Fight against Spyware and other nasties 6 replies

Please wait...

Jeff Über Admin

I am a mean boss ⬆️⬆️⬇️⬇️⬅️➡️⬅️➡️??

184,643 XP

6th April 2000

0 Uploads

14,592 Posts

1,534 Threads

#1 12 years ago

I had the NSIS Media malware a few weeks back and if you've ever encountered this pain in the butt, you'd know what a hassle it is to remove. Well, during my scouring of the internet I came across a great thread that gave pointers on how to keep your system protected from all the little things that can compromise your system, or just prevent popups from opening up. I use the same tricks on my system so I know these preventative measures do work and it's not some scam to get you to install things that would cause issues. Well, here you go; http://forums.spywareinfo.com/index.php?showtopic=60955 I take no credit for what is mentioned on this thread. All credit goes to the author for making it.

TonyKleinSo how did I get infected in the first place? You usually get infected because your security settings are too low.

Here are a number of recommendations to help tighten them, which will hopefully make you a less likely victim:

[COLOR=red]Safe Computing Practices[/COLOR]

1.) [COLOR=green]Keep your Windows updated![/COLOR]

  • Go to Start > Windows Update or navigate to [COLOR=blue]http://windowsupdate.microsoft.com[/COLOR], and install ALL Critical security updates listed (you will need to use Internet Explorer to do this). If you're running Windows XP, that of course includes Service Pack 2 (SP2)!
  • If you suspect your computer is infected with Malware of any type, please do NOT install SP2 yet. Read the [COLOR=blue]SpywareInfo FAQ[/COLOR] and post a HijackThis log in our forums to get help cleaning your machine. Once you are sure you have a clean system, it is highly recommended to install SP2 to help prevent against future infections.
  • It's important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer. Please either enable
Automatic Updates under Start > Control Panel > Automatic Updates, or get into the habit of checking for Windows updates regularly.2.) [COLOR=green]Watch what you download![/COLOR]
  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself.
  • Peer-to-peer (P2P) programs like *****, BearShare, Grokster, Imesh, and others are amongst the most notorious. If you insist on using P2P software, please read [COLOR=blue]this article[/COLOR] written by Mike Healan of SpywareInfo. It is an updated and comprehensive article about which P2P programs are "safe" to use. Another good reference is [COLOR=blue]here[/COLOR].
  • Note also that even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected. Do not open any files without being certain of what they are!
3.)

[COLOR=green]Avoid questionable web sites![/COLOR]

  • Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders.
  • Most of these drive-by attempts will be thwarted if you keep your Windows updated and your internet browser secured (see below). Nevertheless, it is very important only to visit web sites that are trustworthy and reputable.
  • In addition, never give out personal information of any sort online. And never click "OK" to a pop-up unless it is signed by a reputable company and you know what it is!
  • For more general information see the first section, "Educate yourself and be smart about where you visit and what you click on", in [COLOR=blue]this tutorial[/COLOR] by Grinler of BleepingComputer.

[COLOR=red]Must-Have Software[/COLOR]

[COLOR=blue]*NOTE*: Please only run one anti-virus program and one firewall on your system. Running more than one of these at a time can cause system crashes and/or conflicts with each other. The rest of the following programs can be run simultaneously and will work together in layers to protect your computer.[/COLOR]

4.) [COLOR=green]Antivirus[/COLOR]

  • It's a good idea to set your antivirus to receive automatic updates so you are always as fully protected as possible from the newest threats.
5.)

[COLOR=green]Internet Browser[/COLOR]

  • Many malware infections install themselves by exploiting security holes in Microsoft Internet Explorer. It is strongly suggested that you consider using an alternate browser.
  • Both [COLOR=blue]Mozilla Firefox[/COLOR] and [COLOR=blue]Opera[/COLOR] are next-generation browsers that are more secure and faster than Internet Explorer, immune to most known browser hijackers, and outfitted with built-in pop-up blockers and other useful accessories.
6.)

