Computer Security

[NoblePlatOne 19]

You usually get infected because your security settings are too low.

 

Here are a number of recommendations to help tighten them, which will hopefully make you a less likely victim:

 

 

 

Safe Computing Practices

 

 

1.) Keep your Windows updated!

 

* Go to Start > Windows Update or navigate to http://windowsupdate.microsoft.com, and install ALL Critical security updates listed (you will need to use Internet Explorer to do this). If you're running Windows XP, that includes Service Pack 3, see http://support.microsoft.com/kb/322389 for details.

If you are running Vista, see http://support.microsoft.com/kb/935791

 

* If you suspect your computer is infected with Malware of any type, please do NOT install any updates yet. Take your computer to a local expert, or find on-line help. Two very good, and free, on-line sites are http://SpywareInfoForum.com and http://BleepingComputer.com.

 

* It's important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

Please either enable Automatic Updates under Start > Control Panel > Automatic Updates, or get into the habit of checking for Windows updates regularly.

 

2.) Watch what you download!

 

* Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself.

 

* Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others are amongst the most notorious. If you insist on using P2P software, please read this article http://www.malwareremoval.com/p2pindex.php for information on Clean and infected P2P Programs.

 

* Note also that even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected. Do not open any files without being certain of what they are!

 

3.) Avoid questionable web sites!

 

* Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders.

 

* Most of these drive-by attempts will be thwarted if you keep your Windows updated and your internet browser secured (see below). Nevertheless, it is very important only to visit web sites that are trustworthy and reputable.

 

* In addition, never give out personal information of any sort online. And never click "OK" to a pop-up unless it is signed by a reputable company and you know what it is!

 

* For more general information see the first section, "Educate yourself and be smart about where you visit and what you click on", in this tutorial by Grinler of BleepingComputer: http://www.bleepingcomputer.com/tutorials/tutorial82.html

 

Must-Have Software

*NOTE*: Please only run one anti-virus and one anti-spyware program (in resident mode) and one firewall on your system. Running more than one of these at a time can cause system crashes and/or conflicts with each other. Of the following programs, passive protection like SpywareBlaster, IE-SPYAD and MVPS Hosts file can be used with active resident protection programs effectively. The free version of Malwarebytes' Anti-Malware is an on-demand scan and clean program that will also not conflict with resident protection, Spybot is also on-demand but has resident protection if the Teatimer function is used. Only one scan at a time should be run.

 

 

4.) Antivirus

 

* An Anti-Virus product is a necessity. There are many excellent programs that you can purchase. However, we choose to advocate the use of free programs whenever possible. Some very good and easy-to-use free antivirus programs are Avast (http://www.avast.com/free-antivirus-download) and AntiVir (http://www.free-av.com/). Please run only one antivirus resident at a time!

 

* It's a good idea to set your antivirus to receive automatic updates so you are always as fully protected as possible from the newest threats.

 

5.) Internet Browser

 

* Many malware infections install themselves by exploiting security holes in Microsoft Internet Explorer. It is strongly suggested that you consider using an alternate browser.

 

* Both Mozilla Firefox(http://www.mozilla.com/en-US/firefox/) and Opera (http://www.opera.com/) are next-generation browsers that are more secure and faster than Internet Explorer, immune to most known browser hijackers, and outfitted with built-in pop-up blockers and other useful accessories.

 

6.) Firewall

 

* It is critical that you use a firewall to protect your computer from hackers. We don't recommend the firewall that comes built into Windows XP. It doesn't block everything that may try to get in, it doesn't block anything at all outbound, and the entire firewall is written to the registry. (The built-in Vista firewall blocks both incoming and outbound, but is still written to the registry). Since most malware accesses the registry and can disable the Windows firewall, it's preferable to install one of these excellent third party solutions.

 

* Two good free ones are Online Armor (http://www.online-armor.com/products-online-armor-free.php) and Outpost (http://free.agnitum.com/). The trial version of Sunbelt Kerio Personal Firewall (http://www.sunbeltsoftware.com/Home-Home-Office/Sunbelt-Personal-Firewall/) will also work in "free mode" after the trial period expires. Please only use one firewall at a time!

 

7.) Install Javacool's SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html

 

* This excellent program blocks installation of many known malicious ActiveX objects. Run the program, download the latest updates, "Enable All Protection" and you're done. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.

* Don't forget to check for updates every week or so. Also see this tutorial by Grinler: http://www.bleepingcomputer.com/tutorials/tutorial49.html (Note: This tutorial is for an earlier version, so there may be some minor differences)

 

8.) HOSTS file

 

* Another good program is MVPS HOSTS. This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.

