Author Topic: Virus - Malware - Firewall - or how to get it clean and keep it that way  (Read 2737 times)

0 Members and 1 Guest are viewing this topic.

Offline TB-AV

  • Honorable Ex-Mod
  • All Time Legend
  • *****
  • Posts: 14966
  • Good Vibes 329
Post your helpful information in this thread with regards to the topic. Flames not welcome. Bring the fact based advice and let the reader decide.

I will start.

Free Virus Software - my advice: Be aware of just what you are getting for free. Compare it to paid versions ( there is usually a chart ). Yes, they often work well but may not be as comprehensive. For instance they may protect you from a file opening on your computer that has a virus but may not protect your web browsing or email.

Gone

Offline Ragz

  • Stadium Superstar
  • ******
  • Posts: 3193
  • Good Vibes 35
  • Resident Spurs fan
    • Reliable Web Hosting @ 1&1
TB, good thread idea. I'll add something to your post...

Most a/v only software will not actively protect your web browsing. There's usually another more advanced version of an anti virus application which will though.
Such as Kaspersky Internet Security for example.

Be warned though:
The internet security suites are a lot less user friendly. Can get very annoying in "learning mode" and often eat more memory than you want from an a/v suite.

However, as with TB, i agree, compare features for several brands before you make your choice.


Offline misterg

  • Stadium Superstar
  • ******
  • Posts: 2552
  • Good Vibes 125
  • Wales, UK
Gentlemen,

I can't add anything to the advice on the MajorGeeks malware forum http://forums.majorgeeks.com/showthread.php?t=44525. The current version of the "How to protect yourself from Malware!" sticky quoted below, but I would encourage anyone to visit the site for the current information, and for advice on what to do if you think you have a problem. As well as the general advice, the guys there have helped me out big time twice.

Andy

Quote
How to protect yourself from malware!

Make sure you get your system protected from ocurrences of malware problems. Below are some simple steps you can take to reduce the chance of infection in the future. I strongly encourage you to do them all. There is no perfect solution for totally preventing malware from getting on your PC, however, these steps will help.


1. Visit Windows Update: Make sure that you have all the Critical Updates recommended for your operating system and IE. The first defense against infection is a properly patched OS. For anyone who is not yet running at least Windows XP SP2 (which you really should be running at a minimum if your PC supports it) see the below link before updating. If you already have Windows XP SP3 then you don't need to worry about SP2 since you are more current already.

    * Get Your PC Ready for Windows XP SP2

You should check for Windows Updates at least once a month. Go to the below link to get your updates or check to see if you need any:

    * Windows Update

Note: If you have problems getting your Windows Updates, see if the below thread helps:

    * Help with Windows Update

VERY IMPORTANT NOTE:

Before you decide to skip getting your Windows Updates for whatever reason you think you have, make sure you read the below link and understand the possible risks to your security.

Cleaning a Compromised System



2) Anti Virus: make sure you have one and keep it updated. Here are some good free ones if you don't have one already:

    * AntiVir Personal Edition - for Win 2K/XP/ Vista 32bit and 64 bit
    * Avast! Home Edition
    * Comodo AntiVirus - for Windows XP (SP2) / Vista (32 and 64 bit versions)
          o WARNINGS:
                + Ask Toolbar may be installed by default but you can uncheck this during the install or uninstall it anytime afterwards if you decide you do not want this feature later.
                + This includes both the a firewall and an antivirus. Do not install the firewall part if you already have a firewall.
    * PC Tools AntiVirus Free Edition - forWin 2K/03/XP/Vista
    * Microsoft Security Essentials for Windows XP
    * Microsoft Security Essentials for Windows Vista\Windows 7
    * AVG Free Edition - SEE BELOW NOTES and Warnings:
          o The newer AVG programs ( ones after AVG7.5) have been problematic for some people and it also falsely detects as problems, active-X killbit settings that SpywareBlaster and others have added to your registry to protect you. ( see this blurb from Grisoft: http://free.avg.com/ww.faq.num-1319#faq_1319 ). Due to these issues, caution is advised with using AVG8. See the following for additional info: http://forums.majorgeeks.com/showpost.php?p=1158394&postcount=2
          o Many people have found that AVG with LinkScanner and other features to be to resource hungry (becoming bloatware). You may want to install without LinkScanner and look into disabling certain other features. Check this link out: http://free.avg.com/ww.faq.num-1338
          o Warning: Personal observations are that AVG will dramatically slow down all operations of your PC so please be aware of this and take note if the general startup, shutdown, and overall operations appear to slow down. If you experience this, uninstall it, reboot, and use one of the other programs.

