Defending your computer against worms and viruses

victoriastrauss

Writer Beware Goddess
Kind Benefactor
Absolute Sage
Super Member
Registered
Joined
Feb 11, 2005
Messages
6,704
Reaction score
1,314
Location
Far from the madding crowd
Website
www.victoriastrauss.com
James D. Macdonald
Your Genial Uncle
Absolute Sage

Join Date: Feb 2005
Location: New Hampshire
Posts: 4,809
reputation_pos.gif
reputation_pos.gif
reputation_pos.gif
reputation_pos.gif
reputation_pos.gif
reputation_highpos.gif
reputation_highpos.gif
reputation_highpos.gif
reputation_highpos.gif
reputation_highpos.gif
reputation_highpos.gif



Over on the PA boards, there's this thread:

BE CAREFUL WHAT YOU OPEN!!!!!



UNFORTUNATELY MY WIFE OPENED E-MAILS FROM THE SCAM ARTISTS CLAIMING YOU HAVE WON A MAJOR LOTTERY. WE WON SOMETHING FOR SURE. A WORM THAT IS EMBEDDED ON MY COMPUTERS HARD DRIVE THAT DEVOURS FILES. THE ONLY FIX IS TO REPLACE THE HARD DRIVE OR TRASH THE COMPUTER. I'M THANKFUL I HAD BACK UP DISCS IN PLACE FOR MY SECOND BOOK WHICH IS A LITTLE OVER HALF COMPLETE. BE CAREFUL GUYS AND GALS ONLY OPEN MAIL FROM SENDERS YOU KNOW YOU CAN TRUST.


Please tell this person NOT TO TRASH HIS HARD DRIVE JUST YET!


If you are this person's friend, please tell him to do the following:

Turn off System Restore.

Then:

Run TrendMicro Housecall http://housecall.trendmicro.com/

Download and install:

ZoneAlarm Firewall http://www.download.com/3000-2092-10039884.html

Download and run:

AVG AntiVirus http://free.grisoft.com/freeweb.php/doc/2/

Download and run:

AdAware SE: http://www.lavasoftusa.com/software/adaware/

Download and run:

Spybot S&D: http://www.safer-networking.org/

Download and run:

Spyware Blaster: http://www.javacoolsoftware.com/spywareblaster.html

Download and run:

Windows Defender Beta 2: http://www.microsoft.com/athome/sec...re/default.mspx

Download and install:

All Windows Updates.

All of the above programs are FREE. Yes, this can be time-consuming. Cheaper and faster than trashing your computer and everything on your hard drive, though.

Add to this:

Tuneup Utilities 2006: http://www.tune-up.com/

This is 30-day trialware. Use it to clean up your disk and your registry after you've cleaned out the viruses/trojans/spyware.

I do not have any personal stake in any of those programs.

There's one more that I recommend. My personal interest in this is that I know the guy who wrote it. This is shareware (I don't make a dime on it, though):

Greyware Registry Rearguard (GRR): http://www.greyware.com/software/grr/

Shareware, like I said, but it doesn't expire even if you don't pay for it.


IF YOU'RE RUNNING A WINDOWS MACHINE, DO ALL OF THIS STUFF NOW, BEFORE YOUR COMPUTER DIES. DO NOT RUN A MACHINE ON THE INTERNET THAT DOESN'T HAVE SERIOUS ANTI-VIRUS/ANTI-SPYWARE/FIREWALL PROTECTION.
__________________





user_offline.gif
James D. Macdonald
View Public Profile
Send a private message to James D. Macdonald
Send email to James D. Macdonald
Visit James D. Macdonald's homepage!
Find More Posts by James D. Macdonald
Add James D. Macdonald to Your Buddy List
 
Last edited by a moderator:

L M Ashton

crazy spec fic writer
Super Member
Registered
Joined
Mar 26, 2005
Messages
5,027
Reaction score
518
Location
I'm not even sure I know anymore...
Website
lmashton.com
One comment to add...

If your anti-spyware, anti-virus, anti-whatever software doesn't have updated anti-virus or anti-whatever definitions, then it'll only catch those viruses that are older than when your most recent definitions are created.

Consider that 1200 new viruses were detected in January 2001 (according to one source I found) and the number of viruses detected each month is larger than the month before. According to Internet Security Systems , there were 71,402 virus attacks reported in the fourth quarter of 2000 alone.

At any rate, a whole lot of new viruses are created every day/week/month. If you don't update your anti-virus definitions regularly - and by that, I mean at least weekly - then you are not protected against the newest ones.

