1. Malwarebyte's Anti-Malware: run in Safe Mode (see above; for a few malware versions this may have to be renamed before installing; cnet displays tempting banner ads so look for the link that says "Download Now")
2. Home:
   • Avira (free for home use, many popup ads)
   • Also Comodo (free for home or business), Avast (free for home; tips on removing Win32:Evo-gen); Nod32 is quite good($); AVG's auditing is not so good
   • Disabling Win10 data collection & telemetry
   • Microsoft Security Essentials no longer recommended as primary AV.
3. Business (Win Pro and Enterprise):
   • Antivirus: Eset Endpoint
   • Email: Microsoft Office 365 for certified secure email
   • Router/Firewall: Cisco RV
   • Managed Switches: Netgear Business
4. Unchecky: uncheckmarks possibly undesirable programs from installing
5. Windows Firewall Control: monitor what programs are using the Internet (not a Microsoft product)
6. RiseUp: email, VPN, chat, and document collaborating services
7. ComboFix: run in Safe Mode (start pressing F8 a few times before Windows boots; may have to be renamed for certain viruses)
8. Adware Cleaner: removes browser toolbars
9. Microsoft Fix It: force program uninstallers to work
   • In the Filter Solutions search box type: uninstall
   • Select the option that says: Fix problems with programs that can't be installed or uninstalled
10. Antivirus comparisons (chart)
11. Your browser should warn you about a revoked certificate when you visit this site: revoked.grc.com
12. If you're paying for a yearly subscription: don't upgrade until a week before the antivirus ends.
13. PhotoRec: recover deleted files from USB drives or hard drives (also: Recuva)
14. Fix “DNS server not responding” errors
15. Backup Review: hard drives, online, & cloud

• Ongoing attacks
• Crypto ransomware on “msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, nfl.com, realtor.com, theweathernetwork.com, thehill.com, and newsweek.com. Affected networks included those owned by Google, AppNexis, AOL, and Rubicon” also “answers.com, zerohedge.com, and infolinks.com” (more here)
• Trojanized PuTTY software
• Ransomware (encrypts files, forcing purchase of password) Preventers:
  • Jigsaw
  • Handle Monitor
• Cisco, Linksys, & Netgear backdoored routers ()list of routers)
• Social and technical engineering of Amazon, Gmail, Apple, and Twitter; accounts accessed and data erased, brief case study
• Fake “System Restore” virus: Removal Instructions
• Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon); fix: Kaspersky's anti-rootkit
• Ransomware is back, analysis of ransomware (Vundo, GpCode)
• Linux trojan: Turla
• Many viruses target Adobe Reader, instead try:
  • Evince: a free and open source PDF reader
  • Foxit Reader
• Apple: disable Safari & Spotlight spying
• Privacy:
  • Permanent cell phone user identifiers are already available, but don't worry, more are coming
  • Verizon cell phone tracking; opting out does little
• MyDoom
  • Symantec's fix
• Check for:
  • Bad self-signed root certificates:
    • Dell laptops (Inspiron, Latitude, Precision, and XPS checker)
    • Superfish: Superfish (Lenovo and others); removal instructions from Lenovo (list of infected Lenovo computers)
  • Cornficker, Downadup, Kido (botnet):
    • Quick eye-chart: to see if you have Cornficker
    • Bitdefender's fix
    • F-Secure's fix
• Virus Heat:
  • Removal instructions
  • also: Remove puresafetyhere: annoying taskbar icon
• Botnets - how they work
  • Invasion of the Computer Snatchers
• Windows .WMF - Image viewing (trojan, worm):
  • Affects .WMF and .JPG and potentially other media files; infection occurs from just viewing web sites or opening emails; affects computers running Windows. (SANS.org story, Washington Post)
  • Fix 1: Ilfak Guilfanov's unofficial patch
    • wmffix_hexblog13.exe - Windows MetaFile (WMF) fix for Windows 2000, XP 32-bit, XP 64-bit, and Windows Server 2003
    • more at Hex blog and ISC.SANS.org
  • Fix 2:   Start   Run   regsvr32 /u shimgvw.dll
  • This fix unregisters the shimgvw.dll, which is used to view .WMF and sometimes other graphic images. Some applications may re-register shimgvw.dll; to avoid this shimgvw.dll would have to be renamed with XP File Protection turned off.
  • If the fix causes too many problems, particularly with image viewing programs and thumbnails, this will undo the fix:
    • Start   Run   regsvr32 shimgvw.dll
    • Note: undoing the fix is not recommended for Windows machines used to access the internet
• DRM Virus
  • Notes on the removal difficulty
• Zotob
  • Symantec's removal tool
  • Internet Storm Center's Handler's diary
• About:Blank
  • About Buster
  • Instructions for Removal
  • RegLite - Registry editor (freeware)
• JPG Vulnerability
  • GDI Scan - freeware to scan for vulnerable DLLs
• Korgo
  • Symantec: advisory, removal tool
  • Microsoft: KB835732 Security Update
• Sasser
  • Microsoft: info on Sasser, patches
  • Symantec: Sasser removal tool

Expert (disable antivirus, malware checkers, consider booting into safe mode):

