How can I prevent this from happening again?
Posted 05 April 2006 - 03:27 PM
After solving them, I realize that not only was I attacked by a tojan virus that gave some person somewhere complete access to my computer, I was also the victum of the 27 spyware programs which have been on my computer un-detected for who knows how long.
This has awakend me to the world of Compy Protection as before it was my mother who had removed any intruders but is now up to me. I was curious of how I could update my computer to help defend my personal date, whilst not lagging up my computer or popping up constantly when unwanted.
This computer is being used by my whole family and is constantly in use(we leave it on all day, and only turn it off at night). This means that since I have younger and older siblings, I need to protect the computer from my older brother's MySpace, as well as my younger's random arcade sites(such as MiniClip, Bonus, etc...). What programs would you suggest I install? I have the following programs already:
Spybot - Search and Destroy
I am using MS Internet Explorer, and although it was suggested elsewhere on this site to switch to firefox, I don't think that will be happening anytime soon, although I might when I get a new computer after this one breaks.
I am also using Microsoft Windows XP and don't want to change my OS either.
However, if I was to download two or three more programs that moniter downloads, or have weekly virus scans, which would you suggest?
Thank you! -Comrade
Posted 05 April 2006 - 04:43 PM
Easy to use, and with the "noscript" extension, all most bulletproof.
I also suggest reading Tony Klein's post here How did I get infected in the first place.
Please support SWI forum
Posted 05 April 2006 - 09:05 PM
I use Nod32 by Eset. Heuristic scanning. Won't bog down your system. Catches trojans, viruses, worms. etc. Even protected users against the recent WMF exploit, without an update.
Definitely use Firefox, or Opera, for the primary browser.
Regardless, IE needs to be hardened. Check your zone settings. Use IE-Spyads, which loads an extensive list of sites into the Restricted Zone list. If one of those sites is accessed, the zone restrictions can prevent malicious behaviour. Use a HOSTS file also, which actually prevents your computer from accessing sites listed in that file. It's a layered approach. You'll need to keep those lists updated.
Be sure to disable active scripting from all zones.
Lots of so-called viruses are actually worms. There's an excellent program to address this, called Wormguard, by DiamondCS. I've used it for years, on three different OSes. It's basically set-it-and-forget-it. Works flawlessly.
The most serious threat currently is the rootkit. DiamondCS has a program called ProcessGuard that will prevent rootkits from getting into your system.
You need to protect the registry from unauthorized changes. Ad-Aware has AdWatch for this. Spybot S&D has the TeaTimer. An excellent tool for registry protection is RegRun, by GreatIS. It's really the top dog in that area, IMO.
Very important - Set up a separate, password protected, Administrator account. Don't use it for surfing the net. Set up limited user accounts for that. The limited user accounts don't have unrestricted access to the machine kernel, so malware can't as easily slip past your defenses, to get a hold on your system. XP user accounts are administrator accounts by default. You need to change them to Limited.
BTW - For heavens sake, turn off Windows Firewall. Do it in services, so it stays off. It's not a good firewall. I currently use ZoneAlarm, but will be switching to Kerio. I've had issues with ZoneAlarm's recent versions, and lack of support, even tho I use ZA Pro. Also, ZA phones home now, since it was bought out by Checkpoint. Also, it discloses more info than I'd like it to, as I surf. Kerio is tighter in terms of browser/surfing disclosures, and it doesn't phone home.
Finally, consider virtualization. If you can use Ubuntu Linux on VMware, do it.
Edited by tsitraveler, 05 April 2006 - 09:24 PM.
Posted 05 April 2006 - 09:22 PM
You mentioned kid's arcade games.
You need to update Macromedia to the latest versions, both Flash, and Shockwave. Next, you may want to set the privacy settings to prevent websites from storing tracking info on your system. The settings panel is at
Note the tabs across the top of that panel. Click each one, review the settings for each, set to your preference.
Many don't understand that sites that utilize Macromedia content are allowed to store stuff on your harddrive, by default. This can be changed, and that settings panel is the way it's done.
Posted 06 April 2006 - 08:54 AM
The Macromedia settings panel in the post above is for Flash Player. For Shockwave, you don't have the option of not sharing info, so the work-around is to change the default setting to never auto-update. The following page explains the situation, and contains a link to the settings manager for the Shockwave updater.
Posted 08 April 2006 - 01:13 AM
>>Why not use Firefox?
I wasn't going to, as this is the family's computer and I didn't want to change the browser and have my younger siblings not understand how it works and mess things up. Also my mother, who usauly controls what goes on here, wasn't to keen to switching browsers. I have since changed my mind though, as people on the forum I frequent(it's a game development forum) told me how simular it is the IE and that it's simple to use. As I just now got yet another virus, I will convince my parents that it is neccasary to be installed.
>>You need to upgrade macromedia, both flash and shockwave...
I went to the site you linked and it said 'You need macromedia flash to view this' so apparently I don't have flash anymore. I will check into that later though, and upgrade my stuff if I have it.
Nice link! I secured IE somewhat better and will delve into it more once I get my current virus out of the system. I will also install Firefox in a few days(Perhaps tomorrow, if everything works out fine)
Thanks for the tips and suggestions guys!