How to protect your computer?

[Soubrette]

Here is an article from the BBC website: Have Hackers recruited your PC?

I've heard of this kind of thing before, specifically, when a computer my friend had was consistenly slow on the internet, some IT people mentioned that it might have been hacked and was being used as a sort of server.

How does one stop this? How would one know (detect) this?

What specifically can be done, as in what programs, what searches etc...

Adam

[Andonyx]

Here is an article from the BBC website: Have Hackers recruited your PC?

I've heard of this kind of thing before, specifically, when a computer my friend had was consistenly slow on the internet, some IT people mentioned that it might have been hacked and was being used as a sort of server.

How does one stop this? How would one know (detect) this?

What specifically can be done, as in what programs, what searches etc...

Adam

First! Watch how you login to message boards...

But seriously...

1. Do NOT under any circumstance ever ever ever use IE. Use Opera, Firefox, or some other smaller market share browser. In time they will all be targeted and exploited, but the lesser market share they have the less people are focusing on their vulnerabilities.

2. Diasable Java Script in your browser.

3. Turn off any features that allow software to be installed to your browser without confirmation, wether it's flash plug-ins or movie playback software never ever install new software at the behest of strange web-site unless you know exactly what is being installed and why.

4. Run some sort of firewall. Zone alarm, Symantec, Norton all have software fiewalls, Zone alarm's is free. If you pay attention to your security alerts you might even find out exactly what is tying up your connection, and where it comes from.

5. Run regular Anti-virus scans, and keep your damn definitions update. AV software doesn't work if you let it lapse.

6. Download Spy-bot Search and Destroy, scan, run the immunizer tools, scan again.

7. Download adaware and scan, quarantine, and scan again.

8. Download Microsoft's new Anti-spyware tool in Beta, It's pretty good, and a little more agressive actually then the others.

9. Keep your stuff updated. OS security patches, browser updates, virus defintions. Most of it is free, and they do it for your own good, you know.

Once you've done a thorough run down of the whole system, patched your security holes and cleaned everything that needs cleaning, you can relax a bit. I only spend maybe 90 minutes at most per month now on this sort of thing and as best I can possibly tell, I'm scott free for a couple years now.

[Andonyx]

Oh also, one good starting point if you suspect trojans, or spyware, is to turn off all your freaking start up options. Turn off everything in your startup folder you don't need.

Then go to START / RUN and type in "msconfig". In the "startup" tab you'll see a list of everything that loads automatically in windows. If you see something that you know you don't use, and you know what it is, disable it. Then restart the computer. Once you've verified that nothing is amiss, you can now keep a list of processes running on your computer when you're not using any applications. If you see any new strange ones, it might be something bad.

But before you go thrashing processes, make sure you know what they are, start here:

http://www.liutilities.com/products/win ... sslibrary/

[ratbag]

http://www.grc.com checkout 'Shields-up (thanks to De_Bunk for that one)

Sygate do a good (free) firewall http://smb.sygate.com/download_buy.htm

check out any of the popular download sites (http://www.tucows.com is a good site) for 'ad-aware', 'spybot search and destroy', and 'Hijack this'
Ad-aware and spybot should be run weekly and are pretty much 'idiot proof'.
'Hijack this' is useful if you are familiar with what should be running on your PC.
And you should have an up-to-date anti virus program...goes without saying really.
Rat

[slimshady2357]

First! Watch how you login to message boards...

Arrrrrrrrrrrrrrrrrg! :x

Um, ya, good one :D

But seriously...

1. Do NOT under any circumstance ever ever ever use IE. Use Opera, Firefox, or some other smaller market share browser. In time they will all be targeted and exploited, but the lesser market share they have the less people are focusing on their vulnerabilities.

I really need to get on to this one. I've been meaning to do it for quite a while, but I'm lazy. What would you suggest? From what I hear Firefox 1.0 is pretty good.

2. Diasable Java Script in your browser.

How do I do this? And what else will it affect?

3. Turn off any features that allow software to be installed to your browser without confirmation, wether it's flash plug-ins or movie playback software never ever install new software at the behest of strange web-site unless you know exactly what is being installed and why.

I'm pretty sure I already do this, again, is there something particular I need to look at in IE?

4. Run some sort of firewall. Zone alarm, Symantec, Norton all have software fiewalls, Zone alarm's is free. If you pay attention to your security alerts you might even find out exactly what is tying up your connection, and where it comes from.

I have the XP firewall running, is that adequate? Or would it be better to run Zone Alarm as well? I think I might get Zone Alarm, it sounds like you can see what attemps are being made. Does anyone know if you can do this with the XP firewall?

5. Run regular Anti-virus scans, and keep your damn definitions update. AV software doesn't work if you let it lapse.

6. Download Spy-bot Search and Destroy, scan, run the immunizer tools, scan again.

7. Download adaware and scan, quarantine, and scan again.

Check, check and check. Yay! I'm doing something right :D

8. Download Microsoft's new Anti-spyware tool in Beta, It's pretty good, and a little more agressive actually then the others.

Awesome, I hadn't even heard of it! Anyone else used it?

9. Keep your stuff updated. OS security patches, browser updates, virus defintions. Most of it is free, and they do it for your own good, you know.

Check.

Once you've done a thorough run down of the whole system, patched your security holes and cleaned everything that needs cleaning, you can relax a bit. I only spend maybe 90 minutes at most per month now on this sort of thing and as best I can possibly tell, I'm scott free for a couple years now.

Ya, I feel pretty good to tell you the truth. I don't see much happening that bothers me, but that's the other question I asked.

How can I TELL if someone has 'recruited'/'hacked' my PC through the web? Is there any programs out there that can tell me? Anyone?

Adam

[slimshady2357]

http://www.grc.com checkout 'Shields-up (thanks to De_Bunk for that one)

Sygate do a good (free) firewall http://smb.sygate.com/download_buy.htm

check out any of the popular download sites (http://www.tucows.com is a good site) for 'ad-aware', 'spybot search and destroy', and 'Hijack this'
Ad-aware and spybot should be run weekly and are pretty much 'idiot proof'.
'Hijack this' is useful if you are familiar with what should be running on your PC.
And you should have an up-to-date anti virus program...goes without saying really.
Rat

Ok, I have a good Anti-virus program and it's updated regularily (like once or twice a week it seems).

What does Hijack This do? I'll have to look that one up! :)

Thanks for the replies, both of you!

Adam

[slimshady2357]

Oh also, one good starting point if you suspect trojans, or spyware, is to turn off all your freaking start up options. Turn off everything in your startup folder you don't need.

Then go to START / RUN and type in "msconfig". In the "startup" tab you'll see a list of everything that loads automatically in windows. If you see something that you know you don't use, and you know what it is, disable it. Then restart the computer. Once you've verified that nothing is amiss, you can now keep a list of processes running on your computer when you're not using any applications. If you see any new strange ones, it might be something bad.

But before you go thrashing processes, make sure you know what they are, start here:

http://www.liutilities.com/products/win ... sslibrary/

Ya, I try to look at that from time to time as well. But since there are so many things running taht COULD be bad or COULD be necessary, I can never do too much. Now I can! Great link! Thanks!

Adam

[CHARLEY_BIGTIME]

What would you suggest? From what I hear Firefox 1.0 is pretty good.

Yup - it's goooood.

http://www.download.com/Mozilla-Firefox ... ag=lst-0-1

[ratbag]

What does Hijack This do? I'll have to look that one up! :)

http://www.tomcoyote.org/hjt/ Gives a good explanation of 'Hijack This'. It gives a list of items which are held in registry and certain other areas. Mostly these will be legitimate programs, but, if you are familiar with what should and shouldnt be running, it can help track down items which are missed by ad-aware and spybot.
Rat

[Vitnir]

I keep IE as a backup browser for sites that doesnt work with Firefox. I have never understood how the detailed settings work so I just run it on the highest security setting. For sites that doesnt work without cookies or java script and if I realy trust them, then I add them to the trusted list. The trusted list is run on the normal (second highest) setting.
The firewall in XP is said to be weak, plus it only stops things from getting in, Zonealarm stops things from getting out as well.
With this system I only get tracking cookies when I scan with ad-aware.

[max]

I recently ran spy bot and destroy and it found 42 or so spyware. I have now lost some letters in 'run' When I click 'start' then 'run' a window comes up which used to have something like.......'winipeg' or something. Can anyone say what should be typed in there? otherwise when I boot up I get an error window saying the path can't be found. the error is in RUNDLL

[ratbag]

are you thinking of winipcfg?
If you're getting an error at start-up, a more useful path would be 'msconfig'

msconfig is not something you should be playing around with unless you know what you are doing. If you want to let us have more info, we may be able to help better

However

If you have no other (new) problem with your PC, apart from this RUNDLL message at start up, you could try this:
go to 'start' then 'run. type in msconfig and select the 'start up' tab. look for RUNDLL and un-tick it

rat

[max]

yes that's the one.....winipcfg
when I have had probs, the cable company who provide the broadband always ask me to check on that first. Is it ok if I type it back in?