These are better than Symantec/Norton or McAfee because they are free and because they are not so system resource hungry. The recent versions of Symantec/Norton and McAfee have become very bloated. This does not mean they do not work. If you have either of them and are happy with it, stick with them. But whatever you choose remember to Only Run ONE AV! You can also find some additional antivirus programs here: AntiVirus Downloads These are not the only choices. There are many other commerical tools. Who is the best is an ever changing debate as performance tests performed one month will be different the next month.

3) Firewalls

A firewall is software or hardware that acts like a gate to help protect your computer against hackers and some computer viruses and worms that try to find unprotected computers that are connected to the Internet. This gate allows you to you to accept connections from sources you trust, and it keeps the gate closed for ones you don't trust. A firewall works by examining information coming from and going to the Internet. It identifies and blocks information that comes from a dangerous location or seems suspicious. If you set up your firewall properly, hackers searching for vulnerable computers cannot detect your computer (often referred to as a stealthed connection)


There are two kinds of firewalls:

   1. Hardware Firewall - normally built into a router if you use one. If you do have a router with a firewall, make sure you enable it. And also password protect your router, especially if it is a wireless router. Wireless routers can be less secure because they use radio frequencies to communicate with your PC. So if you use a wireless router, you can help enhance the security of your network by enabling the firewall and by requiring a password to connect to your network. Make sure you also enable encryption on your wireless network.
   2. Software Firewall - special software that you must install. Use a software firewall even if you do have a hardware firewall. But only use one software firewall. Running multiple software firewalls is unnecessary and using more than one software firewall on the same connection could cause issues with connectivity to the Internet or other unexpected behavior.

If you don't have a Software Firewall, get one of these below. You can try the ones listed below. They are listed in an order of best to worst based upon leaktesting that has been perfomed by Matousec You will notice that the Windows XP SP2 is the worst performer on the list. I don't care if you're on dial up or High Speed....you must have a firewall or you can get infected faster than you can download any tools to fix your problems. If you use Vista, make sure you check for compatibility before choosing a firewall. The firewalls list with blue links are free, the ones in green are not free.

    * Comodo Personal Firewall
          o WARNINGS:
                + Ask Toolbar may be installed by default but you can uncheck this during the install or uninstall it anytime afterwards if you decide you do not want this feature later.
                + This includes both the a firewall and an antivirus. Do not install the antivirus part if you already have an antivirus.
    * Outpost Firewall Free
    * Outpost Firewall Pro - this version includes the below protection
          o Advanced firewall for secure connections
          o Antispyware to keep your PC spyware-free
          o Host protection to block zero-day threats
          o Web control to protect your PC from web-borne threat
    * Jetico Personal Firewall - shareware version
    * PC Tools Firewall Plus <-- make sure you uncheck the options to install Google Toolbar and Threatfire free edition. There's is no sense in installing excess baggage.
    * Online Armor Personal Firewall (free edition) - can be quite resource hungry so if you have limited memory and/or a slow processor, do not us this firewall.
    * ZoneAlarm Pro - this is not the free version
    * Jetico Personal Firewall v.1 - free version
    * Kerio Personal Firewall
    * Sygate Personal Firewall Free <--- with the Symantec acquistion of Sygate, I do not know how much longer this will be around or be free!
    * ZoneAlarmFree - no longer supports Win9x or Me platforms. The new 7 version of Zone Alarm free includes Zone Alarm Security Suite, making the download larger then it used to be. Do not install the Security Suite. Also the free firewall now has some minor nag screens.
    * Filseclab Personal Firewall Professional Edition

