About a year ago I had pretty time-consuming battle with spyware, and from the spyware, viruses. I don’t know if the version of Symantec AV was out of date or what (the updates still kept coming in, but so did the infections). And AdAware just wasn’t cutting it with the free edition. I’ll admit it: I’m cheap. I don’t like having to pay for software. Personally, I’d just use Linux + Firefox, or even settle for Windows + Firefox, but most people that I help are still attached to their IE because of web developer stupidity/laziness.
But I think I found a combination of software that seems to knock out infections for good, at least in 95% of the cases. Some users still manage to get some nasty stuff installed, but that tends to be pretty rare now. The first part is to uninstall all that other overpriced antivirus software. Get it all off of there. As far as I’m concerned, it’s crap compared to AVG, so you might as well get rid of it. AVG is faster, simpler, and free (to residential users). I’ve even had AVG catch and clean up stuff that Symantec and TrendMicro either missed or couldn’t seem to get rid of. AVG still has it’s occasional struggle, but that can usually be remedied by running it’s scan in safe mode once. My only suggestion is to turn off the annoying email signatures that “certify” your mail as being virus-free. It’s seems rather odd to me that a company would do this generate a mental response of “I can trust this message: It’s already been scanned!”, especially when all a virus needs to do is emulate the same signature to gain that same sense of trust in the recipient. Besides that, it’s just more cruft to parse through when reading an email thread.
So that pretty much takes care of all the viruses, and even some spyware, but we still haven’t knocked out the majority of it. I’d say most infections nowdays end up being spyware-related anyhow. As I said, I had been using AdAware, but the free product is insufficient for ongoing spyware control. I also tried Spyware Doctor, but that kinda had similar results, and also was handicapped freeware. I’d been impressed with Spybot S&D, but was finding that the definitions were quickly getting outdated and the machines would eventually get infected again.
Really, I loved Spybot, but I needed something that automatically updated and re-immunized the system on a somewhat regular basis. I did some research and found a command line that seems to do the trick. I now run that everytime the user logs in. Ever since, those machines have stayed spyware-free. I put the command line into a registry file that you can put on your own system: Spybot Search and Destroy AutoUpdate / AutoImmunize. Just download and run the .reg file to update your current installation (I’d suggest Spybot S&D 1.4 or higher) to keep itself up-to-date.