1. Rootkits:
   1. TDSSKiller
   2. RKill
   3. Malwarebytes Anti-Rootkit
   4. GMER
   5. Rogue Killer (32 & 64 bit versions)
2. Malware:
   1. Malwarebytes Anti-Malware
   2. Microsoft Safety Scanner - weekly download for Vista and Win 7 (32 & 64)
   3. Hitman Pro - malware & virus finder (32 & 64)
   4. Emsisoft Emergency Kit
   5. Super Antispyware
3. Utilities:
   1. Combofix
   2. Security Check
   3. Microsoft Security Essentials (Vista & Win 7; 32 & 64)
4. Adware:
   1. AdwCleaner
   2. CCleaner
   3. Junkware Removal Tool
5. Info:
   1. HijackThis - see what programs are running in the background
   2. Farbar recovery scan tool
6. Trojans:
   1. Unhide - unhides files and folders hidden by some trojans (e.g. trojan.FakeHDD pretends to be anti-spyware)
7. Antivirus (free versions roughly ordered by good, fast, and easy) as of 2015-01-03:
   1. Avira
   2. Bit Defender
   3. Avast
   4. AVG
   5. Sophos virus removal tool (does not run all the time)
   6. for more thorough comparisons, see: AV-Test, AV Comparatives; and links in the upper-right

Other pretty good programs to run on a regular basis:
(Note: The following are not a substitute for a virus checker.)

1. Spyware Blaster & Spyware Guard - spyware blocker & real-time monitor
• Blaster inoculates Internet Explorer, Guard prevents installation of spyware
2. Hijack This - check for hijackers
   • Checks for programs that change your browser's homepage, and other nuisances
   • Log file analyzers (you can copy and paste your HijackThis log into one of the following):
     • HijackThis.de
     • I Am Not a Geek
3. Cassandra: checks your software for security updates, including Secunia
4. ComboFix
   • Directions
   • Download
   • Log analyzers
5. Stinger (McAfee) - check for viruses
   • check for the 40 or so most popular/recent viruses
6. USB stick tester: check flash drive for errors
7. Malware tips: pretty good instructions on removing problem programs
8. KillBox: terminate and delete any running process and it's file
9. MS Defender spyware/adware blocker
10. Super AntiSpyware (?)
11. Spybot Search & Destroy - check for spyware
    • Homepage
    • After installing, click the "Search for updates" button to get the latest update
    • (not to be confused with the similarly named worm)
12. How to disable Windows 8 smartscreen: reports your program installations

iOS6

• Cut down on targeted ads:
  1. visit: oo.apple.com
  2. select: OFF
  3. click: Opt Out
• Cut down on some ad tracking:
  1. go to: Settings
  2. click: General
  3. click: About
  4. scroll down and click: Advertising
  5. choose: On (limit ad tracking)
• Reduce monitoring of your location:
  1. go to: Settings
  2. click: Privacy
  3. click: Location Services
  4. select: OFF
  5. note: this can interfere with GPS and other apps, use at your own discretion

Spyware Checkers, Hijackers, Parasites, Anti-Spyware, Adware, & Malware

• Software:
  1. Spyware Blaster
  2. WinPatrol - anti-hijacker
  3. Ad Aware (Lavasoft) - check for adware
     • After installing, click on the Globe/magnifying-glass icon in the upper-right, to get the latest web update
  4. Bazooka - adware and spyware scanner
     • walks you through manual removal of problem programs
  5. BHO Demon - checks your IE for Browser Helper Objects
  6. RK Detector - root kit detector
  7. Trinity Rescue Kit: Linux boot disk, to check Windows for problems
  8. AIM Fix - virus removal tool for AIM
  9. CCleaner: deletes temporary files and unused registry entries
• Disabling:
  • AutoRun - CD AutoRun in Windows
  • Macromedia Flash privacy tracking
• Documents and tips:
  1. Microsoft tech's advice if you get hacked?
     • “The only way to clean a compromised system is to flatten and rebuild. That's right. If you have a system that has been completely compromised [rootkit or similar], the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).”
  2. DSL Reports' spyware tips, Security discussion
  3. Enable privacy option by default in IE8
  4. Expert's Exchange anti-malware list
  5. Doxdesk's parasite removal tips
  6. Counter Exploitation - info, tips, and hints; adware section
  7. Browser Hijackers Ruin Lives - Wired article
  8. Evidence For The Microsoft WinXP Pro Bugging Device
  9. See a comparison chart of how much various antivirus and anti-spyware programs slow down your computer.

Spyware Lists and Tools:

1. SpyChecker.com
2. Spyware Warrior: testing & comparison guide
3. GlobalNet
4. Steve Gibson's Shields Up and Spyware checker
   • Be sure to check: File Sharing, Common Ports, and All Service Ports
5. Trapware's Who's Watching Me?
6. Pest Patrol
7. CW SHredder

Adware & Anti-Adware, Malware

1. Ad Muncher - ad and popup blocker
2. Scumware.com

• PracticallyNetworked.com
• Firewalls:
  • Expert:
    1. Kerio Personal Firewall version 2.1.5 (AKA TPF) with BZ's rule set
       • FAQ
  • Novice:
    1. Zone Alarm
    2. My-etrust (free for 1 year?)
    3. SmoothWall.org
    4. Sygate personal firewall, (download sites)