Slashdot Mirror

http://pivx.com/qwikfix/

Qwik-Fix Pro is not a spyware killer but it is enterprise level and do protect against all of the browser based vulnerabilities (among others) that are being used to forcefully install spyware. It is a perfect combo together with a spyware killer such as The Cleaner from Moosoft (http://www.moosoft.com/) or Lavasoft Ad-Aware (http://www.lavasoftusa.com/).

The protection against IE vulnerabilities was implemented in September 2003 and has since protected against all command execution vulnerabilities discovered since then without a need for updates. These very improvements to IE were subsequently included by Microsoft in Windows XP Service Pack 2, though the implementation Microsoft choose failed to protect against several vulnerabilities discovered since then such as the Drag'n'Drop vulnerability which Qwik-Fix Pro protected against.

It's not free though

... and get rid of it if you do...

Spybot Search&Destroy http://spybot.safer-networking.de/
and Ad-Aware http://www.lavasoftusa.com/software/adaware/

BTW, be sure to update the definitions or you're going to miss a lot of spyware.

Hey,
I'm not a "windows user" per se, ardently preferring linux, but I am forced to use windows and have some experience with it.

I've had some issues with spyware and have been directed by a windwos admin friend of mine to a particular piece of software which I've been using for a long time and which I like a lot...

It's called ad-aware made by lavasoft (lavasoftusa.com) and works really well.
The personal edition is free (woo Whoo!!).
Be sure to download the latest definition file after you install the program! (It checks for you)..

Hope this helps man.

jb

If they are going to stick with Windows, the three things I always install are Zonealarm - free firewall, Adaware spyware removal - free for personal use, and Spybot search and destroy - another free spyware removal that complements Adaware also inncoculates IE against common exploits. There are also good free virus checkers (don't know any off the top of my head) but people I have helped have all already had virus checking software installed at least.

I also usually try to get them to install a router with a built in firewall for extra protection.

I have had no problems migrating people from IE to Firefox 1.0PR. It has imported bookmarks and cookies flawlessly so far.

Get AdAware SpyBot S&D, and my favorite flavor of anti-virus/firewall Trend Micro Pc-Cillin I'm too lazy to make a user account to post this once. - Nate MC

This is a bit offtopic but what the hey. You ask serveral questions in this post so I my answer may not answer all your points:

To the best of my knowledge Firefox will only offer to migrate IE bookmarks. It doesn't do cookies although if you are willing to mess about by hand I think you can get IE to export it's cookies to a file and then copy the cookies file to the firefox profile.

Will the migration be painless? Who knows? It's been generally painless for me on recent machines but that's no guarantee for you.

Two of the most famous spyware removal utilities are Adware and Spybot search and Destroy.

Goddamn. The things people do to run Windows... It makes me glad I use Linux.

The program most often recommended for preventing modem hijacking appears to be StopItNow. It's shareware.

Both Adware and SpyBot will detect some but not all hijackers.

Error Messages received when loading SP2:

Title of error message: migrate.exe - Entry Point Not Found

Error message 1: The procedure entry point GetIUMS could not be located in the dynamic link library MSDART.DLL.

Error message 2: The procedure entry point GetTextExtentPointI could not be located in the dynamic link library MSDART.DLL.

Resolution: There is a new MSDART.DLL in Windows XP Service Pack 2. Apparently, SP2 sometimes tries to use MSDART.DLL before it has copied it. If you happen to have an old version of MSDART.DLL on the system you are upgrading, it crashes and destroys your entire installation of Windows XP. After the crash, one machine would still boot, but the initial boot screen said "Windows Media Center" instead of "Windows XP Professional". This particular machine has been used by a very responsible office manager for two years without problems, and has never been near Windows Media Center. Very weird.

The newest version of MSDART.DL_ is in the random folder name created when running SP2, in the i386 sub-folder. This folder is deleted after SP2 finishes.