[COLOR=green]Firewall[/COLOR]

  • It is critical that you use a firewall to protect your computer from hackers. We don't recommend the firewall that comes built into Windows. It doesn't block everything that may try to get in, it doesn't block anything at all outbound, and the entire firewall is written to the registry. Since most malware accesses the registry and can disable the Windows firewall, it's preferable to install one of these excellent third party solutions.
7.)

[COLOR=green]Install Javacool's [/COLOR][COLOR=blue]SpywareBlaster[/COLOR]

  • This excellent program blocks installation of many known malicious ActiveX objects. Run the program, download the latest updates, "Enable All Protection" and you're done. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.
  • Don't forget to check for updates every week or so. Also see [COLOR=blue]this tutorial[/COLOR] by Grinler.
8.)

[COLOR=green]HOSTS file and IE-SPYAD[/COLOR]

[COLOR=red]Other Cleaning / Protection Software[/COLOR]

9.) [COLOR=green]Ad-Aware and Spybot[/COLOR]

  • [COLOR=blue]Spybot Search & Destroy[/COLOR] is another must-have free scanner. See [COLOR=blue]this topic[/COLOR] for instructions on how to run a scan with Spybot.
  • Spybot has an "Immunize" feature which works roughly the same way as SpywareBlaster above.
  • Another feature within Spybot is the [COLOR=blue]TeaTimer[/COLOR] option. TeaTimer detects when known malicious processes try to start and terminates them. It also detects when something wants to change critical registry keys and prompts you to allow this or not. See [COLOR=blue]this tutorial[/COLOR] by Grinler for more information.
10.)

[COLOR=green]Ewido Anti-Spyware[/COLOR]

  • An outstanding all-purpose anti-malware scanner and cleaner is [COLOR=blue]Ewido[/COLOR]. Although this is commercial software, the 30-day trial version will continue to work after the trial period expires in "free mode", with automatic updates and real-time protection disabled. See [COLOR=blue]this topic[/COLOR] for instructions on how to run a scan with Ewido.
11.)

[COLOR=green]Windows Defender[/COLOR]

  • Microsoft now offers their own free malicious software blocking and removal tool, [COLOR=blue]"Windows Defender"[/COLOR] (Not compatible with Windows 98 and ME.) It also features real-time protection.
12.)

[COLOR=green]Lock down ActiveX in Internet Explorer [/COLOR]

  • Even if you plan to use an alternate browser, you will have to use Internet Explorer for tasks like updating Windows or visiting any other site that requires ActiveX. Also, since Internet Explorer is integrated into the Windows core, keeping it locked down is very important.
  • Open IE and go to
Internet Options > Security > Internet, then press "Default Level", then OK.
  • Now press "Custom Level."

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option > Security. So why is ActiveX so dangerous that you have to increase the security for it? When your browser runs an ActiveX control, it is running an executable program, no different from double-clicking an exe file on your hard drive. Would you run just any file downloaded off a web site without knowing what it is and what it does?13.)

Finally, after following up on all these recommendations, why not run [COLOR=blue]Jason Levine's Browser Security Tests[/COLOR]

They will provide you with an insight on how vulnerable you might still be to a number of common exploits.

Happy [COLOR=red]safe [/COLOR]computing!

Browse Safe and Secure. :)


Product Manager | GameFront.com




Reno

The professional.

50 XP

22nd March 2006

0 Uploads

1,312 Posts

0 Threads

#2 12 years ago

When I was managing a computer shop I created something like this for a customer who's kid had a porn addiction. She came in three separate times during a 6 month period at 65 dollars a pop to have that computer cleaned. The third time she came in I took pity and told her it was on the house.

She asked for instructions so I gave her this little Top Ten instruction sheet. As far as I know she hasn't had anymore trouble.