* For information on how to download and install, please read this tutorial by WinHelp2002: http://www.mvps.org/winhelp2002/hosts.htm

 

Other Cleaning / Protection Software

 

9.) Spybot

 

* Spybot Search & Destroy (http://www.safer-networking.org/en/home/index.html) is a good free scanner. See this topic for instructions on how to run a scan with Spybot: http://www.spywareinfoforum.com/index.php?showtopic=18080

* Spybot has an "Immunize" feature which works roughly the same way as SpywareBlaster above.

* Another feature within Spybot is the TeaTimer option. TeaTimer detects when known malicious processes try to start and terminates them. It also detects when something wants to change critical registry keys and prompts you to allow this or not. See this tutorial by Grinler for more information: http://www.bleepingcomputer.com/tutorials/tutorial43.html (Note: Tutorial is for an earlier version, so there may be some minor differences)

 

10.) Malwarebytes' Anti-Malware

 

* An outstanding all-purpose anti-malware scanner and cleaner is Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam.php). Although there is also a paid version with added features, the free version is fully functional.

See This Article for details on how to download and scan with Malwarebytes' Anti-Malware: http://www.spywareinfoforum.com/index.php?showtopic=116570

11.) Windows Defender

 

* Microsoft now offers their own free malicious software blocking and removal tool, "Windows Defender" (http://www.microsoft.com/windows/products/winfamily/defender/default.mspx). It also features real-time protection.

 

12.) Lock down ActiveX in Internet Explorer

 

* Even if you plan to use an alternate browser, you will have to use Internet Explorer for tasks like updating Windows or visiting any other site that requires ActiveX. Also, since Internet Explorer is integrated into the Windows core, keeping it locked down is very important.

 

*For IE7 and IE8, open IE and go to Tools > Internet Options > Security > Internet, then press "Default Level", then OK.

o For IE6, now press "Custom Level."

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".

* Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option > Security.

* So why is ActiveX so dangerous that you have to increase the security for it? When your browser runs an ActiveX control, it is running an executable program, no different from double-clicking an exe file on your hard drive. Would you run just any file downloaded off a web site without knowing what it is and what it does?

 

 

 

 

If you have any questions, please post them for me to answer. :D

[SalvadorSTM 20]

All you really need is antivirus...

 

Installing extra stuff will just make ur pc slower....... :lol:

[Albedo 7]

All you really need is antivirus...

 

Installing extra stuff will just make ur pc slower....... :lol:

+1

[r_Pin4er1630 25]

Eset Nod32 and NP :) . Also, nice variant will be Kasperskiy.

[r_AdvocatusDiaboli0 861]

I don't have an Antivirus. The only protection system I'm using is Windows Firewall and Microsoft Security Essentials.

[NoblePlatOne 19]

I don't have an Antivirus. The only protection system I'm using is Windows Firewall and Microsoft Security Essentials.

MSE is an antivirus, with antispyware. I would strongly encourage you to use a better firewall.

[NoblePlatOne 19]

All you really need is antivirus...

Absolutely wrong!!!

[SalvadorSTM 20]

All you really need is antivirus...

Absolutely Supercalifragilisticexpialidocious!!!

 

Is what u ment to say

[r_V-L-A-D0 1]

I have got a Dr. Web. Greate antivirus!

[r_AdvocatusDiaboli0 861]

I don't count anything from Microsoft as an AV.

[Goldeneagle 9]

Dont update if u are in Pakistan cuz u dont get a genuine windows.

It ll trouble u if u have a fake copy.

Also just get an AVG anti virus and make regular scans every other day if u have 1Gb ram or more.

If less do after every 3 days.

[r_AdvocatusDiaboli0 861]

I got a pirated Windows and Its up to date, Service pack 1 at the moment. :P

[r_mehdadoo0 0]

Bunch of a**h****.

 

Want to get yourself secure? pay me 100 dolors you earned hard each month and get yourself a Nod, Casper or anything else i tell you.

First, viruses don't exist, if there is any, Nod created them. Second, move on to Linux Ubuntu and forget about anti viruses at all.

 

Since idiots like you live, antivirus companies never go banckrupted

[r_AdvocatusDiaboli0 861]

Totally agree with mehdadoo on this part, as long as You don't have an AntiVirus, you wont get a virus.

[NoblePlatOne 19]

Bunch of assholes.