As well, you can tweak the settings within your anti-virus program so that the software will detect virus-like programming. Consider that most anti-virus programs have new definitions once or twice a week, there are new viruses created within that time that you won't be protected from. Paranoid settings within the anti-virus software can help prevent infection from new virii.
 

poetinahat

say it loud
Kind Benefactor
Super Member
Registered
Joined
Apr 12, 2005
Messages
21,851
Reaction score
10,441
Amen. Firewall, anti-virus, and anti-spyware software really isn't optional. Not if you want your computer to live.

I just use the Windows firewall along with AVG and Spybot. I've heard ZoneAlarm has a reputation as a resource hog (same as Norton). My laptop does run a lot better without Norton, I find.

Anybody have other experiences on this?
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
I've had issues with ZoneAlarm - for instance, it wouldn't let me access cPanel on a couple of my websites, even after I opened the cPanel port on the firewall :p Never found out why but never had any luck with several ZoneAlarm versions either ...

Norton AV is pure and simply a pig :p It sucks up resources at a rate and slows down your machine. AVG (either the free version or the paid version) gets my vote for ease of use, regular updates, low resource usage and for low false-positives :) You can get the free version here - and no, I don't work for them or get a commission :p Their Anti-Virus + Firewall is pretty good too if all you want is a basic firewall without too many frills :)
 

poetinahat

say it loud
Kind Benefactor
Super Member
Registered
Joined
Apr 12, 2005
Messages
21,851
Reaction score
10,441
My father-in-law -- who's semi-retired and looks into these things for the fun of it -- mentioned to me that one of the Australian PC magazines did a head-to-head comparison of virus programs. They loaded several hundred viruses, Trojans, worms, etc. onto a box. Varying complexities, some more insidious and hidden than others.

Apparently, the big-money contenders -- Norton, Trend Micro, for two -- found, say, half or three-quarters.

AVG -- the FREE software -- got every single one.
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
I've had at least two instances where I had Norton AV installed with updated definitions and regular scans which claimed the computer was absolutely clean and then I'd install AVG and it finds a virus :p Of course, I have always treated this with a bit of scepticism since anti-virus companies have been known to put a few viruses into the wild to stir things up. Of course, I'm not accusing AVG of doing this but I'm paranoid enough to always wonder, "What if?" :)
 

Jamesaritchie

Super Member
Registered
Joined
Feb 13, 2005
Messages
27,863
Reaction score
2,311
poetinahat said:
My father-in-law -- who's semi-retired and looks into these things for the fun of it -- mentioned to me that one of the Australian PC magazines did a head-to-head comparison of virus programs. They loaded several hundred viruses, Trojans, worms, etc. onto a box. Varying complexities, some more insidious and hidden than others.

Apparently, the big-money contenders -- Norton, Trend Micro, for two -- found, say, half or three-quarters.

AVG -- the FREE software -- got every single one.

It works the other way, as well. We have a Windows machine here that is connected to the internet via DSL, and had updated AVG on it. I tried Norton recently, and it picked up seven viruses that AVG missed. McAfee picked up only two that AVG missed.

I've run Norton on other Windows machines that had AVG, and there, too, Norton picked up several things that AVG had missed.

From my experience, AVG, Norton, and McAfee all pick up the more serious threats, but each of them misses something. But after running Norton on several machines previously protected by AVG, I won't use AVG again on my main computer.
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
Jamesaritchie said:
From my experience, AVG, Norton, and McAfee all pick up the more serious threats, but each of them misses something. But after running Norton on several machines previously protected by AVG, I won't use AVG again on my main computer.

I guess it's a case of each to their own James :) I will not use Norton AV on my computer at all because it actually slows things down - even on a fairly hefty machine.
 

alleycat

Still around
Kind Benefactor
Super Member
Registered
Joined
Apr 18, 2005
Messages
72,873
Reaction score
12,224
Location
Tennessee
I regularly run a variety of anti-virus/anti-spyware programs, including Spy-bot, ad-aware, Registry Mechanic, Norton, Spyware Doctor, and a couple of others. Plus I run Clean-up! every time I log off. I find that most people have a firewall and anti-virus protection, but don't use a registry check program. The worse of the viruses will affect your registry, which is why they're so hard to get rid of.

ac
 

poetinahat

say it loud
Kind Benefactor
Super Member
Registered
Joined
Apr 12, 2005
Messages
21,851
Reaction score
10,441
Unless, of course, you run an OS that doesn't use a registry.
 

alleycat

Still around
Kind Benefactor
Super Member
Registered
Joined
Apr 18, 2005
Messages
72,873
Reaction score
12,224
Location
Tennessee
poetinahat said:
Unless, of course, you run an OS that doesn't use a registry.
Oh, Mr. Smarty-Pants! I'm putting a virus hex on you.
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
alleycat said:
I regularly run a variety of anti-virus/anti-spyware programs, including Spy-bot, ad-aware, Registry Mechanic, Norton, Spyware Doctor, and a couple of others. Plus I run Clean-up! every time I log off. I find that most people have a firewall and anti-virus protection, but don't use a registry check program. The worse of the viruses will affect your registry, which is why they're so hard to get rid of.

