Hello dear guest!

Boot Land is a community driven pc software site established since 2006 and focused on recovery/backup boot disks, research of Microsoft Windows 2000/XP/2003/Vista/7 install/deployment/lease/antivirus/antispam tools, customizing Microsoft Windows PE administration systems and even learning how to recover computer data from disaster situations!

How about joining our boot disk community? So do it. Life's short!

  - You get free access to our newsletter with all the interesting buzz about boot disks
  - We share publicity revenue with everyone who wishes to participate at the forums
  - Publicity is never, never, never displayed to members (along with many other cool things)
http://boot-land.net/register


 
Reply to this topic
 spyware and malware protection, How I keep spyware and malware off my personal computer
post Mar 12 2010, 10:27 PM
Post #1
bartman2589
Newbie   *
Group: Members

  Joined: 20-January 10
Posts: 11
Thank(s): 2


United States


I use a few tried and mostly true methods to help prevent my pc from becoming infected with viruses/malware.

1. I use Firefox as my main web browser.
1a. I use the AdBlock extension for Firefox
1b. I use the TACO (Targeted Advertising Cookie Optout) extension for Firefox.
1c. I use the FlashBlock extension to help give me some control over what Flash ads are displayed on sites I visit frequently. Especially since recently there was a nasty one making the rounds on MySpace (a fake antivirus program that was in fact a virus/malware combination).

2. In both Firefox and Internet Explorer I limit the action of cookies by overriding the default cookie handling method and setting it to allow session cookies and to block third party cookies (doesn't work well with some sites unfortunately).

3. I use Spybot Search & Destroy to 'Immunize' my system, this adds several sites to the restricted sites list as well as blocking several sites by listing them in the Hosts file but forcing them to link back to my pc so they never get to connect to the internet if any pages I visit try to call them.

4. I use Spyware Blaster, it does some of the same things as Spybot but does not provide for any form of 'live' monitoring in the way that Spybot does, it merely helps block sites by adding settings for blocking cookies for certain sites and adding sites to the restricted sites list and Hosts file like Spybot does

5. I use Avast Free edition for my virus scanner, I don't mind having to re-enter the password once a year as opposed to the nag screens that Avira pestered me with.

6. I change my default action for .vbs and other types of windows script files to 'Edit' (open with notepad) instead of 'Open' (run with associated scripting engine), this is a trick I picked up from the days when I used Norton Antivirus with their script blocking features (back before Norton software became Bloatware).

7. If I have any doubt about what a file is I examine it closely with a Hex Editor before I try to execute it (I look for references to common windows dll's).

8. And first and foremost if I see an unrecognized item in my windows task manager process list I research it using the internet to help verify if it's a legitimate process or if it may be a virus. I compare the location of the file that the process was launched with against the known legitimate locations for that process.

9. I periodically check my 'Fonts' folder for the presence of any executables (they have no business being there unless it's a virus usually).

10. I periodically check my User profile folder for any executables as well, typically if they're legit they'll be in a subfolder of my user profile folder (usually in the 'Application Data' folder), not in the main folder for my user profile.

11. Additionally I periodically inspect the Windows folder for what appear to be randomly named hidden files (these are usually virus/malware related files).

12. And of course I also periodically check the root of each of my drives for any unrecognized files (again researching them on the internet and using a Hex Editor to view the contents of any such files).

13. And last of all I set my system to display extensions for known file types, I'd rather see that a file is in fact a .vbs file by seeing the extension before I run it, instead of discovering later on that by running it I infected my pc with a virus or something. I actually had a friend get 3500 files infected with a vbs based virus because he didn't see the extension that was appended to his mp3 files and when ever he clicked on them to run them it instead ran the .vbs script which in turn infected more files. It was a bit of a pain to cleanup I ended up writing a batch file to find the .vbs files and then delete them, and I set his system to always display the filename extensions of course.


2 user(s) said "Thank you!" to bartman2589 for this fantastic post:
netcom021, Nuno Brito
+Quote Post
post Mar 12 2010, 11:14 PM
Post #2
nevel
  
Group: Members

  Joined: 13-June 09
Posts: 7
Thank(s): 2


Netherlands


I'm using many of the abovementioned methods.
Also, when running a Windows machine:

Hardware
* Router with firewall functionality (Linksys WRT54 GL, upgraded to DD-WRT)

Software:
* FireWall (PC Tools Firewall Pro)
* Frequent scheduling of spyware scans (Hitman Pro)
* Slightly less frequent scheduling of antivirus scans (Clamwin)
2 user(s) said "Thank you!" to nevel for this fantastic post:
netcom021, Nuno Brito
+Quote Post
post Mar 14 2010, 06:02 AM
Post #3
breaker
Member   **
Group: Members

  Joined: 19-February 10
Posts: 38
Thank(s): 6


United States


Well, I got sick of malware, so I browse the web, do word processing, photo editing, CD ripping, CD/DVD burning, audio file encoding, etc, etc from my Linux Mint 7 XFCE desktop. Flash came pre-installed in Firefox. I still load Ad Block Plus and NoScript extensions because of certain annoying web sites. For gaming, I boot to Windows XP or 7. I have a shared FAT32 data partition, but I can also mount NTFS from Linux. Also, if I need a non-gaming Windows app, I run WINE or my Windows XP inside of Virtual Box. I build my BartPE stuff inside of my Virtual Box XP install, in fact.

