How Did I Get Infected in the First Place? - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > Viruses, Spyware and Malware
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 12-08-2004, 10:57 AM   #1 (permalink)
Wizard Techie
 
Dave's Avatar
 
Join Date: Mar 2002
Location: "Almost Heaven" USA
Posts: 4,866
Send a message via AIM to Dave Send a message via Yahoo to Dave
Default How Did I Get Infected in the First Place?

This advice is reposted from the advice given by Tony Klein, the acknowledged spyware & malware expert who supports many forums on the net.

Southernlady has added a few minor updates to it.


You usually get infected because your security settings are too low. Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

1) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.

2) Go to IE > Tools > Windows Update > Product Updates, and install ALL Security Updates listed.
It's important to always keep current with the latest security fixes
from Microsoft. Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.

3) Go to Internet Options/Security/Internet, press 'default level', then OK.
Now press "Custom Level." In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the
Trusted Zone in Internet Option/security.

So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive. Would you run just any random file downloaded off a web site without knowing what it is and what it does?

And some more advice:

4) Install Javacool's SpywareBlaster!
Download it here. It will protect you from all spy/foistware in it's database by blocking installation of their ActiveX objects. Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer). Press "select all", then "kill all checked", and you're done. The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection. Don't forget to check for updates every week or so.

Let's also not forget that SpyBot Search and Destroy!
Download it here. SpyBot S&D has the Immunize feature which works roughly the same way. It can't hurt to use both.

5) Another brilliant program by Javacool we recommend is SpywareGuard.
Download it here. It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard. It now also features Download Protection and Browser Hijacking Protection!

6) IE-SPYAD
Download it here. This puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

7) The IE hosts
Download it here. This program file blocks ads, banners, cookies, web bugs, and even most hijackers. This is accomplished by blocking the Server that supplies these little gems. Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by the DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. It now includes most major parasites, hijackers and unwanted Search
Engines! In many cases this can speed the loading of web pages by not having to wait for these ads, banners, hit counters, etc. to load.

This also helps to protect your Privacy by blocking servers that track your viewing habits, known as "click-thru tracking".

However as time has progressed the focus of this project has changed from blocking ads/banners to protecting the user from the many parasites that now exist on the Internet. It doesn't serve much purpose if you block the ad banner from displaying, but get hijacked by a parasite from an evil script or download contained on the web site. The object is to surf faster while preserving your Safety, Security and Privacy.

Finally, after following up on all these recommendations, try running Jason Levine's Browser Security Tests. They will provide you with an insight on how vulnerable you might still be to a number of common exploits.

If you are using XP or windows 2000 or 2003 then this application will also help a lot to prevent hijacking. Check out Prevx.com.

And make sure your Antivirus and firewall is switched on and kept updated.

Dave
__________________

__________________
Dave is offline  
Old 12-08-2004, 11:30 AM   #2 (permalink)
PowerQuest / Opera
 
TheMajor's Avatar
 
Join Date: Jun 2004
Location: Netherlands
Posts: 10,177
Default

Great tips/suggestions for IE fans

You could add an option: Use different programs for browser, mail client and P2P. This way you won't get infected either and you don't need to run all the resource hoggin Spykillers in the background. Don't forget to use an antivirus program to scan your downloads and incoming mails.
__________________

__________________
TheMajorMMX - Intel P200 MMX @ 225Mhz - V-Tech (PcPartner) Baby-AT mb w/ Intel Triton TX chipset - Nvidia Riva TNT2 M64 w/ 16MB - 256MB M-Tec SDRAM - Still running.....
TheMajor is offline  
Old 12-08-2004, 01:46 PM   #3 (permalink)
Monster Techie
 
Join Date: Nov 2004
Posts: 1,343
Send a message via AIM to southernlady Send a message via Yahoo to southernlady
Default

Okay, here is the requested information for the rest of use who don't like to use IE and Outlook

This is a list of both freeware and shareware browser alternatives to IE. Majorgeeks gives a short run down of each one at the download site.

http://www.majorgeeks.com/download.php?id=5&sort=0

1X Net Browser http://www.majorgeeks.com/download1184.html

27 Tools In 1 Wichio Browser http://www.majorgeeks.com/download3641.html

32bit Web Browser http://www.majorgeeks.com/download964.html

4c vision http://www.majorgeeks.com/download2266.html

Avant Browser http://www.majorgeeks.com/download2346.html

Beonex Communicator http://www.majorgeeks.com/download2067.html

Bluto Home http://www.majorgeeks.com/download1452.html

Browse3D http://www.majorgeeks.com/download876.html

Browsure http://www.majorgeeks.com/download1634.html

Crazy Browser http://www.majorgeeks.com/download549.html

Fast Browser Pro http://www.majorgeeks.com/download553.html

FastStone 4in1 Browser http://www.majorgeeks.com/download4406.html

GreenBrowser http://www.majorgeeks.com/download3910.html

K-Meleon http://www.majorgeeks.com/download555.html

Leech http://www.majorgeeks.com/download608.html

mascBrowser http://www.majorgeeks.com/download1069.html

Maxthon Combo Version (Formerly MyIE2) http://www.majorgeeks.com/download1244.html

Maxthon Lite (Formerly MyIE2) http://www.majorgeeks.com/download1167.html

Mozilla http://www.majorgeeks.com/download556.html or http://www.mozilla.org/products/mozilla1.x/

Mozilla Firefox http://www.majorgeeks.com/download2248.html or http://www.mozilla.org/products/firefox/

NetCaptor http://www.majorgeeks.com/download930.html

NetDIVE Oxygen http://www.majorgeeks.com/download969.html

NetMyth http://www.majorgeeks.com/download1088.html

Netscape http://www.majorgeeks.com/download1143.html or http://channels.netscape.com/ns/browsers/default.jsp

Networker http://www.majorgeeks.com/download2388.html

Nubonyx Browser http://www.majorgeeks.com/download1810.html

OEMBrowser http://www.majorgeeks.com/download557.html

Opera Without Java http://www.majorgeeks.com/download559.html

PhaseOut http://www.majorgeeks.com/download3922.html

PQBrowser http://www.majorgeeks.com/download883.html

Scope http://www.majorgeeks.com/download2848.html

Slim Browser http://www.majorgeeks.com/download1404.html

Slim Browser Lite Edition http://www.majorgeeks.com/download4079.html

Smart Explorer http://www.majorgeeks.com/download875.html

SupremeBrowser http://www.majorgeeks.com/download2842.html

UltraBrowser http://www.majorgeeks.com/download2063.html

Voyager 2004 http://www.majorgeeks.com/download630.html

Web SurfACE http://www.majorgeeks.com/download992.html

Y2KSA Browser http://www.majorgeeks.com/download970.html

The majorgeeks list also includes popup stoppers and utilities to help the browsers run better.

http://To get the plugins for Mozill...refox, go here

http://plugindoc.mozdev.org/

And here is what is needed to make everything run right:

Java Plugin
Macromedia Flash Player
Macromedia Shockwave Player
QuickTime 6
Windows Media Player

For themes and extensions, the choice is really up to you, go browse the list and then ask others what they use.
Here is the link to the list: http://update.mozilla.org/?application=firefox or https://update.mozilla.org/extension...cation=mozilla or
https://update.mozilla.org/extension...on=thunderbird for the email client
__________________
<font size=\"1\"><a href=\"http://www.prioritycomputers.net/\" target=\"_blank\">Priority Computers</a> | <a href=\"http://www.majorgeeks.com/download506.html\" target=\"_blank\">AdAware SE</a> | <a href=\"http://www.majorgeeks.com/download2471.html\" target=\"_blank\">SpyBot-Search & Destroy</a> | <a href=\"http://www.majorgeeks.com/download2859.html\" target=\"_blank\">SpywareBlaster</a> | <a href=\"http://www.majorgeeks.com/download3045.html\" target=\"_blank\">SpywareGuard</a> | <a href=\"http://www.majorgeeks.com/download3155.html\" target=\"_blank\">HijackThis</a> | <font color=\"red\"> <a href=\"http://www.stealingisillegal.com/\" target=\"_blank\">Stealing is illegal</font></a> <form action=\"http://www.theriddlehouse.com/random/tfsearch.php\" method=\"get\"><br />
<input type=\"text\" name=\"search\"> <input type=\"submit\" name=\"submit\" value=\"Search Tech-Forums!\"></form><font size=\"1\"><i>Powered by Emily!</i></font><br />
<br />
southernlady is offline  
Old 08-27-2006, 01:27 PM   #4 (permalink)
Grandfather of Techist

\_(ツ)_/
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,484
Default

[Updated 8/27/06.]

***Special thanks to Jam3s-Zer0 for all the help.***
__________________
Cougar MX330-G / Antec EA650 650W / ASUS GTX960-DC2OC-2GD5 / AMD Ryzen 5 1600 / MSI B350 Gaming Plus
Samsung 970 EVO 250GB M.2 SSD / WD Blue SSD 250GB / WD Black 750GB / WD Green 1TB
2x16GB Corsair Vengence RGB / Win10 Pro x64 / Mionix Naos 7000 / Tecware 87 Key Mechanical

R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 02:48 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.