Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keeping A Clean Computer Clean - How?


  • Please log in to reply
10 replies to this topic

#1 gators95

gators95

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 16 January 2006 - 09:01 AM

I have read many posts on this site regarding keeping your PC clean from spyware and malware and realize that is a full time job.

Be that as it may, I have time on my hands and would like to keep my PC safe from this crap as it is more irritating than junk mail. Simply put, junk mail doesn't corrupt my home and make it an unsafe arena to live in. Spyware & Malware does corrput our PC and make it an unsafe area to compute in.

With that said - how do you keep a clean PC clean?

I am using a combination of the following products which each load at system startup:

1. Lavasoft Adaware
2. Microsoft Anti-Spyware
3. Spywareblaster
4. AVG Anti-virus
5. Windows Firewall

I keep these products, along with Windows XP, updated frequently.

I also run Hijackthis and Autoruns frequently and look through the startup database to see if items are loading that are malicious in nature.

Additionally, I have a Linksys router providing my network with a front end firewall with all ports, except port 80 blocked, block wan requests enabled, multicast pass through disabled, IPSEC pass-throug disabled, PPTP pass through disabled, remote management disabled, remote upgrade disabled, and filter internet NAT disabled.

While nothing in life is certain, I would like to minimize the time needed to assure I am not giving my identity to would be hackers through the crap that gets installed on my machine. Additionally, I would like to get back to a sane way of life and minimize the paranoia I feel about the Internet.

What else should I do?

Am I asking the question akin to - what is the meaning of life? - an unanswerable question.

BC AdBot (Login to Remove)

 


m

#2 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:11 PM

Posted 16 January 2006 - 09:58 AM

Assuming you keep Windows patched, which is a never-ending job, you have all the necessary tools at hand to keep your computer secure: firewalls, anti-virus, and other malware-finding applications.
Knowledge is security, and it seems you have done some reading about computer safety, and can therefore avoid causing problems by, for example, using P2P file sharing , opening zipped E-mail attachments. or giving out private information without careful scrutiny.
Now that you are as reasonably safe as one can be, you may begin to concentrate on the important question: why is there something rather than nothing?
Regards,
John

Edited by jgweed, 16 January 2006 - 09:59 AM.

Whereof one cannot speak, thereof one should be silent.

#3 gators95

gators95
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 16 January 2006 - 10:09 AM

Thanks for the reply.

I am assuming there is something as every time I think I have the problem licked, (i.e. a clean PC) I always seem to come up with some other problem that causes me to look like this:

:thumbsup:

For example, this morning I decided to run the Cool Web Search removal tool in safe mode - I figured I had a clean PC so it would just be a formality that I would run it and find I didn't have it.

WRONG - I had it!!

With that said, I hope that I am done climbing the learning curve and need now only focus on keeping everything in check - updated, patched, installed, uninstalled, etc.

My solution to keep windows patched is essentially keeping Windows Update active so it looks for an update every time I boot up - is this enough?

Honestly, I was hoping for a response such as yours because it will allow me to focus on the nothing as opposed to being so darn paranoid that I question why I even got a PC in the first place!

As for P2P programs, I do run them, however, I run them from a PC which I don't mind being infected. Its an older PC that is outdated and doesn't have the system resources on the 3 other ones on my network. Additionally, when I do run them, there are no other active PC's on the network - they are all shut down in hopes that whatever does leach onto my system, does not navigate my network and compromise other unsuspecting, and inactive, PC's.

Thanks again - where should I send my donation for this site?

#4 gators95

gators95
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 16 January 2006 - 10:39 AM

ok, so it happened - again!

:thumbsup:

Reading another post, I decided to add the Ewido application to my arsenal of keeping my PC clean.

I downloaded the app, updated it, and ran a scan. As usual, I figured it would just be a formality that the scan would be run and I would obtain peace of mind that my system was clean.

:flowers:

It found sixty infections - even after I had all of the other apps. running above.

I feel like Charlie Brown trying to kick a football held by Lucy - every time I think I can kick it through the uprights, someone moves the *&%^#$* football!

I mean, come on, if networked computing cannot be done in a safe environment, then why network at all?

Two other questions I have:

Is it true that Mac's are impervious to spyware and malware?

When/why should a scan be done in Safe mode as opposed to regular mode?

