Virus and Security Warnings

• Security Response Center at Symantec.com
• Virus Information Library and Virus Hoaxes at McAfee

Virus Software

Forum comments:
I've been running Avira Personal edition lately because many people recommended it because of the high detection rate. It beats Avast in that aspect. It is also less resource intensive but not a big difference.

But I don't really like Avira because:
-it displays an annoying popup every day.
-it's updating process is much slower than Avast.
-it does not have password protection like Avast does.
I like Avast, because it has much nicer UI than other two
_________________________________________

It's true. AVG has a huge amount of false positivesm and Avast has a really weak trojan detection. While Avira may update slowly, it has the best detection among free antiviruses, an one of the best among all antiviruses. I use neither of them, I use Kaspersky, the best, But If I couldn't buy it, I'd sure tak Avira.
________________________________

Avira and Avast got similar results on overhead tests in 2008 at www.av-comparatives.org
McAfee was about the same and Semantic was better; AVG was worse.

AdWare/Privacy/SpyWare Sftwr

In it's least malicious form spyware is used as a marketing tool to help organizations gain feedback from the operations of computer users. This might be something like gaining access to a computer's internet browser history. Organizations then use this information for commercial gain, using the recorded data to develop more effective advertising projects for example.

In it's least malicious form spyware is used as a marketing tool by looking at what banner ads you look at or your web surfing habits in order to target you with specific pop-up ads.

At its most destructive and dangerous, spyware can perform real-time tracking and recording from a remote location of all the keyboard presses made on an unsuspecting user's computer - including the recording of private and personal information such as usernames, passwords and bank account details. browser hijackers:

How you get it:
It could be included in filesharing or other software you download. They may have disclosures buried in those long licensing agreements almost no one reads. You can also get it by just visiting a web site if your security settings are low or by typing a domain name wrong which sends you to search engine you never heard of.

How to get rid of them:
In some cases you can go to Add/Remove Programs in the Windows Control Panel, but you usually have to run a program similar to virus programs to remove them. You may have to run several of these programs because some will find spyware that others will not.

Ad-Aware, SpyBot Search & Destroy,
Others: CWShredder, Bazooka Scanner and SpyBlaster
SpywareBlaster, Reviews at SpyChecker.com

Screensaver Spyware / Adware Issues and Advice

Cool Web Search (CWS) hijack of Internet Explorer (IE)
SpywareBlaster, Reviews at SpyChecker.com
Pop-up Stopper

Internet Hacker Protection

Security: Zone Alert/Alarm (Zone Labs)

Shields Up (Gibson) - grc.com - test security

Misc
SAIC Whitepaper Wireless (In)Security for Health Care (www.himss.org/content/files/WirelessInsecurityV11.pdf)
VPN
Wireless Security WEP

Cool Web Search (CWS) hijack of Internet Explorer (IE)

Guidlines for avoiding Viruses, Spyware, Spam, ... - Safe Practices

1. Keep your software up to date by applying security updates regularly. On Windows go to Tools > Windows Update in Internet Explorer.
2. Run virus protection software. See Virus above.
3. Run Spyware cleanup software. See Spyware above.
4. Avoid downloading anything if you don't know what it is. Just clicking on a link in an email message may start a download which can install spyware or a virus.
5. Just reading an email message in outlook can cause a problem if you haven't kept it updated with all the patches to fix security holes.
6. Consider replacing Internet Explorer (IE) and Outlook which are vulnerable.
7. Never give personal information such as birthdate, social security number, passwords in response to un-solicited e-mail.
   If you get a message that starts with "Dear valued xxx Member" where xxx may be AOL, Paypal, Visa ... be suspicious. If it contains a "click here" address that looks legit e.g. https://www.paypal.com hold your cursor over it and see if the same address appears in the status bar at the bottom of your browser. If you see something like 208.254.123.123 you will be connecting to some other system. See Anti-Phishing Working Group
8. Don't reply (or "click here for details") to un-solicited messages when the link or address has a strange name or a long random string e.g. www.pmldfzy.info/?yZyXt123lK. A legitimate site will have a meaningful URL e.g. yahoo.com and file/directory name e.g. shopping. The long random string "yZyXt123lK" could be a serial number which identifies your e-mail address.
9. NEVER purchase from a bulk unsolicited email (called "spam") you receive. At least 95% of these emails are scams. See fraud at the Online fraud, scams, hoaxes, email chain letters & Urban Myths/Legends page.
10. Never send an email to anyone that says: "Send this to all your friends."
    Check out any "Interesting" email sent by a friend before forwarding it. Lookup the subject in one of the links at Online fraud, scams, hoaxes, email chain letters & Urban Myths/Legends to see if it is true.
11. Be especially careful with passwords. For example, select passwords that are not words contained in any dictionary. Instead, use a combination of letters and numbers.
    See good passwords.
12. Use common sense. If something seems too good to be true (e.g. Win XP for $50) it probably is.