 

Want to get yourself secure? pay me 100 dolors you earned hard each month and get yourself a Nod, Casper or anything else i tell you.

First, viruses don't exist, if there is any, Nod created them. Second, move on to Linux Ubuntu and forget about anti viruses at all.

 

Since idiots like you live, antivirus companies never go banckrupted

I am willing to give you the benefit of the doubt, and take this as an odd sense of humor. If, however, you truly believe this, then you are only showing your extreme ignorance. Of course, you could be part of the malware writing community. Check out these articles:

http://blogs.paretologic.com/malwarediaries/index.php/2010/05/13/the-dark-world/

http://www.spywareinfoforum.com/index.php?/topic/129181-the-growth-of-malware/

http://blog.trendmicro.com/spotlighting-the-botnet-business-model/

http://www.reuters.com/article/2010/02/03/us-cybersecurity-badguys-idUSTRE61205W20100203?type=technologyNews

[NoblePlatOne 19]

Totally agree with mehdadoo on this part' date=' as long as You don't have an AntiVirus, you wont get a virus.[/quote']

That like saying if you don't go to the doctor, you can't get sick.

[AstroApollo 81]

I'm a Windows user so what I use is Microsoft Security Essentials it is a great antivirus and it's totally free. It's that simple.

[r_AdvocatusDiaboli0 861]

That like saying if you don't go to the doctor' date=' you can't get sick.[/quote']

 

I'd disagree, What would the main cause of a virus, be? Why would the virus maker want to destroy our computer?

While for diseases, the cause of the disease is mostly a micro-organism. (The micro-organism needs us for his own reasons, figure the rest out yourself)

[NoblePlatOne 19]

Thank you for asking questions, koolwalky. That means you are open to learning and understanding; for that, I am grateful.

 

The primary reasons people write malicious code (virus. trojans, worms) are:

 

* To generate money

* To steal sensitive information (credit card numbers, passwords, personal details, data etc.)

* To prove a point (to prove it can be done, to prove ones skill or for revenge purposes)

* To cripple a computer or network (Denial of Service Attacks - "DoS")

* To take control of a computer and use it for specific tasks, either individually for that particular computer, or a group like Dos or botnets.

 

In my previous post, the third link talked about botnets. Here is a more detailed article: http://www.securelist.com/en/analysis?pubid=204792095 This is a small quote from the article:

 

With the appearance of botnets, criminal gangs have gained access to millions of infected computers and the number of cybercrimes committed has risen sharply. Although the majority of Internet users understand that zombie networks pose a serious threat, many do not know how or why botnets are created and maintained.

 

Botnets act as a key link in the cybercrime chain. It doesn't take any real technical skill to understand what role they play: cybercriminals do business with each other via the Internet and visiting the sites they use provides a wealth of information.

 

Botnet owners are the malware writers' best customers, and use malware not only to create zombie networks but also to harvest confidential data, distribute spam, rogue antivirus applications and adware, and to transform infected computers into proxy servers.

 

Please ask me more. The better informed the public is, the safer we all are.

[r_AdvocatusDiaboli0 861]

Virus, Trojans, Worms. They are all totally different things. I'll have to say that you do have a point but the best example I'd like to give is that I've been using a computer since I was 6 and that's why I prefer my own opinion over others.

 

The best virus that I came across, ever. Just destroyed destroyed some specific files so the computer wouldn't boot. Other than that I've also seen one that kept on running WScript till the PC crashed. And I've seen one which created Mass! .exe files inside each and every single folder.

 

I've used Norton, AVG, Avira, NOD. And none of them ever took care of any of the above mentioned Viruses. And in my dictionary I call these Viruses, they cant be cured. Instead whenever I install AVG I get a pack of Viruses free with it. So, After around 2007 I stopped installing any kind of Anti Virus for my computer and guess what, I didn't ever need to fix any problem with my computer.

 

On the other hand the talk about Trojans, That's the only reason that I got MSE, to protect myself against those trojan files but guess what =/ I made a trojan file (Yes I can make Trojan files, key-loggers etc.) and I ran it on my own computer hoping that MSE will detect it. But nothing ever happened... I still have MSE just for the fact that it doesn't slow down my PC thus its no use uninstalling that.

 

I'd have to say that no AV program of Firewall will protect you against a well talented and professional hacker because AV programs need to be taught and there is no one to teach them about a trojan that someone writes in his backyard. The best example is... server.exe, I can send it to anyone in any kind of a file ranging from just an application, an MP3 file or even a picture. And the victim wont even know what hit him.

