Practicing Safe Computing

Malware Removal/HijackThis Notice: The purpose of this document is help you build your own security suite, setup your defenses, and develop your own safe computing practices so you never need the services of a Malware Removal expert. If you came to this post because you suspect your system is infected and has already been compromised, I recommend you purge your system of clutter as noted below in the section titled, "Delete Temporary Files", then scan with Malwarebytes's Anti-Malware (see below for download link and scan instructions). Finally, post a HijackThis log in the designated forum as instructed by the site's HijackThis Procedures and one of our certified Malware Removal experts will assist. When done, use this guide to prevent recurrence.




Do not misunderstand! There are people on the Internet right now, trying to hurt you, and your family! The worst of the scum seek to terrorize, abduct, torture, sell into slave labor and sex rings, and kill our children! They exploit the elderly, weak, scared, and innocent. Predators don't care who you are.

The hackers, thieves, spammers, software pirates, illegal software users, juvenile misfits, and cyber-terrorists don't care either. Many are clever, do not think otherwise, do not let your guard down. Learn, then teach your children. Right now, badguys are trying to learn your email addresses, account numbers, credit card numbers, phone numbers, Social Security numbers, driver's license numbers, home addresses, birthdays, mothers' maiden name. They want to steal your money, open accounts under your name, run up your bills. They want to tap into your wireless networks, steal your data and use your Internet access for nefarious deeds.

It is a sad fact that we, as users, must be the linchpins for security protecting our computers, our personal information, and our families from predators, identity thieves, organized crime, terrorist, and all the wannabe followers - the badguys in cyberspace.

The best defense will surely fail if the "human factor" fails. Losing concentration and compromising safe computing practices very quickly turns the user into the weakest link, resulting in exposed vulnerabilities and potentially compromised security and safety.

How did we get in this security mess? Let's make sure we put the blame where it belongs; on the badguys! Badguys put us in this position. Not the software giants. Not the hardware industry. But bad people - and not just the usual suspects mentioned either, but bad guys in corrupt governments, ISPs, and law enforcement, and others who profit (tax free, I'm sure) from that malicious activity.

They have forced the rest of us to become Information Technology (IT) security experts just so we and our families can safely use our computers in our own homes.

Beyond that, failure to keep our systems free from malware and intrusions is not being a responsible Internet user. These vulnerable systems are primary targets (easy pickings) for badguys and may (most likely will) end up compromised. The compromised computer, under the control of the bad guy, becomes a threat to the rest of us as it used by the badguy to send spam, launch DDoS attacks, and distribute more malicious code across our networks. Not good.

What can we, as computer/Internet users do about it? Three things:

1. Practice Safe Computing! Keep systems patched, updated, scanned and blocked, and use a disciplined approach to operating the computer and using the Internet.
   
   
   • Patch operating systems and applications to the latest security patches, including Vista SP1, XP SP3 and Internet Explorer 8, even if using alternative browser
     
   • Update anti-malware signature/definition files promptly and apply operating system critical updates in a timely manner (see "Windows Update" under "Prevent Re-Infestation" below)
     
   • Scan using "real-time" anti-malware scanners for viruses, worms, Trojans, and spyware
     
   • Block unauthorized access attempts, spam and pop-ups using a good client-based (software) firewall, spam blocker, and pop-up blocker.
     
   • Self Discipline, the most crucial! Self discipline includes:
     
     • NEVER click on "To stop getting these spam messages, click here" links
       
     • NEVER click on any links in unsolicited pop-ups or email
       
     • NEVER open attachments or downloads without first scanning for malware - regardless the source
       
     • NEVER visit sites bad guys are known to wallow in: such as porn, gambling and Peer to Peer (P2P) sites that tolerate illegal filesharing of copyrighted materials such as music files, movies, and published documents
       
       and finally...
       
       
     • NEVER skip any of the above.
   
   
2. Limit Access. It is good practice for all users to use limited access accounts for normal day to day computer use instead of an "Administrator" account. Downloads are restricted with limited accounts making it less likely a badguy will be able to download and install malicious code on your computer, should a malicious site be visited by the user, or through a malicious redirection. Children should have limited accounts and always separate from the parent's. See Vista "Standard" User Accounts or XP "Limited" User Accounts for more information.
   
