How do I stop Malware?

[nellerbug]

We have Symantec's Corporate Antivirus Software on our Server and it is the most current version and right up to date. Problem is we have systems infected with Malware. I used a free download from EWIDO to detect & remove it, but I need a Server solution.
Can anyone please tell me:

1. Why my Corporate Server based A/V doesn't stop Malware
2. What is my best solution for a Network with a WIn 2000 Server & 35 WIn XP & WIn 98 Workstations.

 

[erikhertzel]

What version of Corp are you using? 10.2001 is the most current and does support malware removal from the server to the workstations...that is what we run here at work.

 

[pechenegs]

most malaware is downlaoded and instllaed by way of add ons from p2p programmes and others. You can also get hit by drive by sites, visit a site or get ridrected to a site and bang your it!


Try some of these tools for added security, most are run in the background and don't use much resources, the others are cleaners of malware!


this is my spiel on using these tools!

go to this site and download these tools and once you get both
adaware Se 1.6 and spybot, update both of them.

Set adaware to do a full system scan and deselect, "search for neglible risk
entries". Click next to start the scan. Delete everything adaware finds.

reboot and now run spybot

Spybot: Search and destroy.

Delete what spybot finds marked in red. After updating spybot hit the
immunize button.

reboot again


With CWshredder close all browsers and programmes and select the FIX button.



Go here and download Microsoft Antispyware Beta. First in the top menu click
File then Check for updates to download the definitons updates.

After updating look in the right side of the main window under "Run Quick
Scan Now" and click Spyware scan options. In that window put a tick by Run a
full system scan and then put a check by all three options below that then
click Run Scan now.

When the scan is finished, let it fix anything that it finds (have it
quarantine the items that have that option rather than delete just in case.
It is a beta program and there may be false positives)

Restart your computer.


All tools can be downloaded at the link below and found on that page!


. Microsoft® Windows AntiSpyware
. Trend micro CWShredder
. SpyBot search and destroy
. AdAware SE personal

http://www.majorgeeks.com/downloads31.html

here's some free tools to keep you from getting infected in the future.


to stop reinfection get these two tools, spywareguard and spywareblaster
from

http://www.javacoolsoftware.com/downloads.html

get the hosts file from here.

http://www.mvps.org/winhelp2002/hosts.htm

put it into :


Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98\ME = C:\WINDOWS



ie-spyad.Puts over 5000 sites in your restricted zone so you'll be protected

when you visit innocent-looking sites that aren't actually innocent at all.

https://netfiles.uiuc.edu/ehowes/www/resource.htm

http://www.winpatrol.com/winpatrol.html

prev free

http://free.prevx.com/

Use spybot's immunize button and use spywareblaster' enable
protection once you update it. you can put spybot's hosts file into
your own and lock it.



I would also suggest switching to Mozilla's firefox browser, it's safer, has
a built in pop up blocker, blocks cookies and adds. Mozilla Thunderbird is also a good
e-mail client.

http://www.mozilla.org/

Another good and free browser is Opera!

http://www.opera.com/

Read here to see how to tighten your security:

http://forums.techguy.org/t208517.html

A good overall guide for firewalls, anti-virus, and anti-trojans as well as
regular spyware cleaners.

http://www.firewallguide.com/anti-trojan.htm

Member of ASAP Alliance of Security Analysis Professionals

under the name khazars