From my experience, I'd stick with the lame old Windows Firewall to stop noobs from entering my computer and the MSE to stop noobs from sending me Trojans. If anyone else is able to do that I'll highly appreciate it because that guy would have some guts to even try to mess with my computer.

 

Peace.

[NoblePlatOne 19]

Virus, Trojans, Worms. They are all totally different things.

Quite true. That is why good computer protection includes a firewall, antivirus and antispyware.

 

The best virus that I came across, ever. Just destroyed destroyed some specific files so the computer wouldn't boot. Other than that I've also seen one that kept on running WScript till the PC crashed. And I've seen one which created Mass! .exe files inside each and every single folder.

Self-replicating worms and viruses are a particularly evil.

 

I've used Norton, AVG, Avira, NOD. And none of them ever took care of any of the above mentioned Viruses.

The best protection is one that limits malware's access to your computer, or recognizing it and stopping it before it gets too far. If you accidentally ran the malicious code by clicking Start or Run or I accept or something else, you basically told your computer to allow this evil thing to be installed or activated. Now your antivirus is trying to stop a tsunami, and that is very, very hard.

 

I'd have to say that no AV program of Firewall will protect you against a well talented and professional hacker because AV programs need to be taught and there is no one to teach them about a trojan that someone writes in his backyard.

Think about it this way: If you see a man walking around with a gun, you know to stay away and call the police. If a man passing you on the sidewalk has a cell phone, we are unconcerned. If that cell phone is really a gun in disguise, and he shoots you, you will now be watching more carefully for that type of weapon. Same thing with malware. Its appearance is constantly evolving. That is why your antivirus updates its definitions daily. Someone somewhere got infected by a new virus, but that knowledge is passed on to everyone.

 

Instead whenever I install AVG I get a pack of Viruses free with it.

Since you have freely admitted to using a pirated (cracked) version of Windows, I am not surprised. This most likely means you have other cracked programs. Do you really think people are give out these cracked programs out of the goodness of their heart? Your viruses are not coming from legitimate programs. You need to look elsewhere.

 

If anyone else is able to do that I'll highly appreciate it because that guy would have some guts to even try to mess with my computer.

What kind of a threat is that? Do you really think malware writers quake in their shoes thinking about what you will do to them?

 

I've been using a computer since I was 6 and that's why I prefer my own opinion over others.

You should learn to accept and knowledge and insight from all sources offered. Why re-invent the wheel? If you truly are resistant to the idea that you can learn from others, that most people are not out there to screw with you, that people are generally good and well-meaning, and that many people know far much more than you....then you are facing a hard life ahead of you. Please do not take offense at my last sentence, it is not meant as malicious. I recognize that many people (younger and older) are smarter than me, and that I can learn from them...despite my being an Engineer and physician.

[r_AdvocatusDiaboli0 861]

Nah, I did pay 3k Rupees for a Licence of 1 year for AVG, Norton and NOD. (3k each) And btw, I'm not so stupid to do the same thing hundred times in a row and get myself infected by the same virus over and over again. Something was wrong.

Last time I checked the AV caused the Tsunami.

 

I didn't want to threaten anyone, its just that malware-writers rarely attack other similar people. Because most of the time its no use. :|

 

I still accept knowledge but most of the time I don't have to, I do agree that many people know much more than me and I do learn new things on a daily basis. Thanks for this and sooner or later into the future I am looking forward to switch over to a Legal copy of Windows. And IMHO, it doesn't really matter because as long as I stay in Pakistan its certainly impossible to get a legal copy.

As for the cracked or pirated programs, I mostly use Freewares like FlashGet and those from Google.

[r_SgtJ0 2]

I got antivirus and McAfee

[chuktank 0]

Hi. I'm celo753. I'm on my friend account cause Tanki online dont let me log on mine D:

Lolz. i was searching for suspicious files on my computer... Nothing.

Let's go search on my friends computer!

A lot of a horde files are virus (0.o)

Then i was going to see about the 2 first ones

1st virus name: Trojan.exe (LOLWTF)

Description: Dangerous program that examines and steal yours particular files (LOLZ)

 

2nd virus name: I'mNotAVirus.exe (Lolzy)

Description: Safe program wich ISNT a virus and ISNT going to hack your computer. IT ISNT A VIRUS. (Hahahahaha)

 

The most funny: AwesomeVirus.exe (It is awesome!)

Description: Amazing virus wich will Awesomely hack you and then Awesomely get private information! Weee! (haha cool!)

[SalvadorSTM 20]

i have kassperky