If you read this article: http://www.cio.com/archive/031505/security.html

You'd think the sky was falling.

I understand that there's a certain amount of Fear, Uncertainty, and Doubt (FUD) that is required to mobilize people to ensure security, but if you look at where the US is post 9/11 it ain't happening.

Realist Calling Designer of Cellular Communication (aka Professor Hannu H. Kari), the Net will survive well past 2006.

Doofus.

"You're the dumbest smart person I've ever met." - Will Smith, iRobot

 

 

Try this out...

I wrote the guide to assist friends when they had a bad infection and I
wrote it as a "throw the whole kitchen including the sink approach" to
correcting any generic malware or spyware infection. So, there are less
invasive ways to clean up your machine that is specific to whatever you're
infected with.

Remember with an infection, you've already let the burglar into the house
and re-enabling your home security system afterwards--you need to disinfect
whatever is a foothold in your system. Hopefully, this guide will get you back up and computing again without having to reinstall your whole system and praying that you have all of the backups.

1)    Download the following items...         

Microsoft Malicious Software Removal Tool    http://www.microsoft.com/security/malwareremove/default.mspx

McAfee Stinger         http://vil.nai.com/vil/stinger/         

Trend Sysclean Package         http://www.trendmicro.com/download/dcs.asp         

Latest Trend Pattern File.         http://www.trendmicro.com/download/pattern.asp         

Adaware SE (free personal version v1.05)         http://www.lavasoftusa.com/         

Spybot         http://www.safer-networking.org/                                                     

Microsoft AntiSpyware (Beta)        http://www.microsoft.com/athome/security/spyware/software/default.mspx  

Create a directory.

On drive "C:\"

(e.g., "c:\New Folder") or the desktop

(e.g., "C:\Documents and Settings\YOYO\Desktop\New Folder") 

Download Sysclean.com and place it in that directory.

Download the Trend Pattern File by obtaining the ZIP file. 

Extract the contents of the ZIP file and place the contents in the same directory assysclean.com. 

2)     Update all of the software listed above with their latest definitions.

3) Dump the contents of your IE cache

Start --> settings --> control panel --> Internet options --> delete files 

AND

Dump the contents of your Sun Java cache

Start --> settings --> control panel --> Java plug-in --> cache --> clear  

4)     If you are using WinME or WinXP, disable System Restore        http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm

5)     Reboot your PC into Safe Mode and shutdown as many applications as possible

Why Safe Mode?

In a nutshell, SafeMode loads the bare minimum in terms of services and background programs to get Windows started. This includes not loading extraneous drivers for your graphics card and other devices, as well as Spyware, malware, and all of those nasty critters that have hit your system.

SafeMode is also a valuable tool when it comes to eradicating malware- particularly worms- from your computer system. Often, even if you update your antivirus software to detect the latest threat it can't do anything to remove worms that are running in memory. Rebooting your computer won't help because the worm will generally already have loaded itself in memory before you can do anything about it. If you boot into SafeMode though the file that starts the worm will not be allowed to start and you can then run your antivirus software scan to detect and remove the malicious files.

So, how do you get to this magical SafeMode? Well, the "standard" way is to press the F8 key on your keyboard when Windows starts loading.

6)     Using all of the tools listed above, perform a Full Scan of your platform and clean/delete any infectors/parasites found.  This may take a little while.

7)     Restart your PC and perform a "final" Full Scan of your platform using all of the utilities listed above.

8)     If you are using WinME or WinXP, Re-enable System Restore and re-apply any        System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),

9)       Reboot your PC

10)     If you are using WinME or WinXP, create a new Restore point  

11)     Good House Keeping

Run WindowsUpdate  http://windowsupdate.microsoft.com (for both the OS and Office)

Enable Windows AutomaticUpdates

12)  Additional Diagnostics 

*This is only required if the system appears to still be infected and requires more investigation.

Diagnostic Tool HiJackThis: http://www.tomcoyote.org/hjt/ 

Users Guide: http://www.iamnotageek.com/a/401-p1.php

Let me know if guide helped you.

We are in the infancy of the AntiSpyware industry. 

Similar to the early and mid-90's with AntiVirus technologies, we started at half-functional toolkits, then standalone A/V, and then centrally managed, Enterprise-ready A/V solutions. 

This will be the same for AntiSpyware (A/S). 

The approach I have taken is use a cocktail of several of the leading A/S solutions (2-3) and in a year or two, will settle on one, Enterprise-class, centrally managed A/S Solution that can be centrally updated and that has standalone update capabilties.  For the Enterprise, it is critical to be able to manage malware protection, but to also provide the end-user the ability to update their own system.  I believe the end-user should be given the right to participate in ensuring their own security.

Check this out:http://spywarewarrior.com/asw-test-guide.htm and you'll see why Microsoft acquired Giant.

The Sunbelt issue (fighting with MS/Giant on IP rights to the Giant software) would make me stay away from Sunbelt (MS will eat them up or beat them up). There are 2 excellent freeware A/S solutions that can be used freely by home users--Ad-Aware Personal & Spybot--and 1 freeware solution available for Enterprises--Spybot.

I suggest in the meanwhile as the A/S vendors mature, use what's available and augment with several other solutions.

UPDATE: I've added a HOWTO: Clean up malware/spyware infection 101 Guide