But, if I help someone with their computer, I run Spyware Blaster, Spybot Search & Destroy, Free AVG, and Comodo (just the firewall). Also Firefox with Noscript and AdBlockPlus.

However, I feel the most important thing to do on a Windows box, is to run as a regular user not under an Administrator account!!! To install software, log into an admin account or right-click and "run-as" admin. Same goes for certain apps, right-click and run-as admin (I usually call my backup Administrator admin).

I multi-boot, so I can scan my Windows install from Linux using ClamAV, or another Windows install, but I really never have to because Linux rocks! I don't really have to spend any time fiddling with security or defragging anymore.

I also like having more than one workspace and if I feel goofy, I'll turn on Compiz and rotate with Desktop Cube to each one. tongue.gif


P.S. I second the hardware firewall advice, that or a custom low-power OpenBSD PF firewall you build.
1 user(s) said "Thank you!" to breaker for this fantastic post:
Nuno Brito
+Quote Post
post Mar 14 2010, 09:19 AM
Post #4
nevel
  
Group: Members

  Joined: 13-June 09
Posts: 7
Thank(s): 2


Netherlands


Hi breaker,

Just out of curiosity: Is there any particular reason for you not to use FlahBlock in FF?
I really love the AdBlockPlus/FlashBlock combination smile.gif.
+Quote Post
post Mar 14 2010, 09:22 PM
Post #5
john3voltas
Member   **
Group: Members

  Joined: 17-November 07
Posts: 56
Thank(s): 4


Portugal


QUOTE (breaker @ Mar 14 2010, 06:02 AM) *
P.S. I second the hardware firewall advice, that or a custom low-power OpenBSD PF firewall you build.

And if you go there, I'd say the best option would be pfSense running from a Alix (PCEngines) or alternatively from a Soekris low power SBC.
+Quote Post
post Mar 16 2010, 06:36 AM
Post #6
breaker
Member   **
Group: Members

  Joined: 19-February 10
Posts: 38
Thank(s): 6


United States


QUOTE (nevel @ Mar 14 2010, 02:19 AM) *
Hi breaker,

Just out of curiosity: Is there any particular reason for you not to use FlahBlock in FF?
I really love the AdBlockPlus/FlashBlock combination smile.gif.


Yes, noscript blocks Flash, JavaScript, and Java, and has a very regular update schedule. Also, there is good anit-XSS support.

http://noscript.net/
+Quote Post
post Apr 19 2010, 04:19 PM
Post #7
me4833
  
Group: Members

  Joined: 26-January 10
Posts: 6
Thank(s): 1


United States


Another way to keep Virus and other Malware OUT is to run programs like browsers in
SandboxIE. I set up different sandboxes for each program and anything that would
normally be written to my hadr drive is written to the same directory in the sandbox.

This way you can see what the program WOULD HAVE WRITTEN to your HD.

I have been a registered user of SandboxIE for a long time.

HAve Fun... rolleyes.gif
+Quote Post

Reply to this topic
1 User(s) are reading this topic ()



Collapse

  Topic Replies Topic Starter Views Last Action
No New Posts Malwarebytes and Super Anti Spyware bootable?
Another question that needs an answer
3 Seek Heart 328 8th June 2010 - 12:48 AM
Last post by: Wile.E.Warrigal
No new Malwarebytes' Anti-Malware (Vista & Win7 Only)
Updated!: 4-29-10 - Works with MBAM v1.46!
36 homes32 7,749 10th May 2010 - 11:19 PM
Last post by: homes32
No New Posts Malware Bytes' Anti-Malware for LiveXP
Either script or portable
0 Xander123 578 8th March 2010 - 07:52 PM
Last post by: Xander123
No New Posts Topic has attachmentsMalwarebytes Anti-Malware
a script attempt for the popular antispyware tool
12 Gibraltar 3,311 9th June 2009 - 10:23 PM
Last post by: Gibraltar
No New Posts Topic has attachmentsMalwarebytes' Anti-Malware v1.36 For VistaPE
Update
9 peteostro 3,250 1st June 2009 - 09:12 AM
Last post by: joalke





    

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum