Here are some ideas about how to keep a computer system
clean from malicous software.
Infection Prevention
"An once of prevention is worth a
pound of cure"
Keep your system patched - that is download your operating
systems patches regularly. Microsoft releases critical patches at the
second Tuesday of every month and can release patches anytime if the issue is
big enough. Mac is now a port of linux and is becoming more popular
(although still a small percentage of total systems), be sure to have your
update tools checking daily for patches.
The
http://secunia.com/software_inspector/
Hands down The Best Tool I have
ever used is a multifunction security tool that runs at the gateway called
"Untangle" http://www.untangle.com.
The base product uses 13 excellent tools and is FREE for home use! Desktop
tools are helpful, but wouldn't it be better to stop the bad stuff at the door,
before it can fight to take over a system? Untangle comes in two flavors
1. (Hardware/Software based) A Linux based install that can run on a
computer with two network cards. 2. (Software only based) As a
windows install on a newer computer that will use Arp Spoofing (in a positive
way) to route all Lan traffic through the Untangle security
tools.
I prefer using this on its own computer as a hardware
solution (for a small home network with only a few computers...Pentium
4 or better, 20Gig HD and at least 1 Gig Ram), all the processing is
very efficient and will not slow down the internet speed, but will probably
increase speed as the tool also cleans up malformed packets. The setup is
easy, there is good online documentation and tech support. The hardware
device can be configured to run as your only internet connection and replace
your existing firewall or it can be configured to run in "bridged mode" where
the untangle device works in line with your existing firewall.
The main
benefits are:
1. Web content filtering (yes you can actually categorize
content and filter it for free) - this is essential if you have children using
the internet! It isn't perfect and can't catch everything, but does an
excellent job for the money!
2. Antivirus at the gateway (adding a
second layer of defense to your desktop solution)
4. Antimalware at the
gateway.
5. Spam filtering at the gateway.
6. Internet Use
reporting (if needed - essential for making sure internet is being used
properly)
+ Seven other very effective tools
+ Additional tools can be
purchased if desired.
Ok, battling malware on the desktop the old
fashoned way...
Free Virus and Spy ware
Removers
Lavasoft Ad-aware
http://www.lavasoft.de/
or
http://www.lavasoftusa.com/
or http://www.lavasoftusa.net/
or http://www.lavasoftusa.org/
or http://www.lavasoft.nu/
or
http://www.majorgeeks.com/download.php?det=506
Can't say enough good
things about this one.
Webroot Spy
Sweeper
http://www.webroot.com
30 day free trial, very good scanner. If your machine is
infected, download and run
after Spybot S&D
X-Cleaner Deluxe
http://www.xblock.com/
http://www.xblock.com/deluxe.shtml
http://www.spywareinfo.com/downloads/x/
They have a free version available. This thing can fit on a
single floppy, which makes it nice if you are using a public access
machine.
On heavily infected machines I run this while I am running Trend
micros Clean Sys
Spybot S & D Intranet
Update Server
http://www.safer-networking.org/en/iuserver/index.html
Can't say enough good things about this program either. I
always run it first.
S&D is the most gentlest on the machine and can fix
New.net infections with out knocking the entire Internet off line.
Real good
inoculation program, and a
massive host file list.
HijackThis
http://www.spywareinfo.com/~merijn/
or http://www.lurkhere.com/~nicefiles/index.html
or http://www.spywareinfo.com/.../hijackthis.zip (direct
download)
Very good program in the hands of someone trained
to use it. Big warning, don't delete anything
until you are told what to
delete, don't. This thing shows all running processes. Feel free to post HJT
logs for me to go over.
Since I am to lazy to
re-invent the wheel, here are detailed instructions on how to post a Hijackthis log.
http://www.bleepingcomputer.com/forums/tutorial94.html
Please
post it on a new message screen and not on this link.
SpywareBlaster
http://www.javacoolsoftware.com/spywareblaster.html
or http://www.wilderssecurity.net/spywareblaster.html
Will not get rid of spyware, but
inoculates your machine against Active X and hazardous
websites and many of the drive by downloads.
Highly- highly recommend the
downloading and updating at least on a monthly bases
with this one
Free Virus scanners
AVAST! home
http://www.avast.com/
The most powerful of all the free
anti-virus programs. Slight learning curve,
Regular
updates. Great E-mail scanning. This also has some
great skins, I use the Star Trek skin.
Sometimes
this thing just won't install. If that happens, Use one of the others
below.
Grisoft AVG Antivirus Free Edition
http://free.grisoft.com/
Most
easy to use of all the three. Very nice e-mail
scanner. Daily updates. Can set it to do full scan everyday.
This is
rated as the weakest of the three scanners when it comes to ratings. But don't
let that discourage you from using it. I can say nothing but good about this
one.
