[commute201]

Have been seeing news press and other security press about a relatively new security threat - Gumblar such as these conflicting reports

https://forums2.symantec.com/t5/blog...article-id/272
http://www.zonealarm.com/security/en...rt/gumblar.htm
http://news.zdnet.com/2100-9595_22-306268.html

Please advise of any additional malware protection I need to obtain against the Gumblar threat?

PC Securitywise I have, all with latest definitions and auto-updated as applicable:
* Zone Alarm Internet Security v8.0.298.035, licensed edition, includes firewall, anti-virus, anti-spyware.
* PC Tools Spyware Doctor v6.0.441, licensed edition
* PC Tools ThreatFire v4.1.0.25, free edition
* Mozilla Firefox v3.0.10, I only use Internet Explorer for Microsoft's monthly security updates and on very rare occasion otherwise. I do not knowingly visit any malware laden websites (see firefox extensions following).
* Firefox add-on/extension McAfee SiteAdvisor v2.9.
* Firefox add-on/extension NoScript v1.9.3.3, prevents javascript from running at websites unless allow it. If a website domain I wish to surf regularly, I only allow it if green rating from SiteAdvisor and no consistent negative user security comments at siteadvisor.com
* Spyware Blaster v4.2.
* A wired (not wireless) Linksys router.

I scan for malware twice a week, and I have had no recent infections, other than the occasional false positive.

The most concerning of the reports above is from Zone Alarm, which I received a security alert email from them in the last few days. Is this just a marketing ploy from them to buy more of their software, or should I truly be concerned given my cautious web surfing habits with all of the protection I already have?

[lawson_jl]

Your so heavy on protection isn't overkill. With all you have your surely suffering a big impact on performance.

Quite honestly people spend too much time worrying about security when all you really need to do is to keep your system up to day and use common sense when clicking.

But then again most people will click anything that says click me. As a tech I've seen people spend way to much money on programs that don't offer any any better protection then AVG or Avira free do.
People also don't understand that when you have router you have a hardware firewall.

I have never used AV software on my system except for testing purposes. My wife has even become very affluent and I don't have any worries about her doing anything that will get the PC infected.

[blitzkreig]

simple add ons for your browser like the web of trust can help you a great deal

[commute201]

Thanks for the replies. With this new generation of spyware out there, how can protect my PC going to a website, that is supposedly trusted and widely used, lets just say CNN for example, that the hackers have inserted malicious code? I am not saying CNN is infected, just using it as a made up example for here.

I do keep my software updated, and I do use common sense when clicking, but even so, these on occassion fail you. Security experts recommend layered protection. Is there anything else can do? From my experience in the last few years, if have a PC infection, its been spyware (trojan, keylogger in a couple of cases), not a virus. And these nasties can sometimes takes hours or even days to cleanup, as evidenced by the other TechGuys security subforum and own personal experience.

As far as this software hogging processing power, true statement for some/many, but in my case, my PC has a 2Ghz processor and 2GB memory, so if any affect, it has not been noticeable for my needs.

[perfume]

Dear commute201,
Your concerns about Gumblar Botnet are'nt misplaced. I have read that MBAM has/had good detection rates of Gumblar. Why not download the free version from here:http://www.malwarebytes.org/products.php

I use WOT(web of trust) as a sort of guide on the net while surfing, similar to McAfee site adviser.

In the recommended privacy and security add-on section on the left hand side of FF3 page, you will find a few more add-ons which will tighten the system. Best wishes!

[Cookiegal]

Gumblar and similar exploits are a growing problem these days. Using Firefox with NoScript will reduce the risk of falling victim if, of course, you don't change the option to allow sites freedoms.

The good anti-virus and firewall programs have functions that will at least alert when malicious scripts, XSS, redirects etc. attempts are being made so you can avert them and most will deny the action outright and log an entry so you can see what it was and what was going to happen.

Keep in mind that sites like Site Advisor will not return a red rating for a site that is not known to be malicious but has unfortunately been compromised. Many sites have infected pages and aren't even aware of it until they receive complaints.

[Gizzy]

I think a good way to protect against infected sites is to use a policy or virtual sandbox like one of the following
Sandboxie
DefenseWall
GesWall

They'll restrict your browser inside the sandbox, they might take a little getting used to mainly when it comes to saving files, but they do offer great security.