   Use strong passwords, preferably 8 characters or more, consisting of upper and lower case letters, numbers, and special characters (! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~). Do not use family names, pet names, birthdays, anniversaries, addresses or other easy to guess passwords. Do not write your passwords down in a pad or on a sticky note. Use a password manager to store your passwords such as Password Safe. For PDA users, I highly recommend SplashID which includes SplashID Desktop, an excellent Windows password manager that "Hotsyncs" your encrypted passwords with the PDA.
   
   
3. Vote! Demand your elected officials fund for enforcement of existing laws, and create new laws with teeth against all aspects of cyber-crime. Demand funding so the authorities have the resources needed to fight the badguys. Elect or demand appointment of judges that levy harsh punishments. Demand the United Nations enforce the existing laws on software counterfeiting, and the exploitation of children in servitude, force labor and pornography.

It is important to manually run through your security scans on a regular basis, even when you have a full, real-time security system in place. This is necessary to ensure nothing got by (or was "allowed" by) your defenses by one of the computer's users. Once a week is not unreasonable.

"Malware" is the catchall word for malicious software to include viruses, Trojans, worms, spam, and spyware. As the security industry consolidates products and migrates towards "suites", anti-virus and anti-spyware products are evolving and "anti-malware" products are emerging. AVG Free now includes their anti-spyware module, and the new Malwarebyte's anti-malware scanner has proven itself worthy of addition to everyone's arsenal, as a full time, or on-demand supplemental scanner.

Use the information below to assemble your own arsenal of tools to keep your systems free of malware, and your family safe. I personally use all these tools on the various computers on my network and frequently recommend them to friends, family, and clients. There are certainly many competing products that are just as effective and by all means, if you are more comfortable with another product, and it is not a "rogue" product, then use it. The point is, keep it updated and use it!

Important Note - Update First. For all of the following suggested programs, and before every scan, use each application's "update" feature to ensure you have installed the latest signature/definition files. This is necessary even if you just downloaded the most recent version of the application.

Important Note - Avoid Conflicts. To avoid conflicts, ensure only one firewall and one "real-time" (also known as "in resident", "in memory", "auto-protect" or "active scanning") scanner program of the same type is running at any given time. That is, have only one firewall, one real-time anti-virus, one real-time anti-spyware, and one real-time anti-Trojan program running at any time.

Important Note - Back up. Performing major system scans and cleaning is never risk free. Although every program listed here has a long history of reliable performance, things can go wrong, especially with a problem system. Hardware can fail and power line anomalies can wreck havoc - use an uninterpretable power supply (UPS)! Back up your important files regularly. And I recommend you create a System Restore “point” now, before running through the cleaning procedures. System Restore allows you to “roll back” system files, Registry keys, installed programs, etc. to a previous state.

1. Quit all running applications,
2. Go to Start > All Programs > Accessories > System Tools > System Restore,
3. At the System Restore Welcome Screen, click the Create a restore point radio, button, then click Next,
4. Name the Restore point (Example: Before system clean),
5. Click Create.

Important Note - Check EULAs. Be aware that most free software is free for home and non-commercial use only. Be sure to read the end-user licensing agreements (EULAs) before using.

Clean Out the Clutter

• Delete Temporary Files before scanning to rid system of thousands of temporary files. This action often significantly reduces scanning times and may clear out files that are corrupt or are infected with malware. Deleting cookies as well ensures all "tracking cookies" are removed too. Note that deleting cookies will force the manual entry of user names and passwords for sites requiring them on your next visit, so make sure you know them.
  
  
  • Windows (XP or Vista) Disk Cleanup. One distinct advantage Windows Disk Cleanup has over all other cleaners is that it has the option to delete all but the most recent Restore Point. This is significant because malicious code can hide there. To delete temporary and no longer needed files (including old System Restore points) with Windows Disk Cleanup:
    
    
    • In My Computer, right click on drive, then select Properties > Disk Cleanup,
    • When Disk Cleanup calculation is complete, check the desired Files to delete boxes - uncheck Compress old files unless you are very low on disk space (Note: Highlighting each entry will reveal a description of items being deleted),
    • Optional - Remove all System Restore points, except the most recent
      • Click the More Options Tab,
      • Under System Restore, click Clean up... to remove all but the most recent restore points, then follow prompts to complete action,
    • Click OK and follow prompts to complete and exit Disk Cleanup.
    
    
  • ATF Cleaner 3 - a tiny, simple, easy to use alternative cleaner for Internet Explorer, Firefox, and Opera users.
    
    
  • CCleaner - a popular alternative cleaner for more advanced users. During installation, uncheck the option to install the Yahoo toolbar. Before first use, check Options > Settings and ensure Only delete files in Windows Temp folders older than 48 hours is unchecked. For advanced users, CCleaner has an excellent Registry tool that checks for "issues", cleaning unused "orphaned" entries missing shortcuts. It is very conservative and as such, is much safer than more aggressive cleaners. It always prompts the user to backup the Registry before making changes. You can configure CCleaner to leave cookies from the trusted sites you visit often. Like any Registry cleaner, it is best when used to maintain a Registry in good order, rather than to fix a long neglected, and broken registry.
  
  Note: Some files cannot be deleted while Windows is running. They will be marked for deletion at next boot. Expect the computer to take longer to boot up the first time after cleaning with one of the above utilities.
  
  Tip: Delete all Temporary Internet Files and Cookies before defragmenting your hard drives. It is counterproductive to defrag with 1000s of tiny temporary files on the drives.

Scan for Malware

• Scan for Spyware - No one anti-spyware program gets them all. Therefore, it is necessary to use an arsenal of tools. Past controversy over some anti-spyware makers' decisions to delist known spyware emphasizes the need to attack on multiple fronts. I recommend you download, install, and use the latest versions of one or more of the following:
  
  
  • Malwarebytes's Anti-Malware (MBAM)
    • Check for updates before scanning,
    • Select Perform quick scan > Scan,
    • When complete, click OK, then Show Results,
    • Ensure all is selected, and click Remove Selected,
    • When complete, save the log in Notepad to a convenient place for future reference.
      
      
  • SpyBot Search and Destroy - To avoid possible conflicts with other real-time scanners, I recommend you do not install TeaTimer at this time. Note: Some respected colleagues have reported no conflicts, or performance issues with TeaTimer. If desired, I recommend you enable it at a later date when it will be easy to determine and isolate any conflicts, should they arise.
    
    
  • Ad-Aware 2008 - Ad-Aware may install, among other things, a program called aawservice.exe, and configure it to run as a "service" that loads at every boot. This occurs even though the free version of Ad-Aware is "on-demand" only; there is no "real-time" scanning feature. You may want to change how the service is configured so that it does not start until you call up the program.
    
    • Go to Control Panel > Administrative Tools > Services
    • Right click on Lavasoft Ad-Aware Service
    • Select Properties
    • From the drop down menu, change "Service type:" to Manual
    • Click Apply, Ok
    Run your scans. When done, to terminate the no longer needed aawservice.exe program, go back into the Control Panel Services applet and stop the service, or reboot your computer. I recommend the latter; complete all your malware scans, then reboot. Rebooting after scans is often a necessary step anyway.
  
  If you don't have a current real-time anti-spyware scanner, get one NOW!. I recommend using one of the following:
  
  
  • Microsoft Windows Defender - free (XP/Vista),
  • AVG Anti-Virus Free Edition 8.0 now includes a capable anti-spyware scanner,
    
    alternatively, upgrading to the paid versions of the following will provide excellent "real-time" protection:
    
    
  • Malwarebytes's Anti-Malware - (real-time scanning provided with paid version only),
    or
  • SUPERAntiSpyware Pro - (real-time scanning provided with Pro (paid) version only),
    or
  • CounterSpy - (real-time scanning provided with Pro version only).
    
    
  WARNING: There are many good anti-spyware alternatives - but there are more malicious fakes! Beware! Ensure any anti-spyware program under consideration is not listed on the Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites before even thinking about downloading. This site is no longer being updated so be sure to read and heed the message in the opening paragraph about current rogue applications.

• Trojans - Trojans are still a threat but fortunately, over the last couple years, the anti-virus, anti-spyware and anti-malware products have become proficient at detecting Trojans. There is no longer a need for dedicated real-time anti-Trojan applications.

• Scan for Viruses and Worms - Assuming you have an anti-virus program, download the latest signature files and perform a thorough scan. If you don't have an anti-virus program, get one NOW!, update the signature file, and perform a thorough scan. There are several excellent antivirus programs to chose from, some free, some not. I recommend you chose one that performs consistently well in tests by the following respected labs:
  
  
  • ICSA Labs
  • virus Bulletin - AV-Test.org
  • AV Comparatives
  
  Be sure to use the "custom" install options when installing these and uncheck any options for extra programs toolbars, or add-ons that you do not want.
  
