Hi - let's share some software, tools, ideas on how to best protect against viruses.. they've been causing me a lot of problems lately, how about you folks?
Of concern is things like netspy trojans (I was infected by a backdoor trojan that came in on a .jpg file! how do you protect against dropper trojans on images? - tough one).
These trojans have keyloggers and can capture your logins/passwords into online banking, brokerages etc sites, which is a major concern for obvious reasons.
Interested in hearing from you all, re what you've found works best on a win2K system....let's cover both recommended (and bad) software, as well as best practices..
So far, favorites are:
FIREWALL:
zonealarm pro
sygate
tiny
ANTIVIRUS:
norton a/v (misses a lot tho; good for email checking)
panda
mcaffee
others to check: kaspersky, avg
note that many, eg norton and mcafee, can't work together at same time on the system
info sites for virii:
http://vil.nai.com/vil
http://www.sarc.com
http://www.symantec.com
ANTITROJAN:
anti-trojan www.anti-trojan.net
pestpatrol www.pestpatrol.com
tauscan
ad-aware http://www.lavasoftusa.com/aaw.html
FREE ONLINE VIRUS SCANNERS:
www.trendmicro.com
www.sarc.com
PORT SCANNERS:
ostrosoft (something like that) and the anti-trojan.net program are good for scanning for open ports via which trojans can be accessing your pc
also sites like glocksoft.com
BACKUP:
Roxio's GoBack (excellent too, to test out new software drivers and new programs etc, then revert the drive to 20 mins ago etc if they hose your pc etc)
FILE ENCRYPTION:
I like the blowfish program, great 128-bit encryption for files, integration with explorer menu etc.
O/S UPDATES:
be sure to check microsoft frequently for service pack and various other (eg buffer overrun exploit) updates to windows
SYMPTOMS:
-REGISTRY changes -- reading through a bunch of the virus symptoms at www.symantec.com 's site is helpful, you get to see the HKLM/software/microsoft/windows/run type of changes that viruses make, like the new bugbear one
-DISABLING ANTIVIRUS/SCANNING PROGRAMS: most of the new virii try to terminate smc.exe and other firewall/antivirus programs' processes without you seeing it.. this lets another virus get through..
-REBOOTING on scans: I've had this, with the latest one, my scans terminate midway and reboot the pc
Best Practices:
CD-rom backups, weekly mirror hard drive backups, unplug the cable modem when not using it ..
What's bad is, the new viruses can terminate processes, run silently so you can't see them in task manager, and re-write core processes like csrss.exe and others, so that they look like normal windows system files, but aren't ...
Current headache:
something got through and rewrote part of the boot sector on my hard drive, so I can't run defrag, or even re-install win2K.. my files and programs are still working, but I am in the process of backing up data files to cd-roms, so I can reformat the drive, reinstall win2K + apps etc..
Major worry:
That someone with a trojan (I got this last one from a mere image file!) will use a keylogger to see my online banking or broker account logins/passwords as they're typed in, and paypal themselves $$ or wire transfer out money from my accounts etc.. maybe I worry too much.
Loss of data from a destructive virus is bad enough, but loss of money/capital from a hacker running a RAT (remote access terminal) using a keylogger to transfer funds out, etc, is a major concern.
Let me know if any of you have a good solution, it seems that running a couple of firewalls and antivirus, anti-trojan programs isn't enough anymore.
thanks,
ken
p.s. - fwiw, I've never had a virus til this year, have been very careful.. it seems the new blended threat ones, trojans on image files etc, are much tougher to prevent ... not a newbie here w/antivirus work.. just, these latest ones are very tough to prevent against .. eg got my first one from some #@$ ebook that norton didn't catch, this latest one, from a trojan on an image file! that nothing caught til too late.
Of concern is things like netspy trojans (I was infected by a backdoor trojan that came in on a .jpg file! how do you protect against dropper trojans on images? - tough one).
These trojans have keyloggers and can capture your logins/passwords into online banking, brokerages etc sites, which is a major concern for obvious reasons.
Interested in hearing from you all, re what you've found works best on a win2K system....let's cover both recommended (and bad) software, as well as best practices..
So far, favorites are:
FIREWALL:
zonealarm pro
sygate
tiny
ANTIVIRUS:
norton a/v (misses a lot tho; good for email checking)
panda
mcaffee
others to check: kaspersky, avg
note that many, eg norton and mcafee, can't work together at same time on the system
info sites for virii:
http://vil.nai.com/vil
http://www.sarc.com
http://www.symantec.com
ANTITROJAN:
anti-trojan www.anti-trojan.net
pestpatrol www.pestpatrol.com
tauscan
ad-aware http://www.lavasoftusa.com/aaw.html
FREE ONLINE VIRUS SCANNERS:
www.trendmicro.com
www.sarc.com
PORT SCANNERS:
ostrosoft (something like that) and the anti-trojan.net program are good for scanning for open ports via which trojans can be accessing your pc
also sites like glocksoft.com
BACKUP:
Roxio's GoBack (excellent too, to test out new software drivers and new programs etc, then revert the drive to 20 mins ago etc if they hose your pc etc)
FILE ENCRYPTION:
I like the blowfish program, great 128-bit encryption for files, integration with explorer menu etc.
O/S UPDATES:
be sure to check microsoft frequently for service pack and various other (eg buffer overrun exploit) updates to windows
SYMPTOMS:
-REGISTRY changes -- reading through a bunch of the virus symptoms at www.symantec.com 's site is helpful, you get to see the HKLM/software/microsoft/windows/run type of changes that viruses make, like the new bugbear one
-DISABLING ANTIVIRUS/SCANNING PROGRAMS: most of the new virii try to terminate smc.exe and other firewall/antivirus programs' processes without you seeing it.. this lets another virus get through..
-REBOOTING on scans: I've had this, with the latest one, my scans terminate midway and reboot the pc
Best Practices:
CD-rom backups, weekly mirror hard drive backups, unplug the cable modem when not using it ..
What's bad is, the new viruses can terminate processes, run silently so you can't see them in task manager, and re-write core processes like csrss.exe and others, so that they look like normal windows system files, but aren't ...
Current headache:
something got through and rewrote part of the boot sector on my hard drive, so I can't run defrag, or even re-install win2K.. my files and programs are still working, but I am in the process of backing up data files to cd-roms, so I can reformat the drive, reinstall win2K + apps etc..
Major worry:
That someone with a trojan (I got this last one from a mere image file!) will use a keylogger to see my online banking or broker account logins/passwords as they're typed in, and paypal themselves $$ or wire transfer out money from my accounts etc.. maybe I worry too much.
Loss of data from a destructive virus is bad enough, but loss of money/capital from a hacker running a RAT (remote access terminal) using a keylogger to transfer funds out, etc, is a major concern.
Let me know if any of you have a good solution, it seems that running a couple of firewalls and antivirus, anti-trojan programs isn't enough anymore.
thanks,
ken
p.s. - fwiw, I've never had a virus til this year, have been very careful.. it seems the new blended threat ones, trojans on image files etc, are much tougher to prevent ... not a newbie here w/antivirus work.. just, these latest ones are very tough to prevent against .. eg got my first one from some #@$ ebook that norton didn't catch, this latest one, from a trojan on an image file! that nothing caught til too late.