Spyware removal is a very tricky business. Once spyware gets into your system, it will be very hard to blast those spyware. You might need specific spyware removal tools. While some spyware can be fixed by your anti-spyware software, others are much more difficult to disinfect specially if they got installed before the anti-spyware software. In such cases, you might need a spyware removal tool for that particular spyware.

Smitfraud and Vundo, for instance, are spyware which are very difficult—if not impossible—to clean using conventional means. You have to use a specialized spyware removal tool for each. And if you’re unlucky enough, you might even have to do a manual spyware removal of these spyware. Those who are not familiar with spyware removal—much less, manual spyware removal—are normally instructed to download and install HijackThis. HijackThis is not a spyware removal tool but an enumerator. HJT is then run and the resulting HJT log is sent to forums specializing on spyware removal where a human will read the log, give instructions, and ask for a fresh log. This cycle goes on until the spyware is finally removed.

So, the next time you download free movies that ask you to install some codecs before you could watch, think of how pleasant spyware removal can be.

Forums are full of questions like: “What is the best antivirus firewall software?”. You need to know that there is NO such thing as an antivirus firewall software; much less, the best antivirus firewall software. If you peruse the archives of this blog, you’ll find out that an antivirus and firewall software are two different programs with different purposes.

An antivirus software does three main things:

• It checks new downloads and files to see if they are viruses;
• It scans your computer every now and then for viruses; and,
• It attempts to clean or remove viruses when any are found.

A firewall, on the other hand, acts as a checkpoint at your computer’s entry points. It determines which message is allowed to pass through.

There are also Internet security suites that contain both antivirus and firewall software. (Though most only include anti-spyware and antivirus software) But while some Internet security suites contain both antivirus and firewall software, they are still different programs packaged together—not one antivirus firewall software.

So, if you reached this page searching for antivirus firewall software, please let me guide you to Internet security suites instead. They provide a more complete protection for your computer and give you a safer Internet browsing experience. As to what Internet security suite to buy, there are a lot of good programs but you can’t go wrong with these:

• Eset Nod32 Antivirus System (current favorite)
• Kaspersky Internet Security (another favorite)
• Norton Internet Security (I used to hate this but after checking around, the latest versions are actually good)
• Vipre Antivirus with Anti-spyware

So stop searching for antivirus firewall software now and go get a good Internet security suite.

Searching for celebrities can get you into deep trouble and is another reason why you need updated anti-spyware, antivirus, and firewall software. Mashable.com just pleaded: Whatever You Do, Please, PLEASE Don’t Search for Jessica Biel. They said that danger hides beneath a pretty face. You could end up with computer viruses and spyware where you didn’t expect it. Tech.Blorge also gives out a warning: Google Jessica Biel at your own risk. Searching for Jessica Biel, according to them, gives you a one-in-five chance of getting infected by a computer virus or spyware.

Jessica Biel, however, is not the only celebrity search query that can load you up with computer viruses, spyware and other malware. In Cnet News, you can see the top 15 most "dangerous" celebrities according McAfee's report. I suggest you check out that list. And if you’ve ever searched for any of those celebrities in the recent past, you better scan your computer for spyware and malware ASAP. Then, perform spyware removal procedures when necessary using your favorite spyware removal tool.

Oh, the world we’re in! People search for beauties and what they get are beasties.

In a previous post, I told you to be wary if you choose to download free antivirus software. In another post, I said that just because you will buy antivirus software instead of downloading a free one doesn’t mean you’re already safe—you must buy antivirus software only from a reputable antivirus company. But how does that relate to the former president of the Philippines?

If somebody uses a particular search term about the late president in the past few days, they would have been presented with these highly optimized malware sites in the results page: (these sites had been blocked already)

• http://{BLOCKED}-gonzales.redxhost.com/corazon-aquino-death.html
• http://{BLOCKED}sa.20x.cc/corazon-aquino-death.html
• http://{BLOCKED}rank.0adz/corazon-aquino-death.html
• http://{BLOCKED}-1.0adz.com/corazon-aquino-died.html

When the user clicks on any of those links, they’d be redirected to different sites containing malware that would then lead to the download of a fake antivirus software detected as TROJ_FAKEALRT.FK. The fake antivirus software would then possibly download more malicious files and fake antiviruses. While the sites probably would not work anymore, you need to watch out for similar tactics when searching for other terms with breakout popularity.

How would you know, then, if a link would redirect you to malicious sites distributing malware? You probably won’t. That’s why it’s worth repeating that you need anti-spyware, antivirus and firewall software installed as it would only take a few minutes of browsing before you can be infected with viruses, spyware and other malware. Your security software should be able to immediately block the connection or quarantine any questionable downloaded binary or script. And if ever you’d be redirected to a site selling—or offering for free download—antivirus software, don’t buy it; or, at least, check it first. Buy antivirus software only from a trusted company.

Would you believe someone if he told you not to buy antivirus software? How about if that someone is a manager of an antivirus company? Yep, I’ve read somewhere (last year) that a manager of an antivirus company advised people not to buy antivirus software—including those from his company.

But before you think this guy is nuts, Let me assure you that he is right. What he was actually saying was not to buy antivirus software only because it is inadequate. According to him, you should buy antivirus software suites or Internet security suites instead.

And he is correct. Like I said in my previous post about essential security software, viruses are not the only threat to users anymore. In addition to antivirus software, you need spyware software, (more properly, anti-spyware software) and firewall software. Those are the essential security software. But If you also hate to be contacted by some long-lost relatives from Nigeria because of some estate settlement matters (amounting to Millions, I should add), I suggest you also get a good a spam blocker or spam filter. Finally, a popup blocker could also be a nice addition.

Do I buy antivirus software suites or Internet security suites? I don’t. I prefer my spyware software, antivirus software and firewall software to come from different security software companies. There are instances when security software company A updates their antivirus software more often than security software company B does, but the latter updates their anti-spyware software oftener than the former. It could also be that security software company A’s antivirus software rocks but their spyware software sucks. Another thing is that I want the flexibility to change my firewall software while retaining my anti-spyware software. Finally, Internet security suites just feel too bloated for me—specially considering that it always runs in the background.

For newbies, however, (or those who don’t want to spend too much time mixing and matching) I suggest they simply buy antivirus software suites or Internet security suites. It takes the guessing out of the equation. Anyway, Internet security suites are getting better and better than when I first tried them. So unless you know what you’re doing, buy Internet security suites instead of individual products.

I’ve already talked why it is desirable to install security software first. Now, let us talk of what types of security software to install. Actually, there are a bunch of them. There are keyloggers, password crackers, (yes, you need those to determine the strength of your own) port scanners, IDS, (with weird names like SATAN and SAINT. lol) and more. But don’t fret. Those security software are not essential for most users. I’ll try to discuss them in a future post on Network Security Software. Here, let’s focus on the essential security software that you really need to install on your PC.

Antivirus Software

Prior to the Web—or before it became mainstream, at least—there is only one essential security software to install for the average home user; and that is the antivirus software. During those times, I’m not even sure if the term security software was already used because there is only one anyway. (vis-à-vis an average user) An antivirus software scans and removes computer viruses, worms, and trojan programs. A good antivirus software should prevent the infection in the first place. They detect these viruses either by signature or by behavior. Antivirus software can also be real-time or scan-based.

An antivirus software using signature-based detection checks the files in your computer and compares it to a database of known virus signatures. If there is a match, the antivirus software reports the file as a virus. This means that your virus signature database must be up to date. Otherwise, a new virus won’t be detected by your antivirus software as its signature is not yet in the antivirus software’s database. There will be misses in this system and its magnitude is proportionate to the age of your virus signature database.

If your antivirus software uses behavior-based detection, it observes the behavior of programs in your system. If it acts like a virus, the antivirus software flags it as so. Needless to say, there will be a lot of false positives with this system. The fun thing is that most antivirus software will be reported as a virus by other antivirus software using behavior based detection. The reason is that most of the functions of an antivirus software like reading all files in a directory, locking it, taking charge of main memory, etc., are very virus-like.

Most modern antivirus software, however, uses a combination of the two. Some call their behavior-based detection system as heuristics. What’s confusing is that other antivirus software use the term heuristics as an advanced form of signature-based detection. But let’s not bother you with that, shall we? Normally, they go through signature detection first so as not to waste time doing heuristics when the file’s signature is, in fact, already in the virus signature database.

As mentioned earlier, an antivirus software can either be real-time or scan-based. A scan-based antivirus software will only run if told to do so via right clicking a file to be scanned or by selecting it in the Programs menu. A real-time antivirus software, on the other hand, will load itself into memory as soon as your operating system starts and oversees all running processes.

You need one and only one antivirus software with real-time protection. If you install two or more, you will not be increasing your computer’s security. In fact, you will weaken it. That is because both antivirus software will be trying to kick and lock each other out. That’s just how they work. You can, however, install another scan-based antivirus software. There would be no conflict in that setup. You’ll end up with a real-time antivirus software and two scan-based antivirus software. (the real-time antivirus software almost always includes a scan-based antivirus software)

Spyware Software

When the Internet escaped from the educational institutions and military facilities and entered into the household, things got a little bit more complicated. People started to connect and viruses, worms, and trojans began spreading at a faster rate compared to the previous age of sneaker net. E-commerce emerged and credit card transactions followed. Then came a new breed of malware called spyware. These sneaky little pests are similar to viruses except that they mainly gather data instead of harming your computer.

Security software companies created spyware software to combat this specific threat. A lot of money is lost due to spyware and spyware software aims to prevent this. Spyware software operates similarly to an antivirus software. There are also real-time spyware software and scan-based spyware software. Since spyware hide in a lot of places, spyware software works double time in tracking them. A common place where spyware software hunts for spyware is in browser helper objects. Some antivirus software already include spyware software.

But even if spyware software is installed in your computer, you should still be very careful with what sites you visit. Spyware software is not yet as mature as antivirus software and new spyware pop up all the time. In addition, it seems to be easier to get infected by spyware than by a virus. Merely viewing a site can get you infected when you need to download and install something first unless it is just Flash or Silverlight. (Be wary of message like: click here to view this site.)

In addition to spyware software, you can also protect yourself by disabling scripting in your browser. (ActiveX, VBScript, or JavaScript) But you will also loose some website functionality if you do so. It’s a personal call and greatly depends on what sites you frequently visit. Me, I don’t disable it.

Firewall Software

The third security software that you’ve got to have is a firewall software. If your computer were a house it is one with a lot of doors. These doors are called ports and firewall software acts as the guard. There are 1,023 common ports or doors to your computer. Depending on installed software like messaging, chat and games, it could, however, go as high as 65,000! Not all of those will be open but a lot of them could be. And you have to know which. If you don’t guard your ports, hackers can easily enter your system while whistling a tune. Could you sleep at night if even one of your 65,000 doors are unlocked or open? How about a hundred? There is a reason why Microsoft included a built-in firewall software with their operating system.

Firewall software allows you to monitor your ports, specify which ports are opened, specify which program can access which ports and which protocol can be used by what program in which port. The best firewall software will allow you a very fine grained control over the above variables. Windows has a built-in firewall software but it only allows limited configuration. For ordinary purposes, though, I think this built-in firewall software is enough. Your question is probably which port should you open and which should be closed. Ideally, all unnecessary ports should be closed in you firewall software. And what is necessary would depend on what software you have in your machine. Windows default firewall setting is a nice place to start.

Note that firewall software screens incoming and outgoing data transmissions. This means that a firewall software can augment your spyware program. Aside from making sure that hackers cannot enter your system from the outside through open ports, it also prevents unauthorized outbound communications. As I said, spyware is meant to spy and gather data like account information, browsing or purchasing history, and data for determining demographics. It has to send this data some time. When it does, your firewall software can flag it and prevent the connection. So, even if a spyware managed to pass through your spyware software undetected, it can hopefully be caught by your firewall software.

There are a lot of things I want to write about these topics. I am even considering separate blogs for each of the topics above. They are so deep and change so fast. What I am able to provide here is just a bird’s eye view of sorts. I’ll try to probe deeper in succeeding posts. Or maybe, I’ll just write a book. ;) (kidding)

The first thing I do after buying or building a computer is to set up security software. There are three essential security software that I install: An antivirus software, a spyware software, and a firewall software. No other program gets installed on my machine after the operating system until these security software are up and running. Period.

I religiously followed this routine of installing security software first before anything else on my own systems since I built all of them myself (aside from my notebook). However, when Dee bought her laptop, it came with a lot of stuff already preinstalled! So, what I did was uninstall everything including all the manufacturer’s own computer system management and security software. Sorry, Acer. When only Vista and some signed drivers were left, only then did I install my set of security software. (Sorry, Dee, those stickers look good but security software first, then Firefox, then PSPad, before those lovely stars and cute smileys get pasted on the thing. lol)

Why install security software first? For one, that’s what I’ve learned; and recently, I found out the consequence of not installing security software first (or early in the program setup link). I could probably have installed the security software without deleting stuff like I did above but there are dangers in doing so—specially if the machine is old and has a lot of programs already. Take for instance this other computer in our network. It has been browsing and downloading lots of stuff already when I inherited it. And it already had a virus.

I installed my security software triangle and plugged it into the network. Nothing was detected. I only became aware of the existence of the virus later after observing that the network is slowing down, unaccountable usage of system resources, connection attempts to my computer from another within the network, and other signs (including, maybe, a sensation of a disturbance in the Force. ;) )

It seems that since the virus was there first, it sort of placed a blindfold on the security software when they were installed so that nothing would be detected. It also prevented the security software from updating its signature database to further ensure the invisibility of the malware. After replacing the antivirus part, the malware was detected but it still can’t be removed. I ended up manually searching and removing the virus and all its instances scattered around the system. It was excruciatingly painful. Had the security software been there first, the malware won’t even have the chance to take root.

If possible, always install security software first. Windows’ built-in firewall software seems to be okay but I heard that there are better alternative firewall software out there for free. After that, go grab an antivirus software and a spyware software and be safe.