Run the command: EXPAND.EXE msdart.dl_ to unpack to MSDART.DLL. Then copy the new, SP2 version of MSDART.DLL to the C:\winnt\system32 or C:\windows\system32 folder, whichever is correct. (The second may be correct if you upgraded to Windows XP from Windows 98.)

I talked to someone at MS Tech support about this, who correctly identified that it was a problem with MSDART.DLL, but told me to download MDAC_TYP.EXE from Microsoft and install it. This did NOT solve the problem. MDAC_TYP.EXE has an old version of MSDART.DLL that does not contain the needed entry points, apparently.

The MS technical support representative spoke very slowly and said a lot of inappropriate things. I think it a big company like Microsoft could give its employees a better grade of weed.

After you have this problem with SP2, if you fix SP2 while it is running by copying the new version of MSDART.DLL, you MUST load SP2 again. Otherwise some users may have inoperative icons. Very weirder.

If you use the words "Microsoft" and "Quality" in the same sentence, does God strike you dead? Apparently not.

You can call Microsoft about SP2: Call 1-800-936-5700. Choose 1. Wait until the recorded message gets through trying to get you to go elsewhere and press 5. It was free for me, at least. The two support representatives to whom I talked did not help me. However, they were pleasant and conceivably might help reduce a feeling of loneliness.

Other issues:

SP2 may not be able to run on an infected system. Run virus checkers and spyware checkers before trying to load Windows XP SP2. I recommend Grisoft's AVG free personal virus checker.

For spyware removal, run both the free AdAware Personal and the free Spybot Search and Destroy. One may find things the other doesn't.

Virus Checkers: Disable virus checkers and non-SP2-aware software firewalls while loading SP2.

ZoneAlarm software firewall: Upgrade to the latest version of ZoneAlarm, if you use it, before trying to install SP2. Disable the Windows firewall; ZoneAlarm Pro provides much better security. For example, ZoneAlarm Pro renames the file name extensions of attachments that have file name extensions that signify an executable file. There are 44 of those, if I remember correctly. ZoneAlarm provides outgoing protection, as well as incoming protection; the firewall in SP2 provides only incoming protection.

Disable harassments. After you load SP2, there are two new entries in Control Panel: Windows Firewall and Security Center. Go to Security Center/ Change the Way Security Center alerts me/ to disable the messages that haras

Because there are still people who don't know:

Ad-Aware
Search & Destroy

To keep your pc running fast and without too many crashes..

1) Switch to better web browser that dosen't have activeX spyware infecting it
2)Destroy spyware
3)Switch to a secure operating system.
4) ???
5) Profit, by not having to waste time with viruses!

Adaware. The free version will do most everything you need. There are other tools that do similiar things and more. It's a good place to start though.

CDEX
IRFanView
Winamp
iTunes
FireFox w/AdBlock and various other extensions
Some music
Assorted pictures
Spybot & AdAware
XP SP2
DefilerPak
Novell VPN client
Citrix client
Farbrausch demos
PuTTY
and the all-important XEvil

I've found the following helpful for the no-budget set:

Avast Home Edition Virus Scanner

Spybot Search and Destroy

HijackTHIS - Find out whats in your PC. (semi-advanced)
The site for HiJackThis seems to be down for now. THere are a few other little nifty freebie aps in there, too. Heres a mirror download site

AdAware - picks up a lot of crap in your PC

(Anyone wanna offer up a few opinions on this stuff? You know you do.)

Of course, the obligatory comment of "Use Mozilla, keep your shit patched, don't click every OK button you see" still applies.

The trick with qttask.exe is that you've got to rename the executable. qttask.exe.bak or the like.

Even with Sysinternals' ProceXP, Spybot, Ad-Aware, BHODaemon, Hijackthis, ect, I can't find the damn thing's entry point.

As far as Real goes, I'd recommend Real Alternative instead.

Just in case his site gets /.'ed, here is his impressive list of links. - Jonah Hex in non-karma whore mode.
Downloads
Linux Wipe Tools: Three shell scripts for securely wiping all data from the swap partition, wiping unused disk space on the root partition, or wiping an entire disk, by Thomas C. Greene.

No Messenger: A batch file that eliminates Windows Messenger and fixes the problem of Outlook Express loading slowly when Messenger is absent, by an anonymous friend of The Register.

FileCheck MD5: A free, simple, lightweight MD5 utility for Windows, courtesy of Brandon Staggs.

Errata: A text file containing my various blunders and ommissions in the book (right-click and "save as," or view as HTML). Last updated 6 June 2004.

Links to Other Goodies
Mozilla: A free, open source Web browser and e-mail client for Linux and Windows, feature rich and far more secure than Internet Explorer and Outlook Express. Recommended for novices.

Firefox: A free, open source, stand-alone Web browser for Linux and Windows. Very light and fast. Recommended for intermediate users.

Thunderbird: A free, open source e-mail and news client for Linux and Windows. Recommended for intermediate users.

GnuPG: Gnu Privacy Guard; a free, open source replacement for PGP, for Windows and Linux.

WinPT: Windows Privacy Tools; a free, open source GUI frontend to GnuPG for Windows.

Anonymizer: Various services for anonymous Web surfing, e-mail, chat, etc.

OpenSSH: A free, open source SSH (Secure Shell) client and server for Windows and Linux.

PuTTY: A free, open source GUI frontend to OpenSSH for Windows.

Ethereal: A free, open source network traffic analyzer for Windows and Linux. Windows users will need to install WinPcap before installing Ethereal.

Ad-Aware: A free, closed source adware/spyware scanner for Windows.

SpyBot Search & Destroy: A free, closed source adware/spyware scanner for Windows.

Sam Spade: CGI gateways to numerous online tools, such as whois, traceroute, etc.

SourceForge: A vast repository of open-source software for Windows and Linux. The site can be overwhelming, but it has a search engine to help users locate packages.

GNU Project: The home base of the open source movement. A repository of open source products, chiefly for UNIX-compatible systems.

Security Information
About Internet/Network Security: An informative and useful site dealing with computer and Internet security, with reviews of security products and books, practical howtos and tips, and links to numerous tools and information resources, geared toward beginners and intermediate users.

SANS Institute: An educational and research organization with a vast archive of security research documents, news, and advisories, geared toward intermediate and advanced users.

CERT/CC: Computer Emergency Response Team Coordination Cente

If he had kazaa installed, then that's where the popups were coming from. The windows xp built-in firewall can stop messenger ads just fine. You should have told him to download spybot, adaware, and spywareblaster.

When someone complains to me about spyware, I first tell them about Ad-aware and then I tell them to install Firefox. I also explain to them, that since I installed Firefox, I haven't had a problem with adware. This gets all the time.

You actually worry about cleaning it? I just recommend reformatting :p. It's got 2 big advantages:

1) It's easier to do (even if it takes longer there's no guesswork/trudging through the registery)
2) It tends to be such a big deal for the relative (backing up etc) that I tend to get asked less :).

Then again, doesn't Adaware do a good enough job as it is?

This regulation, while good intentioned, is really difficult to live with. Try finding a good non-freeware spyware remover. It's not easy.

Well, AdAware is pretty kick ass: http://www.lavasoftusa.com/purchase/business/

Nice tool, but why the hell does it need a setup. I have been infected with the CWS ad/spyware thingy and had a hard time getting rid of it. I finally resorted to reinstalling my compu and making mozilla my default browser (btw there is a google toolbar for mozilla). My mom called me yesterday and told me she had the same problem, maybe I will try to let her use Mozilla as well. However I use the view this page in IE option a lot and I do not see my mom using this option.

I had a hell of a time removing the CWS thing and used spy-bot, Ad-Aware and CWShredder all to no avail. I wrote my own BHO remover which will delete the Browser Helper Objects, but remeber that you shouldn't have any browsers or explorers open when using this program! And restart your computer after deleting any BHO's.

If these bills cut the number in half I'd be pleased.

• Click 'Tools', then goto 'Internet Options...'
  
• Click on the 'Advanced' tab, and look for the 'Browsing' section.
  
• Make sure the following options are unchecked:
  
  • Enable Install On Demand (Internet Explorer)
    
  • Enable Install On Demand (Other)
    
  • Enable third-party browser extensions (requires restart)
    
  
  
• Now click on the 'Security' tab. Make sure the 'Internet' zone is highlighted.
  
• Click on the 'Custom Level...' button.
  
• Make sure you have the following settings:
  
  • Download signed ActiveX controls: Prompt
    
  • Download unsigned ActiveX controls: Disable
    
  • Initialize and script ActiveX controls not marked as safe: Disable
    
  • Run ActiveX controls and plug-ins: Enable
    
  • Script ActiveX controls marked safe for scripting: Enable
    
  
  

If nothing else (it will be extremely difficult to police, after all), this bill will hopefully increase spyware awareness amongst the average n00b user. While most users are aware of the need for up-to-date antivirus packages, especially after the recent spate of high-profile hits, most are blissfully unaware of programs like Spybot Search and Destroy or Lavasoft AdAware, which I feel are just as critical a part of my security armoury as my firewall (ZoneAlarm) and my AV (NAV).

On a slight aside, Norton AV does include a certain amount of spyware scanning in their latest version (NAV 2004).

ESPN and CNN were both listed in the list of top pop-up/under ad users, and I visit both of those sites many times each day, and I never see a pop-up from either of them. In fact, I almost never see a pop-up ad from anyone... unless I disable my blockers.

I use two blockers, one by accident. I downloaded Google's toolbar because it helps me find anything anywhere on the net in about three seconds, rather than navigating to the Google home page in an additional two seconds. Time is money!

The other blocker I use is Ad-Watch, included with LavaSoft's Ad-Aware if you get the Plus or Premium version. Any pop-ups that the Google toolbar doesn't catch are caught by Ad-Watch, and I almost never see any at all. (The only time I do see them is when Ad-Watch is temporarily disabled or when I'm doing so much that my CPU can't keep up with me.)

This leaves one breed of ads that still annoy me, and I'm not talking about static banner ads, because tend to stay out of my way. I'm talking about the dynamic or floating banner ads, which are horrible because they cover up the content of the site I'm trying to view either for a few seconds or sometimes for an indefinite amount of time (until I find the tiny "close" button). I actually think some of these are blocked on occasion, but I know that they're what I see most these days (especially on ESPN and IGN), and I'd really like to see them go. So if anyone has any clue how to get rid of them, feel free to clue me in!

There'a always a catch, I think this might be true with AOL's spy blocking software too. After all they are "corporations" with an obligation to their shareholders. Advertizing makes a chunk of their revenues, and they aren't going to choke that golden goose, are they? For now I am sticking with Adaware.

Out of interest, when I rebuild my home server recently, I installed a fresh Windows XP (with SP1(!)), but nothing else. Then pointed my browser at www.netants.com (that site would probably deserve a good whacking) and sat back and watched the show.
Within five minutes, there was porn everywhere. The browser homepage (which also downloaded new tasty bits of spyware whenever the browser was launched), the favorites (it would take a determined smut-lover months to accumulate a list of porn sites that long!), the browser history, lots of links on the desktop, porn quick-bars, search bars, the start menu, and every other piece of mal-, spy-, ad- and crapware under the sun.

The scary thing is, I did not click on any buttons, links or otherwise. The website simply exploited IE flaws to install all this crap.
I then ran ad-aware and spybot search and destroy and the amount of shit that had been installed in about five minutes was absolutely staggering! After that, I continued using the machine for a few minutes, but could not shake the feeling that there was still a fair amount of *ware left on the box. I had to repartition, reformat and take a shower to feel clean again.

So it would be all too easy for Joe User, who does not quite grasp the concept of IT security in general and the necessity to upgrade in particular, to stumble upon a site like that and catch all that junk. After witnessing this, I will certainly be migrating my parents and other relatives to Linux/Mozilla as soon as I can.

I have now prepared an old laptop that I can restore quickly by re-ghosting with a virgin XP install. Every time I need to impress the importance of updating, configuring your system properly and generally staying away from MS software, I take the laptop along, open abovementioned site and ask people to clean up the machine. Normally they give up in disgust after firing up IE for the first time. Might be an idea to do that in court, too.

Spybot is about the best spyware cleaner out there. Ad-Aware is also pretty good, but I think Spybot catches more. Spybot also has the advantage of being configurable to auto-run at system start, before spyware programs can execute. It takes a while to do its scan, but if you can spare the startup time, it's worth it. Also, it contains a tool called Resident that's supposed to install in IE and prevent known spyware from installing itself. Not sure how well it works, but maybe someone else can comment.

I also use Trend Micro's online virus scanner. Along with killing viruses, it also recognizes some malware programs. It isn't a substitute for Ad-Aware and Spybot but a complementary tool.

Also, for public access computers, you really need to jack up the security settings of Internet Explorer, or, better yet, ditch it in favor of Mozilla.

Education is also important. Many people have heard of viruses and worms, although they don't seem to have a clue how to protect themselves. Spyware, OTOH, is an unknown term to many people. They don't know what it is, what it does, how it got there, or how to remove it. Whenever you clean someone's computer, take an extra minute or two and sum up what happened to them. They may not seem to understand, but you've at least planted a seed of information, so maybe enlightenment will eventually come.

I deal with this crap every day at work, so I feel your pain.

Malware is here to stay. I clean it of the computers of friends and family constantly. You can't hide behind Mozilla -or anything for the matter. You can use Ad-Aware or the like, and that's about it. I gave up on trying to make others understand what 'safe browsing' habits are. Malware no longer requires you to click 'ok' to something. It just hijacks your system on page load. I myself had a Java based trojan install an ftp daemon in my system folder with an INI file that had accounts named 'xdcc-warez' etc.. I am very secure, but I wouldn't have known about this intruder unless my firewall would have reported the ftp daemon opening the port.

I have tried many types of virus protection and I refuse to run them. Symantec 2004 'Pro' or 'Corporate' is EXTREMELY intrusive. With *ALL* the auto search and protection off, it still runs many services that take over 15mb of ram! McAffee and everything else is about the same. I am all about performance, I will not have adware and virus protection software scanning every file written to my HD, every word doc I open, email I send, or page i visit; that's ridiculous; not to mention with all those things of, the services are still there for some reason. Also, I don't need a HUGE GUI interface with animated gifs and crap.

Spyware is here to stay, get some somewhat non-intrusive software to protect your family and friends, and as for yourself, I guess just check your firewall, and/or have it alert you when a weird program or service wants access.

what's the best way to get rid of this crap?

• Ad-aware
• Spybot
• Cool Web Shredder Specific to CWS, but if you've got that, this is a necessity
• And while you're at it, for your own computer, don't forget the virus-checker, the hardware firewall, and maybe even the software firewall. Public computers are a Wretched Hive of Scum and Villainy, so if you're forced to use them, mentally adapt your practices to account for that. (Expect every virus/trojan/keycapture program written.)

And for the love of all that is holy, tell everybody you know to stop using IE. If you're the tech support guy for your friends and family, have them start using firefox. Because sooner or later, if you don't, they'll get CWS and you'll be at their house helping them for a LONG time.

You can get rid of it by running a personal firewall such as Kerio and scanning your system for spyware and what not with Ad-aware,Spybot-S&D, and Others

Adaware

Spybot Search & Destroy (best and most up-to-date IMHO)
AdAware (the original big one, not as up-to-date as Spybot S&D, but it still catches stuff Spybot doesn't)
HijackThis (for the really nasty stuff that the others don't get, though this can mess up your computer if it isn't used properly)
SpywareBlaster (it isn't as good as the others mentioned, but it still couldn't hurt)

Repost of this comment, with fixed links. (Mod the other one down!)