  I keep one anti-virus program running in "auto-protect" mode at all times, and have another on hand for "on-demand" scanning. Remember to disable the running scanner before scanning with the "on-demand" scanner.
  
  Scan with one, two or all three (in turn) of these free on-line virus scanners as a double or even triple check. Some very malicious malware have been known to disable PC based ant-virus (AV) scanners. These on-line scanners help compensate for that. Temporarily disable your real-time AV scanner first.
  
  
  • Kaspersky Online Scanner - (Items found and not removed will be listed in report.)
    or
  • Trend Micro HouseCall
    or
  • PandaSoft ActiveScan

• Scan for Rootkits - Rootkit is a term originating in the UNIX world to describe a set of "stealthy" tools used to obtain and/or maintain root access. A person with "root" access can do anything. Windows rootkits gain access by exploiting known vulnerabilities on un-patched systems, then use that access to install a "back door" to maintain that access to your system. Use one of the following:
  
  
  • F-Secure Blacklight Rootkit Eliminator
    or
  • Sophos Anti-Rootkit
  
  Reminder: Don't forget to re-enable real-time scanning when manual scanning is complete.

Prevent Re-infestation - Use the above tools to clean your system, and to help prevent future attacks from compromising your system again. In addition to those tools you also need the following:

• Firewall - If you are not using a software based firewall, enable Windows Firewall, or get one of those suggested below NOW! Windows Firewall in XPSP2 (known as Internet Connection Firewall, or ICF, in XPSP1) is a basic firewall that generally works well for most users, once properly setup, and if all users with access to that machine practice safe computing with a disciplined approach. However, the XP version can only block unauthorized incoming access attempts. This means XP's Windows Firewall will not prevent Trojans, keyloggers, and other spyware from "phoning home" with your personal information, should they manage to get past your other defenses, or were on your computer prior setting up your defenses. Vista's Windows Firewall with Advance Security is an able, two-way firewall. However, the default configuration is only set to block inbound connections.
  
  Online Armor, Comodo, Kerio and ZoneAlarm, and others block incoming and outgoing unauthorized access attempts by default, and are good alternatives to Windows Firewall. In any case, do not use more than one software based firewall. In most cases, if you install a 3rd party firewall, Windows Firewall will automatically be disabled.
  
  
  • Online Armor Free - (supports NT/Win2K/XP - no Vista),
  • Comodo Free Firewall + AntiVirus - (supports XP/Vista - choose the "Custom" install option, then ensure options to change your home page and search engine, as well as the option to install SafeSurf are all unchecked - If you choose to install the Comodo AntiVirus too, it can be used as your realtime scanner, or for supplemental manual scanning),
  • Sunbelt Personal Firewall - (formally Kerio Personal Firewall - free version remains after 30-day trial period (supports NT/Win2K/XP - no Vista),
    or
  • ZoneAlarm Firewall - (supports XP/Vista, and is free).
  
  Important Note - Routers and Firewalls: If you have a router you still need a software based firewall on each system on your network. This is true even if it is a network of just one computer. If you are not using a router, you should, especially if you are using broadband (cable or DSL high-speed Internet). Ensure your router uses NAT (Network Address Translation). NAT is a very effective security feature that provides hardware firewall type features. There are several offerings for under $50.00USD. Some offer dial-up support, and some include a print server for network printing. Using a router also allows you to disable printer and Internet connection sharing on your connected computers.
  
  
• Pop-up Blocker - There are several good pop-up blockers, including those found in Internet Explorer 8 and Firefox 3. I recommend you enable them. Many add-in toolbars, such as Google Toolbar and Yahoo Toolbar, also have pop-up blockers. It is fine to also use one of those. However, I caution against using more than two pop-up blockers to avoid conflicts and confusion. The thing to remember is the "self-discipline" portion of Practice Safe Computing from above; if a pop-up gets through, just close the pop-up, do not click on any links.
  
  
• Spam Blocker - Most ISPs offer spam blocking tools and I recommend you enable them. However, NO spam blocker is perfect, so I caution you to remember that. Some spam messages will not be identified, and some legitimate messages will be falsely identified as spam. I recommend you select an option that tags "suspected" spam, and/or moves suspected spam to a spam/quarantine folder, rather than automatically deleting them. For example, my ISP appends (tags) the subject line with "--spam--", which is easy for me, and spam filters, to spot.
  
