Adware Malware Help

Posted on 2004-09-17
Medium Priority
Last Modified: 2010-04-11
Greetings All,

I own a small computer repair outfit from my home office. Over the last 16 months my business has increase 100 fold mainly from word of mouth. 90% of my current business is from home and business users with adware, malware and/or virus problems. I have many removal programs and quite a bit of experience in removing adware and the rest. I know this will effect my return business but I would love to offer my customers a means of protection and prevention from adware, malware and viruses. I currently suggest Mcaffee Software for virus prevention...but I have yet to review software that prevents and protects adware, malware and other critters.

Is there software that someone here can suggest...price is a concern, because I always evaluate any software that I recommend to my customers and can afford to waste money on programs that only "sometimes" work!

Also, the best advice I have been able to offer my customers as a way to avoid "re-infection" is -

1: Keep Windows updated
2: Keep Virus software updated
3: Have some form of Firewall (For DSL/Cable customers)
4: Be aware/careful of what you download
5: Avoid most P2P software
6: Don't let kids have admin/superuser access

Is there a "Best Practices" on how to avoid spyware, malware, and viruses. It's getting really bad out there and some people are giving up. I'd like to be able to assist in keeping the net a safe place to "surf"!

Will Banks
Question by:williamebanksIII
  • 2

Expert Comment

ID: 12090428
on adware spyware cleaning, scann and protection in one I recommend AND use Spybot Search and destroy 1.3, in my antivirus, i use avast! www.avast.com its powerful, free for home users, customizable and uses few resources! they are both great and working perfectly with each other, i used the avast for years and no problem, i used spybot a long time and i have no problems on spyware/adware, also add security by installing the latest security pack for the Operating System,also always keep autoupdates on, on using spybot, avast also set them to update automatically, also perform scheduled scans its a level 2 protection, on the firewall XP has its firewall if you need free firewall use zonealarm, Best practice to avoid spyware, read the EULA (End User License Agreement) when using software especially the free ones all spyware/adware using programs states it in the EULA, only users dont have time to read what the program would do in the computer. Also like protecting yourself from viruses open the mail or files you know, in spyware adware, surf download pages you know and trust. Avoid pron sites and free services that you dont trust

Accepted Solution

Mal-Tech earned 1000 total points
ID: 12090736
We'd all like to see a safe place to surf. Unfortunately that ain't the case.

There is no surefire way to avoid spyware. It changes daily and is developed and backed by big money. That's why some of it is actually quite well written. The only way to avoid malware, spyware, foistware....whatever you want to call them is to stay off the web entirely.

Now, there are a few things you can do to help prevent infections and infestations other than the good advice you mentioned.....

Spybot has gone down the tubes. It is so far behind in detection definitions compared to AdAware from Lavasoft (freeware from: http://www.lavasoftusa.com) and SpySweeper (shareware from: http://www.webroot.com) that it's not even worth using anymore.

A decent preventative antispyware program (not a hunter), although it doesn't have a enormous list, is SpywareBlaster (freeware: http://www.javacoolsoftware.com/spywareblaster.html)

Most spyware comes as ActiveX files. Setting "Run Activex controls and plugins" to 'Prompt' in the Internet zone in Internet options may be a pain in the can, but it can prevent alot of infestations, especially those concerned with the new rootkit spyware like super-stealth versions of CoolWebSearch.

Also, disabling 'Install on demand' in the Advanced section of Internet Options will help, along with Launching programs and files in an IFRAME, Userdata Persistence, Allow MetaRefresh, Allow Paste operations via script in the Internet Zone. (Warning: disabling Meta Refresh helps disable a spywares' ability to redirect to infested sites but also disables a users' ability to log into Hotmail). Disabling/removing the Windows Messenger service to prevent NetBios spam is another method:

Windows Messenger is not the same program as the MSN Messenger Internet Chat and comes as part of Windows NT/2000/XP.

The practice commonly uses port 135 (a necessary component normally left open for communicating with a Microsoft service called RPC instead of Windows Messenging ports 137 and 139. Normally blocked by firewalls 137 and 139 have still been successfully bypassed by this new form of advertising.

Windows 2000
Click Start > Settings > Control Panel > Administrative Tools > Services
Scroll down and highlight "Messenger"
Right-click the highlighted line and choose Properties.
Click the STOP button.
Select Disabled or Manual on the Startup Type drop-down menu
Click OK

Windows XP
Click Start->Control Panel
For Category View only (skip this step for Classic View), click Performance and Maintenance
Click Administrative Tools
Double-click Services
Scroll down and highlight "Messenger"
Right-click the highlighted line and choose Properties
Click the STOP button.
Select Disabled or Manual in the Startup Type scroll bar
Click OK

Windows XP Home Version
Click Start->Control Panel
Click Administrative Tools
Click Component Services
Double-click Services Local
Double-click "Messenger" to bring up the options panel
Right-click the highlighted line and choose Properties
Click the STOP button
Select Disabled or Manual in the Startup Type scroll bar
Click OK

Windows NT
Click Start ->Control Panel
Double-click Administrative Tools
Select Services-> Double-click on Messenger
In the Messenger Properties window, select Stop,
Then choose Disable as the Startup Type
Click OK

I don't recommend McAfee because it's too large and is too resource hungry. AntiVir (freeware from: http://www.freeav.com) is 4mb and is very easy on resources while doing a good job. You can read my Antivirus test 2004 at http://www.suggestafix.com/index.php?act=ST&f=16&t=13303&s=df01780971ed7503ad2cf0f02433e4c6 for more information on av programs and online scanners.


Expert Comment

ID: 12124671
Thanks for the points and glad I was able to be of some help. Y'know, another good idea is to keep your Windows clean. You will find spyware likes temp folders and the downloaded files folder. Windows itself does a horrible job cleaning out all the Internet junk and garbage. In addition to SpySweeper, Webroot makes an excellent program called WindowWasher. You should check out the 30-day trial version. I think you'll like it.

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
Each password manager has its own problems in dealing with certain websites and their login methods. In Part 1, I review the Top 5 Password Managers that I've found to be the best. In Part 2 we'll look at which ones co-exist together and why it'…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question