K
KMK0420
So recently I've seen threads mentioning computer viruses, spyware infections, and general issues with using their computer. Some of us may have experience and their PC's are on lock, but for those of you who don't know all that much about the IT world and/or the threats out there poised to get you, then this thread's for you. I work in technical support, and have been building computers for years. Started on Win98 when i was real young, by age 15 was replacing parts in my PC by age 16 building them. Now early 20s... I've tested many pieces of software out there for security, and only a few have caught my eye and met my strict standards (quick loading times, detection times, memory usage, etc.)
This thread will (hopefully) stick around for awhile and be edited as new things become available to help us, as end users, protect our security. Or it may just die a normal thread death, and we're back to square 1 (lets hope not!) Keep in mind, this thread is assuming you follow my directions entirely, and in my experience, has kept even the most ignorant PC (not mac) user safe in dire situations. Program & other links will be listed at the bottom of this thread for quick reference, but please read about them first before using them!
Let's begin.
A.) General Maintenance
Keeping your computer clean of temporary files, old registry errors and other things are just some general things the average user can do easily to keep their machine running smoothly. There are 3 things i recommend all users do before they begin the security beefing process:
1.) Organize
I state organize very generally depending on your situation, but if you're anything like me i will download files and have them scattered throughout many folders, and end up losing them due to just me forgetting where i downloaded them to. Create folders for things, organize your files (IE, make a 'Music' folder only for music, 'Texts' for only text documents, etc.) and just do general upkeep of your files. What this does is not only help you when you're looking for things but if by SOME chance there is a file on the PC you don't recognize, it may be malicious.
I can't count how many times i downloaded a file (heh, illegally) and it sat in a folder and the entire time i had no idea - it had a built-in keygen which was a virus. In easiest terms, clean up. Organize, and clean up. For your more taboo things (weed images, files, etc.) Create a folder and make it's attributes set to hidden - that way if anyone looking at the PC is being mischievous, they won't find them. LEO on the other hand, different story - read below.
2.) Use CCleaner
This program will run a complete scan of your system and clean the majority of temporary files from the system, from all browsers (Firefox, IE, Chrome, etc.) This will also clean even temporary things such as run commands you use when you go to Start>Run, or even temporary installer files used by Microsoft when installing a program, game, etc.
The program will also run a registry scan and help you remove dead registry entries from long-gone programs, or corrupted programs. Do this, and be sure you back it up when it prompts you - it's never messed any computer up I've used it on, but it's better to be safe than sorry.
3.) Defragment
This is a given - everyone should defragment their drive at least once a month. Anything less than that (less than a month) I haven't seen too much dramatic increase in speed, performance, etc. You can use the normal windows tool (normally located in the accessories menu) to do this, or even programs such as DiskKeeper (not free). This takes bits of files that are scattered on the drive itself, and organizes them. Allows your processor and memory easier access to them, which means increased speeds (most of the time)
4.) Windows Updates
This is also a given - windows updates will keep your computer up-to-date with any security updates, OS patches, etc. Simply either enable Automatic Updates through the Control Panel, or go to http://windowsupdate.microsoft.com to do the update. I recommend once every 2 weeks. Paranoid users - once a week, or daily even.
------------------------------------------------------------------------------------->
B.) Browsers
This part is all personal choice. I can state a few things though. The 4 main browsers out - IE, Firefox, Chrome and Opera are the most popular in that order. IE is a system hog, slow loading, common to have errors on page and with IE8 it's caused many issues with secure sites, logging in to them, etc. Opera's compatibility with many web pages isn't too great. I recommend Firefox - why? Chrome is the fastest, and Opera is nice to look at - but Firefox for the flexibility. I highly recommend the latest version of Firefox along with NoScript (Google it) - NoScript will allow you to control what sites run scripts on the page, and what ones don't. This is SUPER useful when browsing sites with loads of unnecessary advertisements, or potential infections on the page. Your computer can be infected simply going to a web page - that's it. NoScript prevents the script from loading unless you ALLOW it. This will also prevent 90% of web-page-based infections. Last thing I'll address - Proxies. Worthless for people wanting to protect themselves in daily browsing. First, proxies are only worthwhile when performing a one-time illegal activity (credit card fraud, etc.). When browsing a site daily such as ICMAG, sure you can use a proxy but there are still fundamentally only 2 ways you can be incriminated using this site - either a raid and your hard drive is confiscated, or ICMAG's servers are busted. Either way, you're fucked. Best thing to do is say "fuck it" with proxies, and don't use them. If a raid is feared, take all of your hard drives and drill holes into them then run them under a fluid (alcohol, water, etc.)