  In addition to ISP based spam blockers, I recommend a client (on your PC) based spam blocker too. There are many to choose from. I use and strongly recommend MailWasher Pro. There is a bit of a learning curve, but by far, what puts it above and beyond all other spamblockers is that you process all your mail from all your accounts on the servers! That is, BEFORE the email is downloaded on to your system. This is huge, in my opinion. Other spamblockers download the entire email (and attachments!), dumps it on to your machine, and then analyzes it for possible malicious code. To me, that's like asking a stranger to step inside your home, THEN asking him what he wants.
  
  
• Secunia PSI - This free security tool is used to detect missing security updates for all programs installed on your computer, not just those from Microsoft. In most cases, it also provides a "Download Fix" option, taking you to the correct update download site. It reports end-of-life (no longer supported) programs. Secunia PSI is a great complement to Windows Update or Microsoft Update and can be downloaded directly from Secunia. Note: I recommend the "Simple" Interface Mode for all but advanced technical users.
  
  
• Windows Update - The vast majority of users allow Windows Update (or Microsoft Update - for all Microsoft products) to automatically download and install updates and they never have problems. But Microsoft has not been 100% perfect in pushing out quality updates; some have broken machines. Unfortunately, if all automatic, you don't know exactly what is updated, or when. No problems, if all is well. But I suspect if reading this, your are concerned, like me, about what is happening with your computer. Therefore, I recommend the following:
  • Set Windows Update to "Download updates for me, but let me choose when to install them" or "Notify me but don't automatically download or install them"
  • Use "Custom" install option - research the updates that affect you - do not install yet
  • "Listen" for "chatter" here, and other technical sites and forums
  • Check AskWoody.Com for any update issues that may affect you
  • Use the "Custom" install option to install the updates that affect you

I know all of the above is a lot but this is what it takes to get and keep your systems clean, running at full performance, and safe. Fortunately, it gets easier to manage once it is all set up and you become more familiar with the features. I recommend all scanners be scheduled to update, then scan daily - mine run in the middle of the night. It is an important part of Practicing Safe Computing to also set up a routine to regularly scan your system(s) manually.

***************

Comment: Security Suites. Security suites like Norton 360, ZoneAlarm Security Suite, and others, are complete security packages containing a firewall, anti-virus, anti-spyware, spam blocker, pop-up blocker, and more. They are managed through a single user interface (UI) or control panel. Suites are less expensive than separates from several vendors, and with only one UI to learn, easier to use. That makes them attractive to many users. Most importantly, if kept properly updated, they do provide an effective defense strategy.

However, from a strict security standpoint, having a defense strategy supplied by a single source is not the best strategy. It is like putting all your eggs in one basket. With any business, suite makers look for ways to increase efficiency, cut costs and increase production. Any programmer knows that if you can reuse code, you save time and money. Therefore it only follows these makers will reuse code as much as possible in their suites. This has the potential of introducing potential single points of failure for your entire defense. The user interface, update website, scan scheduler, and files databases are 4 specific examples of possible single points of failure; a fault in one may affect several tools, or the entire suite. If the user interface breaks, for example, all your defenses may be compromised or taken down. In the case of the shared files database, the same group of people is deciding which files both the anti-virus application and the anti-spyware application will scan. Is that a problem? I don't know. But I do know from a security standpoint, an "overlapping" defense, with different sets of eyes watching over things, is much better than a single set.

Even the best suites do not excel in all areas. One may have a superior firewall, but only a fair anti-virus. Another suite may have a great anti-virus, but a weak anti-spyware. If you "roll your own" suite, you can build a superior suite consisting of the best tools in every category that meet the demands for your computing habits.

With that in mind, many of my colleagues have created similar guides for keeping our systems clean and safe. I encourage you to read them all. You will find as many different approaches and tools as there are experts writing about them. That's good as they may suggest a different tool you might include in your arsenal instead of, or in addition to those suggested here.

You will also find they all focus on, directly, or implied, the one key element to computer security... You! You can have the best firewall and anti-malware tools, but if you don't maintain a strict discipline when it comes to "Practicing Safe Computing" (see Item 1 above) it's like running a red light at a busy intersection.


***************

Referrals: If you were referred to this post as part of the resolution process being worked in another thread, when done with the above scans, please post a status update in the original thread.

