<

MALWARE - "An Ounce of Prevention..."

Published on
72,138 Points
8,338 Views
38 Endorsements
Last Modified:
Awarded
Editor's Choice
MALWARE - "An Ounce of Prevention ..."

The old adage about prevention being exponentially better than a cure was never truer than in the malware fighting business. As the owner of a small computer repair business, about 80% of my income is from cleaning infected computers and trying to recapture lost data - data usually lost because of a system crash caused by malware.

"Malware" is kind of a generic term for all of the Viruses (virii?), Trojans, Worms, and all other forms of infection that wander around the Internet on websites and through email.

For as long as I have been in the computer business, the top three types of sites for spreading malware are (1) Peer-to-peer (sharing) sites, (2) Gambling sites, and (3) Pornography sites. Through the years, I have often worked with customers who go to either (1) or (2), but I've never met anyone who ever went to a (3). I guess that some computers get lonely and go there to meet other computers - when the owner isn't looking.

The recommendations I've listed below are going to cost you about ONE U.S. dollar per week - hold your thoughts for a minute.

Yes, I know, there are freebie programs out there that can provide a good level of security to a knowledgeable user. I also know that the vast majority of users are not Geeks, and they don't want to know how to configure this, modify that, or amplify the morpitude of the ramafrasitz.

The advice below is what I pass on to MY customers, in the hopes that I won't have to be cleaning the same infections that I cleaned last month... and two months before that,... and 6 months ago. (Gotta love teen-age boys in a household - guaranteed 3-4 repair jobs a year.) These are just regular folks who want do the basics of using the Internet for surfing and swapping email jokes with their friends - and do so with some relative measure of security and protection.

THE LIST:

1. Name brand anti-virus/anti-spyware application. You MUST HAVE "On-Access" scanning going on for any file you access and any connection you make to the Internet. You cannot open a file that you brought home from the office (or any other source) and you cannot open an attachment in an email message, and you cannot connect to a website - unless you have some application running that is going to "On-Access" scan the file, the attachment, or the connection.

I currently recommend ONLY Microsoft Security Essentials (MSE) to all of my customers. It is free to anyone using it on 10 or fewer computers. This is a personal preference and a personal recommendation. It is fairly intuitive for set up and configuring and you can 'throttle' the amount of process capacity it uses. The user can initially schedule it to AUTOMATICALLY run all updates and scans and never have to configure anything again.

There are different download sites for different areas of the world, but U.S. customers may use: http://www.microsoft.com/security_essentials/

I also install Malwarebytes (Pro) on all computers that come through my repair shop.
This will give your on-access, 24/7 protection and augment the protection of MSE
http://www.malwarebytes.org/ (About US$25 each)

Please note that if you are going to being running Malwarebytes (MBAM) with other security software, you should keep this link handy. It gives detailed instructions for avoiding conflicts between MBAM and other applications.

http://forums.malwarebytes.org/index.php?showtopic=10138

2. User Accounts. For Windows XP and older versions of Microsoft OS, the "Default" Account Type created was an 'Administrator' account. When Mom or Dad create new accounts for the kids, every one of them now has the ability to install new programs their friends give them at school, that they received via email, or given to them by their new best friend in a chat room. There is virtually no limit to what an "Administrator" account can do on the computer and no one should be on the Internet with an account with Administrator privileges.

If you get bitten by some kind of malware bug - while logged in with an Administrator account - the bug can run itself with "Administrator" privileges. A very dangerous situation. Using only Limited accounts for surfing is not a 'cure-all' form of protection against every instance of malware, but it does give you one hell of a lot of passive protection.

"Limited" or "Standard" accounts are the type that everyone in the family should be using when they log in. Of course, there does need to be one Administrator account for adding programs and installing devices, but protect that account with an adult controlled password - and only use it when needed.

3. Hardware Firewall. I have never been a fan of any software FW product. Use the native Windows FW on your computers (any OS after XP SP2) and add a small Linksys or Netgear FW/Router (hardware) at your incoming internet connection. Windows seems to play nice with either of these systems and your protection is much enhanced - compared to running without one.

You can get a used one on eBay for only about US$25-30. They are extremely easy to walk through the basic setup - and even have a 'Wizard' application that will do it for you.

4. Patches and Updates. In virtually all instances, Microsoft and the various application developers are ahead of the curve on protecting against new vulnerabilities that are released. If you - as the owner of your computer - will consistently load the patches, updates, and Service Packs as they are released, you will be taking a giant step toward protecting your system(s).

I urge anyone reading this to consider the cost of their computer, the value of their time - if they have to spend the hours needed for disinfection - and the value of all the data (pictures, movies, songs, documents, etc.) on their computer.

Weigh those costs against a dollar a week plus a few minutes of installation time and decide if it is worth it.
***********************************************************************

Some other valid Articles here on Experts-Exchange that I highly recommend you read are:
2012-Malware-Variants
Basic Malware Troubleshooting
Rogue-Killer-What-a-great-name
Stop-the-Bleeding-First-Aid-for-Malware
Latest-Malware-Threat-Windows-Stability-Center

Viruses in System Volume Information (System Restore)
THINGS YOU NEED TO DO WHEN YOUR PC IS INFECTED:
IF YOU CAN'T RUN .EXES IN AN INFECTED SYSTEM:
Can't Install an Antivirus - Windows Security Center still detects previous AV:
HijackThis - Some Tips & Tricks:
HijackThis reports missing files on 64-bit Systems:
"Google Hijack" - Google Search Gets Redirected:
38
Author:younghv
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free