* * *

Ad-Aware with Ad-Watch is my personal choice, which requires either the "Plus" ($26.95) or "Professional" ($39.95) edition. You'll have to go through the "Tweak" options to set Ad-Watch to run win Windows starts and start in blocking mode, but once its up -- you don't have to worry about ad/spy-ware much anymore. Just run a comprehensive Ad-Aware scan every week or two, and check the results list to make sure nothing useful is being flagged as spyware! Oh, and Ad-Aware's free version (that does not come with Ad-Watch) is a very effective scanner/cleaner, but it will not stop ad/spy-ware from infiltrating your system -- it can only remove it after the fact, which often requires several minutes (or even hours?) of tweaking after their removal.

Spybot Search & Destroy is my second choice, and except for its tendency to treat files quarantined by Ad-Aware as spyware (well, they are, but they're quarantined!) and to miss a few items that Ad-Aware finds, Spybot is very capable of keeping your PC (mostly) clean. But here's the catch: Spybot is freeware, so it is much more cost-effective than Ad-Aware, but remember the old addage: "You get what you pay for."

I've used both Ad-Aware (more extensively) and Spybot (somewhat extensively) for several months, and here's my suggestion: use Spybot or Ad-Aware's free version at home if your files aren't "top secret" or otherwise crucial to anyone's survival; use Ad-Aware Plus or Professional on business computers (where the company will pay for the license) or if you want to protect your computer from gathering ad/spy-ware in the first place.

There are other options out there, and remember that nothing is perfect... Some legitimate things will be deleted if you're not careful, and some illegitimate things will sneak through no matter how careful you are. The ad/spy-ware-war only marks our attempts to stay ahead of the game.

Ad-Aware with Ad-Watch is my personal choice, which requires either the "Plus" ($26.95) or "Professional" ($39.95) edition. You'll have to go through the "Tweak" options to set Ad-Watch to run win Windows starts and start in blocking mode, but once its up -- you don't have to worry about ad/spy-ware much anymore. Just run a comprehensive Ad-Aware scan every week or two, and check the results list to make sure nothing useful is being flagged as spyware! Oh, and Ad-Aware's free version (that does not come with Ad-Watch) is a very effective scanner/cleaner, but it will not stop ad/spy-ware from infiltrating your system -- it can only remove it after the fact, which often requires several minutes (or even hours?) of tweaking after their removal.

Spybot Search & Destroy is my second choice, and except for its tendency to treat files quarantined by Ad-Aware as spyware (well, they are, but they're quarantined!) and to miss a few items that Ad-Aware finds, Spybot is very capable of keeping your PC (mostly) clean. But here's the catch: Spybot is freeware, so it is much more cost-effective than Ad-Aware, but remember the old addage: "You get what you pay for."

I've used both Ad-Aware (more extensively) and Spybot (somewhat extensively) for several months, and here's my suggestion: use Spybot or Ad-Aware's free version at home if your files aren't "top secret" or otherwise crucial to anyone's survival; use Ad-Aware Plus or Professional on business computers (where the company will pay for the license) or if you want to protect your computer from gathering ad/spy-ware in the first place.

There are other options out there, and remember that nothing is perfect... Some legitimate things will be deleted if you're not careful, and some illegitimate things will sneak through no matter how careful you are. The ad/spy-ware-war only marks our attempts to stay ahead of the game.

Ad-Aware with Ad-Watch is my personal choice, which requires either the "Plus" ($26.95) or "Professional" ($39.95) edition. You'll have to go through the "Tweak" options to set Ad-Watch to run win Windows starts and start in blocking mode, but once its up -- you don't have to worry about ad/spy-ware much anymore. Just run a comprehensive Ad-Aware scan every week or two, and check the results list to make sure nothing useful is being flagged as spyware! Oh, and Ad-Aware's free version (that does not come with Ad-Watch) is a very effective scanner/cleaner, but it will not stop ad/spy-ware from infiltrating your system -- it can only remove it after the fact, which often requires several minutes (or even hours?) of tweaking after their removal.

Spybot Search & Destroy is my second choice, and except for its tendency to treat files quarantined by Ad-Aware as spyware (well, they are, but they're quarantined!) and to miss a few items that Ad-Aware finds, Spybot is very capable of keeping your PC (mostly) clean. But here's the catch: Spybot is freeware, so it is much more cost-effective than Ad-Aware, but remember the old addage: "You get what you pay for."

I've used both Ad-Aware (more extensively) and Spybot (somewhat extensively) for several months, and here's my suggestion: use Spybot or Ad-Aware's free version at home if your files aren't "top secret" or otherwise crucial to anyone's survival; use Ad-Aware Plus or Professional on business computers (where the company will pay for the license) or if you want to protect your computer from gathering ad/spy-ware in the first place.

There are other options out there, and remember that nothing is perfect... Some legitimate things will be deleted if you're not careful, and some illegitimate things will sneak through no matter how careful you are. The ad/spy-ware-war only marks our attempts to stay ahead of the game.

I've never used Adaware Professional, only the free Adaware. But, according to the info at http://www.lavasoftusa.com the Pro version support network control of Spyware/Adware. I can't say how easy it is to deploy and manage though.

I took some precautions with my computer to prevent spyware but my roommate managed to mess it up pretty good, since then I have taken the correct steps to ensure protection. This is what I recommend if you want to keep a Windows computer safe from everything without paying for anything.

Whenever possible enable Automatic Updates for all applications (including Windows itself), if that's not an option update manually on a weekly basis.

System Protection:

Only use admin account when necessary.

Virus/Worm Protection/Removal:

Install AVG
Don't use Outlook Express use Thunderbird

Hacker/Worm Protection:

Enable XP Firewall (easiest) or Zonealarm or Kerio (my favorite)

Adware/Spyware/Pop-up Protection:

Don't use Internet Explorer use **** Frefox ****
If you have to use IE install the Google Toolbar
Run Spyware Blaster to give IE &/or Firefox more protection.
Install Spyware Guard and place in all users startup group to give real-time protection.

Adware/Spyware Removal:

Run SpyBot & Ad-Aware
In my experience each product alone doesn't get rid of everything, using both is the best way to go.

OR

Just take the Absolute Cheapest & Most Effective route and install Linux.

********
If you install Firefox you will want the following plugins, use Firefox to download the plugins.

Shockwave
Flash
Java

http://www.spybot.info . That's all it takes. Have it run on people's windows startup and they're set.

Spybot Search & Destroy [Best spyware cleaner IMHO, also immunizes against re-installation]
Javacool's Spyware Blaster [works well in conjunction with Spybot]

I used to use Lavasoft's AdAware but after it wasn't updated for a while someone recommended Spybot which I've stuck with.

For that matter, how hard would it be to restrict which programs are allowed to create files with runnable extensions without prompting?

Lavasoft has products that do some of what you are asking about. However, I think the functionality that you are requesting should be provided by Microsoft and not be something a user has to go out and purchase.

As such, most crapware is not opt-in - only experienced and security-aware users know how to configure their systems to avoid it. Binning Internet Explorer is a good start, but using web-filtering software to block ActiveX, Java and Javascript (like Proxomitron, WebWasher or a firewall like Outpost), an application firewall (like System Safety Monitor) and a crapware scanner like AdAware or Spybot Search and Destroy are also necessary steps.

Linux users should not be complacent here either - almost all crapware currently targets Windows but can be written to run on Linux once it gains signifcant usage amongst mainstream users. Check Adware and Under-Ware - The Definitive Guide for a history of crapware.

