Enough Already: Stop Malware, Spyware, and Trojans

By  |  Thursday, April 23, 2009 at 3:51 pm

Steve Bass's TechBiteThey’re out to get you: Sleaze balls writing devious, sneaky programs that load you system with junk. I’ll show you a few quick ways to protect yourself from Windows Trojans that want your credit card number, malware that slows your system, and spyware that tracks your keystrokes.

Over the years I’ve played with at least 3 million security programs–Norton, McAfee (the program that AOL uses), Kaspersky, Spyware Doctor, Vipre, Avast, AVG, and Trend, to name just a few. They all give adequate protection. (I know, I didn’t mention your favorite. Get over it.) While all these tools do the job, there are differences: For instance, I think Spyware Doctor reports too many false positives and AVG, a former favorite, gets bigger with each iteration.

If you’re comfortable with your existing protection program, and confident it’s protecting you, (read: you haven’t been infected recently), stick with it.

However, I often get e-mails asking if it’s a good idea to switch products.

First answer: If you have a big-name tool, like Norton or McAfee, and want to switch because something nasty got on your system, the problem isn’t the program. You either haven’t configured it properly or, more likely, the tool isn’t updating itself regularly. You need to get on the stick, look over the program’s options, and make it work right. I can’t do it for you; if you don’t know how to it yourself, get someone to help you.

Second answer: If you want to switch because the program you’re using is up for renewal and it costs too much, try AVG or Avast. They’re both free and I recommend both.

The important thing is that you stick with a brand-name product, one that I recommend, or one that you see in a Cnet, PC Magazine, Maximum PC (a very nice magazine), or PC World review. There’s a critical reason why.

Many malicious malware tools masquerade as legitimate-looking programs. Sunbelt’s blog cites almost daily occurrences of newly hatched phony-baloney security programs, such as Extra Antivirus, SysAntivirus 2009, and Win Defender 2009. What a laugh–you get the privilege of paying for a product that harms your system. (These links are to screen captures, not the programs.)

It looks real, I know, but this is disguised malware.

BTW, you may feel confused about what you need. In the past, I used separate programs — one for virus protection and another to guard against spyware. That era is over as most products cover the whole attack spectrum in one product. For instance, Sunbelt’s Vipre is a favorite, with both antivirus and anti-spyware capabilities; it’s $30, with a 15-day free trial. I’m currently using Kaspersky’s Internet Security 2009, which acts as my firewall, antivirus, and anti-spyware program. It’s expensive, though, at $80, though it has a 30-day free trial.

If you’re wondering about firewalls, I don’t think most users need a stand-alone firewall and can do just as well with the one built into XP or Vista. (I know I’ll get flack about this from the technoids in the audience.) I gave up on a separate firewall when Zone Alarm experienced a conflict with a Windows update and I experienced a day of grief; if you do feel the need, Comodo’s free firewall is a good one.

Blockade, Barricade, and Fortify

I use four programs in addition to Kaspersky for an extra layer of protection. One flags dangerous sites and the other two block sites that try drive-by malware attacks. Two of them are free, the other costs $30, but does double duty.

While surfing, I use WOT, the Web of Trust, an free add-on for Firefox and Internet Explorer. WOT analyzes every site I visit. Its icon changes colors based on the levels I’ve set for trustworthiness, vendor reliability privacy, and child safety. The icon appears next to every link listed in a Google search, too.

An alternative is McAfee’s SiteAdvisor, the other freebie. It also screens sites, but it’s not as smart, or unobtrusive, as WOT. SiteAdvisor resides as toolbar in IE and appears in the lower-right corner of a Firefox window. Its alert is a large pop-up. Click for more info, and instead of a new tab, it opens a new browser session. Dumb. It’s also troubling that SiteAdvisor gave a green okay to the Extra Antivirus site, a known danger; WOT blocked the site.

WOT and McAfee’s SiteAdvisor in action.

Screening and advice is valuable, but I want more. The next two programs don’t let me near sites it knows are dangerous.

Ad Muncher started out as an ad blocker, the most effective (and simple-to-use) one I’ve ever used. In the last year, its branched out and added filters to block spyware, adware, and dialer installer sites. I love seeing the “Blocked by Ad Muncher” text on screen. By the way, the program has other features, such as an anonymous proxy server to disguise yourself while surfing. Granted it costs money ($30, with a 30-day trial), but it blocks most banner, Flash, floating, and text ads. It’s better than the freebie built into Firefox and runs circles around the others I wrote about in PC World. Try it and I’ll think you’ll be surprised how much better surfing is without ads.

Few people know about SpywareBlaster and it’s essential you get it. It’s free, updated regularly, and automatically blocks over 10,000 malware sites and tracking cookies while you’re browsing. Unlike an antivirus tool, it doesn’t actively run while you’re surfing. Instead, it adds URLs to your browser’s Restricted Zone, effectively stopping you from getting to the sites.

Zap those nasty ActiveX programs with Spywareblaster before they land on your PC.

Now it’s time for you to get with the program, download WOT, SpywareBlaster, and the trial of Ad Muncher, and get some extra protection.

Permanently Delete Norton and McAfee

If you’re switching to another antivirus program, you have to remove the old one. The problem is that to remove either Norton of McAfee, you need a blowtorch (I hear C-4 plastic explosives is also needed on Norton’s Live Update). [Private note to Brendon: I know, I never let up.]

Try AppRemover, a free tool that’s designed to find and rip out every last portion of your security applications. It removes other antivirus programs as well.

If that doesn’t work, try the Norton Removal Tool (also known as the AutoFix Tool). It effectively yanks out every shred of–get ready–every Norton product on your PC (from versions 2003 through 2009). That’s right, it’s dopey, and you’re stuck reinstalling the specific Norton tools you want to keep. And for McAfee, I suggest you watch its Flash tutorial for a sense of how to use their removal tool.

[This post is excerpted from Steve’s TechBite newsletter. If you liked it, head here to sign up–it’s delivered on Wednesdays to your inbox, and it’s free.]

 
7 Comments


Read more: ,

7 Comments For This Post

  1. David Worthington Says:

    I use Eset Nod32 on my Windows machine, and highly recommend it.

  2. Deb Says:

    I am using NIS 2009 and recently got hit with a USB drive virus (Sality.AE). All settings were just fine and my system remains current to the dot.
    What i am getting to is; at times some of these security solutions do miss somethings. Also, i ran a webroot Spysweeper scan later and found something that Norton was unable to catch.

    Now i do not know what to use! Any ideas Steve or anyone else?

  3. Deborah S Says:

    Thank you, Steve, for recommending WOT to your readers. You can’t be too protected these days with all the fake anti-malware out there. Fraudulent scareware has become more prevalent, especially since the financial crisis started, and WOT can warn people before they click on a risky site. We even made a short video about fake anti-malware. You can find it on WOT’s YouTube channel.

    Safe surfing,
    Deborah
    Web of Trust

  4. Jason Says:

    I have been in IT for 15 years, fixed thousands of computers (yes, thousands) mostly for spyware and the like. I personally don’t use a 3rd party firewall as I feel WinXP has a good enough one built in, and for the uneducated to see a warning “hpldrv32.dll is trying to access the Internet, would you like to allow it” chances are they will say yes because they don’t know and thus defeating the purpose of a Zonealarm.

    I haven’t recommended McAfee since 2000, and Stopped recommending Norton after 2004 came out as both of those products I have felt just became more and more bloat, and with people buying the bottom of the barrel PC’s with 512MB of ram, you add NIS and your system is going to die terribly. I agree with the author that AVG is becomming too big for it’s britches lately. Kaspersky and Trend Micro are two of my favorites because they are light weight, and don’t slow down the PC. I may try the new Norton’s as I think their AV products have come full circle and went back to being lightweight (gamer edition and endpoint protection)

    Siteadvisor is what I have been putting on less experienced user’s computers lately, and will certainly check out WOT too.

  5. Deborah S Says:

    Jason,
    Since you have probably seen the results of every kind of malware and scam in your work, I would love to hear your opinion about WOT. We try hard to be accurate and responsive so that our users, less experienced or otherwise, feel confident when browsing or shopping on the Web.

    Safe surfing,
    Deborah
    Web of Trust

  6. berny14willy Says:

    I got Cyberdefender, and it worked great as a free scanner with spyware and trojan removal. If it finds a virus, you need the upgrade, which I got since I liked the speed and user interface of the scanner. The Cyberdefender anti-virus works great, and the paid version I got also came with 24/7 computer help line with my wife found helpful while I was away. I found out Cyberdefender is a NASDAQ company and they have a great product.

  7. Ellie Hughes Says:

    I always prefer to use Kasperky over Avast or McAfee. Kaspersky is much better in detecting new viruses and it does not consume too much resources on your dektop PC.’.-