Some (obvious) advice

Simmo!

Paleo Meister (means really, really old)
Joined
May 29, 2004
Location
England
Just answering a post in another forum regards key-loggers. I was reading recently that these are being distributed by viruses more and more.

I think a lot of us would be particularly subsceptible to these, what with casino logins and eWallets etc, so while these things often turn out to be over-hyped, I still think it's worth remembering to virus check for these regularly. A key-logger is nasty as I'm sure most of you know, and can compromise all of your usernames and passwords and with no visible effect on your PC, you'd never know it had happened.

I've had 2 viruses (trojans) in the past week according to AVG. Then I installed PrevX which cleaned up another.

Cheers

Simmo!
 
How prevalent are these? I use torrents quite a bit for American telly stuff we don't get over here, and I'm always a bit cautious... Is there anything specific I should be looking for?
 
Simmo! said:
I've had 2 viruses (trojans) in the past week according to AVG. Then I installed PrevX which cleaned up another. Simmo!

Did you get the trojans by surfing certain websites:eek: or were you just "attacked"

I only ask because in 3 yrs on the net I havnt had a single problem. I think my router must prevent this stuff because the firewall on my pc (f-secure) hasnt reported a single intrusion attempt either. My GF's laptop also has f-secure but is connected directly to the net via a USB modem and her intrusion log runs in to hundreds of items.
 
Slotster said:
How prevalent are these? I use torrents quite a bit for American telly stuff we don't get over here, and I'm always a bit cautious... Is there anything specific I should be looking for?

Assuming your AV software is up to date, most viruses seem to be identified as "keylogger". You could also check your system for any files called "keylogger.exe" to be doubly safe.

If you don't have an AV, get AVG Free would be my advice. Perhaps not as robust as some of the "majors" like Norton and McAfee but generally very good. If you're using things like Limewire, Torrent applications and other P2P apps, then yes you are more likely to pick them up. I'm not even close to being a PC expert or Virus guru by the way - this is all just gleaned from Google & various sites I've been forced to visit recently.
 
Last edited:
nafanny29 said:
Did you get the trojans by surfing certain websites or were you just "attacked"

I *think* I picked them up either from websites, or more likely from small applications I installed. I am always downloading and testing stuff so that's more likely. Because i work with ActiveX sometimes, I do tend to have my security settings on a lower level on occasion too. But I can't blame The Hun for everything.

Interestingly (if you're a sad git), I used to run "ZoneAlarm" firewall which reported "attacks". It was just amazing how many attacks were made on my PC. 10 - 20 a day on average.
 
Using Firefox or Opera instead of IE as your browser is also much safer. These browsers do still have problems of course, but there tend to be far fewer than in IE. Besides being more secure, they're also generally much better browsers.

As well as keeping your virus killed up to date, it's also vital to keep Windows up to date with all the latest security fixes. Make sure you have Windows Update set to automatically download the latest updates, and whenever you see a yellow icon in the system tray (next to your clock on the taskbar), double click it and let it install everything it needs to.
 
Good advice, guys.

I'm not in the habit of using Firefox or Opera but the idea is sound. By the same token, I typically use Unix webservers because they are not attacked as often as Microsoft Internet Information Servers are...

For virus checking - a good way to get an immediate check is to go to trendmicro.com and launch Housecall. But it's still better to have AV software installed on your computer and monitoring all the time - though of course this can slow things down a bit.

Another good source is sophos.com - less taxing on your computer as well. I recommend avoiding McAfee and Norton unless absolutely positively necessary.
 
I used Firefox for quite some time and really liked the Tabbed Browsing option. But now there's a plug-in for that in IE and its in IE7, I went back to IE as i got fed up seeing websites that didnt work properly - lol.

Spearmaster said:
I recommend avoiding McAfee and Norton unless absolutely positively necessary.[/

Me too. Especially Norton - caused me as many problems as it solved!
 
spearmaster said:
I recommend avoiding McAfee and Norton unless absolutely positively necessary.

I have used McAfee for about 3 years now and it has kept my computer squeaky clean. Prior to having McAfee, I used Free AVG and my computer was soooo slow. It also crashed a few times and eventually I had to reinstall Windows.
 
spearmaster said:
I recommend avoiding McAfee and Norton unless absolutely positively necessary.

Why? I have macaffee and zone alarm and a slew of spyware removers and I am ding fine. But wondering why you don't like macaffee?
 
