

For these reasons, the use of multiple antivirus applications on the same computer is not a recommended approach and should be avoided if possible. Even if you think you're using a top notch AV package please take a few minutes to read the information below. You might end up uninstalling your current AV and switch to one that offers better on-demand detection rates, superior heuristics, and possibly lower resource usage.

Independent anti-virus reviews:

  • AV-Comparatives is a credible anti-virus review site that tests popular AV packages. For understanding how the detection rates of the anti-virus products look with updated signatures and programs, have a look at their regular on-demand detection tests. The retrospective test is performed on-demand using a 3 month old virus definition database and compares the detection rate over the viruses that have appeared within the last 3 months. Users shouldn't be afraid if products have, in a retrospective test, low percentages. If the anti-virus software is always kept up-to-date it will be able to detect most of the samples. The Aug. 2007 on-demand comparative was posted on 9-1-07. IBK just posted the Nov. 2007 Retrospective/ProActive tests.
  • PC World - Top Antivirus Performers was a comparison of 8 popular AV's tested by AV-Test.org using close to 900,000 samples. AV-Test is one of the largest and most respected independent reviewers in the business. No free versions were tested, and unfortunately Avira (Antivir) is not in the roundup since they aren't as popular. Be sure to take note of the system slowdown section.
  • SunbeltBlog has posted the latest May 2007 AV-Test.org test results of 29 anti-virus and anti-malware products. They tested all scanners against a set of malware, including 68,864 backdoors, 47,891 bots (zombies), 407,487 Trojan Horses as well as 82,659 worms, so the total number of malware they tested against was 606,901 files. The best product detected 99.83% of their collection while the worst one was only able to identify 62.12% of the samples. The goal was to test detection capabilities only, not cleaning. Products were set with their most aggressive detection options, such as using all heuristics and testing inside archives.
  • Virus Bulletin has their Windows XP - June 2006 comparative tests available. At the bottom of that page there is a link that explains their results calculation protocol. The VB100% award suggests that the tested products are capable of detecting 100% of all viruses. This is simply not true since no product is able to detect all viruses. These vendors have come to realize the marketing significance of these tests, and the effort they put into their products to pass the VB100 tests may not reflect the effort they put into detecting viruses outside of those included in the VB100 test set. It's possible for an AV product to pass all the VB100 tests but still have mediocre or even poor virus detection.

Symantec and McAfee products are the most recognizable AV programs with a large market share. Fortunately Symantec listened to us and revamped their 2007/2008 versions. Unlike the old 2004-06 versions the 2007/2008 products are resource friendly in XP & Vista. The detection rate is also highly rated in independent reviews. However there are a lot of people (typically malware removal specialists) that despise Symantec products and do not feel they offer adequate protection. McAfee home user products to this date are still very disappointing in regards to bloat. The McAfee Security Center is nothing more than a big advertisement that tricks unsavvy users into purchasing their other inferior products. While the detection rate is respectable you can do better. Should you have trouble uninstalling their software using add or remove programs you can use the Symantec removal tool or the McAfee removal tool.

What about Free AV's? Antivir free has industry leading on-demand detection rates, and the Avira team continues to refine the product. The new version that was just released added Vista support and rootkit detection. Resource usage is also extremely low (<20MB) and there is virtually no impact on system performance. Even though Antivir free lacks pop3 email scanning the real time monitor should notify you if you open an infected attachment. As you've seen from the recent reviews Antivir's detection rates are exceptional. One thing to keep in mind is that you'll encounter a popup after each update soliciting you to purchase the premium version. Here are the instructions on how to disable that annoying popup nag screen for Windows 2000/XP. AVG & Avast! also offer free AV's with respectable detection rates. AVG free lacks spyware detection, and Avast! free lacks script blocking. These three free AV's are not meant for business use (home users only).

