Join 3,523 readers in helping fund MetaFilter (Hide)


How do I protect my PC while surfing the net?
June 8, 2011 11:56 AM   Subscribe

Please tell what I can do to be safer while surfing the Internet. I barely escaped a virus I got while surfing with the latest version of Firefox on a completely updated and patched Windows XP machine.

I wasn't visiting any sites that were risky but AVG Free, my anti-virus program, suddenly popped up and said it had detected a virus and asked me what I wanted to do with it. I quarantined it but a few minutes later I lost control of the machine and fake hard drive failure and system restore windows started popping up.

To make a long story short I got rid of it with some skill and luck. But I'm worried about it happening again. I'm pretty computer savvy but not as much as I used to be. What do I need to do to prevent something like it from happening again?
posted by 14580 to Computers & Internet (17 answers total) 28 users marked this as a favorite
 
Stop using Windows XP. Seriously, it's not even supported for home use by Microsoft anymore. Upgrade to Win 7. If you lack the funds to do that, explore Ubuntu.
posted by COD at 12:02 PM on June 8, 2011 [3 favorites]


What virus was it?
posted by dgeiser13 at 12:11 PM on June 8, 2011


You should also get Microsoft Security Essentials. It works on Windows XP, it's free, and it's better protection than AVG Free.

(Full disclosure: Until this year I worked on the MSE team.)
posted by Exonym at 12:12 PM on June 8, 2011 [3 favorites]


It was Generic22.gwn, which I think has been called the "Windows Fix Disk" virus. I do have 3 unused Window 7 licenses if I have to upgrade.
posted by 14580 at 12:15 PM on June 8, 2011


I do have 3 unused Window 7 licenses if I have to upgrade.

why on earth are you still using XP if you have those sitting around? :P

oh, and use noscript in firefox, that'll help somewhat
posted by zombieApoc at 12:18 PM on June 8, 2011


Read the part of my profile where I talk about virus software to use and talk about MalwareBytes and Super AntiSpyware
posted by deezil at 12:21 PM on June 8, 2011 [2 favorites]


Seconding Microsoft Security Essentials, NoScript for Firefox, and upgrading to Windows 7. NoScript can be somewhat of a pain if you're not used to it, but if protection is key, it's definitely the way to go.

If you suspect you actually have something malicious going on, run full scans with Malwarebytes, MSE, and Spybot Search & Destroy, and if you need a specific how-to on a particular infection, the guides at BleepingComputer are generally pretty good.

Perhaps somewhat less useful would be PeerBlock.
posted by mistikle at 12:28 PM on June 8, 2011 [1 favorite]


I do use MSE and Malwarebytes, but I almost never get warnings from them and I'm pretty sure it's because I use the AdBlock extension for Firefox.

You may have already installed Malwarebytes to fight that infection, but do if you haven't.

Check your hardware for compatibility before upgrading to Windows 7. It takes a certain amount of oomph to run, and an older machine of the XP era does not have it.
posted by Lyn Never at 12:32 PM on June 8, 2011


AdBlock/NoScript Firefox extensions. Comodo Firewall does a good job of catching things that are running too.
posted by Raichle at 12:38 PM on June 8, 2011


NoScript can be somewhat of a pain if you're not used to it, but if protection is key, it's definitely the way to go.

Personally I just run my web browser in a Sandboxie sandbox. That way I can more or less stop caring about what kind of content runs in the browser because I know it can't make any permanent changes to my machine.
posted by burnmp3s at 12:42 PM on June 8, 2011 [1 favorite]


Are you logged in as Administrator? Don't. Create a user account with usual user privileges and do all of your browsing from that. It's not perfect, but it makes it much harder for viruses to get into the system32 directory and spread. Installing software must still be done from the Administrator account, but that's about it.

I did this on my XP system (before I upgraded) and had far, far fewer problems.
posted by It's Never Lurgi at 1:16 PM on June 8, 2011


OpenDNS
Switch to Chrome
Microsoft Security Essentials
posted by blue_beetle at 1:31 PM on June 8, 2011


I made this comment in a previous askme thread which should be helpful. Basically you'll want to do the following:

- *most important* Drop your administrative rights to prevent malware from reaching the system level of your OS. You can do this by primarily using a standard user account (never poweruser, you can refer to my comment link above for instructions), use a program like "dropmyrights" to remove the admin token from the browser, or sandbox it.

- Install a decent AV solution. However, keep in mind that todays antivirus solutions only pick up on a small amount of new threats. They're crucial however for limiting older threats, like the one you ran into. A good heuristics engine also makes a huge difference. You should be ok with MSE mentioned above, Avira, Avast, or Immunet.

- Use a community driven site advisor like Web of Trust to warn you of bad sites before you click on them. Peerblock as mentioned above is also very useful for filtering all IP traffic from reaching bad sites. OpenDNS is also another handy way to steer your browsing away from known malicious sites.

- Patch your 3rd party software! Two very good tools for this are Ninite and Secunia PSI. Secunia is also a resident vulnerability scanner, and will behave like Windows Updates for everything non-microsoft. You may also want to grab a copy of Microsoft's Baseline Security Analyzer to check your system's configuration (will be Microsoft-only vulnerabilities, but still fairly useful for catching ACL and similar modifications from previous malware)

- Consider moving to Windows 7 sooner than later. It's not invulnerable, but is much better suited to defer malware attempts to escalate privilages. Also, if you're really intent of encapsulating browsing, consider virtualization through VirtualBox or VirtualPC. That way, if your virtual machine gets infected, you can always revert to a saved snapshot.

I think you're definitely in the right mindset here. You want to *prevent* malware, not look for tools to clean it up. There's plenty of really good tools out there for detecting and cleaning malware...however its my opinion that if you're at the cleaning stage, you've already potentially lost personal data, and it's too late. With crimeware on the rise, it's not a situation that's affordable to be in anymore.
posted by samsara at 4:17 PM on June 8, 2011 [3 favorites]


Oh also, because you got a fakealert infection, I highly recommend running TDSSKiller to check your system for Alureon. It often comes bundled with fakealerts. Also run GMER to check for other rootkits that slip by AV and AM scanners.
posted by samsara at 4:22 PM on June 8, 2011


Don't be scared into buying a new computer just so you can run Windows 7. The other remedies mentioned in this thread (msse, adblock, noscript, chrome, dont run as admin, etc.) should be sufficient while you are still running xp.
posted by DarkForest at 5:32 PM on June 8, 2011


sorry, msse should be mse. Also be sure your flash player is fully updated.
posted by DarkForest at 5:34 PM on June 8, 2011


I use Windows XP, Zonealarm and MSE - never get any virus problems. I may be just lucky, but.
posted by Sebmojo at 6:09 PM on June 8, 2011


« Older I have the first week, maybe t...   |  Weird bug filter: When we firs... Newer »
This thread is closed to new comments.