----------------------------------------------------------------------------------->
C.) Security
1.) Virus Protection
There are a lot of options out there for anti-viruses, but only a few step ahead of the game. Do NOT get Mcafee, or Norton. Yes, both programs are anti-viruses, but they miss a lot of common infections, hog your system resources and just in general aren't that great performing. The best I've seen so far is Eset's NOD32. I've used them all - Kaspersky, Norton, Mcafee, AVG, Trend Micro, etc. NOD32 IMHO blows past them all. This is a paid program, roughly 30-40 a year - expensive, but worth it.
2.) Spyware/Adware/Malware Protection
There are dozens upon dozens of options here for things to download. Some of the programs available ARE ACTUALLY INFECTIONS THEMSELVES! Be wary of what you download - programs will disguise themselves as anti-spyware, but in reality when you download it - you're infecting yourself. There are many out there that may work, but in my experience most geeks and technical support teams & companies will use these following tried and tested programs:
- Malwarebytes Anti-Malware
- Lavasoft AdAware
- Spybot Search and Destroy
- ComboFix
- HiJackThis
Let me explain real quick which wants you want to download. Malwarebytes is for anyone - it's free and will scan and remove what it can find, the same with AdAware, and Spybot. ComboFix and HJT are a bit different, so let me explain. ComboFix is a command-line utiliity that will shut down explorer.exe normally and attempt to remove infections at the core-system/command-line level, rather than through explorer.exe which most programs use.
This is a VERY, VERY powerful utility and only use it when ALL OTHER PROGRAMS HAVE FAILED and the infection persists. This is normally used in severely infected computers. HJT will run a system scan to attempt to find registry entries and such that may have traces of spyware, malware, etc. Only use this if you know what's safe to remove, and what's not safe to remove. If you need to use it, and don't know what to remove, visit the HJT forums and post your scan results. They will help you decipher what's what.
3.) Firewalls
Bottom line, the average user does NOT need a firewall, period. Unless you have ICMP echo request attacks or DDOS attacks frequently, dude, seriously, forget about it. The only other time i would recommend one is if you're currently infected - this will prevent any inbound connection attempts, especially if you have a trojanhorse. THERE is an exception. The only 'firewall' i use is PeerBlock - read further:
PeerBlock is a very small, free and useful program to prevent certain addresses from connecting to you. The idea is that when you run this program you add in block lists which prevent the bad IP's and addresses from connecting to you. This is VERY, VERY useful for those who download things they shouldn't be downloading (hehe), such as 'Warez' or illegal version of applications, music files, limewire users, torrent users, etc. The blocklists normally include known RIAA/MPAA/Supporters of such/DEA/DoD/FBI/LEO IP addresses, so if an attempt to connect to you occurs, the program blocks it out. I don't ever close it. You can download blocklists from "I-Blocklist" - link will be below.
If you follow the above directions (as a general template) you should be pretty secure when it comes to browsing the internet, and maintaining your PC. Hope this helps someone!