Are your current anti-malware tools doing their job? These quality online scanners are a great way to get a "second opinion" without having to uninstall your current anti-malware software. You just need to be online and using Internet Explorer since these scanners uses Microsoft ActiveX technologies to scan your computer for malicious code. Without a doubt F-Secure has the most thorough detection since it uses multiple scan engines: AVP (Kaspersky) + Libra (modded F-Prot) + Pegasus (Norman) + Draco (Ad-Aware) + Orion (in-house heuristics) + Blacklight (in-house rootkit)

F-Secure Online Scanner
Eset (NOD32) Online Scanner
BitDefender Online Scanner

The Kaspersky Virus Removal Tool is a free application that was designed to be another virus scanner and detection software from Kaspersky. The product will scan the specified locations for any virus threats, remove them, or send to the quarantine folder. There is no real-time protection or update function. However the databases are updated multiple times each day so be sure to download the latest version.

Dr.Web's CureIt is a FREE anti-virus and anti-spyware utility based on Dr.Web Anti-virus scanner, which will help you quickly scan and cure, if necessary, a computer operated by MS Windows 95 OSR2/98/Me/NT 4.0/2000/XP/2003/Vista without installation of the Dr.Web Anti-virus. The utility contains the most up-to-date add-ons to the Dr.Web virus databases going up to twice per hour frequency at periods of high malware submissions. This utility can quickly clean an infected system, but it is not a permanent tool to cure your computer in case of infection. Its distribution on our web-site is always armed with the hottest add-ons to the Dr.Web virus database, but it does not include the Dr.Web Automatic Updating utility. Dr.Web CureIt! stays actual until the next release of the add-on. To scan your computer with the most up-to-date Dr.Web virus databases next time you should download a new Dr.Web CureIt! package.

Let's say you are using a quality anti-virus, only have a couple of suspected file(s) on your computer, and you want another opinion to see whether they are clean or not. Head on over to Virustotal to scan a file using over 25+ different antivirus engines, or you may email a file to them and a report will be returned. You can also try VirSCAN.org since they offer a similar service using 36+ engines.

Advanced removal: Did you know that it is possible to hide spyware or a virus in a way that will fool even the traditional antivirus products? Some rogue spyware programs are already using so-called rootkits to hide deep in the system, and virus authors are joining in. Several AV & AS tools now scan for rootkits, so the ones listed below are optional, and I would recommend that you seek advice on how to use them instead of going at it blind. Information Week posted their review of six popular rootkit detectors, and anti-malware.ru just posted their rootkit review.

Rootkit Unhooker - acquired by Microsoft
GMER
Rootkit Revealer

.: Firewalls :.

All broadband users should have a firewall (FW) protecting their system(s). A Cable/DSL router (NAT box) is a very inexpensive hardware solution that most people are familiar with. Brands like Linksys and Buffalo are highly recommended. These NAT Routers typically offer stateful packet inspection (SPI), and certain wireless routers allow DD-WRT firmware to be loaded. This free open-sourced firmware offers increased wifi transmission power, WDS, QOS, website filtering, and so much more. Hardware firewalls are important because they provide a strong degree of protection from most forms of attack coming from the outside world. Additionally, in most cases, they can be effective with little or no configuration, can protect every machine on a local network, and allow you to share your internet with multiple computers. I highly recommend changing the default router login password on any router, disable remote management (unless you need it), and also disable UPnP. Wireless routers should set a unique SSID, disable wireless access web, and disable the radio if you are not using the wireless capabilities in your router. You should have basic WEP64 encryption enabled at a bare minimum; use WPA (AES has less overhead than TKIP) if your wireless adapter supports it. When you implement these security measures it will deter potential hackers and wardrivers.

It's alarming at the number of individuals and businesses that have unsecured networks. I've seen people connected to a wireless network without even realizing that it belonged to someone else. Another security risk on public hotpots involves other computers that also connect to this unsecured network. Network attacks can be made through them, and they can possibly connect to your computer and download data from your hard drive. Firewalls guard against these incoming attackers. You should always use a quality firewall whenever you are connected to a "unsecured wireless network" and disconnect after you've completed your tasks. You should never visit secure sites (banking, stocks, etc.) or do anything that requires a login and password.