[ratbag]

yes that's the one.....winipcfg
when I have had probs, the cable company who provide the broadband always ask me to check on that first. Is it ok if I type it back in?

yes.

you can even run it, as long as you dont make any unnecessary changes to it :)
Rat

[Evolver]

There's some new, particularly nasty pieces of spyware out there. In the past couple of weeks, I've found 2 PCs that couldn't be cleaned. One, when I cleaned out the spyware, destroyed the IP stack and the binding between the protocols & the NIC. The system could load NIC drivers, but TCP/IP could not locate the device.

The second one had totally wrecked Norton antivirus, and also would not allow Ad-Aware or Spybot to run. I took out the hard drive, and scanned it in a separate machine. Over 8000 spyware files were found!

After cleaning it out, so many system files were messed with, I just wiped the thing clean and started over.

Why can't De_Bunk's hacker friends go after these assholes?

[max]

I typed it back in. I still get error window but it just says it can't find the path but it all seems to be working ok. On the top of the error was.....wild/ta and this must have been....wild tangent, that spybot said had 42 entries, one in the memory. I have just run spybot again and there are no spies attached at the moment

[Evolver]

I typed it back in. I still get error window but it just says it can't find the path but it all seems to be working ok. On the top of the error was.....wild/ta and this must have been....wild tangent, that spybot said had 42 entries, one in the memory. I have just run spybot again and there are no spies attached at the moment

It sounds like there is a key somewhere in your registry that's still trying to find a piece of wild tangent and load it. Spybot probably cleaned out the file it's looking for, but didn't get the registry entry.

Try running Ad-Aware as well. It might fix the registry.

[thraxas]

Ad Aware is good, I was at a family friends house and they said that thier 'internet' was acting slow (not the most tech savvy people). So I downloaded adaware and ran it, 2400 hits it got.

It works now.

But I've said it before, and I'll say it again, what do you use your computer for, you could do all that with linux and have a lot less bother.

[Evolver]

But I've said it before, and I'll say it again, what do you use your computer for, you could do all that with linux and have a lot less bother.

A lot of the people here probably don't have the time or desire to learn a new operating system. Perticularly one that their favorite games aren't written for.

[Grammatron]

Ad Aware is good, I was at a family friends house and they said that thier 'internet' was acting slow (not the most tech savvy people). So I downloaded adaware and ran it, 2400 hits it got.

It works now.

But I've said it before, and I'll say it again, what do you use your computer for, you could do all that with linux and have a lot less bother.

And a lot less support...and software...and applications.

Taking proper percautions and Windows XP can be a stable and secure system.

[asthmatic camel]

Ad Aware is good, I was at a family friends house and they said that thier 'internet' was acting slow (not the most tech savvy people). So I downloaded adaware and ran it, 2400 hits it got.

It works now.

But I've said it before, and I'll say it again, what do you use your computer for, you could do all that with linux and have a lot less bother.

And a lot less support...and software...and applications.

Taking proper percautions and Windows XP can be a stable and secure system.

I've considered trying Linux, but is it really worth the effort? Partitioning the hard drive, reinstalling everything etc.? XP does pretty much everything I need, so why bother changing?

[Loon]

I've considered trying Linux, but is it really worth the effort? Partitioning the hard drive, reinstalling everything etc.? XP does pretty much everything I need, so why bother changing?

Just for kicks, I suppose. Knowing Linux is good for at least one and a half cool points in some circles.

[Vitnir]

Its not a lot of bother. You can partition the HD without reformatting it so the XP-partition stays intact.

[ceptimus]

Most modern Linux distros do the partitioning for you automatically (while keeping Windows intact). All you need is some free space on the HD, and boot from the Linux CD.

Or you can download a version of Knoppix if you want to try out Linux without affecting your HD at all. Knoppix is a version of Linux that boots and runs entirely from the CD - it doesn't have to touch your HD at all.

[Rat]

I typed it back in. I still get error window but it just says it can't find the path but it all seems to be working ok. On the top of the error was.....wild/ta and this must have been....wild tangent, that spybot said had 42 entries, one in the memory. I have just run spybot again and there are no spies attached at the moment

What you need is a friendly IT technician at your workplace. Generally, I have about 2 or 3 machines in at a time that need anything from a virus removing to a complete reload. They now get done at lunchtimes and after work; it used to be during work hours, but a tricky political situation developed. Prices vary from 4 beers to a crate, depending on severity of work needed.

Unfortunately, I believe Max is some distance away, and that would cost travel expenses plus beer, which is not really cost effective.

Cheers,
Rat.