Links:
Windows Updates: http://windowsupdate.microsoft.com
CCleaner: http://www.ccleaner.com/download
Firefox NoScript: http://noscript.net/getit
Eset NOD32: http://www.eset.com/products/nod32.php
Malwarebytes: http://www.malwarebytes.org/mbam.php
Adaware: http://www.lavasoft.com/single/trialpay.php
Spybot: http://www.safer-networking.org/en/download/index.html
ComboFix: http://www.combofix.org/download.php
HiJackThis: http://free.antivirus.com/hijackthis/
PeerBlock: http://www.peerblock.com/releases
PB BlockLists: http://www.iblocklist.com/lists.php
This thread will (hopefully) stick around for awhile and be edited as new things become available to help us, as end users, protect our security. Or it may just die a normal thread death, and we're back to square 1 (lets hope not!) Keep in mind, this thread is assuming you follow my directions entirely, and in my experience, has kept even the most ignorant PC (not mac) user safe in dire situations. Program & other links will be listed at the bottom of this thread for quick reference, but please read about them first before using them!
Let's begin.
A.) General Maintenance
Keeping your computer clean of temporary files, old registry errors and other things are just some general things the average user can do easily to keep their machine running smoothly. There are 3 things i recommend all users do before they begin the security beefing process:
1.) Organize
I state organize very generally depending on your situation, but if you're anything like me i will download files and have them scattered throughout many folders, and end up losing them due to just me forgetting where i downloaded them to. Create folders for things, organize your files (IE, make a 'Music' folder only for music, 'Texts' for only text documents, etc.) and just do general upkeep of your files. What this does is not only help you when you're looking for things but if by SOME chance there is a file on the PC you don't recognize, it may be malicious.
I can't count how many times i downloaded a file (heh, illegally) and it sat in a folder and the entire time i had no idea - it had a built-in keygen which was a virus. In easiest terms, clean up. Organize, and clean up. For your more taboo things (weed images, files, etc.) Create a folder and make it's attributes set to hidden - that way if anyone looking at the PC is being mischievous, they won't find them. LEO on the other hand, different story - read below.
2.) Use CCleaner
This program will run a complete scan of your system and clean the majority of temporary files from the system, from all browsers (Firefox, IE, Chrome, etc.) This will also clean even temporary things such as run commands you use when you go to Start>Run, or even temporary installer files used by Microsoft when installing a program, game, etc.
The program will also run a registry scan and help you remove dead registry entries from long-gone programs, or corrupted programs. Do this, and be sure you back it up when it prompts you - it's never messed any computer up I've used it on, but it's better to be safe than sorry.
3.) Defragment
This is a given - everyone should defragment their drive at least once a month. Anything less than that (less than a month) I haven't seen too much dramatic increase in speed, performance, etc. You can use the normal windows tool (normally located in the accessories menu) to do this, or even programs such as DiskKeeper (not free). This takes bits of files that are scattered on the drive itself, and organizes them. Allows your processor and memory easier access to them, which means increased speeds (most of the time)
4.) Windows Updates
This is also a given - windows updates will keep your computer up-to-date with any security updates, OS patches, etc. Simply either enable Automatic Updates through the Control Panel, or go to http://windowsupdate.microsoft.com to do the update. I recommend once every 2 weeks. Paranoid users - once a week, or daily even.
------------------------------------------------------------------------------------->
B.) Browsers
This part is all personal choice. I can state a few things though. The 4 main browsers out - IE, Firefox, Chrome and Opera are the most popular in that order. IE is a system hog, slow loading, common to have errors on page and with IE8 it's caused many issues with secure sites, logging in to them, etc. Opera's compatibility with many web pages isn't too great. I recommend Firefox - why? Chrome is the fastest, and Opera is nice to look at - but Firefox for the flexibility. I highly recommend the latest version of Firefox along with NoScript (Google it) - NoScript will allow you to control what sites run scripts on the page, and what ones don't. This is SUPER useful when browsing sites with loads of unnecessary advertisements, or potential infections on the page. Your computer can be infected simply going to a web page - that's it. NoScript prevents the script from loading unless you ALLOW it. This will also prevent 90% of web-page-based infections. Last thing I'll address - Proxies. Worthless for people wanting to protect themselves in daily browsing. First, proxies are only worthwhile when performing a one-time illegal activity (credit card fraud, etc.). When browsing a site daily such as ICMAG, sure you can use a proxy but there are still fundamentally only 2 ways you can be incriminated using this site - either a raid and your hard drive is confiscated, or ICMAG's servers are busted. Either way, you're fucked. Best thing to do is say "fuck it" with proxies, and don't use them. If a raid is feared, take all of your hard drives and drill holes into them then run them under a fluid (alcohol, water, etc.)
