Q: What do I need to do to see if I have a virus, clean a virus, or just
want to make my system safer in the first place?
A: Here's a general laundry list to start with. This is not an
exhaustive list, nor a guarantee you won't ever have problems. But if
you get, learn about, and use these programs, you're far less likely to
have problems than the vast majority of folks out there.
You should have:
* Some form of contiuously-running/scanning Anti-Virus software
AVG, McAfee, Symantec
Whatever you choose, keep the
virus definition files up to date!
Checking for updates literally daily is *not* too often. Better
yet, just set it to automatically check for updates every day.
AVG Free Download at http://free.grisoft.com/doc/1
* Some sort of Software Firewall (An absolute *must* these days)
If you aren't already using "ZoneAlarm" (Free version), get it and use it.
http://www.zonelabs.com/
ZoneAlarm Free Download
* A Hardware Firewall (Also an absolute *must* these days)
LinkSys makes a good box, but there are many out there. LinkSys box I like is at:
LinkSys WRT54G "Router" / Consumer-grade Hardware Router / Firewall
* Spyware Checker/Fixer
If you aren't using Spybot Search & Destroy already, get it and use it.
http://www.safer-networking.org/en/home/index.html
Free Download at http://www.safer-networking.org/en/mirrors/index.html
* Spyware/Cookie Checker/Fixer
If you aren't using AdAware6 already, get it and use it.
http://www.lavasoft.de/
Free Download at http://www.lavasoft.de/software/adaware/
* Virus Checker/Post-Infection Fixer
If you aren't already using McAfee's "Stinger", get it and use it.
http://download.nai.com/products/mcafee-avert/stinger.exe
* Note: This must be downloaded to a *known-clean* machine
to be useful. Viruses are getting smart enough now to
disable/avoid Stinger if they're running when it's
downloaded. Ideally, download it on a known-clean
machine, then burn it to a bootable CD and check your
system by running it from the bootable CD after booting
from it. That gives you a clean environment to run the
check from.
* Spyware/Malware/Adware Checker/Fixer
If you aren't already using "HiJack This", get it and use it.
This is more of a manual tuning/tweaking tool than an automatic scanner.
http://www.spychecker.com/program/hijackthis.html
All of these are free for personal use. If you're going to use
them for anything else, check the license and make sure you're in
compliance with it.
Other Things you can do to be Safer
* If possible, use a consumer-grade "router" that has a
built-in firewall, and use the "Network Address Translation", "Masquerade", or
"Masking" feature it offers.
This makes your machine safer by preventing it from being directly
visible on the network by hiding it behind a "fake" IP address.
You can still check email and surf the web without problems, but
now you won't be bombarded with scans from malicious programs.
* Do *not* use Microsoft products such as Internet Explorer for surfing
the web, or Outlook or Outlook Express for reading email.
This isn't Microsoft-bashing, it's basic safety these
days -- There are major vulnerabilities in Outlook, Outlook
Express, and IE of any version that are being exploited for
things like this, and it's going to get a lot worse
before it gets better.
Examples:
Dec. 10, 2004 - "Penn State Tells 80,000 Students To Chuck IE"
Industry consensus builds for dumping Internet Explorer
Be careful which mail you open -- Don't just open mail because it's
from Aunt Betty.
Be suspicious of *all* email that looks weird, uses vague
subject lines, or contains unexpected attachments, even (especially?)
if it comes from someone you know and trust. New viruses spread
themselves by reading the email address book of computers they've
infected, and then send virus-laden mail to those addresses
because there's a good chance the intended victims will open
the infected mail without thinking about it, because it comes
from someone they trust.
If your email client has a "Preview" feature, turn it *off*.
If your email reader has a "Preview" feature that you're
using it, turn it OFF. The Preview feature automatically opens
new email and looks inside any attachments as part of the "Previewing"
it does for you -- If the attachment contains a virus,
Congratulations! Mail you haven't even "read" yet has just
infected you.
Send mail only as "plain text" or "ascii text", NOT as HTML or Styled
or Formated mail.
Look at the settings for whatever mail program you are using and make a
point of telling it you do *not* want to use HTML or styled text in your
mail -- Send only "plain text", "text only", or "ascii text". HTML and
styled make your emails *significantly* larger than they need to
be and so waste bandwidth and disk space, but more importantly, HTML
and styled text can be used to hide viruses and spyware.
Examples of security writeups about this
vulnerability
Good luck!
Mitch
Updated February 12, 2008 
©1995-2008 - All rights reserved.