Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer Safety Online

A Library of tips, tricks, and informative articles - Fixes are for use under your own supervision and at your own risk.

Computer Safety Online

Unread postby ChrisRLG » December 29th, 2004, 8:15 pm

Short List of Recommended Software.
Although I use and recommend them (they are my personal prefered programs), you should satisfy yourself of thier suitability for your own machines.

A fuller list is in the following posts on each of the subjects.

Anti-Virus - one of these:-
Paid Version - Nod32
Free Version - AVG Anti-Virus

Software Firewalls - one of these:-
Easier Version : ZoneAlarm
Harder (But better) Version - Kerio

Anti-Malware Programs - all of these below:-
Ad-Aware & Spybot S&D - both from links here.
SpywareBlaster
IE-Spyad
SiteHound by FireTrust - it is free - but has a paid option.
Last edited by ChrisRLG on January 26th, 2006, 7:07 pm, edited 4 times in total.
ChrisRLG
Administrator Emeritus
 
Posts: 17759
Joined: December 16th, 2004, 10:04 am
Location: Southend, Essex, UK
Advertisement
Register to Remove

Anti-Virus

Unread postby ChrisRLG » December 31st, 2004, 1:52 pm

Anti Virus

Most people know of computer viruses. You should always have an anti-virus system running. It should have updated virus signature files downloaded daily for broadband and weekly for dialup connections. You should not have more than one anti-virus system active at any one time.
Many of you have probably heard of the recent viruses that caused havoc on the internet: Blaster, Welchia, Slammer, CodeRed, Nimda, and, most recently, Swen. While these can cause damage to your computer if you get infected, there are some simple steps you can take to greatly reduce your chances of infection.

First: what is a virus and how does one get infected?

A virus, much like the medical term, is a bit of software code that is self replicating. It need not do anything harmful or malicious, it just needs to reproduce itself. Some viruses attach themselves to the first sectors of Floppy disks, which is automatically read when you open a floppy. Most these days come through the internet. A virus is unique in that it infects other files, and then gets passed along with them, much like a virus infects a cell in your body. A virus doesn't necessarily need a security hole to work- as you can be the one who starts it spreading. There are different types of viruses, named after the different ways in which they operate and which files they infect. All operate in a similar manner.

Another common malicious program, often labeled a virus by the mass media, is a worm. The difference between worms and viruses is subtle, but a good description is this: worms tend to break into computers and focus on spreading themselves to other computers as rapidly as possible. Viruses tend to sneak in, while worms tend to force their way in. Worms often work their way into a computer without any user action necessary. Thus, Blaster is technically termed a Worm, as it broke into computers through a hole in Windows and ran itself and spread to other computers automatically.

What is believed is the most common malicious code is what is termed a 'Trojan Horse'. Much like the legend, a computer trojan is a program that pretends to be one thing but is actually another, tricking the user into running it. Note that a trojan is harmless until you open it; it can't infect you automatically. Many trojans open back doors to your computer so that crackers can get into your system and use it for various things, like sending spam across the internet.

Note that the types of program aren't defined by what sort of damage they do, but by how they infect computers and how they spread. One type is not intrinsically worse than another, and all of them can do things such as delete all of your files, pop up annoying messages, or make your computer run more slowly.

So, you might be asking- how can I protect myself?

1) Run an Antivirus program, and keep it up to date!
Several companies produce anti virus products. While some are getting better at detecting new viruses automatically, they aren't truly effective until the data file that stores information about known viruses includes the virus to protect against. Thus, it is imperative that you update your 'virus definitions' often, and immediately after a major virus/worm/trojan is released.

Here are some of the better AV products.

Symantec/Norton Antivirus: http://www.symantec.com/nav/nav_9xnt/
Kapersky AV: http://www.kaspersky.com/buyonline.html?info=25
Nod32 : http://www.nod32.com/home/home.htm
Panda AV: http://www.pandasoftware.com/
McAfee Virusscan: http://us.mcafee.com/root/package.asp?pkgid=100
AVG Anti-Virus (Free version available) http://www.grisoft.com/

Of those listed, Norton is the most popular. Many security junkies swear by Kapersky or Nod32. AVG is liked by many as it has a free version.

