This sticky’s purpose is to give you information on how to cure your system from those ailments as well as how to protect your system from future attacks.
First step:[list][*]Probably the one thing you should do on a regular basis is visit the Windows Update site. Chances are, there’s a critical update you may regret not getting in the future. Some of the more crippling virii take advantage of certain vulnerabilities Windows has (other than not working ;)) and exploits them. Getting the patches early will prevent the hassle later on.
Windows Update[/list]
Protection:
[list]Antivirus:
There are several scanners available on the market these days. There really isn’t a single one that is better than the others. Most of them update their Virus Definition files at around the same time so it really comes down to taste. Here’s a modest list of scanners you may want to consider:[list]
[]McAfee VirusScan ($40-$50, subscription fees)
I used to use the older version of this. It’s plain and simple: runs silently in the background and flags any virii that tries to corrupt your system. The newer versions apparently have added spyware detection, script detection, worm detection, etc and kills those too. This scanner has the ability to scan e-mails as well as AOL Instant Messages that may contain harmful links. There is a more expensive version that includes a firewall which you may want to consider.
[]Norton Antivirus ($50, subscription fees)
Now this is the scanner I personally use. It provides real-time protection of your system and flags you when a virus/worm/etc tries to attack your system. It is configurable so you can choose what to do in certain situations. NAV also checks for updates on its virus definitions quite often and will usually (I think by default) install it automatically. Its scanning features are similar to that of McAfee’s software.
[]AVG Scanner (Basic: free, Professional: $33.30)
This free scanner does your basic thing: scan and destroy. It updates the definition files regularly which is nice for a free program. The basic edition limits some of its features all of which you can find on their site.
[]TrendMicro (free service)
This is not actually software, but is a free online scanner. You can’t be beat with this, nothing to install, and as effective as the not-so-free programs. Downside, I find is that it takes quite a while to do a full scan of your system, though it is thorough. This isn’t something you can really rely on since you don’t get the full-time protection the programs offer. Use this service if a virus on your system is closing your other antivirus programs; they do exist.[/list]
[]Firewalls:
Virii and (especially) worms can enter your system by simply being connected to a network or the Internet. That is why we have Firewalls, to protect your computer from intrusions. Firewalls can also flag certain programs (good or bad) that try to send data from your computer out on the Net. This is a good way to find out if you’ve got spyware sending data about your computer or if your system is infected with a trojan. This list contains some of the free firewalls available. They’re the best your money doesn’t have to buy.
[list]
[]ZoneAlarm Basic (free)
If you have a firewall, chances are you have this version since its free and fairly good. This program can alert you of transfers either coming in or going out of your system. It flags them by program and when it does, it asks you if you want to allow the program access or not. Its fully configurable to suit your needs. The other versions offer different services such as anti-spam, anonymous web surfing, and so on.
[]Sygate Personal Firewall
A nice little free firewall for the basic home user. It does your basic firewall thing. 'Nuff said.
[]Windows Internet Connection Firewall (for XP users)
Go Control Panel -> Network Connections -> (whatever connection, or LAN you use to surf) Right-Click for Properties -> Advanced Tab.
Here you’ll fine Microsoft’s own little firewall. Simple yet surprisingly good. You can let it allow certain applications to use the connection as well has have the ability to add your own programs. It’s not as configurable as it can be, but it’ll get the job done. If you refuse to try the above programs you should at least give this built-in firewall a chance. Service Pack 2 for XP is supposed to have an improved firewall, so watch out for it.
[/list]
[*]Spyware/Adware:
Perhaps as annoying as virii are these hidden programs that pop-up IE windows or messages on your computer. Some *ware can also send information about you out on the net. We don’t want that so here’s a list of programs that can get rid of these little buggers. But first, how to protect yourself from spyware/adware:
Most spy/adwares come packaged with free software. Its certain companies’ way to pester you for not buying their full product. They usually get installed along with the program either with your knowledge or without. Sometimes you have no choice; pay attention to when you do to prevent installation.
