Archived Post
01-12-2010, 01:30 AM
This is a guide I originally put together for the Lotus Fleet forums
With the opening of the tech support section I thought I'd post this here. While CO (and hopefully STO) don't have the same kind of account theft problems as wow, it never hurts to be careful about internet security
Prevention, detecion and minor cases
Keep up to date
Many viruses, trojans and keyloggers work by using exploits in program code, either windows, your browser or other programs running on your PC (such as flashplayer to name a common one) Note for users of browsers other than IE: just because you don't use IE doesn't mean it can't be used as an avenue of attack, it's still present on your system. Keep it updated
making sure they are all up to date increases security significantly
Personally as I'm lazy I use http://secunia.com/vulnerability_scanning/
It scans the programs on your PC and compares the versions against a database of the latest versions. If any of your programs need updating it warns you and provides a link to update
Web Browser:
Personally I go with Firefox, adblocker plus and noscript addons I don't have to see adverts and I control what loads with the webpage (especially flash objects). If it can't load it can't get on my pc. Which ever browser you use make to regularly clear it's cache and cookies. Firefox can be set to do so when you close it down, I assume other browsers can as well
Temp Files
Windows creates many temp files during a session, it's always a good idea to clean these out. As well as keeping space clear some nasties can lurk in the temp folders
Cleanup! http://www.stevengould.org/index.php...tent&task=view is a good way of doing this
Virus Scanner:
Avast http://www.avast.com/
AVG http://free.avg.com/gb-en/homepage
Both are good virus scanners and offer a free basic package. They're also easy to use. I back AVG up with weekly online scans here, just in case
http://housecall.trendmicro.com/uk/
Yes you can use 2 virus scanners, however do not have more than 1 running active protection at a time. Otherwise they fight like 2 admirals over the last coffee during a fleet meeting. If you're unsure how to disable active protection on one then just use 1 anti virus
anti/spyware/ anti-malware
malware bytes: http://www.malwarebytes.org/ ad-aware http://www.lavasoft.com/products/ad_aware_plus.php
spybot search and destroy http://www.safer-networking.org/index2.html
are 3 different scanners. I use them all. Spybot has a good "immunisation" feature and active protection that I let run all the time. Malwarebytes and ad-aware I use for active scans
All of these are only as good as how often you update them and scan with them
Internet Habits:
Possibly the best prevention method (besides ditching internet explorer). Watch what you click, be careful what sites you go to and never click any pop ups that tell you you've got a virus or something on your pc while you're surfing. Downloads should always be done from a reliable source and scanned with your virus scanner and anti-malware scanner.
Getting those stubborn stains out:
Ok so think you've been infected with something. Either the scans recommended didn't find anything (or they can't remove it/it keeps coming back) But you're sure somethings there, lurking off the starboard bow...
Hijackthis this scans and generates a log file that can be used to check processes for things that shouldn't be there
http://free.antivirus.com/hijackthis/
It's not an "easy-fix". It's requires analysis by someone who knows what they're doing to locate suspect entries. Deleting the wrong entry is like sending Kirk on a sensitive diplomatic mission where he's asked not to get friendly with the local ladies (in other words it's asking for trouble)
Run the program selecting to save a logfile and get someone to analyse the logfile. I can do a basic check or you can google for webforums that can do so and have people more knowledgeable
Combofix
http://www.bleepingcomputer.com/comb...o-use-combofix
Similar to hijackthis. It's a very powerful tool and can easily cause problems if misused. It's recommended you only use combofix if asked by someone who knows what they're doing
The really stubborn stains:
Nothing to do now but reformat and reinstall
Make sure you have (preferably downloaded through a clean pc)
Your antivirus/anti mal-ware programs of choice
Latest web browser of choice
Once you have all this hand hand get your OS disc (most likely windows) and disconnect your PC from the internet/network physically Put the disk in the drive and reboot. Once PC starts it should slowly load from the disc until you get to the windows options
You want to reinstall windows (not repair)
You should get a screen up listing "partitions" on your hard drives (think of them as drawers in a filing cabinet)
Delete all partitions
Turn your computer completly off and then turn it back on again
Create a new partition to at maxium size and then format it (do not choose the quick option)
Once it's complete, repeat this process again. delete the partition, turn pc off, then back on recreate the partition and then format)
Now reinstall windows, following the on screen prompts. Do not reconnect it to the internet or network. Once complete install your web browser, virus scanners and the anti-malware programs. Now you can connect to the internet,download latest windows updates and ones for your security programs and web browser (if needed)
Once done you can go about getting settings back to how you like them but be wary of downloading programs from unofficial or less well known sites
General Tips
Just like the adage that an army can move only as fast as it's slowest member, your STO account (when we get one, although this also applies to wow and other accounts gaming or otherwise) is only as secure as the least secure PC you log in
Your home machine may be nice and secure but what about that one from work or college you log into? or the one at your friends house you log in quick to say hi to people
Always be mindful of where you are logging into game from. The same goes for email accounts,auto forwarding of emails is both a blessing a curse. Its useful but there's a trend of email accounts being compromised, auto-forwarding set up but the password not being changed so the owner hopefully doesn't notice. Then they get all your mail.