Here is what gets installed after Windows XP Home SP1a and all the patches:

1. ZoneAlarm Personal Firewall
2. Norton SystemWorks 2004
3. Lavasoft Ad-Aware
4. Spybot Search & Destroy
5. BigFix
6. Adobe Acrobat Reader
7. Mozilla Internet Suite
8. JGSoft EditPad Lite
9. WinZip
10. Yahoo! Messenger

The first FIVE installs on any Windows system are in that order:

- a personal firewall, because you need one in order to connect an unpatched system to the net and survive
- all applicable service packs and security patches, approximately the size of the original OS install
- Antispy
- Ad Aware
- Anti Virus Program

That being finished, four hours later if you don't happen to have a prepared ghostable image, you can begin to actually install useful stuff.

• Putty - A free (GPL) SSH terminal emulator
• Winzip - Yeah, you know what this is
• VLC - Free media player
• OpenOffice.org - I should stop doing these descriptions, its not as if youve heard of these things before!
• GIMP for windows - Yup, the infernal/eternal image editor
• Sharpdevelop - Free (GPL) .net IDE, requires the .net framework and SDK
• Bloodshed Dev-C++ - Excellent free (GPL) C and C++ IDE, using the Windows GCC port
• Thunderbird - Mail client
• Firefox - Web browser
• Adobe Acrobat Reader - PDF Reader
• PDFcreator - GPL PDF print driver for windows
• MessengerPro (Clickatell) - Non free SMS sender for windows, company does good bulk buy sms rates, i buy 500 at a time for less than $5
• Lavasoft Adaware and Spybot SS - For the essentials in life
• Topstyle - Free version of the excellent CSS editor for webdevelopment, if anyone knows a good free alternative, im open to suggestions :)
• SmartFTP - Great free for personal use FTP client, not found a better one yet! (I have, Filezilla it is excellent AND fully GPL, none of this non free shit, bub. :-) )
• MySQL-Front - Old version of the MySQL windows front end, much much better than the new one you pay for. Source isnt open and the old developer discontinued development, possibly one of the best advertisements for why OSS is good :(
• Editplus - Possibly the best editor ive found, not free im afraid, costs around $25

VLC -, like you mentioned, Free media player is a great media player, it blew me away. Better then Window's media player, and I know that my porno viewing habits are not going straight to Bill Gates.

One you didn't mention is Filezilla which is a good GPL ftp program instead of SmartFTP if you want to try another one out. (I must confess I use LeechFTP since I haven't gotten use to Filezilla just yet, although if you are into hosting files Filezilla is even better).

winzip
realvnc
ad-aware
html-kit
irfanview
zonealarm
kazaalite
subspace/continuum
prime95
weatherbug
google toolbar

Considering the frequency with which I reinstall, here's my list for Windows (post-driver updates):

Mozilla Firefox - a must. even if it's not a necessity straight off as a browser, popup blocking makes it worth having immediately.
Trillian - what friends don't enjoy the logging on and off every 2 minutes as you have to reboot your comp for new settings to take place
SmartFTP - as a web developer this is a must, can't pretend to work without an FTP client.
Winamp (5) - I use it for everything media now. I'm an addict.
WinRAR - I know it's shareware but I still like it's ease of use and modifications to the Windows context menus.
Nero - my burning software of choice
ConTEXT - my editor of choice; see SmartFTP
Google Toolbar - unfortunately, I end up doing a lot of testing in IE and without this, I might as well kiss my peaceful browsing goodbye.
Spybot Search & Destroy - not so much of a necessity immediately, but the immunization qualities are great to set up from the get-go
Ad Aware - see Spybot

I hope that by formatting, and reinstalling you mean, restoring a disk image? Ghost is the best I've found, not free (beer or speech), but saves you _a lot_ of time. If anyone knows a free equivalent let me know. Oh, and as someone else probably have mentioned, Ad-Aware and Spybot might save you the trouble...

AdAware, Spybot, F-prot, AVG and Antivir.

Seems like there's no software to catch them all, each have a sublist of what can be infested.

The good news is that all of them are easy to keep up to date and FREE.

Most people are confident that their lovely anti-virus
telling them "no virus found" is enough.

But most of the time, you can have 4 out of 5 Anti-virus up to date saying everything is fine
and the 5th one still finds some crapt on your lovely Windows.