Software firewalls can only protect the machine they're installed on, so if you have multiple computers (which many homes and small offices do) you need to install and configure a software firewall separately on each machine which could be difficult to manage. Another drawback is the software will often popup messages asking you to allow or deny a particular connection. The end user gets in the habit of clicking 'allow' without even reading the details of the window because they are annoyed with the popups. Most commercial software firewalls include a feature to stop all but authorized applications from sending outbound data packets to the internet. This supposedly stops malicious code from sending unauthorized communications, and also prevents PCs from being hijacked and used to send spam or participate in distributed denial-of-service attacks. The built-in Windows XP firewall (updated in SP2) only filters incoming traffic and allows any application to send outbound packets. However once malware is on your system then the security has been compromised. If an application wants to send data out in most cases an outbound filtering firewall running on the infected machine is not going to stop it.

Virus Bulletin: Free firewalls rated best in leak tests
Matousec: Leak test results

Before installing 3rd party firewall software on a Windows XP computer, be sure that the built-in firewall is turned off. Never use two software firewalls at the same time. Test your firewall capabilities at HackerWatch.org, Firewall Leak Tests, Comodo firewall tests or AuditMyPc.

.: Prevention :.

There is no doubt that if you visit the wrong sites then malware can be installed without your consent. How much junk can get installed on a user's PC by merely visiting a single website? One individual wanted to find out so he visited a single web page taking advantage of a security hole (in an ordinary fresh copy of Windows XP) and recorded a video of the events.

Note: The latest version of Internet Explorer 6, as patched by Windows XP Service Pack 2, is not vulnerable to the installations shown in the video. Please update to Internet Explorer 7 for even greater protection. You may also want to consider installing an alternative web browser such as Firefox with the NoScript plug-in. Both IE7 and Firefox add extra layers of protection and provide additional information to users in order to help them make intelligent decisions. However no browser can force a user to make smart or sane decisions; they can only point in the right direction.

Almost all malware is unknowingly installed so please use common sense when you sit down in front of the computer. Accidents can and do happen, so here are other ways to prevent malware from being installed:

