VIRUS WARS II

In the last newsletter, “Virus Wars I” I talked about some of the more recent “custom threats” and how the enemy is becoming more professional in their approach to infecting our systems . Today I want to identify these threats and see what we can do to protect ourselves. Instead of scattering links through-out the article, I’m including them all at the end for convenient reference. Believe me, protecting against these threats isn’t easy. The changes we’re seeing in malware can be organized into three basic categories.

These three strategies are involved with all of the new threats. The names of specific threats change so frequently and the variants morph so quickly that specific names can’t keep pace. Something as simple as Win32 just doesn’t do it anymore. Because of that, I am dividing the threats into 5 groups starting with the most prevelant at the top.

All malware has improved its self-protection. Daily it is becoming more adept at hindering detection and stopping the functionality of security software. It is now capable of protecting itself and attacking our defenses. To combat this progression todays antivirus needs to be as much concerned with protecting itself as protecting your system.

PROTECTING THE FORT

First thing to do is clean up the operating system so it’s ready to accept the software needed to protect you. I suggest going to our OverDrive scan and using the FREE scan to detect any and all settings problems. You can go through them manually or you can use Optimize to perform the corrections for you.

After running OverDrive check the Windows Update site and get the latest. Let me caution XP users and tell you that I’m not giving a blanket OK to install SP3. You will need to determine whether you should install SP3 and whether you think it’s worth the risk. Previous articles are available here and I’ll reference them at the end of this article also.

Firewall

Use a hardware firewall. Nothing is better than a router for preventing inbound intruders. This is true whether you’re using Vista or XP. There are many choices available for under $50.00. You can get them on-line or from your local retail store. For the “Phone Home”, outbound variety, I suggest XP users get a third party firewall like ZoneAlarm (free). XP’s firewall does not prevent outbound connections but Vista users should be good using the included Vista Firewall.

Antivirus

Today there is no getting around the need for an antivirus. The only question is whether you want to purchase, or use free.

The best free variety is, without a doubt, AVAST. It’s not a trial that expires, it’s excellent at detection, and it also has real time, early warning.

The votes for best paid antivirus go to Kaspersky with NOD 32 coming in a close second. The difference between the two seems to center on the frequency of updates and Kaspersky ekes out that win. If you’re looking for a paid antivirus then my recommendation is Kaspersky followed closely by ESET NOD 32. A third option that gets good reviews from our own spyware forum is AVIRA.

In addition to installing and using an antivirus it’s extremely important to update your definitions regularly. Updating definitions assures you that your antivirus knows what to look for. All antivirus software companies worth their salt will update frequently, some weekly, some daily, and some, like Kaspersky, hourly. Most can be set to do this automatically. This is one of the things I see people forgetting to do. When asked, some of us don’t know if we’re updated or not.

Something new in the mix for AV software is control of applications allowed to open in the background. This feature can reduce some of the overhead responsible for slowing a pc. Most applications try to open when Windows boots, but there’s really no reason for most to be running in the background. NOD 32 is just one of several programs offering this feature.

The biggest mistake I see is users installing multiple antivirus programs. Do Not Use More Than 1 antivirus program. Do not have more than one antivirus program installed on your pc. Doing this will prevent the software from properly protecting you at the very least, and at the very worst it can prevent your pc from operating. Multiple AVs will slow your PC to a crawl. It will cause all sorts of weird and crazy behavior similar to being infected by a virus.

Online Scans

One of the good things about the rapid growth of SaaS is the number of FREE Online virus scans available. Using an online scan won’t prevent you from being infected, but it will detect when you are infected. I’m including some of the best for you here.

Please, be sure to uninstall or turn off your AVs before using the online scans. Using multiple scans can give you an increased measure of protection. *Please note: I’m not advocating the use of multiple antivirus programs. These are virus scans that reside on-line. They install only a small ActiveX utility and not an antivirus program.

Anti-Spyware

Anti-Spyware is the third line of defense. Exterminate heads my list of must have programs to remove spyware gathered from daily surfing. Coupled with programs like Adaware and SpyBot, I know my systems are clean and ready to give performance that is not crippled by the junk clogging today’s Internet. Look for a major change in the way Exterminate handles your spyware. The changes should come soon

In addition to the programs designed to find and remove spyware from your machine, some of the best will even prevent infections. Tops on that list is SpyBot S&D. It comes with a large scan list that is updated frequently. It also has the ability to immunize against infections and stop unauthorized programs from starting with Windows. Updates are frequent and the folks at Spybot are on top of all changes affecting your security. Immediately after the release of Chrome, Spybot got busy and has already completed support for scanning and cleaning Chrome cookies. It is expected to have immunization available, provided Chrome’s structure will allow it. Install these programs and run them frequently for full protection.

Your last line of defense is direct help form sites like PC Pitstop. Our forum is filled with people that want nothing more than to help keep you computer free of malware and running strong. Powerful programs, like HiJack This, require trained advisors to help remove todays malware. Without these advisors you’re likely to do more damage than the threats your fighting.

For easier jobs our “AntiSpyware Brigade” is able to solve most problems and the User To User section is there for any and all problems not centering on malware. Use all these tools and malware will not be a problem for you.

Happy Computing.