Notes:

   1. For Win XP SP2 users, after installing any of these firewalls, you must make sure to disable the firewall that is part of WinXP SP2. It is enabled by default, and it does not provide adequate protection and is only an incoming (uni-directional) firewall. Similar to antivirus applications, you must use only one software firewall. The information in the following will help you disable the firewall:Windows Firewall Some of the above firewalls may automatically disable the Windows firewall for you, but it is best to check for your self.
          * For additonal info about the problems with Windows XP SP2 firewall read these:
                o How Secure is Windows Firewall
                o Is Microsoft's Firewall Secure?
                o Windows Firewall Flaw may hide open ports
   2. For Vista users, your built-in firewall is better than the one in XP but most still feel that it is not a adequate firewall and lacks certain capabilities.
   3. We often get questions about testing your firewall for security and open ports. You can use sites like the below to do this:
          * http://www.hackerwatch.org/probe/
          * http://www.auditmypc.com/
          * http://www.grc.com/lt/leaktest.htm
          * http://www.pcflank.com/
          * http://www.personalfirewall.comodo.com/onlinetest.html

4) Get a Temp File/Cookies/index.dat cleaner

    * CCleaner

5) AntiSpyWare Tools


Three types of tools exist:

    * Realtime blocking (i.e. protection) tools that may also be a scanner and removal tool
    * after the fact scanner
    * non-realtime protection no scanner

Realtime blocking tools - pay tools and free tools - ONLY USE 1 REALTIME BLOCKER

    Pay Tools

    * SUPERAntiSpyware- (recommended purchase) if you purchase this, you get protection. It will only be a scanner (see below) if you don't buy it.
    * Malwarebytes Anti-Malware - if you purchase this, you get protection. It will only be a scanner (see below) if you don't buy it.
    * CounterSpy - 15 day trial!
    * Spy Sweeper - if you don't buy it, it will not fix anything
    * Spyware Doctor - if you don't buy it, it will not fix anything

    Free Tools

    * AntiVir Personal Edition - includes antispyware, anti-rootkit and more ( see: http://www.free-av.com/en/pages/6/comparative_chart.html ). Do not install another AV if using this.
    * Microsoft Security Essentials for Windows XP - includes antivirus and antispyware
    * Microsoft Security Essentials for Windows Vista\Windows 7 - includes antivirus and antispyware
    * Comodo AntiVirus + Firewall - Provides antivirus and firewall protection.
          o WARNINGS:
                + Ask Toolbar will be installed by default but you can uncheck this during the install or uninstall it anytime afterwards if you decide you do not want this feature later.
                + This includes both the a firewall and an antivirus. Do not install this if you already have an antivirus.
                + You may want to read the below link if your are unfamiliar with configuring protection software:
                      # Configuring CIS for Maximum Security with ZERO Alerts for Novices
    * Microsoft Windows Defender - this version is only for Windows 2003, XP and is not highly recommended as protection and scanning is not adequate.
    * SpyWare Guard - Not Recommened! - was quite useful at one time but now is very outdated and will not protect you from most new malware; however, having this installed is still better than no protection.
    * Spyware Terminator - this version does install their Web Security Guard toolbar which is like McAfee's SiteAdvisor.
    * Windows Defender for Vista
          o For Vista, Windows Defender has been much improved ( but still not the best choice but better than none ) and may be a useful free alternative and it comes already installed. On many PCs it is enabled by default. On others it is disabled by default. This may be a matter of the country where the PC is purchased.
    * AVG Free Edition - includes antispyware protection. Do not install another AV if using this.