An antivirus program will automatically scan files on your computer as they are opened and modified, and isolate them from the rest of your system if they become infected. In this way you are protected. Note that they are not 100% effective, so you need to take some additional steps to help:

2) Update Windows often!
The blaster worm and almost all worms use vulnerabilities to spread. A patch for windows was out 25 days before blaster broke. Had you installed the patch, you would have been protected. Windows XP can automatically download updates and then prompt you to install them if you want, which keeps you from having to check all of the time. If you want, you can always use http://windowsupdate.microsoft.com to check for updates (this works for all version from win98)

3) Don't open files from people you don't know, and don't open email attachments that you aren't expecting.
Many worms and viruses will harvest a list of all of the email addresses in your address book and then send a copy of themselves to those addresses. If someone sends you an attachment via email and you weren't expecting it, don't open it until you ask them if they meant to send it. If you get an attatchment from someone you don't know, don't open it. Swen, an email virus, pretends that it is a patch from Microsoft. Note that most antivirus programs can scan email as it arrives, which will help some what.

If you believe you are infected with a virus, don't go out and buy an AV program. Installing new programs can sometimes cause the virus to do more damage before you can get at it. Several AV companies are now offering free internet scans, which allow you to see if you are infected.

Here are a few of the free online scanners available:-

http://security.symantec.com

http://housecall.trendmicro.com

http://www.cybertechhelp.com/html/misc/av.php

http://www.pandasoftware.com/products/activescan.htm

http://www.bitdefender.com/

but others may be available via http://www.google.com

(PS Just don't use StopSign which has links to spyware).

Most of the section on Anti-Virus was written by ryri a DellTalk regular with some small changes by myself .
ChrisRLG
Administrator Emeritus
 
Posts: 17759
Joined: December 16th, 2004, 10:04 am
Location: Southend, Essex, UK

Malware - Spyware, Adware, Slyware or Scumware

Unread postby ChrisRLG » December 31st, 2004, 2:30 pm

Spyware & Adware (also known as Malware)

Spyware is software that when loaded and running on your computer will do things such as record your surfing habits, upto finding your passwords, bank information and other personnel information and sending the information back to the program makers internet site. Adware is similar in that it arranges for adverts to appear on your machine, sometimes based on what you are doing or what site you are visiting.

Spyware and Adware what is it.

See here from Dell and here from PCHelp and here by a victim.

Use these to get rid of it Ad-Aware and Spybot S&D. Details here.

We advise you to have both of these as in use we find that they each sometimes find spys or ads that the other has missed. With both of these do run the updates to get the latest signature files, then close and reopen the programs to use the latest updated signature files. The free version of ad-aware does not run in the background, but spybot has a teatimer function that does.

Also IE-Spyad to add sites to your restricted sites list, to stop you ever going to them. Available from here

SpywareBlaster protects against bad ActiveX. Available from here It places kill bits to stop bad active X controls from being installed. Remember to update it regularly.

CWShredder is a special remover for CWS infection, can be used to remove some spyware that is not removed by Spybot S&D and/or Ad-Aware. Remember to update it regularly. Available here.

SpywareGuard runs like your Anti-Virus program in the background to stop, Browser Helper Objects (BHO's) from installing, available From Here. Remember to update it regularly.

WinPatrol from http://www.winpatrol.com - another runtime program to monitor and protect your system.

SiteHound by FireTrust - it is free - but has a paid option. This will monitor the sites you go to and warn against known bad sites - you can override to visit if you so wish.


These are recommend and all of the above, they all work alongside each other well.

How on earth did I get infected with all that spyware in the first place? Read Here

In the event that the above does not solve your malware problem.
For in major checking of your system I would go to one of these:-

http://asap.maddoktor2.com/ - see the list on the left - including this site :) .

I am registered at lots of these websites as ChrisRLG, just as I am at here.

================

Special message for KaZaA Users : Read This

A little advice on KaZaA. If you uninstall it, you only remove KaZaA itself, all the little gremlins you read about stay behind. To kill them all off, download and run AdAware or SpyBot. When that is done, Find a new p2p file from the following list :-

http://www.spywareinfo.com/articles/p2p/
Last edited by ChrisRLG on January 26th, 2006, 7:08 pm, edited 7 times in total.
ChrisRLG
Administrator Emeritus
 
Posts: 17759
Joined: December 16th, 2004, 10:04 am
Location: Southend, Essex, UK

Windows Update

Unread postby ChrisRLG » December 31st, 2004, 2:33 pm

Windows Update

One of the best things you can do for your PC is to regularly visit the Windows Update Site
(use Internet Explorer, Menu, Tool, Windows Update)
lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
Update your machine, and they have one less helper, and you have one less headache.

Update ALL Critical updates
Any other Windows updates for services/programs that you use.
Driver updates get from your vendor of the equipment.
(Some advise to wait a day or two, visit a forum - like DellTalk - and see if others have any problems before doing them yourself).

Here is a nice little article about turning on automatic updates:

http://support.microsoft.com/default.as ... -us;283629

Note that it will download them for you, but you still have to actually click install. Support staff have cleaned the blaster worm out of several computers who didn't have the patch installed, even though windows had already downloaded for them. If they had only clicked 'install' they would have been fine.

Of course, you can always download updates seperately at: http://windowsupdate.microsoft.com
ChrisRLG
Administrator Emeritus
 
Posts: 17759
Joined: December 16th, 2004, 10:04 am
Location: Southend, Essex, UK

Software Firewalls

Unread postby ChrisRLG » December 31st, 2004, 2:40 pm

Software Firewalls

Most people have heard about computer hacking. So ..........

Are you running a firewall on your machine? You should be! Without any firewall protection, you are at a much higher risk of being attacked/cracked through the internet. Example: Windows, by default, allows connections on port 135/139. If I know your IP address I can easily get a list of users on your machine through that connection. If any of them are using weak passwords, it will take less than a few hours to crack, and then I will have full access as that user. The blaster worm and the welchia worm connected through ports 135 and 139 as well. When you run a firewall, it hides your computer online such that it only shows itself when you initiate a connection. If you aren't running any servers, this is what you want, as hackers can't see or access your computer.

You can test to see what ports that are open or showing at one of these sites:

Symantec Security: http://security.symantec.com
Gibson Research: http://www.grc.com (follow the links to Shield's-Up!)
DSL Reports Port Scanner: http://www.dslreports.com/scan

At the very least, enable the internet connection firewall (ICF) that is built into Windows XP- it doesn't protect programs from getting out, but it keeps bad stuff from getting in. The ICF would have protected you from Blaster and Welchia Virus's

A nice overview of the ICF is here:

http://support.microsoft.com/default.as ... -US;320855

This article or the instructions that follow will tell you how to turn it on and off.

http://support.microsoft.com/default.as ... -US;283673

XP firewall : Go to Start, Control Panel, Network Connections. Right-click on your connection and choose Properties. The Advanced tab will indicate whether or not the XP Firewall has been activated.

If you are behind a router, you are safer, as the NAT feature of the router will discard all unsolicited traffic that arrives. However, it does not completely protect you, as trojans and other things can still get out. Some routers, like the TM2300, include a built in firewall. A belkin router has a pretty capable firewall. Check with the maker of your router to see if it has a firewall.

For those who want something more secure than ICF recommend are one of the following:

ZoneAlarm: http://www.zonelabs.com/store/content/c ... lid=nav_za
Kerio: http://www.kerio.com/kpf_home.html
Outpost : http://www.agnitum.com/products/outpostfree/index.php
Norton Personal Firewall: http://www.symantec.com/sabu/nis/npf/

Of those listed, Norton tends to be the most powerful. ZoneAlarm tends to be the easiest to use, and they and Outpost offer a free version!

If you would like a nice list of commonly asked questions about internet security, try this link, complements of the awesome security gurus at The DSL Reports security forum:

http://www.dslreports.com/faq/security or alternatively from http://www.firewallguide.com/

Most of the section on Software Firewalls was written by ryri a DellTalk regular with some small changes by myself .
ChrisRLG
Administrator Emeritus
 
Posts: 17759
Joined: December 16th, 2004, 10:04 am
Location: Southend, Essex, UK

Re: Computer Safety Online

Unread postby Carolyn » September 27th, 2010, 6:01 am

bump
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Malware Removal Library - Tips, Tricks, and Information



Who is online

Users browsing this forum: No registered users and 2 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware