Hi Im new too...

hi, ive been reading ur posts on this forum, i stumbled upon the site while trying to improve my security system on the web.

im running as much software as ive been able to realistically procure.

to describe myself as a "non-tech" would be fair, altho i do try to take in the infromation i read (and no doubt fail).

my machine has been compromised several times with the bank, luckily questioning the transactions before id noticed. these were trivial (by comparison) sums of money, but it made a point to me!

i use zone-alarm pro, ghost-surf, black ice (handy program lock down) bit defender and protector plus 2000. (just coz ur paranoid doesnt mean theyre not after you!)

i would be interested to hear how you "experts" protect your computers as ive run out of know-how and close to bankruptcy!

 

welcome to the forum dear, i'm no expert but as the bigshots are probably busy i'll try to answer your question. first of all the rule of thumb is "stay safe and legal". sleazy pornographic sites and other sites offering illegal solutions often fool people into installing trojans or backdoors in their system. its not the end of it, dialers, spywares, mass mailers, all sorts of malicious codes enter your system through that channel. so a lot depends on your surfing habits. as you are using ZA Pro and BitDefender you're well protected as long as you keep those updated and upgraded. remember to run only one On-Access scanner at a time. when you're making credit card purchase make sure its an HTTPS transfer not HTTP and the store is verified from authorities. even if you are using antivirus software think twice before running recieved or downloaded applications. if possible verify the source. i guess its all. if i missed something i'm sure someone will pick it up.

 

I believe knowledge is the best protection you can have.

Unfortunately, you can go overboard with this security business, you have to accept that even with the best practices, best software, you can still be hacked.

For example, I suspect one of the systems on my home network is hacked, but I can never prove it ! Sigh.

 

HI hugh mungus, welcome to the forum.

Sound advice given by AMRX and Justhelping is right also. You can go overboard and have too many apps conflicting.

You have to try each thing first for a while, before you add a lot in one hit, as if problems arise, you would never figure out what caused it.

There are many and varied things to try but basics *always* remain the same IMO.

Firewall [plenty of free ones and I see you already running ZA, good start]

Windows UPDATES... ALL CRITICAL PATCHES. Too many times the guys in the HijackThis forum see Windows/IEBrowsers not with all current Critical Updates. It's a must.

A good Anti-Virus and Anti-Trojan program or a back-up On Demand AV/AT Scanner.
One program "alone" does not security make!!!

Some Free tools to help against the installation of Spyware/Hijackers, etc in the first place.

MOST important of all, Commonsense.

OK... Firewall's taken care of with ZA.

AV: See you running BitDefender

AT: TDS/ Trojan Hunter/BOClean, more around the place.

I also, along with lots in here, recommend all of Javacools' Tools listed below:

http://www.javacoolsoftware.com/downloads.html

SpywareGuard, sits quietly running in Systray blocking lots of known Browser Hijackers, etc.
SpywareBlaster: This program works in conjunction with SG and it sets "killbits" in the Registry so anything trying to write to it will see it's already there and cannot overwrite.
MRUBlaster: Cleans up Temp/Cookies/Tracks.
Windows Media Player Scripting Fix: Stops WMP files from reading imbedded scripts and running.

For cleaning lots of stuff:

AdAware and Spybot S&D

AdAware:

http://www.lavasoftusa.com/software/adaware/

Spybot Search and Destroy:

http://beam.to/spybotsd

Of course there are more, but those will suffice for now and as you browse the forum/threads, you will see what diff people here use.

Some are Free, some you pay for. See my Sig what I run.

HTH, Cheers, TAS

 

dear Tassie_Devils, thanks a lot. i'd like to add something to your list of recommended ATs. its a2 from Andreas Haak. the free version doesn't have RTM but the next version will have it. it'll also come with the German Antidialer YAW. www.a-2.org

 

Consider the following security/privacy threats

Viruses
Worms
Keyloggers
Rootkits/backdoors/remote admin
Dialers
Adware- popups
Homepage/search engine hijackers
driveby downloads
buffer overflows
tracking cookies/usage tracks - that report on files used, number of times etc
Other generic spyware - that report on surfing habits,sites visited.

Consider carefully which software can handle which threats. If you are not sure what the above threats means, how can you judge which software is necessary?

For example, lots of newbies are under the impression that Spybot and spyware will protect you from "trojans", when in fact trojans is a pretty useless term since the defintion of trojans has to do with how it is spread (tricking the user to run it, does not replicate), but it does not tell you what it does after it is installed.

For example, let say you are tricked into running kazza, which is bundled with Cydoor that causes popups and tracks surfing habits. Stretching the defintion somewhat I could refer to that malware as a "trojan" since it was installed by you while thinking it's something else (arguably) . Another trojan would be say The Beast or subseven - which allows a remote user to control your computer.Which one is worse? If you inssit on calling both trojans , you won't know!

I personally think the traditonally division between worm,virus,trojan is pretty useless now, since the 3 only carve nature at the joints using 3 broad transmission methods, when nowdays most malware are a hybrid.

Even worse, some methods of transmission do not fall nicely into the worm.virus,trojan categories. Would getting hit by a activex drivebydownload on a website or a security exploit be considered getting hit by a trojan, a worm or a virus? (Virus??)

I think the categories of threats I give above, while not inclusive gives a better idea about the types of malware out there, and the things they do. I could split them down further to various whatever"ware"s, but I beleive my break down is optimal because they are recognised enough that specialised products have come into the market that handle those catergories seperately.

eg

Keyloggers - Spycop
activex driveby downloads - spywareblaster
worms/viruses - NOD
adware, homepage hijackers - Ad-aware
Backdoors,rootkits - TDS 3

There will be some overlap of course. Even spybot which is geared more for adware and homepagehijackers detects some keyloggers and backdoors like subseven

Also , perhaps driveby downloads do not deserve a category of their own since they don't do anything special by themselves but are merely used to describe a class of malware that are automatically installed when surfing on the web.

 

Yet another way of thinking about threats would be to think how they get into your computer rather than in terms of what each of them do when installed.

In a sense that would be similar to the worm/virus/trojan divide, but what I'm proposing is perhaps a little more fine grained by that.