After the fact scanning tools

    * SUPERAntiSpyware - free version has no realtime protection but provides a useful scan/removal feature. See the below link for a comparison of the free and paid version which is recommended
          o http://www.superantispyware.com/superantispywarefreevspro.html
    * Malwarebytes Anti-Malware - free versions is only a scan/removal tool.
    * AVG Anti-Spyware - Free version becomes scan only if you don't purchase after the trial period ( AVG Antispware has been discontinued as it is included in AVG8 AntiVirus )
    * SpyBot-Search & Destroy
          o Use the Immunize feature.
          o Use SDHelper which integrate into Internet Explorer to block your browser from downloading bad programs from known malware sites.
          o I don't recommend activating the TeaTimer which does provide realtime protection but has been problematic in the past. Some people have fewer problems with it then others so you may wish to give it a try as a realtime blocker and decide for yourself.
          o On Vista, Spybot will install a security center service.

Non-realtime protection no scanner

    * SpyWare Blaster Install it, click Download Latest Protection Updates, Check for Updates, and then Enable All Protection, then exit. SpywareBlaster is not a malware scanner or removal tool and uses no system resources except a little disk space. It does a great job of preventing malware from being installed in the first place! It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them from malicious websites.

What do we recommend ?

    * one realtime blocking tool from the list
    * Spybot - installed as recommended using SDhelper and Immunize
    * SpywareBlaster with all protection enabled.

IMPORTANT NOTEs:

   1. Use only one realtime blocker - I do not recommend using multiple full blown blocker/scanner/removal tools (like AVG Antispyware paid version, Comodo BOClean, CounterSpy, MS Windows Defender, SpySweeper, SpywareGuard, and Spyware Terminator) at the same time as a long term solution. Doing that temporarily to clean a system is okay, but long term you may find that it slows your system down too much. It is okay to run one of these, along with the other items listed above because the others are not too resource hungry (that is, as long as you do not use Spybot's Teatimer).
   2. Beware of Rogue Tools - There are loads of bad (also called rogue) anti-spyware programs available out there. You should familiarize yourself with the list maintained at the Spyware Warrior website. See: Rogue/Suspect Anti-Spyware Products & Web Sites

6) Adjust Active X security settings

    * In Internet Explorer, click Tools, Internet Options, Security. Click on the Internet globe. Then select Default Level, then click OK. Now select Custom Level and scroll down to the ActiveX controls and plug-ins section (some may already be set correctly):
          o Set Download signed Active X controls to Prompt
          o Set Download unsigned Active X controls to Disable
          o Set Initialize and Script ActiveX controls not marked as safe to Disable
          o Set Installation of desktop items to Prompt
          o Set Launching programs and files in an IFRAME to Prompt
          o Set Navigate sub-frames across different domains to Prompt
          o Set Allow paste operations via script to Disable (see: http://support.microsoft.com/kb/224993 )
          o Click OK and OK again.

7) Install a backup browser just incase you run into problems with Internet Explorer

Some malware can affect your browser's ability to connect to the internet. Since Internet Explorer is the built-in default browser for Windows, most people still have and use it. Thus it is the most likely candidate for being attacked by malware. At the current time ( Jan 2010 ), Internet Explorer is actually more secure than FireFox, Chrome, Opera and Safari. And IE8 does a better job at blocking malware too. In the past, people used to say "use Firefox, it's safer", this is not the case anymore since Firefox's popularity grew and it is frequent cause of malware problems now. In addition, recent reports show Firefox to have a greater number of security holes than IE.


The above being said, it is still a good idea to have a couple alternative browsers installed for the case where one gets broken ( either due to malware or for other reasons ) and internet access may be blocked with one browser and not the other. A few choices that you may want to look at are included below:

    * Mozilla FireFox
    * Google Chrome
    * Opera
    * Apple Safari for Windows

You must also remember that no browser will protect you from yourself. If you access questionable sites, download illegal pirated or cracked software, keygens...etc or go to porn type websites then no browser will be secure enough.

For people with young children, you may want to consider installing Glubble It is a FireFox addon for families with children under 12 years of age. It enables families to be sure they only see the best of the web. It allows you to control which sites your kids are allowed to access.


