Anti

Anti-Virus Info? Is That All?

Article Written By: Steven Matheny, Systems Analyst, President,"Computer Repair Plus+"

If You Are Not Serious About Your Computer Security, Just Plan on, at Best Case, Having Your Computer Crash, Lock up, and Freeze. You Will Also See Popup's, Unwanted Invitations to Porn Sites, New Mortgage Offers, Free Screensavers, and Penis Enlargement...Just to Mention a Few! At Worst Case, Dealing with Your Bank, Credit Card Company, and/or Credit Reporting Agencies, Trying to Recover From Financial Damage Inflicted by an Offshore, Unscrupulous, "Scumware Writer"!

Since about 1993, security for business and home computing has become an integral part of the computer specialist's realm. It all started with tiny and simple programs that would take a network down by making it too busy to function, or cause operating system or file structure damage. Today, the stakes are much higher! The tremendous amount of data being passed across this planet is staggering. My earlier writings regarding data transfer rate increase's were very detailed. For this writing, I have decided to keep it simple. The increase of data transfer since 1993 has increased approximately 2038.9 times! With this high speed capability comes increased risk for the unprotected Computer. It is estimated that a P.C. connected to the internet via a high speed connection will be under attack in less than 10 to 20 minutes...less time than it takes to download the software needed to curtail these very same attacks!! This, in and of itself is not that worrisome for the home user because unless you are receiving email, or surfing the web prior to patching and loading your Antivirus and Antispyware software there is little to be concerned about. This is a critical issue for the medium to large corporate networks. This writing is for the home and small business user. Corporate issues are much more complex.

Some of the basics are as follows...

First, Make sure File Sharing is Disabled, and Second, Make sure your Firewall is enabled, then begin the process of updating. To view the ZDNET report on patching your system Click Here . I'm not going to get into all of the varying definitions and differences between what are termed as Viruses, Trojans, Key-Loggers, Adware, Spyware , Dialers, and Phishing. These have all been grouped under 2 common terminologies recently, Malware and Scumware. Pretty self explanatory. Malware is derived from, "Malicious Software", and Scumware is named after the Scum that design and implement it. They are both one in the same. Don't be fooled into thinking that your 16 year old, son, nephew, cousin, ect., has the working knowledge to write this type of programming, nor are they educationally equipped to deal with the fixes! I haven't heard of any 16 year old Generals in the military, and believe me, this is a very strategic WAR! The idea that these very complex attacks stem from some college kid with too much time on his/her hands is ludicrous, the reality is that these attacks are assembled from very experienced programmers seeking monetary gain! There is no such thing as a, "Computer Genius"! I have to educate myself daily, and have been doing so for over 16 years.

For those of you who want to blame Microsoft for the security holes, keep in mind that Microsoft is challenged with a very difficult situation...If they reveal a security hole in their systems, the scumbags start working on exploiting it, if they don't reveal it , and a scumbag locates and exploits it, they are blamed for not revealing it! The only reason that Scum writers target Microsoft operating systems is because they are the biggest kid on the block. All of the other operating systems are just as, if not more, vulnerable, they just lack in popularity. I hear alot of complaints about the Windows operating system, but what people fail to realize is that all of these technologies are in their infancy! Over the last 16 years I have worked in Unix, OS2, Linux, and Mac, and of course, DOS. Each operating system has a set of Pro's & Cons. By far, for overall practical use, and software title availability, Windows is the most practical operating system for the average home and small business user! For in depth definitions of all of these terms, Click Here.

The purpose of this page is to offer practical advise on how to avoid the damage that these components can cause. I am also offering links to free downloads of software utilities, and online scans that can aid in diagnostics and removal...

1. When buying or setting up a P.C., start with investing in a good Anti-Virus and Anti-spyware software suite. An antivirus program alone is simply not enough!

The one thing that can be certain is that these issues will evolve. In 1995 the very best Antivirus software was Norton, with Mcafee running a close second, and F-Prot running 3rd. Now, Norton and Mcafee have become a joke in the industry, and yet consumers are conned by big business into thinking they are adequate! What was once the optimal, will soon be the minimal. It takes constant vigilance to keep up with what works and what doesn't. I trash a computer, on average, once every 2 weeks by performing security testing. I have numerous pieces of Malware, and put all of the top rated Malware utilities through their paces. I review the latest threats on a daily basis, and pay close attention to reviews from non-bias testing facilities. I'm not suggesting that everyone needs to do this, but, in order to be qualified to deal with these issues, that's what it takes!

My Recommendations...

#1. I highly recommend the following ... Bitdefender, Rated #1 in the industry by numerous testing bodies, above the ever popular suites from both Symantec, (Norton Antivirus, Rated #6!), and (Mcafee, Rated #4). Keep in mind that a ram resident Anti virus program has to utilize valuable resources because they continuously monitor all network activity, including, but not limited to...Registry changes, browser changes, activex controls, and operating system file modifications. So do your homework especially if you have an older P.C. The biggest issue I've seen with older P.C.'s with network security is longer latentcy, (The time it takes for a program to execute after it has been commanded to do so.) Note: The average store bought P.C. with WindowsXP Has 256meg of ram, I recommend at least 512meg of ram because of the resources that are required when loading the protective software you NEED!

#2. Anti-Spyware programs... Aluria ,rated #1, Counterspy, Rated #2, (Formerly GIANT, who Microsoft bought out, and is now Microsoft Antispyware. Counterspy is a spinoff of the original software, and is much more in depth than the Microsoft version) Webroot Spysweeper Rated #3, and works adequately for the average user, and works well with older P.C.'s that lack in horsepower . Keep in mind that it is much easier to defend against infection than it is to clean it up after the fact. I have often seen P.C.'s with operating systems so fouled up from infection, that even after all of the offending software is removed, the operating system has been so severely damaged that the only logical thing to do is a Destructive Restore, (Formatting the drive and reloading the Operating System) . PREVENTION!!!!! To read the latest top 5 antispyware reviews click Here.

#3. Keep your operating system up to date. 99% of the time the service packs and security patches that Microsoft presents will aid in the battle. I won't get into the 1% of the time that it doesn't because these are, for the most part, software developer issues.

#4. When using a high speed connection such as DSL, or Cable...USE A ROUTER! Configure the router according to the manufacturer's instructions and optimize the security settings. A router offers numerous benefits, and allows more than one P.C. to utilize the connection. If you aren't intent on using a router, than you should at minimum, use a software firewall. The firewall built into WindowsXP with Service Pack2 is adequate, but for all other Microsoft operating systems, an aftermarket software title such as Zonealarm, Blackice, or Norton Personal Firewall will work if configured properly. For a complete review of all the available software firewall products click Here.

Keep in mind, software firewalls have to be taught to allow what you want, and stop what you don't want. Understanding how to distinguish good from bad with aftermarket software takes a certain amount of education, with exception of WinXp SP2. A lot of the issues you would experience in that case have been addressed.

With a Router, just set it up, and leave it alone! MAC address filtering is an excellent security measure for hardwired systems. WEP, and WAP encryption is the way to go for wireless. Don't be fooled...Wireless is vulnerable, especially if the encryption is simply WEP. I have 2 windows based programs that will get me a WEP key by simply "Sniffing" enough packets sent. The more activity on a WEP encrypted network, the faster I'll get the key, and once I have the Key, that network is MINE! Simply stated, "A router assigns an internal I.P. address to your computer(s), and as far as the WWW is concerned, the router is masking the internally assigned address, so the router becomes the computer that is visible to the outside world, not your P.C. I understand, that to much of this sounds something like Charlie Brown's Teacher, (Wa-Wa-Wa-Wa-Wa-Wa-Wa_Wa). Take the time to educate yourself, it really is worth it!

#5. E-Mail!! A good rule of thumb is if you don't know the source, don't open it! Unfortunately, this isn't the only rule. The Good antivirus software packages integrate with popular email client software packages and scan both incoming and outgoing mail, both options are configurable. E-mail is is the most common means for Malware propagation. Also, configure your email client to read text instead of HTML. I am in the process of detailing the, "How's and Why's", and will be supplementing this writing.

WindowsXP and WindowsME Users Please Click Here Before Proceeding, and Keep in Mind, If You Are Using WindowsME, DO NOT UPGRADE TO WINXP! A FRESH INSTALL OF WINXP IS YOUR ONLY HOPE OF HAVING A STABLE OPERATING SYSTEM! WHEN YOU UPGRADE ME TO XP, YOU SIMPLY TRANSFER ALL OF YOUR BAD SETTINGS!

Locking Down Internet Explorer

Click Here to Learn How to Add Restricted Sites to Internet Explorer (I Highly recommend IESpyad)

FREE ONLINE ANTIVIRUS TESTS

Free Online Virus Scanner Rated #1 Worldwide as of 8/29/2005!

Trend Microsystems Free Online Virus Check and Repair. Also Covers SOME Worms and Trojans !

Free Online Virus Scan and Repair.

I have run a full battery of tests, and, hands down, the very best freeware antivirus software available.

Free Online Virus Scanner Popular With Linux Users. Supports Windows!

Free Online Virus Check. Authors of "Pest Patrol" Anti-Spyware!

Avast Free Online Virus Check, and Resident Shield.

FREE PC SECURITY LINKS

Free Online Trojan Scan and Repair.

Free Online Security Vulnerability Check. Excellent!

Free Firewall, Trojan, Port Vulnerability, Popup & Patch Management! Very Thorough!

Qualys Step By Step Browser Vulnerability and Repair. Excellent!

Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment! This Site Aids in Addressing This Issue. Not For the Novice User!

FREE PC RESIDENT SECURITY

AVG Antivirus Free Suite Zonealarm Firewall

Enigma Firewall

a² Personal is the latest generation Malware scanner and remover. Beside Trojan Horses and Backdoors, it also detects other harmful software like Worm-Viruses, Dialers and other dangerous programs used by attackers to spy on or damage your private data. The advanced background guard prevents these harmful programs running on your PC. It blocks Malware before it can become active.

XP-AntiSpy screenshot - click for full size

XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may raise security or privacy concerns in some people. For example, there is a service running in the background which is called Automatic Updates... that may sound useful to most people, but suspicious to others. You can disable all these features manually by going through your configuration, find the settings for each etc. However with XP-AntiSpy there is no need to do this, since it will show you all of them at once and let you choose which ones to disable. Not only will it save you a lot of time disabling them - it will also allow you to quickly re-enable them if you change your mind. Be careful with this!

Ad-Aware screenshot - click for full size

AdAware is a privacy tool, that scans your memory, registry, hard, removable and optical drives for known data-mining, aggressive advertising, and tracking components. It then lists the results and offers to remove or quarantine the components. The program detects a wide range of adware/spyware related issues and can be updated with the latest signatures via the built-in update utility. You should fully read the included Ad-aware documentation before removing any files! This program has become, for the most part obsolete, but is still widely used.

Bazooka screenshot - click for full size

Bazooka Adware and Spyware Scanner is a small and fast scanning engine that scans your system for more than 460 known spyware and adware installations. This includes keyloggers, activity monitors, Trojans and more. If any items are found, it provides a link to an online encyclopedia that provides in depth information and links to additional resources. The program does not offer to remove any of the detected components, however it provides removal instructions or links to uninstallers (if available). The program does not provide near as many features as other popular scanners, however it scans fast and provides detailed information that is easy to understand and frequently updated. If you find other spyware scanners too confusing or complicated, try this one.

Perfect Process screenshot - click for full size

Perfect Process is a spyware/adware shield that protects your computer in real-time from more than a 1000 potential spyware and malware programs. The program can also connect to a network machine and perform a remote scan (administrator privileges required). In addition, Perfect Process provides several additional tools, a startup manager, and a detailed process viewer that provides in-depth information for many running processes, as well as statistics for recently started programs, browser home page protection and more. The program is not nearly as sophisticated as other spyware scanners, but offers a good set of features for advanced users.

X-Cleaner Free screenshot - click for full size

XCleaner is a privacy tool suite that detects and removes installed spyware and adware components and includes tools to securely delete files, edit the registry, disable startup programs and more. Additional features include IE home page protection, cookie, cache and history cleaning, built-in password generator and more. This free version also contains some additional feature options, however they are disabled and require upgrade to a full version. The spyware and adware scanning as well as many cleaning features however can be used freely.

KL-Detector screenshot - click for full size

KL-Detector is designed to provide a way to find out whether your activity is being recorded with a keylogger application. It uses the fact that most keyloggers create a hidden log file on your hard drive and therefore scans for any suspicious activity during a test period that you have to initiate. Basically, it asks you to use the keyboard for several minutes, type some text or do similar activities, while it is monitoring your system to check if it can detect any suspicious logging activity. KL-Detector is intended for occasional use and not as a permanently running program, as normal PC activity may cause false positives. During our test, it did detect changes in a keylogger log file (that we installed), but it did not find the activity suspicious enough to warn us. Advanced users may get value by inspecting the logged items, however novice users should not rely on the results.

RETAIL SOFTWARE LINKS

#1 Spyware removal is easier than ever with Spyware Eliminator 4.0. Within minutes, Aluria spyware removal technology identifies and removes dangerous spyware on your computer. Are you infected with Spyware? Find out with Aluria’s FREE Spyware Scan. This is the #1 rated Anti-Spyware software available. 30 day trial available!

#2 CounterSpy detects, deletes and protects you against spyware. Why choose CounterSpy™? According to PC World it has one of the best spyware database's in the industry. That means it removes most spyware! I like this because it works, and it doesn't require the amount of resources that Aluria uses.

#3 Award-winning technology – Only Spy Sweeper features Active Shield technology, which stops spyware before it infects your PC. Deep scans root out and quarantine the trickiest programs. Spy Sweeper is easy to use – Spy Sweeper has received wide-spread acclaim for its usability from customers and leading industry reviewers alike. World class customer support – Expert & friendly technicians back our award-winning software, to help you through even the toughest spyware problems. Satisfaction Guarantee – Spy Sweeper is backed by a 30-day money-back guarantee.

If you have any questions or comments regarding these issues, please E-Mail me at... steve@stevematheny.com