Usernames: vary them, don't use the same username across to many sites, and never use the same username as your display name if you can avoid it
Password: forget words, they're to easy to guess. pay attention to if caps matter, what symbols you can use and work from there. choose something you can remember but that's hard to guess. The more you recover your password through forgetfulness the more likely someone will get your secret question/answer or similar
Secret question/answer: (did you like the way that flowed so naturally?). One common misconception is that you have to answer the question correctly. You don't. The question itself is a reminder. But if the question is "favorite pet" there's no reason you can't answer with something like "jf@87sfs" as long as you can remember it when the time comes. I tend to favour words with symbols/numbers added because of the infrequency of usage.
Phishing emails: Take the time to learn what domains email will come from with regards gaming and bank accounts. Don't trust the email address displayed on your screen. Check your email provider's help topics for how to activate full details so you can check the headers to see it come from a legitimate source.
If you are unsure ask someone like a forum rep, or depending on the community the community itself. WoW has done well with helpful groups standing above the trolls on areas of the forums helping players out (and the forum reps). My hope is STO forums see a similar result
The same applies for websites. If it's not a normal website address be careful going there, avoid clicking links to go somewhere to get a special offer or log in to verify your indentity instead type the address manually
Scam Sites: Pretty much the same as Phishing emails, always be sure of the site before you go there.
"Special Offers" if it sounds to good to be true it most likely is. Any special offers should be announced on the website's news section and on the forums. If it's not there it's likely fake although you can always contact a forum rep for confirmation. If the offer is there check the details match what you've been sent in the email, and again confirm with a rep if you're suspicious
*credit for my (if rather limited) knowledge of the programs to use, hijackthis log and combofix go to my friends in the Coven of the Blue Panda, a group of World of ******** EU players who give up free time to help fellow players
With the opening of the tech support section I thought I'd post this here. While CO (and hopefully STO) don't have the same kind of account theft problems as wow, it never hurts to be careful about internet security
Prevention, detecion and minor cases
Keep up to date
Many viruses, trojans and keyloggers work by using exploits in program code, either windows, your browser or other programs running on your PC (such as flashplayer to name a common one) Note for users of browsers other than IE: just because you don't use IE doesn't mean it can't be used as an avenue of attack, it's still present on your system. Keep it updated
making sure they are all up to date increases security significantly
Personally as I'm lazy I use http://secunia.com/vulnerability_scanning/
It scans the programs on your PC and compares the versions against a database of the latest versions. If any of your programs need updating it warns you and provides a link to update
Web Browser:
Personally I go with Firefox, adblocker plus and noscript addons I don't have to see adverts and I control what loads with the webpage (especially flash objects). If it can't load it can't get on my pc. Which ever browser you use make to regularly clear it's cache and cookies. Firefox can be set to do so when you close it down, I assume other browsers can as well
Temp Files
Windows creates many temp files during a session, it's always a good idea to clean these out. As well as keeping space clear some nasties can lurk in the temp folders
Cleanup! http://www.stevengould.org/index.php...tent&task=view is a good way of doing this
Virus Scanner:
Avast http://www.avast.com/
AVG http://free.avg.com/gb-en/homepage
Both are good virus scanners and offer a free basic package. They're also easy to use. I back AVG up with weekly online scans here, just in case
http://housecall.trendmicro.com/uk/
Yes you can use 2 virus scanners, however do not have more than 1 running active protection at a time. Otherwise they fight like 2 admirals over the last coffee during a fleet meeting. If you're unsure how to disable active protection on one then just use 1 anti virus
anti/spyware/ anti-malware
malware bytes: http://www.malwarebytes.org/ ad-aware http://www.lavasoft.com/products/ad_aware_plus.php
spybot search and destroy http://www.safer-networking.org/index2.html
are 3 different scanners. I use them all. Spybot has a good "immunisation" feature and active protection that I let run all the time. Malwarebytes and ad-aware I use for active scans
All of these are only as good as how often you update them and scan with them
Internet Habits:
Possibly the best prevention method (besides ditching internet explorer). Watch what you click, be careful what sites you go to and never click any pop ups that tell you you've got a virus or something on your pc while you're surfing. Downloads should always be done from a reliable source and scanned with your virus scanner and anti-malware scanner.