8) Make sure you are running the current version of Sun Java

    * See this: Updating Sun Java
    * Make sure you check that you have the lastest version of Sun Java installed by clicking the link. If you have an older version, install the new version and then remove all old versions. It would also be a good idea empty the Sun Java cache periodically because many baddies will store themselves there.
 

continued....

Offline misterg

  • Stadium Superstar
  • ******
  • Posts: 2552
  • Good Vibes 125
  • Wales, UK
...continued

Quote
9) Disable the AutoRuns Feature used to spread malware

    Run this procedure: Disabling AutoRuns

10) Use Passwords & Create Restricted User Accounts

All user accounts should have password protection. Especially on Win NT, 2K, XP, and 2003 systems. Make sure you do not leave the Administrator password account password blank. This is the default. Also it is a good idea to completely disable the Guest account. When you choose your passwords, choose them wisely. Do not make them too short and do not choose anything that would be easy to guess.

When creating user accounts on WinNT, 2K, XP, and 2003 systems, it would be a good idea to only have one account with administrator priviledges. Create all other user accounts as restricted users. Especially for your children. This will prevent them from installing anything that you do not approve and install for them. It will also save you a lot of time cleaning up the mess that will occur when they have unrestricted access to the PC.

It the most secure option would be to never surf the internet on an account having administrator priviledges, but doing this will cause certain difficulties for some people.


11) Security starts with you! Becareful what you download and from where!

    * There are loads of free programs and services out there that people just love to download from. These are programs like Kazaa, Imesh, etc. They quite often come bundled with lots of malware that will cause you significant problems. Misconfiguring these programs can leave you open to sharing personal and sensitive information from your PC (even passwords and financial information). Read this on how it has been used for identity theft:
          o http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html

    You are downloading unknown/untested files which may be infected from unknown sources directly onto your PC and while these programs are running you are sharing your PC with the whole world since these programs will allow others access to your PC bypassing the firewall and other security programs. I strongly advise avoiding these programs and servers completely. But if you must use them, choose more wisely. See the below link which can help you make a more educated choice:

    Spyware Info's Clean and Infected File Sharing Programs

    * Avoid installing services and applications which you do not use in your normal daily routines. It is not necessary for them to be loaded all the time. The above P2P programs are a great example of this. Many programs that autoload at startup can just be run on an as needed basis.
    * Also it should go without saying but....avoid the porn sites! They are notorious spreaders of more than one kind of smut. In addition many porn (and some non-porn) sites that have various forms of videos that they are trying to get you to watch online or download and watch, are causing vast amounts of people to become infected. These infections typically occur because the trick you into downloading a codec required (supposedly) to view the videos. What you normally wind up with is an infection that is grouped into the SmitFraud aka Zlob family of infections! Thus, DO NOT DOWNLOAD CODECS from anywhere except from a reputable site like Major Geeks!
    * Don't download cracks, serial numbers, cheats etc for commercial programs. Besides being illegal, you will often find you are getting more than you bargained for (i.e. malware!!!!).
    * Also be very careful to read popups before clicking on them. You probably do not want what they are selling and sometimes the correct answer may be the opposite of what you think. They will choose wording meant to confuse you.
    * Do not open e-mails coming from unknown or distrusted sources. Many viruses and trojans spread via e-mail messages. You can always check with the originator to see if they sent something to you.
    * Especially be careful with attachments. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.
    * Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it congests the Internet even more than it already is. If you respond to their email where it says something like "to be removed from our list", all you are doing is confirming your email address is valid and you just got yourself added to a load more spamming lists.
    * Never add any site to your Trusted Sites Zone unless it is absolutely necessary to run something you really need (like for work).
    * Finally, when installing any software, read the license agreement carefully before accepting. You may be surprised what you will find. Like thousands of people who had to have LOP infections and other malware removed from their PCs who did not read the license agreement in Messenger Plus (which is not related to Microsoft).

12) The True Story About Cookies!

