Coustesy of Searcher, http://board.dracon.biz/viewtopic.php?t=3 This is the ultimate guide to have a safe, protected, fast, and secure PC. Read it carefully and thoughly. 1. AntiVirus Well known programs are Symantec, McAfee, Panda, Kaspersky, AVG, NOD32, Avast, Trend Micro & more.. More about most of them, some tests, etc. you can find on the Virus Bulletin (beside hundreds of others) - http://www.virusbtn.com/ All of them have strong and weak sides, nice or crappy designs, etc, but if you don't prefer anything particular, go for BitDefender http://www.bitdefender.com/bd/site/form.php It is the fastest and the most often updated AntiVirus, with inbuilt Antispam and Firewall. In meaning of worms, viruses, intrusion (and spam) you don't need anything else, it just does the job very well. (Who has other experiences, please feel free to express them, but I REALLY CONSISTENTLY TESTED all mentioned (and more) Antivirus systems) NOTE: BitDefender updates quite often (several times a day) and it usually restarts its program (no chance for a virus to infect the Antivirus itself), can be annoying to have the activity bar pop up every time after you hid it. Go to Antivirus options > untick Show Scan Activity Bar. Other thing is realtime protection, first action is Disinfect, but the second is Deny access and continue. You should change the second action to Move file to quarantine, since Deny access will actually leave the infected file on the same place. Antivirus Options > More Settings > Second Action..
2. AntiSpyware There are plenty of AntiSpyware programs out there, what lot of people are not aware of, that there are only few which are not bogus (spyware themselves) You can take a look here: http://www.spywarewarrior.com/rogue_anti-spyware.htm and get the idea of what am I talking about So what to use? Everyone whatever he likes, but my suggestion is this. A) Microsoft AntiSpyware - http://www.microsoft.com/athome/security/spyware/software/default.mspx Yes, it is beta, but what even the well-oriented people don't know, MS AntiSpy is an assimilated Giant AntiSpyware, which was the first really working tool for STOPPING the malicious process to being EXECUTED. Anyway, enough of blabla, MS AntiSpy is a must and it's FREE! NOTE: Some people say it doesn't find as much results as Ad-Aware or SpySweeper.. Oh yeah, but did they say the most of the difference between them are in counting COOKIES and or SUSPICIOUS programs? (even non-spyware sometimes) B) SpyBot S&D - http://www.safer-networking.org/en/download/index.html Another FREE util to stay protected and it's real-time protection is one of the best - it CAN STOP PROCESS to be executed. It suggests you to use SpywareBlaster to block KNOWN ActiveX and cookies. So go for it NOTE: What MS AntiSpy can't catch (rare) SpyBot can. You may want to disable the splashscreen and opening program (running scan) at Windows startup, but don't forget to enable TeaTimer (real-time protection) C) SpywareBlaster - http://www.javacoolsoftware.com/spywareblaster.html FREEWARE. Again. Disables all known ActiveX threats and dangerous cookies (cookies are not really dangerous, but whatever) NOTE: Blocking cookies can prevent some sites to work properly (use rather other broswer with its own cookie management, like FireFox) X) Ad-Aware is good, but I would compare it to Norton AntiVirus, too big, too much of a resource eater. And is not better than what we have now instaled, trust me SpySweeper is known to be the best in finding the most. True or mostly true. And I kinda like it, nice design, speed, everything, but it has one BIG weakness i don't realy get. SpySweeper is not able to STOP the harmful process to be executed. It just INFORMS and you can thereafter run the Scan&Clean.. SPECIAL NOTE: There are utilities like CWSShredder (now sold), HiJackThis - http://www.spywareinfo.com/~merijn/downloads.html, etc. I don't say they're bad, they're good to spam forums with your process logs and if you wanna ask an advice from advanced users. But if you install everything mentioned here, you just don't need anything else.