#5 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:11 PM

Posted 16 January 2006 - 11:04 AM

1. No, Macs are certainly not impervious to spyware, and have their share of computer vulnerabilies, as evidenced by the recent list published by US-Cert; although the Mac OS is more robust than Windows, and not targeted as much by malware authors because of its relatively low usage.
2. Scanning in Safe Mode is somewhat faster, and also eliminates the possibility of malware hiding itself in areas that would be "protected" otherwise.
Interestingly enough, Ewido

"... detects trojans that attempt to hide by attaching themselves to other programs, so called binded executables."

http://www.anti-trojan-software-reviews.com/review-ewido.htm

Personally I prefer to download and install MS patches manually, since that way I have an archived copy for later use, and can delay the patch until I am sure there are no problems associated with it. I suscribe to MS's and US-Cert's Email notices, so I am aware of any patches that may be published.

Anti-Spyware applications, such as Ewido and Ad-AwareSE, will find problems not found by others for the simple reason that each company currently has its own set of criteria for what consitutes "spyware," and will necessarily only find what it is looking for. Here, too, are differing hierarchies of spyware found.

Use P2P with caution, because even if the application you use does not have spyware included in it, the files downloaded are always suspect and should be handled with precisely the same care that one would use with, for example, a zipped file attached to an E-mail from an unknown source.

Regards,
John
Whereof one cannot speak, thereof one should be silent.

#6 gators95

gators95
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 16 January 2006 - 11:24 AM

Thanks for your time and patience in helping me overcome my paranoia!

Why is that, even after scanning and removing mal/spyware, it comes back once the PC is re-booted?

I think I can understand why as the running instance of it is what gets deleted and the 'ware is still lurking in the PC waiting to be called.

I guess the better question is:

How do you know you got it all when the scanner picked it up?

Does scrubbing in safe mode present a better probability that it will be detected/eliminated at the source?

Thanks again for your time, I am learning and feeling better as multiple scans using multiple programs are coming up clean.....

#7 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:11:11 PM

Posted 16 January 2006 - 11:52 AM

Scrubbing in Safe Mode increases speed and probability.

I cannot address the issue of returning malware without some examples; however, it MAY be that the application is detecting quarantined malware. You can determine this by examining the path provided.

It is far easier to get malware than to get RID of it. Many instances of malware require special handling. For example, some viruses will hide in your System Restore, which must be disabled before scanning or the removal of some is facilitated by downloading a special application.
Doing a search on the particular malware can often lead to more precise instructions on a case-by-case basis; most AVs, for instance, have a database of Viruses that would include any special instructions.

Regards,
John

Edited by jgweed, 16 January 2006 - 11:54 AM.

Whereof one cannot speak, thereof one should be silent.

#8 gators95

gators95
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 16 January 2006 - 05:25 PM

Later that afternoon, Panda Online Virus Scan found ISToolbar, a Virus (Virus:VBS/Inor.gen), Hacking Tool (nmap) and 30+ other spyware files.

I give up and long for the days of a typewriter - where the only virus found was when the user had a cold.

:thumbsup:

#9 Uraiser

Uraiser

  • Members
  • 254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX
  • Local time:11:11 PM

Posted 17 January 2006 - 10:41 AM

you can take every pre-caution in the world. Malware is inevitable. Theres always some guy out there that has to ruin it for everyone. You have A lot of good software.. but will continue to be infected.. I can assure you that. Just keep doing what you're doing.

#10 gators95

gators95
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 17 January 2006 - 10:52 AM

Yeah, I was pretty depressed about it yesterday but got over it this morning.

I also downloaded ZoneAlarm from their site, disabled Windows Firewall,and installed ZoneAlarm so I a have better track of what is trying to get out.

I figure if you can't prevent the *&^# from getting on your PC, at least monitor it so you can minimize the time of infection.

Not the most robust of strategies but it will have to work!

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:11 PM

Posted 17 January 2006 - 03:11 PM

If you want to continue learning, here are some good sources to look over.

Prevention and Protection Tips:
Read "Simple and easy ways to keep your computer safe".
Read "How to Prevent Spyware".
Read "Secure Your Home Computer" for a comprehensive overview on how to keep your computer safe.

Increase Your Computer Security
Read "Safer Settings for Internet Explorer for SP1 & SP2" and "How to Configure Enhanced Security Features for Internet Explorer in XP SP2".
Read "Limited-User Security on Windows XP" and "Create Your Accounts" to learn how to set up a user account instead of administrator to prevent malware from installing itself on your system.
Read "Improve Your Security with Windows Security Checklist XP" by Larry Stevenson.

Confused about which apps are good or not? Read "Rogue/Suspect Anti-Spyware Products"
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users