McAfee and Norton are much heavier applications which consume more of your resources. There are many other virus checkers out there, such as some of the places I suggested, which are not only less resource-intensive, but in fact respond much more quickly to new viruses and trojans.

If you have McAfee or Norton, there's nothing wrong with them. But if you don't already have something, don't rush out and buy either of these products, simply a waste of money.
 
As for keyloggers, you need to intercept the programs as outgoing traffic, for this I would suggest some type of firewall program that detects and allows you to modify outgoing traffic as you see fit. Programs such as ZoneAlarm are good at this task. Once the programs are stopped in their tracks you need to get a good anti virus program. As suggested above, trendmicro's housecall and AVG are two good free anti virus services.
 
tennis_balls said:
McAfee now comes free with Comcast internet........otherwise it would be overpriced IMHO ;)
LOL, guess you can't argue about that.

You can also check your ISP - some of them implement virus-checking for emails passing through their servers, thus removing some potential problems. Some may do spam filtering, which may also reduce your risk of exposure to viruses - but you could also potentially miss some important emails, and especially if you are signed up with a number of casinos.

Norton and McAfee also have Internet security suites, which you should carefully check the settings of. I don't remember what the default is but as far as I can recall they may be set a bit too aggressively.
 
I downloaded a free firewall called "Sygate Personal Firewall" yesterday from the PCWorld website. I see ZoneAlarm is now a commercial offering with all that misleading "fee download" crap simply giving you a 30 day trial version.

In fact "Sygate" is now owned by Symantec so even that is now commercial, however PCWorld have version 5.6 which is still the "free for personal use" edition:

Old / Expired Link

I also found some new trojans on my PC. Apparently these are very new and not all AV software has caught up yet (my AVG hadn't). Also very prevalent. If you want to check, go to c:\windows\system32 and look for the following:

taskdir.exe
phqghume.exe
parad.raw.exe
internetoloper.exe

Also some of these download .csv and .xml files containing data storage locations. If you see things like "win[xx].xml" and "svcp.csv" with similar date/time stamps as the above files, remove these. Incidentally, if you see a file "wpa.dbl" that appears with a similar timestamp, dont delete this one - it's legit!

All the above can be removed (apart from wpa.dbl), though I'd suggest you recycle bin them first just to make sure your system doesnt need them. I renamed mine and the system rebooted and runs fine. Quicker in fact as "taskdir.exe" is a real memory hog.

Cheers

Simmo!
 
Sygate is quite good - I used it for a few years before I had to reformat...

Another one to try is Bullguard - I believe there's a trial version but you will have to subscribe in the end. You get firewall, virus protection, and lots of online file storage which I think is a great idea.

I'm testing it now (thanks to the developer) for possible deployment in Asia... would like to see how it works for others.
 
Trojan/Backdoor/Key-loggers can be installed into your computer mainly in 2 ways:

1. Somebody directly attacks you on the Internet. To prevent this, a firewall like ZoneAlarm can be used to keep the attackers at bay.

2. Attackers exploit a 3rd party application like a mail attachment, browser vulnerabilities, instant messenger security holes,... Firewall ususally doesn't stop this type of attack. Most of the time, the malicious program is already installed on your computer. However, if the firewall is a good one, it will pick up the bad guy when he tries to phone home. But the fact is, the malicious program is already there on your computer. For this limitation of firewall, that's why we need antivirus software. Antivirus software may not stop the attacker from attacking but will stop him from installing malicious program on your machine as long as it recognize the pattern/signature of the program.

For those Intrustion Prevension program like PrevX(I have a change to work with them on this:
You do not have permission to view link Log in or register now.
, PivX, Mcafee Intercept. They are not functioning exactly like a antivirus software but using a heuristic method to detect backdoors. They are there because of the fact new backdoors/keyloggers being released everyday, the antivirus sometimes is not that up-to-date and may oversee the risk.

In conclusion, you need both a firewall and a antivirus to be safe.
 
Simmo! said:
I downloaded a free firewall called "Sygate Personal Firewall" yesterday from the PCWorld website. I see ZoneAlarm is now a commercial offering with all that misleading "fee download" crap simply giving you a 30 day trial version.
The free version is still there. Maybe it is not advertised as prominently as the commercial versions, but it is there.
 
GrandMaster said:
The free version is still there. Maybe it is not advertised as prominently as the commercial versions, but it is there.

Yes it says its "free" GM, and it is to download, but I think it's a trial version only well concealed - just going on what I read elsewhere.
 

Users who are viewing this thread

Meister Ratings

Back
Top