# security center alert!



## Ikrit (Feb 22, 2009)

i keep getting this security center alert telling me to block a software. the thing is it wont let me block, telling me to download this protection. i click enable protection and it takes me to a site that Firefox said is an attack site witch would harm my computer. as much as i would like to ignore it, it just wont stop popping up! 
what it says:
do you want to block this suspicious software?
name: Win32.Zafi.B
risk level: high
Description: Zafi.B is a worm trojan program that records keystrokes and take screen shots of the computer, stealing personal financial information.

keep blocking (unclickable) unblock (unclickable) enable protection


----------



## Runefox (Feb 22, 2009)

It's not actually your security center - That's a variant of WinFixer, if I'm not mistaken. You're infected, alright - Just not with what it says you are.

Typically, a scan with MalwareBytes' Anti-Malware will do the trick. *Do not*, under any circumstances, actually download any program that "Microsoft" or "Windows" or "Security Center" says you should and *surely never* purchase said programs. Windows isn't smart enough (or maybe stupid enough) to actually suggest going out and downloading/buying anything, much less from a third party.

Scamware is scam.


----------



## Ikrit (Feb 22, 2009)

thanks!
i felt the same about the suggestion


----------



## Ikrit (Feb 22, 2009)

it worked!...as it seems..
something tells me window live one care is crap?


----------



## Runefox (Feb 22, 2009)

lazyredhead said:


> it worked!...as it seems..
> something tells me window live one care is crap?


When it was first released, it failed pretty much every independent detection test out there. I can't speak for it now, but it used to be at the bottom of the barrel.


----------



## Aurali (Feb 22, 2009)

Runefox said:


> When it was first released, it failed pretty much every independent detection test out there. I can't speak for it now, but it used to be at the bottom of the barrel.



From what I've been following it's been on par with some of the normal ones.. so it's not the greatest.. though it's not the worst either.


----------



## Runefox (Feb 22, 2009)

Eli said:


> From what I've been following it's been on par with some of the normal ones.. so it's not the greatest.. though it's not the worst either.


Well, if by "normal ones", you mean Norton and McAfee, then that's not really much to boast about, though I guess it means that they can justify charging for it, seeing as how those two charge an arm and a leg for their bloatware.


----------



## Dragon-Commando (Feb 26, 2009)

I got infected with the exact same thing, it actualy restarts your computer before the message shows up. since I already knew about it I was able to contain and kill it before it could do anything. It was the first virus I have had in almost 10 years.


----------



## Zakassis (Feb 26, 2009)

Dragon-Commando said:


> I got infected with the exact same thing, it actualy restarts your computer before the message shows up. since I already knew about it I was able to contain and kill it before it could do anything. It was the first virus I have had in almost 10 years.


I had this about 2 months ago, and with my 2 hour battle with it, this is what it did to me:

Anytime I would try to do Start -> Run -> msconfig or open Windows Explorer, the "worm" would force my computer to restart.
Anytime I would try to open a Firefox or Internet Explorer browser, the "worm" would immediately close it.

I somehow got lucky after opening about 50 Firefox windows and downloaded the recommended software to remove it.  I had 3 scanners running, the only one that really found anything was my virus scanner and the one I downloaded.

I had SpyBot and Symantec scanning alongside the downloaded scanner.

Needless to say, I got rid of it, but boy, was it annoying to deal with.


----------



## Adelio Altomar (Feb 26, 2009)

Hey, while we're on the subject of spyware, malware, and other bad things from the net that are out to get us, what would you say'd be the best security software out there?

Also, I believe my sister's computer had something like this. I tried system restore which only worked temporarily.


----------



## Eevee (Feb 26, 2009)

Adelio Altomar said:


> Hey, while we're on the subject of spyware, malware, and other bad things from the net that are out to get us, what would you say'd be the best security software out there?


linux  B)

*jumps on motorcycle and drives off into the sunset secure in the knowledge that nobody will hack his beowulf cluster of gentoo servers*


----------



## Runefox (Feb 26, 2009)

Eevee said:


> linux  B)
> 
> *jumps on motorcycle and drives off into the sunset secure in the knowledge that nobody will hack his beowulf cluster of gentoo servers*


Unless you've got SSH wide open with root access or an easily-guessable/dictionary-attackable password. In which case, your beowulf cluster of Gentoo servers becomes a rather powerful addition to a botnet. But you're better than that. 

The BEST paid security suite for _Windows_ right now is probably either Kaspersky, NOD32, AVG Internet Security, or nothing at all. If you're good with the interwebs, you won't need anything past a firewall against incoming packets, which your router (if you have one) provides, anyway. Windows Firewall actually works pretty well in practice for this, but if you absolutely must have a third-party firewall, Comodo is pretty sweet, and free. It's way more powerful than most will ever need, however.