***************

DISCLAIMER: Please note this was compiled by me and should in no way be construed as policy of this site, nor is this site responsible for any outcome that may come about by following it. Although many users have successfully used this guide, I cannot guarantee success, nor can I promise any outcome. That said, I have personally used all these products on many computers to prevent infestation, and to rid systems of all malware, and without incident. I anticipate you will have no problems if you follow the stated precautions.

***************

Edit History
5-16-09 - Updated Comodo recommendation - Digerati
4-8-09 - Updated for IE8 and FF3 - Digerati
3-4-09 - Edited ATF Cleaner note, Vista is supported (see here) - Digerati
2-13-09 - Added note about ATF Cleaner being for XP/Win2K only (see here), minor formatting edits - Digerati
12-02-08 - Added section for Secunia PSI, updated anti-rootkit section with F-Secure and Sophos scanners, minor edits - Digerati
11-26-08 - Added missing acceptible special characters in password sections - Digerati
11-25-08 - Added section on Limited User Accounts and password managment - Digerati
11-25-08 - Minor edits - Digerati
11-24-08 - Minor formatting edits - Digerati
11-23-08 - Updated AV section with testing labs - Digerati
10-7-08 - V2 new draft changed focus to proactive prevention of malware infestation from reactive, after-the-fact cleaning of malware - Digerati

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

In order to allow comments or questions concerning Cleaning Out Malware, this reply was added to re-open thread previously closed due to 30 days of inactivity.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

Thanks for all your effort in the above post Digerati!

One question I have regarding Spybot S&D is why you suggest not installing the Tea Timer function?

From using this I know it can be annoying and blocks items like "Double Click" and "Avenue A" which I presume are basically benign but was just wondering if there was more to it than the annoyance.

TeaTimer is a real-time (also known as in-resident, in-memory, active scanning, et al) monitoring tool and so in keeping with the general concept of Important Note 3 above, to minimize conflicts caused by 2 or more like programs keeping watch over the same files or resources, I recommend using only one real-time monitoring tool of each category (AS, AV, FW, etc) at the same time. I also note there have been more than just a couple reports of TeaTimer causing system lockups, excessive CPU utilization, and other problems/conflicts. Since the other anti-spyware tools are also effective at removing such threats and monitoring the same critical systems, if nothing else, freeing system resources (RAM and CPU cycles) can be achieved without sacrificing security by not running TeaTimer.

Certainly, if you are not experiencing such problems, and do not find the frequent pop-ups overly annoying, then I see no harm from using it. However, I would still recommend disabling it when doing manual scans with other scanning tools.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

OK: I see. Thanks again!

No problem. I have edited original post to reflect reason.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

Added section on using Disk Cleanup to purge system of unnecessary files and old System Restore points.

NOTE TO ALL - Forum settings causes this (and all) threads to close if inactive for a month. Since this is a "living" document, I welcome comments and suggestions. If you would like to add a comment specific to this Cleaning Out Malware topic, and the thread is closed, please PM me. For comments on all other topics, please open a new thread for open discussion.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

Sadly, Grisoft decided to integrate their excellent anti-rootkit program into the new AVG 8.0, which is a commercial (not free) product. I have updated the canned text to reflect a new location to download the free version.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

I just added two new programs to my canned text, Online Armor firewall, and Malwarebytes' Anti-Malware. Both have often been highly recommended by many of my trusted colleagues here at D-A-L and should have been included earlier.

You only need one firewall, and after using ZoneAlarm for years, I now use, and am happy with Comodo. I also use Windows Firewall on two other machines and am happy with that too. However, I have tried, tested, and have no problem recommending Online Armor, or the previously listed Kerio.

I have added the free version of Malwarebytes' Anti-Malware (MBAM) to my own arsenal and use that for supplemental scanning. Should I become unhappy with my paid version of SUPERAntiSpyware, MBAM will most likely be my next choice.

__________________
Bill (AFE7Ret)
Freedom is NOT Free!

Heat is the bane of all electronics!
─────────────────────

Please help us serve you.

I was just looking at the website for Comodo, and the free version says it includes anti-rooting and anti-virus protection as well. Since you don't mention this in the article, does that mean that these services aren't as good as the other programs (AVG, for example) when it comes to free solutions, or is it just a new service that hasn't been updated yet?

Thanks for the advice!