I took the time to create this so you could have sort of an instruction book to go by for your Internet use. This is not something you MUST follow. This is your computer. Just keep in mind failure to follow these instructions will land your computer right back into a shop.

---***

The 10 Commandments of Computer Use

1. Thou shalt use firefox.

2. Thou shalt run thy spyware scans once a week. (spybot, adaware, ccleaner)

3. Thou shalt not skip thy virus scans. Thou shalt give avg and nod32 whatever time is required to complete their job.

4. Thou shalt not visit sites that one considers improper.

5. Thou shalt not download music off free websites. If thou must download music, thou shalt use a paid for service like itunes.

6. If thou shalt happen across an advertisement for anything, thou shalt NOT read. Thou shalt close and pay no attention.

7. Thou shalt not seek free stuff. Nothing free exist on the Internet.

8. Thou shalt use GOOGLE for searches.

9. Thou shalt not download unknown programs "just to try out". Remember NOTHING IS FREE. (If you want to play a game go to msn or yahoo. They have many safe games)

DO NOT INSTALL IF YOU ARE UNFIMILAR WITH ITS PURPOSE.

10. If you have any questions that aren't covered here call ***-****.




Mecha105

THE BURNINATOR!!!!!

50 XP

25th July 2006

0 Uploads

386 Posts

0 Threads

#3 12 years ago

lol thats awesome. :bows:




cc.

2 excited 4 shark week

50 XP

25th May 2004

0 Uploads

3,076 Posts

0 Threads

#4 12 years ago

Do. Not. Look. At. Pornography.




Jeff Über Admin

I am a mean boss ⬆️⬆️⬇️⬇️⬅️➡️⬅️➡️??

184,643 XP

6th April 2000

0 Uploads

14,592 Posts

1,534 Threads

#5 12 years ago

There's nothing wrong with porn. It's a healthy habit that doesn't hurt anyone. But that's an argument for a different time and place. In the end, just be careful where you go for it. Stick to more mainstream sites for your viewing pleasure and you'll run into much less of a chance of people installing spyware on your system.


Product Manager | GameFront.com




Revenge VIP Member

Shizzle my nizzle

117,165 XP

28th July 2004

0 Uploads

10,354 Posts

0 Threads

#6 12 years ago

Most of that stuff is common sense. If you run Firefox or Opera, keep Windows updated and have a hardware firewall, you don't even need an anti-virus.

The only reason I have an anti-virus program is because I have to administrate an email account for one of my websites which gets a lot of viruses sent to it (automated messages) and because those who occassionally use my computer are absolute morons. If I didn't let anyone else on my computer and didn't download these infected emails I would have no need for one because I've got enough sense to realise what is a virus and what isn't.

Also, what does it mean by saying Windows Firewall doesn't block anything outbound? Every time you run a new game in multiplayer it'll ask whether to allow it to access the internet. As far as I know, it will block its access to the internet if you click 'Keep Blocking'. Windows Firewall is also pretty decent - it is deeply integrated into Windows (whereas other firewalls have to attach themselves to Windows files) and it checks the integrity of the registry keys it uses every time you log in.




LaughingCheese

Behold the Power of CHEESE!!!

50 XP

16th June 2004

0 Uploads

1,100 Posts

0 Threads

#7 12 years ago
n0e;3392190There's nothing wrong with porn. It's a healthy habit that doesn't hurt anyone. But that's an argument for a different time and place. In the end, just be careful where you go for it. Stick to more mainstream sites for your viewing pleasure and you'll run into much less of a chance of people installing spyware on your system.

Uh, HOW is it a "healthy habbit"?

Another thread and place, I know...just wondering ;)

************************************************

I use FireFox exclusively.

But I wonder, how can anything "open source" truly be secure?!?!

It's an OXYMORON.

Because anyone that wants to crack it can donwload the source code.:confused:

So, while I love FireFox, I'm amazed that it hasn't been cracked yet...or maybe it has...?:confused: