Viruses and spyware have spooked computers for decades.  But, which one is worse?  And can either one be prevented, 100%?

Viruses are the more obvious of the two.  If your anti-virus software is working, it will automatically pop up with a warning message of the virus.  However, if your anti-virus software is not up to date, it will quarantine the virus.  In the worse case, your anti-virus software will not pick up the rogue virus and your system could:

• get slow
• turn off unexpectedly
• e-mail the virus to other network computers and contacts
• incapacitate programs and functionality
• crash the computer

Spyware is typically in stealth mode while it infects the PC, then it will pop-up with a message, usually on the lower right, providing warnings of your infection.  Spyware is a little bit nastier than viruses since anti-spyware software is not typically updated to resolve the rapidly new instances of spyware that are released daily.  Plus, most users forget to protect their PCs from spyware, thinking that their anti-virus software will protect against everything.  Spyware has multiple effects such as:

• learning website navigation habits and spamming accordingly
• slowing down the PC
• providing fake spyware software for a fee

You should contact a local NYC spyware specialist or NYC virus technician if you don’t feel comfortable removing your own PC infections.

Viruses come in all forms and sizes.  Now, you may be infected simply by clicking on a link from a friend via Facebook or Twitter.   The social networks are now breeding all forms of virus infections. 

The virus will come from a friend or co-worker, and will be in the form of an advertisement or question.  “Are you in this picture” and special gift card invitations have stolen many people’s accounts.  The hacker will guess somebody’s password, send out a link to friends, and if the friends fall for it, the perpetrator looks to profit from referral fees in sending folks to marketing sites.  Your computer, in turn, could turn into a slow, infected machine that cannot get on the Internet any longer.

This is very sketchy.  For those who are looking to network or have been on Twitter or Facebook, you can prevent the hacker virus be performing the following security steps:

• Change your password to 8 digits with 1 Capital, 1 number, and 1 lower-case number.
• Make sure to only befriend those who you know.
• Do not click on suspicious links.

Please follow the above steps and make sure you have updated anti-virus software.  Then, you’ll be secure against the hacker virus.

For a while, we recommended AVG Anti-virus for a good free anti-virus software.  Now, AVG has been trumped from our recommendation due to the new Microsoft Security Essentials.  AVG is still a great software to use, especially since it is free, but the Microsoft Security Essentials has an added anti-spyware component and can be configured to scan whenever you’d like.  The free AVG software can only be scanned daily. 

Plus, AVG does not have real-time protection whereas Microsoft’s program does.  The real-time protection aspect is a huge necessity due to the quickly infecting viruses that are out there.  This means that if your PC gets infected by a virus, it will only be removed during a system virus scan.  By the time your computer gets scanned, so much time could go by where the virus may replicate and cause your PC to crash.  The Security Essentials version has the real-time protection so it will remove viruses on the fly without needing a full scan for removal.

The best part about the Security Essentials is that it is lightning-fast to install as well as update.  It does not take up much space on the computer, and doesn’t bog down resources.  We recommend to install this new, free anti-virus software for a reliable security solution.

Having an up-to-date anti-virus program on your computer is essential to stopping the latest viruses.  What if you have more than one anti-virus program?  Will that provide even better protection against spyware and viruses?

No, you should only have one anti-virus program.  Two real-time anti-virus protection programs will bump heads, leading to conflict and an overall slow down of your computer.  One anti-virus program is more than enough protection for your computer and already uses plenty of system resources that slows down the system the way it is.  On the other hand, you can have an additional anti-virus scanner on your PC; however, that will just about have the same function as the other scanner on your computer that comes with your anti-virus software making this scanner repetitive. 

Good anti-virus software packages are: Trend Micro and Symantec Norton Anti-virus software.  Remember to install anti-virus software before you have a virus as installing it during a virus attack will not help.

The Windows Police Pro virus has quickly infected many Windows computers.  Our security experts have removed over hundreds of computers so far that have been infected by this malicious virus.  There are already several variants of this virus which sometimes may necessitate a different resolution.  However, for the most part, the same steps are needed to stop this virus.

Here is a how-to instructional guide to remove the Police Pro virus:

First, you’ll the need the following Toolkit available for the removal process:

• GMER
• ComboFix
• SDFix
• Malwarebytes
• AVG AntiVirus
• Dr. Web
• EXE File Association Fix
• Spybot Search & Destroy
• UBCD4Win
• Windows Operating System CD

Don’t even bother trying to start up in safe mode.  This virus, and other recent viruses, have been getting into the drivers and registry and crippling any attempt to boot up in safe mode.

1.  As soon as the machine boots, open the Task Manager and kill these processes immediately:

• svchast
• Police Pro (or WinAntivirus 2009/10)
• desote 

The desote processes are a little tricky.  There will be many of them and they will keep regenerating.  Just keep killing them.  They will stop regenerating after a point.  Just be patient with it.

2.  Then bring up MSCONFIG.  In the Startup tab, uncheck any blank lines, Police Pro, Win Antivirus, desote, or anything else suspicious. 

3.  Then, in the Services tab, uncheck AntipyPro service.  And apply the settings.  Don’t restart the machine yet.

4.  From your DVD or flash drive with your toolkit on it, install Malwarebytes.  Just do the main install.  Don’t connect to the internet yet or do any updates.  Run a Quick Scan.  (Don’t restart once done)

5.  Also install SDFix. But don’t run it yet.

6.  If you are getting error messages about not being able to open a program, or do an install, use the EXE File Association Fix.

7.  In the SDFix folder on the C: drive that you just installed, there is a fix file for WinXp SP3 Safe Boot. (Fixes for other OS versions are there too). Run that.

8.  Now you can restart the computer into Safe Mode.

9.  Once in Safe Mode, run Dr. Web.  While that is running, open up Regedit. 

10.  There are a couple of ways to proceed from here.  We like to manually comb through the likely trouble spots in the registry.  You can also get away with just doing a search for each item (desote, Police, antivirus, antipypro, etc.)
Probable bad stuff is located in these areas:
HKLM\Software\
HKLM\Software\Microsoft
HKLM\Software\Microsoft\SharedTools\msconfig\
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon   (UserInit string should have nothing after the comma)
HKLM\System\CurrentControlSet\Enum
HKU\(user id)\Software

11.  After you finish with Regedit, open Explorer and delete all of the Temp files. Delete any instances of Police Pro in the Program Files.  Delete any instances in Application Data, Local Settings, and All Users>Application Data

12.  Run GMER.  Do a full scan.  If it finds rootkits or other  malware entries you haven’t gotten rid of yet, try and disable or delete them.  If it finds super hidden items that are something like __++max>15as98r2iuh.sys  then you need to reboot into UBCD4win and find the hidden entries in Windows>System32  and Windows>System32>Drivers.  The easiest way to spot them is to arrange the view into Details organized by the most recent files being at the top.  Be careful you don’t delete anything necessary to the system.

13.  Reboot into Normal mode, or Safe boot with Networking and update Malwarebytes.  Also install Spybot and run the updates for it.  Then run the programs one at a time, scanning everything. 

14.  Once that’s done, open GMER and see if there are still any hidden rootkits that you have missed.  Also make sure the system, networking, and antivirus software are all functioning properly.  If it isn’t and you aren’t able to fix it with your classy skills, try running ComboFix and SDFix from Safe Mode.  If you are still having problems, do a repair / install. 

15.  AVG is pretty good at picking out Police Pro, Antivirus 2009/10, and Virut. So, if their antivirus program is nonexistent or expired, that’s a good option to install and run a scan with.

This is merely the combination of procedures we have found to work well. You will probably have to adapt it a bit for each infection since there are varying amounts of severity with these viruses.

Nowadays, every company needs a hardware firewall in order to prevent spyware, and viruses.  Yes, you still need anti-virus software, but if you don’t control your viruses and spyware, the virus police, the blacklists, will enforce their wrath and prevent emails from being sent to your colleagues and clients.  Why do the blacklists do this?  So, you won’t spread the wealth of your viruses and spyware to others.