Getting those stubborn stains out:
Ok so think you've been infected with something. Either the scans recommended didn't find anything (or they can't remove it/it keeps coming back) But you're sure somethings there, lurking off the starboard bow...
Hijackthis this scans and generates a log file that can be used to check processes for things that shouldn't be there
http://free.antivirus.com/hijackthis/
It's not an "easy-fix". It's requires analysis by someone who knows what they're doing to locate suspect entries. Deleting the wrong entry is like sending Kirk on a sensitive diplomatic mission where he's asked not to get friendly with the local ladies (in other words it's asking for trouble)
Run the program selecting to save a logfile and get someone to analyse the logfile. I can do a basic check or you can google for webforums that can do so and have people more knowledgeable
Combofix
http://www.bleepingcomputer.com/comb...o-use-combofix
Similar to hijackthis. It's a very powerful tool and can easily cause problems if misused. It's recommended you only use combofix if asked by someone who knows what they're doing
The really stubborn stains:
Nothing to do now but reformat and reinstall
Make sure you have (preferably downloaded through a clean pc)
Your antivirus/anti mal-ware programs of choice
Latest web browser of choice
Once you have all this hand hand get your OS disc (most likely windows) and disconnect your PC from the internet/network physically Put the disk in the drive and reboot. Once PC starts it should slowly load from the disc until you get to the windows options
You want to reinstall windows (not repair)
You should get a screen up listing "partitions" on your hard drives (think of them as drawers in a filing cabinet)
Delete all partitions
Turn your computer completly off and then turn it back on again
Create a new partition to at maxium size and then format it (do not choose the quick option)
Once it's complete, repeat this process again. delete the partition, turn pc off, then back on recreate the partition and then format)
Now reinstall windows, following the on screen prompts. Do not reconnect it to the internet or network. Once complete install your web browser, virus scanners and the anti-malware programs. Now you can connect to the internet,download latest windows updates and ones for your security programs and web browser (if needed)
Once done you can go about getting settings back to how you like them but be wary of downloading programs from unofficial or less well known sites
General Tips
Just like the adage that an army can move only as fast as it's slowest member, your STO account (when we get one, although this also applies to wow and other accounts gaming or otherwise) is only as secure as the least secure PC you log in
Your home machine may be nice and secure but what about that one from work or college you log into? or the one at your friends house you log in quick to say hi to people
Always be mindful of where you are logging into game from. The same goes for email accounts,auto forwarding of emails is both a blessing a curse. Its useful but there's a trend of email accounts being compromised, auto-forwarding set up but the password not being changed so the owner hopefully doesn't notice. Then they get all your mail.
Usernames: vary them, don't use the same username across to many sites, and never use the same username as your display name if you can avoid it
Password: forget words, they're to easy to guess. pay attention to if caps matter, what symbols you can use and work from there. choose something you can remember but that's hard to guess. The more you recover your password through forgetfulness the more likely someone will get your secret question/answer or similar
Secret question/answer: (did you like the way that flowed so naturally?). One common misconception is that you have to answer the question correctly. You don't. The question itself is a reminder. But if the question is "favorite pet" there's no reason you can't answer with something like "jf@87sfs" as long as you can remember it when the time comes. I tend to favour words with symbols/numbers added because of the infrequency of usage.
Phishing emails: Take the time to learn what domains email will come from with regards gaming and bank accounts. Don't trust the email address displayed on your screen. Check your email provider's help topics for how to activate full details so you can check the headers to see it come from a legitimate source.
If you are unsure ask someone like a forum rep, or depending on the community the community itself. WoW has done well with helpful groups standing above the trolls on areas of the forums helping players out (and the forum reps). My hope is STO forums see a similar result
The same applies for websites. If it's not a normal website address be careful going there, avoid clicking links to go somewhere to get a special offer or log in to verify your indentity instead type the address manually
Scam Sites: Pretty much the same as Phishing emails, always be sure of the site before you go there.
"Special Offers" if it sounds to good to be true it most likely is. Any special offers should be announced on the website's news section and on the forums. If it's not there it's likely fake although you can always contact a forum rep for confirmation. If the offer is there check the details match what you've been sent in the email, and again confirm with a rep if you're suspicious
*credit for my (if rather limited) knowledge of the programs to use, hijackthis log and combofix go to my friends in the Coven of the Blue Panda, a group of World of ******** EU players who give up free time to help fellow players