I use it on all my laptops.
AntiVir
Personal Edition
http://www.free-av.com/ I use this one on most of my crunching
machines.
Very small CPU usage and footprint. Only
thing I don't like about the scanner is on many updates you have to download and
re-install the whole thing.
Virus updates either require task manager running
or do it manually. Updates do come out quite regularly.
In a class by
itself
A2 Anti-Malware Free
http://www.emsisoft.com/en/software/free/
Hmmm, how can I
explain this one? Not really a virus scanner, not really a spyware/malware scanner. But it does remove a lot of both of
them.
This scanner mainly goes after Trojans and keyloggers and it does a very good job of it. It does take a
real simple registration to get the program activated. I have gotten a grand
total of 6 emails in one year (and I'm signed up for everything they send out)
so don't be worried about getting spammed.
Highly-highly recommend adding it
to your personnel and update/run it at least once a month.
Super Antispyware
http://www.superantispyware.com/
Very Good malware removal
program.
Trial Version is fully functional, scheduling tool must
purchase.
On Line (web based) Virus
Scanners
Windows
Live Online scanner
http://onecare.live.com/site/en-us/default.htm
Trend
Online
http://housecall.trendmicro.com/
Panda Active
Scan
http://www.pandasoftware.com/activescan/
Requires you to
provide an e-mail address. I always use my Hotmail to get through that. Will not
remove malware, but gives the name and path of where
it is located.
Kaspersky Anti-Virus: Free
Online Virus Scanner
http://www.kaspersky.com/virusscanner
This might not
actually remove whatever it finds, but it does give the full path to it for
manual cleaning.
CA E-Trust online scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
F-Secure
Online Scanner
http://support.f-secure.com/enu/home/ols.shtml
No
matter how good of a scanner that you have, these will sometimes find something
that yours missed.
Many of the viruses will target your scanner. Feel free to
use them anytime you want.
OnLine Anti
Spyware Scans
http://www.trendmicro.com/spyware-scan/
http://www.spywareinfo.com/xscan.php
http://www.bitdefender.com/scan8/ie.html
I did not mess
with any of the free online scanners that only offers the scan and than will not
actually remove what it finds.
Other
tools:
Microsoft Malicous Software Removal Tool
(MSRT)
http://www.microsoft.com/security/malwareremove/default.aspx
The Microsoft Windows Malicious Software Removal Tool
checks computers running Windows XP, Windows 2000, and Windows Server 2003 /
2008, Visa and Windows 7 for infections by specific, prevalent malicious
software—including Blaster, Sasser, and Mydoom—and helps
remove any infection found. When the detection and removal process is complete,
the tool displays a report describing the outcome, including which, if any,
malicious software was detected and removed.
This tool is not a
replacement for an anti-virus product. To help protect your computer,
you should use an anti-virus product.
Microsoft will release an updated
version of this tool on the second Tuesday of each month. New versions will be
made available through this web page, Windows Update, and the Malicious Software
Removal Tool Web site on Microsoft.com.
Mcafee Stinger
http://vil.nai.com/vil/stinger/
Stinger is a stand-alone
utility used to detect and remove specific viruses. It is not a substitute for
full anti-virus protection, but rather a tool to assist administrators and users
when dealing with an infected system. Stinger utilizes next generation scan
engine technology, including process scanning, digitally signed DAT files, and
scan performance optimizations.
Firewalls
Windows Built in
firewall is good, if you want more features try these:
Zone Alarm
http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm
Sunbelt
Kerio Free Personal Firewall
http://www.sunbelt-software.com/kerio.cfm
You get the
full product for 30 days, after that the firewall will still work but in a
limited mode. But, you will still be much better protected than just using the
Windows built in firewall.
"Most products you test function for a month
and then they stop. But not the Sunbelt Kerio Personal
Firewall. After 30 days, it shuts down selected features, but will continue to
run in 'free' mode".
You can see the table that compares the differences
between Sunbelt Kerio Personal Firewall running in a
free mode vs. a full (paid) mode on the website. This does require a sign up, in
order to get the download. But don't worry, they do not spam or sell your e-mail
address.
HD Tune
http://www.hdtune.com/
While not a
virus scanner sometimes hard drive failure will mimic that of computer viruses
or a malware infection. This little gem above will
give you all the information on how your hard drive is behaving usually way
before a complete hard drive failure. My advice is to get the thing and run it
at least monthly to insure your hard drive is still performing properly. You can
also leave it on all the time and if something goes wrong it will give you an
alert message.
Many of the spyware programs
out there are nothing but spyware themselves.
When
in doubt check this website.
http://www.spywarewarrior.com
^ back to top ^
HOME