You may keep the virus police at bay by installing a hardware firewall in your network.  This firewall should be set up so that Internet surfing internally will not effect the e-mail server operations.  So, if your lazy colleague wants to download free songs or files which brings about a trojan, this trojan will not cause any issues with e-mails going out, in turn, not being blacklisted.

A couple of good firewalls are the Sonicwall or Cisco devices.  They can be configured so that only e-mails are being sent out versus errant spyware or viruses.  Get a hardware firewall now if you haven’t.  We have heard too many first-time customers with blacklist issues due to not having a hardware firewall installed.

Spyware is tricky since it may hide in lots of different places in your computer.  Besides running anti-spyware and anti-virus software, there are 3 simple steps to take to ensure your pesky friend has left the building.

Here are the 3 simple steps not to forget when removing spyware:

1. Remove temp folder files.  Go to Internet Explorer -> Tools -> Internet Options and then delete your temp and temporary files.  Lots of viruses harbor in this neck of the woods
2. De-activate System Restore.  Right-click My Computer -> Properties -> System Restore and turn off system restore.  Even when you remove viruses, the System Restore will still save a copy of the viruses in this folder.  So, it is important to turn off this service.
3. Stop malicious startup programs.  Go to Start-> Run and type: msconfig -> Startup tab and uncheck to remove any blank lines or virus-looking executables.  This will ensure the virus doesn’t launch at startup.

These 3 steps will help tame your spyware and viruses.

We often talk about securing your computer from viruses, spyware, or hackers.  But, we less think about someone physically getting to your computer to access your personal information.  So, it is smart to learn how to physically secure your office so that your computers are safe from potential robbers or in-person hackers.

Here are the steps to take to secure your computers inside your office:

1. Set up a video surveillance system that records your office entrance and office activity itself for easy playback.
2. Make sure your building is set up for a buzz-in entry or that there is a doorman or stop form of security.
3. Set up an intercom system so you can see those who enter your building and/or office.
4. Lastly, and most importantly, set up a “hold-up” button so you can press this button to alert the police if being held-up.

We have called up ADT Security to take care of security for our offices and we feel very secure.  This is a small price to pay for not only your computer contents, but also your personal safety.

Getting hacked is not fun.  Everything needs to be redone and reset.  Talk about a re-do!  You have to get new credit cards, new usernames and passwords, and tune-up your computer to ensure the hacker is out of your life.

Now, you can find out if you’re hack prone.  Take the hacker test to check your security level.   This will let you know how secure your computer is.  The cool factor here is FBI-level folks will actually cross-reference your name with any hackers they know who might have your personal info.  Have you ever watched Dateline or 20/20 where the security experts track hackers, in turn, locating all of the swiped credit card they stole?  Well, this is the same thing, but this is a free security check that can prevent potential fraud with your accounts.

Take the test.  It could save your hours of hack anguish and tech support.

Viruses and spyware can be slithery little pests.  Not all typical anti-virus and anti-spyware software may remove them.  Nowadays, there are trojans, bug, rootkits, and other infections that may be considered both spyware and viruses.  So, with different variants of infections running into the gray area of what it actually is, the security software to remove them has been trickier.

We’ve seen as of late a new trojan that infects the Windows\System32 folder.  This trojan will cripple the Windows Installer so you cannot run some programs, such as itunes, as well as not being be able to run Windows updates.  Many programs will not remove this trojan, including: Norton Anti-virus, Malware bytes, Spybot Search and Destroy, Hijack This, and AVG Anti-virus. 

Combofix has been able to remove this tough-to-kill trojan.  Combofix is a DOS program that runs within Windows and removes infections that may be found in the Windows\System32 folder.  Combofix is effective since it will actually delete these infections that cannot be manually removed. 

New trojans cannot be removed manually as they are write-protected and are just too smart to be simply deleted.  So, Combofix has come as a savior for removing trojans.  You’ll need to make sure to disable all current anti-virus, anti-spyware, and firewalls while you’re running it to prevent startup problems afterwards.