    First let's get right to the point. Cookies are not problems that you need to be concerned with. Too many antispyware programs flag cookies and make them sound like they are high risk items. The truth is that they are not high risk problems and in most cases are actually very useful to you.

    This subject has long been debated on the internet and obviously there are many opinions about cookies. Cookies are not executable programs. They are simple text files stored on your PC to help websites (and you) track useful user settings and non-personal information, like which advertisement you last saw (which prevents you from seeing the same ad over and over again).

    Yes some cookies are often referred to tracking cookies, but tracking is more complicated then just having a cookie. Every website you visit would have to have knowledge of the particular cookie so that they could use it to add tracking info to it and to make use of it. You will see many antispyware programs indicating various cookies as tracking cookies and this can artifically make detection counts look very high. It is also a sore point when doing comparisons between antispyware programs. If one program detects cookies and another does not, it can make the one that does not detect them look like it is doing a bad job.

    Similarly it makes the one detecting them look like a great product since it picks up things the other missed. Thus most (not all) programs will detect cookies to avoid this hazard. Don't be fooled by cookie counting. If cookies are the only thing showing up, you are in good shape. They are not harmful and you can just ignore them or if so desired, you can easily clean them using your browser or other tools like CCleaner.

13) What to do if you do get infected!

    * If you still get an infection or already have one, you should follow the procedure given here READ & RUN ME FIRST. Malware Removal Guide . If this does not fix your malware problems then follow the instructions in the READ & RUN ME and create a new thread in the Malware Forum requesting help. Be sure to attach all of the logs requested in the READ & RUN ME and clearly explain your remaining problems.

14) How often should you run scans?

    A very common question is how often should I run scans. A good rule of thumb would be to run full scans at least twice a month. If you do an excessive amount of surfing and downloading (especially P2P or torrent downloading) you may want to make it a weekly scan.

    If twice a month is too much for your schedule then at a minimum you really should complete full scans once a month. And make absolutely sure that you keep all of your protection software up to date. Some scanners update multiple times per day so you should always update before running a scan.

15) Miscellaneous Tips

   1. Keep System Restore Enabled: Do not permanently disable System Restore. Many people do this and lose the safety net that it provides. It just could be the thing that saves you from having to do a total reinstall.
   2. User Account Names: Since many people are sensitive about their real names being seen in logs (although we do not consider it an issue), it would be a good idea to not use your real names on user accounts you create on your PC. Also it is a good idea to not use spaces or special characters (like & or others) in your account names. And use separate accounts for each user. Do not use combined accounts. For example, Kathy & Jim should have separate user accounts named Kathy and Jim And My User Account should be MyUserAccount
   3. Use Restricted User Accounts to Surf: It is highly recommended that you only use a Restricted User account ( note in Windows XP these are called Limited User accounts and in Vista they are called Standard User accounts ) while surfing the internet. This can help to keep certain malware infections off your PC since they may require admin level priviledges to do their dirty work. Some people find using restricted accounts full time to be too much of an annoyance. You can safely surf using an Admin account if you practice safe surfing, but many people are their own worst enemies and should really consider using Restricted User accounts.
   4. In line with # 3 above, don't give administrator priviledges to all user accounts. Have one user account ( the most knowledgable and reasonsible person ) be the administrator to keep tabs on what is being installed and used on the PC.
   5. Avoid Making Online Purchases On Public Computers - A hacker or thief can easily put a keylogger on a public computer that allows them to know everything you've typed including your credit card numbers and passwords. Stay away from public access computers when doing online shopping!
   6. Don't Save Your Credit Card Numbers Online - Many reputable sites give you the option to save credit card numbers online to make future purchases easy. However, if the company's database is ever successfully hacked, your information could be exposed. It's safer to re-enter your numbers with each transaction. After all what is more important to you, you financial security or saving a little bit of time typing.
   7. If you have Bluetooth software loading and Bluetooth is not required for mobile devices, it should be turned off. If you require its use, make sure that the device's visibility is set to Hidden so that it cannot be scanned by other Bluetooth devices. If device pairing must be used, make sure that all devices are set to Unauthorized, requiring authorization for each connection request. Do not accept applications that are unsigned or sent from unknown sources.

