Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Preventing Malware - Tools and Practices for Safe Computing

Started by Doug , Jan 05 2009 09:50 PM

  • This topic is locked This topic is locked
No replies to this topic

#1 Doug

Doug

    Retired Administrator -Tech Team

  • Tech Team
  • 10,057 posts

Posted 05 January 2009 - 09:50 PM

Preventing Malware - Tools and Practices for Safe Computing.


Though it may be commonly thought that the bad-guys prey upon the elderly, weak, young and innocent users of the Internet, it just isn’t so… Their target is Everyone!

Malware is served up from over 18,500 discrete addresses on the internet as well as thousands more zombie networks. And as soon as detected, the purveyors quickly and easily shift to other addresses from which to do their dirty work. The intent of malware is that of promoting rogue products, redirecting your legitimate browsing to their scam sites, intercepting your transactions, and gathering as much of your personally identifying information as possible, all for financial gain. It is a multi-Billion dollar industry that is highly organized, skillfully run, well funded, and which treats each and every one of us in the internet community as a statistic and potential target.

An internet user need not be elderly, weak, young, or innocent to become a victim… only careless.

The purpose of these Best Practice & Prevention articles is to provide information upon which you can build your own best practice and safeguard your own computer and home network.

No one is in a better position to create safety for your machine than yourself. Just like you may lock your house for security, or forget to do so, you are in the best position to take routine steps to apply internet security.

Read on to learn some of the best steps that you can take.
But please keep in mind that these plans are much like a good exercise program.
Everyone knows that the body, mind, and health is improved with exercise, but first you have to actually put the exercise plan into action.

What can we do about it?
  • Practice Safe Computing! Keep systems patched, updated, scanned and blocked, and use a disciplined approach to operating the computer and using the Internet.
  • Patch operating systems and applications to the latest security patches, including Vista SP2, XP SP3 and Internet Explorer 7 or IE8, even if using alternative browser. NOTE: IE8 has its own site SmartScreen Filter which may not play well with MVPS Host file. See below
  • Update anti-malware signature/definition files promptly and apply operating system critical updates in a timely manner (see "Windows Update" under "Prevent Re-Infestation" below)
  • Scan using "real-time" anti-malware scanners for viruses, worms, Trojans, and spyware
  • Block unauthorized access attempts, spam and pop-ups using a good client-based (software) firewall, spam blocker, and pop-up blocker.
  • Self Discipline, the most crucial! Self discipline includes:
    • NEVER click on "To stop getting these spam messages, click here" links
    • NEVER click on any links in unsolicited pop-ups or email
    • NEVER open attachments or downloads without first scanning for malware - regardless the source
    • NEVER visit sites bad guys are known to wallow in: such as porn, gambling and Peer to Peer (P2P) sites that tolerate illegal
    filesharing of copyrighted materials such as music files, movies, and published document
  • And the last step, A system security suite to protect against online threats
We hope that you will put the following information and plans into your routine of computing activity.


Before Step #1 - There are two important items to attend to:

Please verify your Systems Restore is activated:
  • Go to My Computer
  • Properties
  • System Restore
  • Highlight C:\Drive
  • Settings
  • Set the slider to 1% (1095MB) or as close to 1024mb as available
  • OK - Apply - OK
  • Reboot
Then proceed to:
  • Start
  • All Programs
  • Accessories
  • System Tools
  • Sytem Restore
  • Follow the promps to create a new restore point
Reboot and proceed as follows.


Backing Up Your Registry
  • Go Here and download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.



    Step #1

    Make your Internet Explorer more secure

    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.


Protect against Tracking Cookies

  • From within Internet Explorer click on the Tools menu and then click on Internet Options.
  • Click once on the Privact tab
  • Under Settings click on Advanced
  • Place a check next to Override automatic cookie handling
  • Under First Party Cookies choose Accept
  • Under Third Party Cookies choose Block
  • Then click Ok



Step #2


Use an AntiVirus Software - Choose only one - More than one will conflict. It is very important that your computer has anti-virus software running to protect against viruses. Update Antivirus prior to manual scans as necessary or as used. Please only choose one, having more than one can cause problems, such as crashes and your computer to slow down.


Update your AntiVirus Software - Now that you have AntiVirus Protection, it is imperitive that you update your Antivirus software at least once a week. If you do not update your antivirus software then you will be vulnerable to new threats.


Use a Firewall - One Firewall only will protect you against hackers. Without a firewall your computer is susceptible to being hacked and taken over. Never Run more than one Firewall active on your computer at the same time because they can conflict and cause unwanted problems. This includes not running Windows native firewall at the same time as an installed software Firewall.

Here is a list of free Firewalls. Please only choose one.


Anti-Spyware
AntiSpyware software protects you from malware and spyware that try to steal your personal information.

  • SpywareBlaster
    SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
  • SpywareGuard
    SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.
  • Malwarebytes' Anti-Malware
  • SUPER Anti-Spyware
  • ThreatFire (ThreatFire and Online Armor can conflict, so if you pick one, you must not pick the other)
    ThreatFire being a real-time application, there is no need to run it. Once installed it updates automatically. Right Click the icon in Systems Tray to enable more information.

Blocking & Other Tools

  • WinPatrol
  • MVPS Hosts file
    The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • McAfee Site Advisor
    McAfee Site Advisor protects your browser against malicious sites and warns you when you attempt go to one.
Note: IE 8 users. IE 8 has its own blocking function called SmartScreen Filter which performs a similar function as the Blocking tools listed above. IE 8 may prove to be overly restrictive if you also have MVPS Hosts File installed. If so, consider reverting back to Windows default host file. SpywareBlasted does seem to be a compatible adjunct with IE 8's SmartScreen Filter.


Step #3

Keeping Windows Updates current.

1. Firstly, please do the following:
  • Click on Start
  • Then Run
  • type services.msc
  • Click startup type second from the right at the top after extending the utility
  • Check that Automatic Updates is on Automatic and started
  • Click File
  • Exit

2. Then go to
  • Click on Start
  • Click on Control Panel
  • Select Automatic Updates
  • Enable 'Turn off Automatic Updates'
  • OK to exit

Explanation why turning off WU is explained here.

To obtain your Windows Updates each two (in case there are non critical updates) or four weeks manually, go to Windows Updates after the second Tuesday in the month to get your most recent updates . Click on Custom after the page loads, so you can be in control of what is installed on your system.

Keeping Java Runtime Environment up to date.

There are several ways you can do this:
  • Download JavaRa.exe. JavaRa will uninstall older and more vulnerable Java installations from your system.
  • Use Control Panel add/remove to uninstall Java JRE versions (JRE 6.10 and newer) before installing the current updated version
  • Go to Java Downloads for All Operating systems and choose which is best for you
  • When you are online at WhattheTech, watch AplusWebMaster's advice in Discussion/Security advisories & Vulnerabilities info sub-forum
  • Don't forget to verify your Java after you have updated it
  • Make sure you uninstall all old Java installations from Add and Remove after obtaining the latest update

It is recommended to run Secunia Personal Software Inspector (PSI) 1.0 at least once a month to make sure your software, Windows Updates, Java, ActiveX and more are all as up-to-date as they can be.


Primary author - SpySentinel

Edited by Doug, 24 June 2009 - 03:53 PM.
Update re: Vista SP2 and features of IE 8 / edited re: Java JRE updating

The help you receive here is free.
If you wish, you may Donate to help keep us online.

    Advertisements

Register to Remove

Related Topics

Back to Security - Best Practices and Prevention · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Security - Best Practices and Prevention
  4. Privacy Policy
  5. Terms of Use ·