Not trying to gainsay the efficacy of a registry cleaner alleycat but all a registry cleaner usually does is to find registry entries which don't refer to an existing application/file or is not necessary any longer and to remove those entries so as to keep the Windows registry neat and trim. Of course, we might be talking about two different types of cleaners since some of the newer ones might target specific entries added by known viruses as well. Still, it probably is better to prevent the virus getting into your system at all in the first place :)
 

alleycat

Still around
Kind Benefactor
Super Member
Registered
Joined
Apr 18, 2005
Messages
72,873
Reaction score
12,224
Location
Tennessee
Fahim said:
Not trying to gainsay the efficacy of a registry cleaner alleycat but all a registry cleaner usually does is to find registry entries which don't refer to an existing application/file or is not necessary any longer and to remove those entries so as to keep the Windows registry neat and trim. Of course, we might be talking about two different types of cleaners since some of the newer ones might target specific entries added by known viruses as well. Still, it probably is better to prevent the virus getting into your system at all in the first place :)
I got the Trojan.Vundo.B virus last year (which got through the Norton firewall). It affected the registry. I first tried one of the Vundo removal programs but that didn't do it. I then tried the manual approach to cleaning up the registry but without complete success. I then used a procedure of running several anti-virus programs in a row, including the registry program and that finally worked. Still, I'm not an expert on systems (I got tired of being one back when I was still using Unix).

By the way, I found the Atribune website to be a big help when you do get a virus you can't get rid of. They list step-by-step procedures on some of the nasty bugs.
 
Last edited:

ChunkyC

It's hard being green
Kind Benefactor
Super Member
Registered
Joined
Feb 11, 2005
Messages
12,297
Reaction score
2,135
Location
trapped between my ears
Great thread with great advice.

I used to champion Norton Antivirus for years. It's still one of the top products at sniffing out viruses, but like others have noted, it has become a bloated resource pig that makes working on anything other than a screaming fast system a tedious experience.

AVG is a great product that makes hardly a dent in a system's performance even on an old win98se/Pentium 166/64MBram.

Bitdefender is another superb program. I have the corporate version I use on my email server at work set to check for updates hourly. It's just past noon here, and between last evening at about 7 p.m. and now, Bitdefender has downloaded and installed NINE updates. The antivirus software running on our workstations goes for months without detecting anything, which means nothing is getting past Bitdefender.

I haven't used the personal version, so I don't know how fast they push updates out to home users, but that is some serious protection they offer.
 

veinglory

volitare nequeo
Self-Ban
Registered
Joined
Feb 12, 2005
Messages
28,750
Reaction score
2,933
Location
right here
Website
www.veinglory.com
I am currently fighting what seems to be spyware that sends my browser or a pop up to adult friend finder or sysprotect. I am running spybot, adaware and MS windowx spyware detector and still not getting it. Any ideas? Is it not spyware after all but something else?
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
veinglory said:
I am currently fighting what seems to be spyware that sends my browser or a pop up to adult friend finder or sysprotect. I am running spybot, adaware and MS windowx spyware detector and still not getting it. Any ideas? Is it not spyware after all but something else?

Could it be a specific site that you visit? For instance, I have a mail account at email.com and while I do have popups turned off on FireFox for email.com, it still somehow manages to launch a popup sometimes when I visit the site. I haven't bothered to figure out why though :p Could this be something similar? Or do the popups appear for all sites and at all sorts of odd times? Is there any discernible pattern?
 

Anya Smith

House Dragon
Super Member
Registered
Joined
Mar 8, 2006
Messages
817
Reaction score
361
Location
USA
Website
www.alnitak-z-orionis.com
Fahim said:
I've had issues with ZoneAlarm - for instance, it wouldn't let me access cPanel on a couple of my websites, even after I opened the cPanel port on the firewall :p Never found out why but never had any luck with several ZoneAlarm versions either ...

