This post represents my current knowledge of the ‘baddies’ that might infect your Windows systems. Last updated on 2/14/2006.
Some quick thoughts. Viruses and Trojans are now entering systems though Instant Messaging. Got kids? Got an older version of an anti-virus program? Expect some nasty problems…
Rootkit Trojan’s, while currently rare, are an extremely dangerous type of virus/trojan and invisible to current anti-virus and anti-spyware programs. Read that again. They undetectable, very difficult to remove and can do anything to your computer without your knowledge. See below for more info.
Spyware is the most common problem I see. Is your system slow and getting lot’s pop-up’s? Then you probably have a spyware infection. It usually takes me 1 to 4 hours to remove spyware from a computer.
Norton AntiVirus and Internet Security have become to complex for me to recommend. These are my opinions and experiences. Yours may vary. Feedback invited.
Viruses:
There are a lot of programs that do a good job of detecting and removing viruses. I recommend the following:
NOD32 - $40 - Free trial http://www.nod32.com/home/home.htm
Free AVG free http://free.grisoft.com/doc/2/lng/us/tpl/v5
Trojans:
Trojans are a virus that can give hackers a backdoor into your computer. They can then perform all sorts of mischief: steal your data or passwords, command your computer to attack web sites, etc. Most anti-virus programs will detect and remove the majority of trojan programs but the following are specialized anti-trojan programs. Good site for trojan info. http://www.bluetack.co.uk/forums/index.php?showtopic=72
Trojan Hunter - $50 - Free trial. http://www.trojanhunter.com/
Ewido - $35 - Free trial. Easy to use http://www.ewido.net/en/?section=download
Rootkit trojans:
These are the super nasties. Undetectable except by a few special programs. For geeks, I recommend RootkitRevealer. Note that this program just helps you find a rootkit trojan, not remove it. F-Secure’s Blacklight is a rootkit finder/remover tool that is in development and is currently free. It found and removed HAXDOOR from a client’s computer. HAXDOOR is one of the super nasties.
RootkitRevealer http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml
Blacklight http://www.europe.f-secure.com/blacklight/
Spyware:
Top rated anti-spyware programs are CounterSpy, Microsoft's AntiSpyware, Spyware Doctor and SpySweeper. You can also run AdAware and SpyBot to remove advertising tracking cookies or for additional security but I just use Microsoft AntiSpyware. Warning: Most commerical anti-spyware have been changed to ignore common non-destructive spyware programs like Gator. They still find them but you usually have to take some manual action like changing the 'Ignore' recommendation to 'Delete'. The assumption is that these companies have elected to do this rather than face legal challenges from the spyware companies.
Microsoft AntiSpyware - Free. http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en
CounterSpy $20 - free trial http://www.sunbelt-software.com/CounterSpy.cfm
Spyware Doctor $30 http://www.pctools.com/spyware-doctor/
SpySweeper $30 - free trial http://www.webroot.com/products/spysweeper
AdAware Personal - Free http://www.lavasoft.com/
SpyBot - Free http://www.download.com/3000-8022-10122137.html
Spamblocking software:
Spambayes for Outlook - Free http://spambayes.sourceforge.net/
Spambully for Outlook Express - $30 http://www.spambully.com/
Cloudmark for severe spam - $40 http://www.cloudmark.com/products/safetybar/
Software Firewalls: Yep, you need one these also. You can use the built-in Windows firewall if you have Windows XP Service Pack 2 but this one is better: If you use a hardware router, it has a very good firewall built in.
Zone Alarm - Free version: (Note: the download location changes frequently) http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp;jsessionid=D71TJfUztdJ0JGJJq6ihiL2LDAk2hy0ve30E2HExuz3F9ckMNkAc!613671661!-1062696903!7551!7552!NONE?dc=12bms&ctry=US&lang=en
Lockdown tools: These tools notify you whenever they detect a change to Windows programs or settings. Sounds like a great way to secure your system but expect to get a bunch of pop-up windows asking if you want to allow a change. I have not tried any of them but Prevex and WinPatrol have a lot of satisfied users.
Prevex http://www.prevx.com/default.asp
WinPatrol - Free version and a $20 version. http://www.winpatrol.com/
ProcessGuard - $30 http://www.diamondcs.com.au/processguard/
Pop-up blockers: Optional but nice. The Google Toolbar provides a variety of tools.
Google Toolbar - Free http://toolbar.google.com/
SuperAdBlocker - $30 http://www.superadblocker.com/index.html?PHPSESSID=ed159d14482a434b2be5db20f66a293f
Wireless security for home and small business: I recommend enabling the WPA encryption. This requires a fairly new wireless router and Windows XP Service Pack 2. Be sure to choose a long (up to 63 characters) PassPhrase of random letters, numbers and characters. Then save this PassPhrase and copy/paste it to each computer that will be using the wireless network. You can get an unique PassPhrase here: https://www.grc.com/passwords
Miscellaneous Windows security info:
It is crucial that you install the Windows Critical Updates. http://windowsupdate.microsoft.com/
You also need to install updates to Microsoft Office. Do this by starting any MS Office program and clicking on Help, Office on the Web and then clicking on Check for Updates and then clicking Check for Updates again on the next window. Note: You will need your MS Office CD. (Update: Microsoft now gives you the option of downloading update files that will install without a CD). The new version of Windows Update (above) gives you the option of having Office updates downloaded and installed also.
http://office.microsoft.com/en-us/default.aspx
Information on how to improve your MS Internet Explorer security settings. http://www.infinisource.com/techfiles/ie-sp2-surf-safe.html
Use the Firefox browser for extra help in protecting your computer against spyware. (Note: now that Firefox has become popular, it is not more secure than Internet Explorer according to some sources.):
FireFox Internet browser – free http://www.mozilla.org/
FireFox customizations http://www.scotsnewsletter.com/best_of/firefox.htm
MS Baseline Security Analyzer (I need to try this someday.) http://www.microsoft.com/technet/security/tools/mbsahome.mspx
Security forums/news: http://www.spywarewarrior.com/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment