Expert: James Filmer - 9/3/2009

Question
QUESTION: What anti-virus protection do you recommend? I currently use Norton AntiVirus.

ANSWER: Spybot Search and Destroy is 100% free. There are no costs associated with finding and removing threats. Go to Enrgy21.com and click the link to Spybot Search & Destroy. Download and install it. Add the Host files, search for updates and add. Run the scan and remove what it finds.

If your system's not showing any connection problems or other instabilities, Norton's fine.

http://antivirus.about.com/od/antivirussoftwarereviews/tp/aatpavwin.htm

http://www.consumersearch.com/antivirus-software

Because you've run Malwarebytes twice, letting me know many entries needed to be removed will give me some indication of how secure your system is now.

Click Start>My Computer>right click Local Disk C:>Properties>Tools>Check the volume for errors>
check both disks options>Start. Restart your PC. It will check for errors automatically and will take a little time (20 minutes or more if it has errors that need auto fixing). Then let the PC fully load, restart.
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/kbtip.msp

(Note: Usually this needs to be done only if you've received a disk error alert or the PC is exhibiting behavior associated with disk instability. However, your system has gone through some significant changes before and after our first contact, so I want to make sure your disk is in good health before proceeding).

Now, click Start>All Programs>Accessories>System Tools>Disk Defragmenter>Analyze.
I'm guessing it will say the disk needs to be defragmented. If it does, do it. It might take more than an hour if you haven't done this in a while (or never). I've seen it take over 3 hours for PC's in use constantly more than year. Restart after that's done.
http://windows.about.com/od/maintainandfix/ss/defragment.htm

(Note: Reputable sites like About.com must recommend backing up your system, files...to protect you in case something goes wrong. If you don't know much about backup, but follow the other steps and don't interrupt the process, System Restore: http://pcsupport.about.com/od/fixtheproblem/ht/system-restore-xp.htm is a great tool to use if necessary. In the near future, you should make it a point of learning how to back up your files, and do it. See Tip 8- http://www.enrgy21.com/computertips.html).

Next, a few more maintenance (not so time consuming) and security tips.



---------- FOLLOW-UP ----------

QUESTION: I apologize. I used the first link for Spybot on your site by mistake. I reran Spybot using safernetworking.

Spybot found 33 problems in its list.
Browser:
2 AdRevolver
1 BlueStreak
2 BurstMedia
1 Casalemedia
1 Double Click
1 Fast Click
3 Media Plex
1 Right Media
1 Zedo

Hijacking:
1 CoolwwwSearch.Aff.Winshow

Adware:
8 Coupon Bar

PUPS:
2 FunWeb Products
5 MyWay.MyWebSearch

Trojans:
3 Win32.Sobit.C

Malware:
1 SpywareBOT

Is it okay to tell the program to fix these?

ANSWER: I recommend always remove everything Spybot finds. Also remove everything Malwarebytes finds.
There's also Advanced mode configuration settings in Spybot. Read #8 here: http://antivirus.about.com/od/securitytips/ss/hosts_2.htm


Also,
http://antivirus.about.com/od/securitytips/ss/hosts_2.htm

---------- FOLLOW-UP ----------

QUESTION: I rebooted from the first scan of Spybot-Search & Destroy. Then reran Spybot in the Advanced Mode. The result was 9 problems found.

Browser:
2 AdRevolver
1 Burst Media
1 DoubleClick
1 Fast Click
2 Media Plex
1 Right Media
1 Zedo


Answer
Update again. Then I think you should click "Immunize": Protect yourself before threats find their way into your system.

http://security.ngoinabox.org/spybot_advanced

I also think you should consider some other tweaks.

http://security.ngoinabox.org/spybot_advanced
3.1.1. IE Tweaks
Lock Hosts file read only...
Just that one box for now. (if you've read and understand what that does and you're comfortable doing it).

The following link gives you even more info:
http://timmymac.net/Documents/How%20I%20configure%20and%20use%20Spybot%20Search%
I think you should add the Hosts file one day, when you're comfortable with knowing what that does.

I would suggest a Google search using the words "how to configure Spybot in advanced mode.
You'll get many results, and some might be easier for you to understand than others.

The most important thing about Advanced mode is remembering the things you've done (for example, make a record in notepad and file it in My Documents) just in case you're troubleshooting a future issue and want to undo something.

http://www.safer-networking.org/en/tutorial/index.html
Especially #8 for information about Resident Teatimer and Resident SD Helper.

Of course, you can leave it just like it is too, but you'll get more protection if you utilize a few additional tools it offers.  And, make sure you run Malwarebytes at least once a week (update and scan). Spybot can be configured to run on an automatic schedule.