Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

What are Good Virus/Spyware?Update/Firewall Practices?

Security

What are Good Virus/Spyware?Update/Firewall Practices?

by  gpalmer711  Posted    (Edited  )
I have created this FAQ drawing text from other FAQ's found on Tek-Tips, credits at the end, and my own experiences. I realise that I am duplicating information that can be found elsewhere, however it does not seem to be in a single location.


General Notes

If you are experiencing problems now then follow the Recomended Procedure below. Otherwise have a read and follow the general advice given.

Special Note for XP users:
If any of the scans below find problems then you should disable System Restore before fixing them.
Right-click My Computer, Properties, System Restore, and uncheck the box to have System Restore active on all drives. When you have finished the steps below, re-enable System Restore.

Special Note for all:
You want to run the antivirus, spyware, adware, and other utilities without IE active, and without any Peer-2-Peer application active, such as eDonkey, Kazaa or eMule. Your success with any of the tools below approach 100% if no internet application is currently active.


Viruses

People should not rely on a single Anti-Virus solution, while most of the applications that are available work very well. It is too much to expect them to find everything. Also make sure that you have downloaded the latest Virus Definitions, some companies release updates daily, some weekly. It normally takes seconds to check so I would recommend doing it daily.

It is worth running two of these on-line virus checkers once a month, and definatly if you are experiencing problems which may be attributed to a virus.

I personally prefer the Trend Micro and Panda checkers, however they all work well.

http://housecall.trendmicro.com/
http://www.mcafee.com/myapps/mfs/default.asp
http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym
http://www.bitdefender.com/scan/licence.php
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
http://www.ravantivirus.com/scan/
http://www.freedom.net/viruscenter/index.html

You can scan single files using the following sites

http://www.kaspersky.com/remoteviruschk.html
http://www.ikarus-software.at/portal/modules.php?name=Content&pa=showpage&pid=4

Also a couple a nasty Worms that have been hitting people hard over the last couple of months are the MSBlast and Sasser Worms.

If you get a shutdown message such as the one below, then you almost certainly have one of the formentioned worms.

[img http://www.microsoft.com/security/images/system_shutdown.gif]

If you get that shutdown message appear, click on start > then run > type "shutdown -a" (without the quotes) and click OK. This should stop the shutdown, you should then visit the following two sites and follow the instructions given.

http://www.microsoft.com/security/incident/blast.mspx

http://www.microsoft.com/security/incident/sasser.mspx


Spy/Adware

At least once a week you should run at least one from each section of these checkers (I would recommend running 2 from each section), they will scan your system for known Spyware and Adware. These little nasties can use up lots of valuble resources and can transmit your surfing habits/personal data back to the developers.

Spyware & Adware

Giant AntiSpyware - http://www.giantcompany.com (30 day trial)
Spybot - Search & Destroy from http://security.kolla.de
AdAware 6 from http://www.lavasoft.de/support/download/
Spyware Blaster from http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard from http://www.javacoolsoftware.com/spywareguard.html
Bazooka Adware and Spyware http://www.kephyr.com/spywarescanner/index.html

Browser Hijacks

CWshredder from http://www.majorgeeks.com/download4086.html
Toolbar Cop http://www.mvps.org/sramesh2k/toolbarcop.htm
Hijack This from http://tomcoyote.com/hjt/


For help with the Hijack this log take a look at faq760-4764 and faq760-4849

Note: Some applications, such as Kazaa, will not function unless the adware that is included is present on the computer. Therefore check what you are deleting before you do it.


Windows Updates

So many people do not apply the latest updates from Microsoft, they had a lot of bad press back in the WinME/2000 days of being unreliable and MS having to reissue updates. However the WinXP updates have been alot better, I can only remember a handful of updates that had issues.

http://v4.windowsupdate.microsoft.com/en/default.asp


Other Steps

If you are still experiencing problems you can try the following two fixes.

Download and run the LSPfix utility: http://www.cexx.org/lspfix.htm

Download and run the Winsock repair utility: http://www.dslreports.com/r0/download/544752~62fe0e8dc00fac87e6f0f83c54d283a4/WinsockFix.zip


FireWall

A firewall is a piece of software or hardware that creates a protective barrier between your computer and potentially harmful content on the Internet. It helps guard your computer against hackers and many computer viruses and worms.

XP has a basic firewall which is better that nothing and works quite well, it is not as configurable as those listed below. That being said you should enable it if you are not going to use a third-party one.

Take a look at http://www.microsoft.com/security/protect/windowsxp/firewall.asp for instructions on enableing the XP firewall.

Zone Alarm http://www.zonelabs.com/store/content/ company/products/znalm/freeDownload.jsp
Sygate Personal FireWall http://smb.sygate.com/products/spf_standard.htm
Kerio Personal FireWall http://www.kerio.com/us/kpf_download.html
Outpost http://www.agnitum.com/products/outpost/


Recomended Procedure

If you are experiencing any Internet related problems follow the procedure below.

[ul]
[li]Enable/Download a firewall[/li]
[li]Your Current AntiVirus Solution[/li]
[li][link http://housecall.trendmicro.com/]Trend Micro Virus Scan[/link][/li]
[li][link http://www.pandasoftware.com/activescan/com/activescan_principal.htm]Panda Virus Scan[/link][/li]
[li][link http://windowsupdate.microsoft.com]Windows Update[/link][/li]
[li][link http://www.majorgeeks.com/download4086.html]CWShredder[/link][/li]
[li][link http://www.giantcompany.com]Giant Antispyware[/link][/li]
[li][link http://security.kolla.de]Spybot[/link][/li]
[li][link http://www.lavasoft.de/support/download/]Adaware[/link][/li]
[li][link http://www.cexx.org/lspfix.htm]LSPFix[/link][/li]
[li][link http://members.shaw.ca/techcd/VB_Projects/WinsockFix.zip]Winsock Fix[/link][/li]
[li][link http://tomcoyote.com/hjt/]Hijack This[/link][/li]
[/ul]

If you are still having problems then ask a question on either the Virus and Spyware forum forum760 or Windows XP forum forum779, depending on what YOU think the problem might be.

When posting questions bear the suggestions made in faq222-2244 in mind, make sure you let people know what your problem is, including any error messages, what you have done to fix it so far, what you do if anything to replicate the problem. Finally make sure you post back to let people know if their information was helpful and award them a star.

Credits

Smah for list of AntiVirus On-line scanners
THoey for list of Spyware scanners and Hijack This FAQ's
jrbarnett for additional Spyware scanners
bcastner for being so helpful and for giving me lots of pointers. FAQ608-4650
Linney for System Restore advice


Conclusion

Following the instructions above regularly will only take a small amount of time and should allow a reasonably trouble free time. However the best protection against Viruses and Spyware is personal awarness. If you are not sure about something don't open it or install it.

If you believe there are any errors or omissions then please let me know by clicking on the "send a comment to gpalmer711 about this FAQ"
Register to rate this FAQ  : BAD 1 2 3 4 5 6 7 8 9 10 GOOD
Please Note: 1 is Bad, 10 is Good :-)

Part and Inventory Search

Back
Top