Community Pick: Many members of our community have endorsed this article.
Editor's Choice: This article has been selected by our editors as an exceptional contribution.

MALWARE - "An Ounce of Prevention..."

MALWARE - "An Ounce of Prevention ..."

The old adage about prevention being exponentially better than a cure was never truer than in the malware fighting business. As the owner of a small computer repair business, about 80% of my income is from cleaning infected computers and trying to recapture lost data - data usually lost because of a system crash caused by malware.

"Malware" is kind of a generic term for all of the Viruses (virii?), Trojans, Worms, and all other forms of infection that wander around the Internet on websites and through email.

For as long as I have been in the computer business, the top three types of sites for spreading malware are (1) Peer-to-peer (sharing) sites, (2) Gambling sites, and (3) Pornography sites. Through the years, I have often worked with customers who go to either (1) or (2), but I've never met anyone who ever went to a (3). I guess that some computers get lonely and go there to meet other computers - when the owner isn't looking.

The recommendations I've listed below are going to cost you about ONE U.S. dollar per week - hold your thoughts for a minute.

Yes, I know, there are freebie programs out there that can provide a good level of security to a knowledgeable user. I also know that the vast majority of users are not Geeks, and they don't want to know how to configure this, modify that, or amplify the morpitude of the ramafrasitz.

The advice below is what I pass on to MY customers, in the hopes that I won't have to be cleaning the same infections that I cleaned last month... and two months before that,... and 6 months ago. (Gotta love teen-age boys in a household - guaranteed 3-4 repair jobs a year.) These are just regular folks who want do the basics of using the Internet for surfing and swapping email jokes with their friends - and do so with some relative measure of security and protection.


1. Name brand anti-virus/anti-spyware application. You MUST HAVE "On-Access" scanning going on for any file you access and any connection you make to the Internet. You cannot open a file that you brought home from the office (or any other source) and you cannot open an attachment in an email message, and you cannot connect to a website - unless you have some application running that is going to "On-Access" scan the file, the attachment, or the connection.

I currently recommend ONLY Microsoft Security Essentials (MSE) to all of my customers. It is free to anyone using it on 10 or fewer computers. This is a personal preference and a personal recommendation. It is fairly intuitive for set up and configuring and you can 'throttle' the amount of process capacity it uses. The user can initially schedule it to AUTOMATICALLY run all updates and scans and never have to configure anything again.

There are different download sites for different areas of the world, but U.S. customers may use:

I also install Malwarebytes (Pro) on all computers that come through my repair shop.
This will give your on-access, 24/7 protection and augment the protection of MSE (About US$25 each)

Please note that if you are going to being running Malwarebytes (MBAM) with other security software, you should keep this link handy. It gives detailed instructions for avoiding conflicts between MBAM and other applications.

2. User Accounts. For Windows XP and older versions of Microsoft OS, the "Default" Account Type created was an 'Administrator' account. When Mom or Dad create new accounts for the kids, every one of them now has the ability to install new programs their friends give them at school, that they received via email, or given to them by their new best friend in a chat room. There is virtually no limit to what an "Administrator" account can do on the computer and no one should be on the Internet with an account with Administrator privileges.

If you get bitten by some kind of malware bug - while logged in with an Administrator account - the bug can run itself with "Administrator" privileges. A very dangerous situation. Using only Limited accounts for surfing is not a 'cure-all' form of protection against every instance of malware, but it does give you one hell of a lot of passive protection.

"Limited" or "Standard" accounts are the type that everyone in the family should be using when they log in. Of course, there does need to be one Administrator account for adding programs and installing devices, but protect that account with an adult controlled password - and only use it when needed.

3. Hardware Firewall. I have never been a fan of any software FW product. Use the native Windows FW on your computers (any OS after XP SP2) and add a small Linksys or Netgear FW/Router (hardware) at your incoming internet connection. Windows seems to play nice with either of these systems and your protection is much enhanced - compared to running without one.

You can get a used one on eBay for only about US$25-30. They are extremely easy to walk through the basic setup - and even have a 'Wizard' application that will do it for you.

4. Patches and Updates. In virtually all instances, Microsoft and the various application developers are ahead of the curve on protecting against new vulnerabilities that are released. If you - as the owner of your computer - will consistently load the patches, updates, and Service Packs as they are released, you will be taking a giant step toward protecting your system(s).

I urge anyone reading this to consider the cost of their computer, the value of their time - if they have to spend the hours needed for disinfection - and the value of all the data (pictures, movies, songs, documents, etc.) on their computer.

Weigh those costs against a dollar a week plus a few minutes of installation time and decide if it is worth it.

Some other valid Articles here on Experts-Exchange that I highly recommend you read are:
Basic Malware Troubleshooting

Viruses in System Volume Information (System Restore)
Can't Install an Antivirus - Windows Security Center still detects previous AV:
HijackThis - Some Tips & Tricks:
HijackThis reports missing files on 64-bit Systems:
"Google Hijack" - Google Search Gets Redirected:

Comments (25)

Steven CarnahanAssistant Vice President\Network Manager

younghv - another great article however I have to add that "teenage boys" are not the only concern anymore.  

My father told me about 10 years ago told me that he was going to buy a computer and the first thing he was going to do was get rid of the operating system because that's how people can mess with your computer. He was adamant that he would not have an OS on his computer.

Once he got a computer ( just a couple years ago) my brother would walk in on him and the printer ribbon (yes he insisted on a dot matrix) and paper were all over the place and the printer was all torn apart. He would say that there was something wrong with the printer because he could look at a web page on the screen and it was fine but when he printed it would chop off the right side. "It has to be the printer"

Understand that my dad is going to be 84 in March 2012.

Anyway, another great article like I said. I will vote yes as soon as I submit this.
Author of the Year 2011
Top Expert 2006


What a great story - I love it!
Many of my customers are of that generation and they can be a lot of fun.

I offer a 25% Veteran's discount for any work I do and after finishing a house call on "Colonel Bill" he informed me that he really appreciated the free work.

"Free" work, asked I?

Sure he said, WWII, Korea, Santo Domingo, and Vietnam...4x25 is 100% - Free!

I agreed that he had me there and thanked him for his service. He laughed, broke out the beer and we swapped storied for a couple of hours. Then he gave me a check for the full amount.
Steven CarnahanAssistant Vice President\Network Manager

"Colonel Bill" and my dad "Lucky" would get along great.  My dad was in WWII and I was in during Vietnam (not in country but a lot of buddys went and didn't come back). I do like his math though. Good thing he didn't go to the first Iraq or you would be paying him for the work.   :)  
Bill_LandauComputer Guru

Vic - Love the Colonel Bill story.  Never occurred to me to give a discount for vets (and I'm a Vietnam vet, in-country, myself).

Much of my work is businesses, but for individuals, I already discount for my neighbors, members of my synagogue, and some others.  So I'd have to be sure to specify only one discount per client....

Bill Landau
Author of the Year 2011
Top Expert 2006


Welcome home brother.

I've been off-line for a few days and just starting to get caught up.
"" if you want to come up on the net.


View More

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.