The best way you can protect your computer, however, isn't in a security suite, which is like wearing a kevlar vest (it will stop some, but not all, threats, and those that are already inside its protective shield can't be dealt with by it), but in a combination of being smart about your browsing habits (don't download software from sleazy-looking sites, don't click on ads (even Google ads are being targeted by rogue advertisers now), don't trust any website asking you for personal information unless you're certain of its identity, don't trust any e-mail asking you to log in to an account (go to the site directly instead of clicking any links), and try to stay off the porn), using secure software (like using Firefox or Opera instead of Internet Explorer, and Thunderbird instead of Outlook/Outlook Express), and relying on your antivirus only for uncovering and identifying threats. Never use "DMZ" or demilitarized zone features on modern routers; Use port-forwarding instead, even if it is easier. And if you have a software firewall, pay attention to what it asks you before clicking on the "Allow" button - Same goes with Vista if you didn't initiate the action.


----------



## Adelio Altomar (Feb 27, 2009)

Eevee said:


> linux  B)
> 
> *jumps on motorcycle and drives off into the sunset secure in the knowledge that nobody will hack his beowulf cluster of gentoo servers*



Would switch but the wireless card won't work with any of the distros I've tried... |3



Runefox said:


> Unless you've got SSH wide open with root access or an easily-guessable/dictionary-attackable password. In which case, your beowulf cluster of Gentoo servers becomes a rather powerful addition to a botnet. But you're better than that.
> 
> The BEST paid security suite for _Windows_ right now is probably either Kaspersky, NOD32, AVG Internet Security, or nothing at all. If you're good with the interwebs, you won't need anything past a firewall against incoming packets, which your router (if you have one) provides, anyway. Windows Firewall actually works pretty well in practice for this, but if you absolutely must have a third-party firewall, Comodo is pretty sweet, and free. It's way more powerful than most will ever need, however.
> 
> The best way you can protect your computer, however, isn't in a security suite, which is like wearing a kevlar vest (it will stop some, but not all, threats, and those that are already inside its protective shield can't be dealt with by it), but in a combination of being smart about your browsing habits (don't download software from sleazy-looking sites, don't click on ads (even Google ads are being targeted by rogue advertisers now), don't trust any website asking you for personal information unless you're certain of its identity, don't trust any e-mail asking you to log in to an account (go to the site directly instead of clicking any links), and try to stay off the porn), using secure software (like using Firefox or Opera instead of Internet Explorer, and Thunderbird instead of Outlook/Outlook Express), and relying on your antivirus only for uncovering and identifying threats. Never use "DMZ" or demilitarized zone features on modern routers; Use port-forwarding instead, even if it is easier. And if you have a software firewall, pay attention to what it asks you before clicking on the "Allow" button - Same goes with Vista if you didn't initiate the action.



Okay, I see you've mentioned the AVG *paid[/i] version. Is the free still good though?*


----------



## ToeClaws (Feb 27, 2009)

In addition to RuneFox's comments (which are bang on), the thing with Windows is that  it's what the majority of people use, therefore it's targeted more than any other OS.  The fact that it's also a fairly bad design for security and has a lot of services enabled by default helps the hackers along as well.  *There is no one product* that can fully protect you.  I have seen trojans, worms, viruses and other malware get past every major scanner (freeware or paid).  The only thing that nabs them is to make sure you have more than one way to check your PC on a pretty constant basis.  Besides having a major scanner like RuneFox suggests, you should also have some smaller low-level scanner and rootkit tools like these:

RemoveIT Pro: http://www.majorgeeks.com/RemoveIT_Pro_d5205.html

CWShredder: http://www.majorgeeks.com/Trend_Micro_CWShredder_d3019.html

FSecure Blacklight: http://www.majorgeeks.com/F-Secure_BlackLight_d5156.html

SpyBot: http://www.majorgeeks.com/SpyBot-Search_&_Destroy_Tools_d2471.html

Each of these do specific things that go a little further than the general purpose Anti-virus scanner.  It seems excessive, but it's unfortunately the reality of using a mainstream OS.  

For Firewalls, the built-in XP firewall is dodgey at best, but at least better than nothing.  Most people that like to tweak and better protect themselves do not rely on the built in one.  As RuneFox suggests, Comodo is definitely a mega-powered solution to protecting yourself.  It represents a new firewall in that it is Layer 7 aware, or in otherwords, is able to look into TCP/IP packets and identify applications.  

Application-aware firewalls are powerful, but also large, taking up a good bit of RAM and additional processing.  If you really know what you're doing and want to keep the resource footprint low, you can go with an old-school IP and port-based firewall like Ghostwall.  This is about as simple as a firewall gets, but to use it, you have to understand IPs, protocols and ports and you will have to enter things manually - it will do not do anything for you.


----------



## Runefox (Feb 27, 2009)

> Okay, I see you've mentioned the AVG *paid[/i] version. Is the free still good though?*


*
Yes, it's quite good, and will offer the same antivirus/antispyware protection as the paid-for version.*


----------