4. Windows Security There's nothing much to say - http://windowsupdate.microsoft.com/ SP2 is a MUST, AutoUpdate is essential, but you can just visit the update website and check if there's something new for you. Or get Linux
5. Regular CleanUp A) You should clean up your TEMP and INTERNET TEMPORARY FILES once in a while. All browsers have different locations, in FireFox you can clean it via Tools > Options > Privacy > Clear. In iE it's Tools > Internet Options > General > Temporary Internet Files > Delete.. B) There are hundreds of tools which can do this for you automatically, so you don't have to care (and also clear other temp files of other programs).Feel free to use anything or just nothing and do it manually, but if you want a good one, use Webroot Window Washer (yes, the creator of SpySweeper) - http://www.webroot.com/products/windowwasher/ NOTE: These utils have one backdraw, they might delete automatically something what you don't really want to, be careful C) Uninstall - Everyone knows Start > Control Panel > Add/Remove Programs. This place should be realy under control, otherwise you system just slows down and slows down and slows.. One very good program for this is Your Uninstaller - http://www.ursoftware.com/uninstaller.htm, but its not free to download anymore. Other is Advanced Unistaller Pro - http://www.innovative-sol.com/uninstaller/ and Ashampoo UnInstaller Suite - http://www.ashampoo.com/ Give them a try. Or not
6. AntiSpam A) I don't really want to dive into this, since it doesn't belong to security issues (so much), BitDefender provides AntiSpam facility and these days most mail servers have some or other spam engines installed (SpamAssassin is prolly the best). If you want to try different ones, for whatever reason,use the good old Google - http://www.google.com/search?hl=en&lr=&q=antispam and click trough B) What you should be AWARE OF, and there's no protection against this whatsoever, is PHISHING - http://en.wikipedia.org/wiki/Phishing and PHARMING - http://en.wikipedia.org/wiki/Pharming (and clones). You are all clever now after reading wikipedia, so just a quick note(s). NOTE: Phishing is relying on user's naivity. WHO THE HELL ever seen a bank to ask you for REENTERING YOUR DETAILS OR YOUR ACCOUNT WILL BE CLOSED (or something like that). Anyway, phishing can be recognized VERY EASILY - when you follow the link in the spam mail, it shows you a mirrored page of whatever institution it wants, but the URL address in the ADDRESS BAR is different. Eventually if you are not sure what is supposed to be the correct address, just hit google.com and search for your 'BANK OF AMERICA' and you will see the difference for yourself NOTE2: Pharming is far more dangerous. They can use spyware to redirect your pages (to show correct URL address, but different location!), but since you are protected now, that's not gonna happen. Hacked DNS servers are a real problem. If the Pharmers hacked your ISP's DNS server, you are in real danger pretty much. The only way how you can find out if the site is bogus (but why would you be suspicious if everything seems normal and you are visitng your bank's site the usual way?) - to ping/traceroute the site AND compare it to the REAL IP of the REAL website, what can be found out trough proxy servers or 3rd party trace/ping websites - http://www.tracert.com/cgi-bin/trace.pl for xmple. But this is really advanced stuff, so let's leave it.
7. Infection If you are already infected, you don't really need to reformat or reinstall Windows (even though the reinstall time by time helps to speed it up Just instal everything mentioned here and start to scan and repair. There are some forms of AGGRESSIVE spyware, which can be tough to get a rid of once you have it running in your memory, for that you should ask an ADVANCED user to do it for you and give him the basic hints to look for: A) Regedit - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] and [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] also RunServices and RunOnce at the same place. Some spywares if running in memory are able to consistently check and rewrite these entries, so a manual deletion doesn't have to work. B) Safe mode - F8 at Windows boot. Spyware don't load in safe mode (mostly). You can Scan&Clean there. And remove REGEDIT entries as well. NOTE: There are also other places where the harmful prog can load itself, like win.ini, system.ini, extensions infection, startup folder, etc, but they're not likely to be used. It would take 3 more pages to cover everything.. If you didn't get a rid of your spyware this way, you should really ask someone experienced, who knows how to use memory scanners & stuff (one for basic use is WinPatrol - http://www.winpatrol.com ), since it's NOT THAT EASY and you have a VERY AGGRESSIVE APYWARE.
A) If you surf securely, go for FireFox - The only disadvantage is not supporting ActiveX what can make some pages to not work properly.
ActiveX Extensions can be had for Firefox, and Mozilla. Netscape comes with the ActiveX extension buitl-in and running. So it is not that much more secure than IE, even though it is based on Mozilla, and now Firefox.
I'm way cooler than n0e (who isn't though?)
27th May 2004
this would be very good as a sticky, great work Lunatick, very well put togethor. Im certainly trying some of the programs listed..
Lunatick is a nOOB with alot of good info!!!! Keep up the good work!
Clamwin is a good virus program. It's open source so its free. Comes with free updates too. I use it cause I got tired with Norton. Norton takes up a lot of cpu usage and ram. Heres a link to it. http://www.clamwin.com/
Mullet ManLunatick is a nOOB with alot of good info!!!! Keep up the good work!
Harrrumph.. Stealin' my thunder, is what he is doin'... :mad:
Maybe this place is big enough for the both of us. :lookaround:
I will be looking forward to seein' what other sources you've got. :)