These days, spyware poses a far greater hazard than viruses, and many attacks use combinations. Both identity theft & spam are big business, and the name of that game is stealing your info or using your system to spam or attack other (usually commercial) computers, not crippling your system. In fact, they want your compromised system in working order, they just don't want you to know what they are using it for or stealing from it. Fortunately, most of the major commercial offerings now handle both aspects in one program and basically are anti "malware" products.
I've been a fan of Trendmicro's free online malware scanner Housecall (
http://housecall.trendmicro.com) for spot checking systems that have anti-malware applications installed but are acting wacky, and also first step scanning of systems with no protection. Incidentally, they bought the rights to HijackThis, another free spyware scanner (which Mechanic mentions). Trendmicro sells commercial solutions as well of course - it is what they do.
I am all for saving money, but for most people, I'd encourage them to shell out the typically $30 to $50 and buy a well known, established multi-function malware solution with automatic updates, and some sort of application "behavioral" analysis and real time scanning. Once you buy the application, most companies offer reasonable subscription renewals for subsequent years. Of course they like you to buy upgrades, but I generally do not buy upgrades unless there has been a significant advance in detection method for the new version.
Free solutions can be great for those who have the knowledge and/or the patience to properly maintain them (which is usually manually) but what tends to happen is users won't do that, and then their system is not really protected.
For free anti spyware, Spybot Search & Destroy is a pretty decent anti spyware tool and is free for personal use, but it misses more when matched against the well established commercial offerings. The author's site is
http://www.spybot.info. It has multi-language support.
For free antivirus, the free version of AVG which has been mentioned, is probably the most well established and most consistent "good" performer. The *not* free retail version has the other bells & whistles packaged in as well.
I have been testing the professional version of an anti spyware program called SuperAntiSpyware (
http://www.superantispyware.com) for a while now on my home network and in my office. It seems to play nicely with Symantec AV corporate edition as well as the home/small business Norton 360. Norton scores extremely well in both anti virus and antispyware but SuperAntiSpyware was able to remove one annoying adware app from a system, that disabled the Norton engine. The program has a free personal edition, but the catch is you must manually update it and it does NOT offer continuous real time scanning in the free personal version.
I also recommend regularly policing system processes. The net stat command which Vortex mentions, shows you what is actively listening on ports and can reveal things that are "stealthed" from the processes reporting).
Use the command netstat -a to show all active connections.
netstat -b is great for showing "what done it" - giving the executable that established the connection, especially if you think there is a rogue app running.
A nice online utility that tells you processes running on your computer is
http://www.fileresearchcenter.com.
If you want a local utility, I'd suggest something like
Process Explorer, a free Sysinternals utility for Windows, now available for download from Microsoft's Technet, but most people start trying to escape when I start to mention those sorts of things.
*edit* ha...I started this reply much earlier in the day and didn't see all the in-between posts.
I agree with Mechanic in terms of prevention (i.e. using good browsing habits and not being all click happy) being the first and best defense, but I personally don't want to rely on it as my
only defense.
-Skylark