  • Always install the latest service pack for your OS and make sure that (Windows) automatic updates are enabled. Microsoft releases updates on the second Tuesday of each month. When a major exploit has surfaced MS will occasionally release a patch ahead of schedule. If you are using Windows XP and have not updated to SP2 please do so immediately! Service Pack 2 for Windows XP has more than 150 changes designed to improve the security and stability of our operating system. Although some of the improvements are not security related, most of them are.
  • The Microsoft Baseline Security Analyzer runs on Windows Server 2003, Windows 2000, and Windows XP systems and will scan for common security misconfigurations and missing patches/updates.
  • The Secunia Software Inspector checks for insecure versions of browsers, plugins, media players, office apps, security apps, and much more.
  • Microsoft no longer updates Java VM, which is full of security holes, so you should install the latest version of Sun Java. However a lot of current Trojans exploit old versions of Sun Java, so be sure to check add or remove programs and remove all old versions since they also pose a security risk.
  • As I've previously mentioned, stop using Internet Explorer and switch to Firefox. Some people swear by the NoScript plug-in but I find it invasive.
  • Keep your email client updated (eg. Microsoft Office Updates) if you use one, view messages in plain text mode, and always scan email attachments before opening them! Reduce spam by using Thunderbird, Outlook 2003, or you can install SPAMfighter.
  • Use a quality AV, and keep it updated since most people are infected with new forms of malware. Avoid (most) internet security suites since they usually fall short in one or more areas of protection. If you really want to use a suite I'd highly recommend Kaspersky Internet Security 7.0 since the AV and FW offer exceptional protection and detection without draining system resources. The Proactive Defense Module is also an excellent HIPS solution. KIS 7.0 uses roughly 15MB on my XP rig and only has 2 running processes (avp.exe). Occasionally you can find KAV/KIS 6.0 free after rebate, so instead of installing the old version you can download 7.0 and use the 6.0 key.
  • Use quality anti-spyware tools like the ones that are listed at the top of this guide. SUPERAntiSpyware is the most thorough scanner on the market. There is virtually zero impact on system resources, daily updates, exceptional support, and much more! You can purchase the pro version with real-time protection and lifetime updates for $19.95 by installing the free trial, running the updater to display the special URL, or by uninstalling it.
  • Use a firewall even if you're on dial-up.
  • Exercise extreme caution when downloading any files. Always scan the file(s) first before you execute them! Do not trust anyone! Don't fall for the fake "abuse" emails that appear to come from your ISP or own domain. In addition you need to be aware of fake greeting ecards. They'll usually include a link for you to download a Trojan. If you use Skype, MSN Messenger, or other IM clients beware of links that ask or prompt you to download something. When your friends get infected they spam people on their buddy list.
  • Be cautious about installing free software (screen savers, games, etc.) since a lot of freebies have strings attached.
  • Avoid rogue P2P software (view the clean/infected P2P list) since a majority of them include both adware and spyware to generate revenue.
  • Avoid warez, cracks, game cheats, and pornography websites. I know it's a lot to ask but we're talking about prevention. :-)
  • Beware of websites (eg. MySpace) suggesting that you install plug-ins and codecs in order to view videos. These zlob and DNS Changer Trojans will wreak havoc on your pc! Check out this video from Sunbelt that shows a Trojan DNS Changer in action. Update: New MySpace Trojan discovered
  • Beware of rogue advertising banners on websites and messaging programs. The Register recently reported that MySpace had a problem with their ad servers displaying ads for rogue programs such as WinAntivirus and DriveCleaner. Microsoft recently had an issue with their messenger ad servers displaying banners for Winfixer / ErrorSafe. Please take a moment to review Spyware Warrior's Rogue Anti-Spyware list to make sure that you haven't been duped.
  • Ignore and close (Alt+F4) popups that claim your pc has been infected , that you need to fix computer problems, or any other "you need/should fix this problem" because 99.9% of them are scams and will hose your pc.
  • If you run Windows XP you may want to set up a limited user account to prevent malware from installing in the first place. mechBgon has a how-to guide that walks you thru the configuration process. If you're using Windows XP Pro you may want to also implement a Software Restriction Policy, so here's another configuration guide that mechBgon put together. The fact of the matter is that if your computers are manned by unsavvy users a limited user account and/or SRP is highly recommended. Use a standard account if you use Vista.
  • Enable DEP for all programs. Data execution prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. In Windows XP SP2, DEP is enforced by both hardware and software. If your CPU doesn't support hardware DEP you'll see a message at the bottom of the window.
  • Spyware Blaster can help keep your system spyware-free and secure, without interfering with the "good side" of the web. And unlike other programs, Spyware Blaster does not have to remain running in the background since it adds sites to your web browsers restricted sites area. You can also use IE-SPYAD to add a long list of sites and domains associated with known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Use the MVPS HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers.
  • PowerShadow takes an interesting approach to protecting your privacy and keeping your computer safe from offenders. In short, PowerShadow transforms your hard drive into a virtual drive exactly the same as the original one. When you enter shadow mode, the application saves all system changes and user activities on the virtual drive. Every time you restart, your machine will revert to its original state, wiping away nasties such as spyware/adware/viruses and eliminating your surfing and application histories. There is no impact on system performance, and it's free for home use! Does it sound too good to be true? Check out the PowerShadow FAQ and informative thread on Wilders. Please keep in mind that you should still use a quality AV/AS/FW to protect you when you are not in shadow mode.
  • BOClean protects you against a full spectrum of malware, automatically removing these programs from memory, your hard disk and your registry without the need to reboot or drop your internet connection. BOClean safely neutralizes these threats instantly without any risk of damage to your files or computer. Updates are FREE, and the update download and installation process is (or, in the case of network deployment, can be) completely automated. FWIW BOClean was once considered a must-have for your arsenal. However times have changed and there are better alternatives listed in this guide.
  • Threatfire (user friendly and low resource usage) does not rely on signatures, but instead constantly analyzes your computer's behavior to detect and block any malicious activity. Protects against both known and zero-day viruses, worms, trojans, buffer overflows, rootkits and even some spyware. It also works with your existing AV, anti-spyware, and firewall. Cyberhawk is known as a "quiet" HIPS program, rarely popping up a warning screen unless a possible malicious attack is at hand. Advanced users may want to look at EQSecure.
  • SandBoxie is a sandboxing program designed to isolate your PC from internet based threats. Unlike anti-virus programs that rely on signatures to detect threats they protect your PC by fencing off and isolating potentially da