(If you go to the original in the link in my first post, there are embedded links to take you to the various procedures).

No appologies for posting the whole thing: This *is* important, but it is far from simple - as you can see. FWIW, I do about 70% of this.

Andy


Offline TB-AV

  • Honorable Ex-Mod
  • All Time Legend
  • *****
  • Posts: 14966
  • Good Vibes 329
Wow, looks simple enough...  :o

Dare I ask if anyone wants to also suggest some backup / disaster recovery strategies?
Gone

Offline old-and-in-the-way

  • Concert Hall Hasbeen
  • ****
  • Posts: 312
  • Good Vibes 5
  • That's what I heard him say
Install and use a flashblocker.  Flash stores cookies that allow third parties to build a profile of you and your browsing habits, but without the safeguards of regular browser cookies.  Flash is also increasingly being used as a cross browser and, to some degree, cross platform malware vector.

Block javascript, and allow only for trusted sites,  Same with ads -- block in general, permit only ads on sites where support is more important to you than privacy, or where the site is picky about what advertising is presented, and how (eg, justinguitar.com  on both counts ;-) ).  Ads on websites are not like ads on television or in the newspaper.  If you see the ad, the ad broker sees you, and can track you.

User tracking is more a personal security / identity security issue than a virus issue, but it's still important, IMNERHO.

<flame bait>
Don't use windows or macs.  Windows is badly designed, while Apple are lousy at shipping patches.  Both are bad.
</flame bait>

That last one was only a little bit serious ;-)

Offline TB-AV

  • Honorable Ex-Mod
  • All Time Legend
  • *****
  • Posts: 14966
  • Good Vibes 329
Gone

Offline thepicnicband

  • Arena Rocker
  • *****
  • Posts: 699
  • Good Vibes 21
  • London, UK
    • YouTube Picnic Band Channel
Yeah...!
When I first saw this thread I thought "don't go there" but misterg is right. The good folks at MajorGeeks are the ones to listen to. End of. I'm getting involved no further.
Ben
Epiphone AJ500RE, Takamine EG523SC, Vintage VE2000GG-12, Tanglewood MR750F, Vintage V100WR, Epiphone Sheraton II, Marshall AS100D Acoustic Amp, Marshall Lead 12 Mini-Stack

Offline DeadlyChicken

  • Stadium Superstar
  • ******
  • Posts: 3528
  • Good Vibes 22
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #8 on: September 29, 2010, 03:00:06 am »
a lot of good advice from the majorgeeks site, but a couple of things I would personally disagree with.
1 I use the windows firewall .. its fairly good at what it does and if you make sure that only the programs you want are allowed through it does a decent job.  I would supplement by using a router rather than connecting directly to the internet through a modem, and most routers also have a firewall that you can enable to add a layer of protection.

2  I turn off system restore .. its annoying, uses up way too much disk space, and viruses get in there and cannot be cleaned.

My rule of thumb is ... be careful where you go and what you install on your windows PC.  if you want to be reckless, install ubuntu and browse recklessly with that ;)
Gear:~
Electric
Epiphone Les Paul Std, Fender MIM Strat, Gherson SG copy
Amps
Roland Cube 30X, V Amp pro, Marshall DSL401
Acoustic
Ashton SL29CEQ, Fender Malibu SCE
FX
TU-2, crybaby JH-1b, DS-2, EH Stereo Memory Man w Hazarai

Offline Tourniquet

  • Honorable Ex-Mod
  • Stadium Superstar
  • *****
  • Posts: 4690
  • Good Vibes 72
  • Time exists in abundance until it runs out
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #9 on: September 29, 2010, 08:46:30 am »
1 I use the windows firewall .. its fairly good at what it does and if you make sure that only the programs you want are allowed through it does a decent job.