If you download some unknown program by accident, don’t run it. Simple as that. You never know what it could be. If you happen to download something you actually need, only run the main executable, nothing else. Certain groups will try to package small executables with their products that the user may accidentally run. Some filenames to watch out for are start.exe, save.exe, install.exe (unless you are certain it is to install the desired program).
Some symptoms. You may not know it right off the bat, but your system may be infected with one. Some of the symptoms that spyware and adware may incur are random popups, system slowdown, connection performance degradation (spyware transmitting information out), and random lock-ups. If you have any of these you should first check for viruses and then check for spyware/adware. If you’re paranoid like me, I check for them regularly anyway.
Well that’s pretty much your basic protection, now on to the list:[list]
[]Ad-Aware (Basic, free)
Now most of you have probably already heard about this program. It provides a scanning of your system for adware and spyware and eliminates them. It can also provide real-time protection from any spyware/adware it may not find right away. Not perfect, but pretty good.
[]Spybot Search & Destroy (free)
Don’t let their crappy site fool you. Their software is really good. It does your basic scan and also immunizes your system from being infected with spyware/adware (or so they claim, I have yet to see the truth). It can go through your cookies and find any that may hold critical information about your system that you don’t want let out.
[]Bazooka (free)
Bazooka offers a quick scan of your system and provides you with a list of spyware/adwares your computer has. The only downside of this program is, that’s all it does. The list provides links to their personal site where they instruct you on how to remove the spyware/adware manually. Now you may be thinking that this program isn’t worth it, but let me tell you from experience that I ran both programs above to search for spyware/adware and neither resolved the problem I was having (random popups). Bazooka was able to pinpoint the program (along with others I didn’t suspect) and tell me what to do. No more popups. Even though this program isn’t so hands-free, I would recommend it any day over the other programs.
[/list]
[]***** NEW Ad blocking
Nowadays websites are littered with ads and unless you actually click on them, you probably just intuitively ignore them. [list][]KH Blocker
What if there was a way to prevent ads from loading on the page altogether? Well I’ve come across this nifty little application that does just this. What it does is update the HOSTS file on your computer with known ad addresses from a central database. The HOSTS file is updated in such a way that these addresses are redirected to 127.0.0.1, or essentially nothing. The HOSTS file allows you to define the IP you want a certain domain name to go to. This file was precursor to DNS servers that automatically turn domain names (ie. www.kirupa.com) to server addresses (ie. 66.243.17.90). You can manage the HOSTS file yourself, but this app can update the list with the newest known ad addresses.
You may not notice this up front, but preventing ad blocks from loading you also effectively speed up page loading times.
NOTE: This does not affect Google ads, which are generally benign anyway.
[*]NoScript (Firefox extension)
There are certain devious websites out there that try to circumvent pop-up blockers using otherwise convoluted Javascipt. If you have Firefox, the NoScript extension is essential. It lets webpages run scripts only when the user allows it. This means no pop-ups, unintended window resizes, etc. This also means that websites can’t try to run scripts to install malicious programs like spy/adware behind the scenes.
NOTE: Since this does disable scripts, you have to allow some websites to use scripts in order to function correctly. This applies to sites that use fancy menus, forms, and the like.
[/list][/list]
Well, that’s it for the programs. There’s one more thing I’d like to talk about and it’s the effect of a virus. If you were hit with the recent Sasser worm, your computer may have given you an error message as soon as you booted up Windows saying one of its services crashed. Now after closing those dialog boxes your system may have started to do a shutdown on its own, giving you a timer to let you know how long you have to panic (really, when it will actually shut down). Now from the box alone, you have no control over it and you can’t seem to stop the sequence from there. But have no fear, there’s a way to get around it:
**When your system does an automatic shutdown where it gives you a timer (usually a minute) until when it actually shuts down, use this procedure to abort it:
Open up a Run dialog and type this command:
shutdown -a
That’s it. The shutdown sequence should stop. At this point you should scan your system for viruses. What you should really do first is head to Windows Update and get the patch that fixes certain things that allow the virus to perform this operation.**
Well that’s pretty much it for me. If you have anything to add or any comments feel free to send me a Private Message or e-mail.
- thor