Norton AV is pure and simply a pig :p It sucks up resources at a rate and slows down your machine. AVG (either the free version or the paid version) gets my vote for ease of use, regular updates, low resource usage and for low false-positives :) You can get the free version here - and no, I don't work for them or get a commission :p Their Anti-Virus + Firewall is pretty good too if all you want is a basic firewall without too many frills :)


Is the AVG you refer to AntiVir? That's what I use.
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
Anya Smith said:
Is the AVG you refer to AntiVir? That's what I use.

It's two different products Anya :) I've used AntiVir as well and if you want to give AVG a try (it's free), you can get it from here :)
 

Anya Smith

House Dragon
Super Member
Registered
Joined
Mar 8, 2006
Messages
817
Reaction score
361
Location
USA
Website
www.alnitak-z-orionis.com
Fahim said:
It's two different products Anya :) I've used AntiVir as well and if you want to give AVG a try (it's free), you can get it from here :)

Fahim, can you use two or three antivirus programs? For more security? I heard you're not supposed to.
 

Fahim

Mad coder, lazy writer
Super Member
Registered
Joined
Jan 3, 2006
Messages
1,701
Reaction score
95
Location
Sri Lanka
Website
www.farook.org
Anya Smith said:
Fahim, can you use two or three antivirus programs? For more security? I heard you're not supposed to.

You shouldn't, Anya :) It just messes things up. For one thing, it slows down file access and stuff if you have on-access scanning because each file that is accessed has to be scanned by multiple virus scanners. Besides that, some virus scanners identify the virus databases of other scanners as viruses because they detect virus signatures in there and so they just tend to get in each others way :p I usually install one, try it out, uninstall it and then install another and try it out. When I find one that I like then I go back to that one after the round of testing :)
 

Humourwriter

Insert witty slogan here
Super Member
Registered
Joined
Feb 24, 2005
Messages
121
Reaction score
14
Location
Brisbane, Australia
Website
humourwriter.com
I used Norton's AntiVirus for a while, until it decided to delete an infected file that just happened to be my inbox. I used AVG for quite a while, but then switched to NOD32 (www.eset.com), and haven't looked back. Great program, and very unobtrusive.

One more thing you can do to stop the bad stuff is to stop using Internet Explorer. I only use it for one site: Windows Update. For everything else, I use Firefix (www.mozilla.com).

Bill.
 

NickDangr

Super Member
Registered
Joined
May 11, 2005
Messages
665
Reaction score
153
Location
West Coast of FL
Hey folks,

Maybe there're enough answers but I figure I can add mine too just the same.

I do a few things to protect the LAN we have at home (network of 5 PCs). We have a Cable connection @ home, so we're online all the time - protection is important.

1) We run a router/firewall. It bounces pings etc... so that outside sources don't necessarily see our presence on the web.


2) Each PC has Symantec Antivirus, Enterprise Edition... expensive, but my company covered it. Just the same no matter what you do always have an antivirus package. NOD32 was mentioned earlier - I've used that in the past also with good relative success.

3) Each PC has a copy of Windows Defender / Microsoft Antispyware on it... except for the Linux machine. The kids chat (using Trillian) and surf web pages at MySpace etc... quite a lot, so their computer has several AntiSpyware packages on it. I've only left the Windows Defender enabled full time - the others exist just in case we want to scan and check. There are other decent packages available - I happened to use the free one this time.

4) E-mail... there are some decent programs available that screen your e-mail before it comes in for malformed HTML, worms, phishing, etc... I've had a lot of success with Firetrust's Mailwasher and B9 (Benign).

That's about it... really the only other thing you can do is be paranoid beyond reason.

Use common sense... and if you doubt an e-mail or a webpage someone wants to send you to, research it. I use Google a lot and search for specific groups of words within e-mails, for example, when I'm checking hoaxes... for example "common sense... and if you doubt an e-mail" searched within quotes exactly as shown will look for that phrase.

<shrug> Just my 2 pennies... won't even buy ya a gumball. Good luck!

In truth, I back everything up and assume I'm going to reload every computer at least once every year or two.

Incidentally - I don't believe any package that today picks up every worm and trojan will get tomorrow's worms and trojans. Its the nature of script kiddies and malicious software creators to find ways around security and protection. Make sure your software has options for automatic updates etc...
 
Last edited:

Anya Smith

House Dragon
Super Member
Registered
Joined
Mar 8, 2006
Messages
817
Reaction score
361
Location
USA
Website
www.alnitak-z-orionis.com
Fahim said:
It's two different products Anya :) I've used AntiVir as well and if you want to give AVG a try (it's free), you can get it from here :)

LOL, I don't know how to download anything. I'll stay with AntiVir, but thanks Fahim. You're so helpful.:)