Last I checked Windows firewall only acts as an incoming firewall (doesn't stop programs dialing out). has been a long time though, have they added that?
       Road Case        Singing Primer guide

Offline old-and-in-the-way

  • Concert Hall Hasbeen
  • ****
  • Posts: 312
  • Good Vibes 5
  • That's what I heard him say
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #10 on: October 02, 2010, 06:09:28 pm »
My rule of thumb is ... be careful where you go and what you install on your windows PC.  if you want to be reckless, install ubuntu and browse recklessly with that ;)

What makes ubuntu so safe to be reckless with?  The threat profile may be different, but there is still a threat.  With the slow rise web-hosted applications, some attackers are more interested in the features of your webbrowser than your OS.  Ubuntu won't save you now -- anything that can execute javascript will be attacked, not to get to your machine, but to get to the information you have entrusted to "the cloud".

Disclaimer -- dyed in the wool GNU/Linux user.

Offline Dan Graves

  • All Time Legend
  • *******
  • Posts: 6607
  • Good Vibes 171
  • Like Tuesday; Gone, with the Wind.
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #11 on: October 03, 2010, 04:45:01 am »
Andy, with all due respect to your effort to contribute, majorgeeks isn't a great source for this kind of advice, and a lot of it is now getting fairly old.
SP2 for instance has been depricated, any pc-savvy microsoft user will tell you second tuesday of the month is patch tuesday, windows firewall is hopeless when infected by anything worse than light spyware...

And don't get me started on their 'holier than thou' spiel on not downloading cracks or serials, as there are more than enough ways to find safely cracked software.
If they want to be the 'morally superior' geeks that's fine by me, but let's face it, piracy has been a part of the pc community ever since Ward Christensen started the first BBS (CBBS, aka Computerized Bulletin Board System), and it's not going anywhere as long as there are geeks like yours truly around to do the cracking  ;D

Same with their warning of porn sites...
If you're the kind of guy who knows how to torrent, there's no reason not to visit porn torrent sites, and if you're the kind of guy who doesn't mind actually paying for high profile porn sites, there are NO REASONS beyond moral ones to avoid those sites.

I'm also glad to see you excluded their little talk about how to clean an infected system though, as it was just insanity.
The one sure fire way to mess things up is to boot into your system and try to resolve your problem when you don't really know what you're doing.
The best way to do that sort of thing is to use a 'live' rescue cd like a BartPE, UBCD4Win or similar with built in AVS and cleaning tools, or to simply LET THIS GET DONE BY THE EXPERIENCED GEEKS WHO'VE DONE THIS A MILLION TIMES BEFORE.

Can't stress that last one enough, really.

Offline misterg

  • Stadium Superstar
  • ******
  • Posts: 2552
  • Good Vibes 125
  • Wales, UK
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #12 on: October 03, 2010, 08:30:13 pm »
Andy...

Me?  ???

I don't disagree with anything you wrote, but if the average joe follows that list they will be 10,000 x better off than doing nothing.

If you can point us to a better general guide, then I'm all ears :)

I was a BBS user when www was just a speech impediment.

Andy

Offline Ragz

  • Stadium Superstar
  • ******
  • Posts: 3193
  • Good Vibes 35
  • Resident Spurs fan
    • Reliable Web Hosting @ 1&1


Offline Dan Graves

  • All Time Legend
  • *******
  • Posts: 6607
  • Good Vibes 171
  • Like Tuesday; Gone, with the Wind.
Re: Virus - Malware - Firewall - or how to get it clean and keep it that way
« Reply #14 on: October 21, 2010, 12:21:18 am »
another reason to stop paying for anti virus software...
http://news.softpedia.com/news/Microsoft-Security-Essentials-Outperforms-Paid-Antivirus-in-AV-Test-162064.shtml

You do realise that in 2 months, the numbers will probably be way different again, right ?
The rate at which new malware strains and new exploits pop up these days is staggering.
It could well be that in 2 months time, AVG or Avira comes out on top as the free winner, with something like Symantec or Eset taking the lead for paid products.

 

Get The Forum As A Mobile App