----------------------------------------------------------------------------------->
C.) Security
1.) Virus Protection
There are a lot of options out there for anti-viruses, but only a few step ahead of the game. Do NOT get Mcafee, or Norton. Yes, both programs are anti-viruses, but they miss a lot of common infections, hog your system resources and just in general aren't that great performing. The best I've seen so far is Eset's NOD32. I've used them all - Kaspersky, Norton, Mcafee, AVG, Trend Micro, etc. NOD32 IMHO blows past them all. This is a paid program, roughly 30-40 a year - expensive, but worth it.
2.) Spyware/Adware/Malware Protection
There are dozens upon dozens of options here for things to download. Some of the programs available ARE ACTUALLY INFECTIONS THEMSELVES! Be wary of what you download - programs will disguise themselves as anti-spyware, but in reality when you download it - you're infecting yourself. There are many out there that may work, but in my experience most geeks and technical support teams & companies will use these following tried and tested programs:
- Malwarebytes Anti-Malware
- Lavasoft AdAware
- Spybot Search and Destroy
- ComboFix
- HiJackThis
Let me explain real quick which wants you want to download. Malwarebytes is for anyone - it's free and will scan and remove what it can find, the same with AdAware, and Spybot. ComboFix and HJT are a bit different, so let me explain. ComboFix is a command-line utiliity that will shut down explorer.exe normally and attempt to remove infections at the core-system/command-line level, rather than through explorer.exe which most programs use.
This is a VERY, VERY powerful utility and only use it when ALL OTHER PROGRAMS HAVE FAILED and the infection persists. This is normally used in severely infected computers. HJT will run a system scan to attempt to find registry entries and such that may have traces of spyware, malware, etc. Only use this if you know what's safe to remove, and what's not safe to remove. If you need to use it, and don't know what to remove, visit the HJT forums and post your scan results. They will help you decipher what's what.
3.) Firewalls
Bottom line, the average user does NOT need a firewall, period. Unless you have ICMP echo request attacks or DDOS attacks frequently, dude, seriously, forget about it. The only other time i would recommend one is if you're currently infected - this will prevent any inbound connection attempts, especially if you have a trojanhorse. THERE is an exception. The only 'firewall' i use is PeerBlock - read further:
PeerBlock is a very small, free and useful program to prevent certain addresses from connecting to you. The idea is that when you run this program you add in block lists which prevent the bad IP's and addresses from connecting to you. This is VERY, VERY useful for those who download things they shouldn't be downloading (hehe), such as 'Warez' or illegal version of applications, music files, limewire users, torrent users, etc. The blocklists normally include known RIAA/MPAA/Supporters of such/DEA/DoD/FBI/LEO IP addresses, so if an attempt to connect to you occurs, the program blocks it out. I don't ever close it. You can download blocklists from "I-Blocklist" - link will be below.
If you follow the above directions (as a general template) you should be pretty secure when it comes to browsing the internet, and maintaining your PC. Hope this helps someone!
Links:
Windows Updates: http://windowsupdate.microsoft.com
CCleaner: http://www.ccleaner.com/download
Firefox NoScript: http://noscript.net/getit
Eset NOD32: http://www.eset.com/products/nod32.php
Malwarebytes: http://www.malwarebytes.org/mbam.php
Adaware: http://www.lavasoft.com/single/trialpay.php
Spybot: http://www.safer-networking.org/en/download/index.html
ComboFix: http://www.combofix.org/download.php
HiJackThis: http://free.antivirus.com/hijackthis/
PeerBlock: http://www.peerblock.com/releases
PB BlockLists: http://www.iblocklist.com/lists.php
