Preventing Malware - Safe Computing

[tallin]

Preventing Malware - Safe Computing.

The purpose of this Best Practice & Prevention article is to provide information upon which you can build your own best practice and safeguard your own computer and home network pointing users to as needed.

A "system security suite" is one which bundles all the required tools for complete system protection, like anti-virus, firewall, anti-spyware, file cleaners, etc. But security suites that you find online are usually commercial software.

How about making - or rather "assembling" - your own security suite that contains all the required tools? The tools are very efficient and powerful. But best of all, your security suite is completely FREE!

What can we do about it?

• Practice Safe Computing! Keep systems patched, updated, scanned and blocked, and use a disciplined approach to operating the computer and using the internet.
• Patch operating systems and applications to the latest security patches, including Vista SP1, XP SP3 and Internet Explorer 7 (soon IE8), even if using alternative browser.
• Update anti-malware signature/definition files promptly and apply operating system critical updates in a timely manner (see "Windows Update" under "Prevent Re-Infestation" below)
• Scan using "real-time" anti-malware scanners for viruses, worms, Trojans, and spyware.
• Block unauthorized access attempts, spam and pop-ups using a good client-based (software) firewall, spam blocker, and pop-up blocker.
• Self Discipline, the most crucial! Self discipline includes:
  
  NEVER click on "To stop getting these spam messages, click here" links.
  NEVER click on any links in unsolicited pop-ups or email.
  NEVER open attachments or downloads without first scanning for malware - regardless the source.
  NEVER visit sites bad guys are known to wallow in: such as porn, gambling and Peer to Peer (P2P) sites that tolerate illegal filesharing of copyrighted materials such as music files, movies, and published document.
• And the last step, A system security suite to protect against online threats.
  We hope that you will put the following information and plans into your routine of computing activity.

Before Step #1 - There are two important items to attend to:

Please verify your Systems Restore is activated:

• Go to My Computer
• Properties
• System Restore
• Highlight C:\Drive
• Setting - Set the Slider to 1% (1095 MB)
• OK - Apply - OK
• Reboot

Then proceed to:

• Start
• All Programs
• Accessories
• System Tools
• Follow the prompts to create a new restore point

Reboot and proceed as follows:

Go HERE and download ERUNT to Backup your Registry

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

1. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

2. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

3. Choose a location for the backup
(the default location is C:\WINDOWS\ERUNT which is acceptable).

4. Make sure that at least the first two check boxes are ticked

5. Press OK

6. Press YES to create the folder.

Step #1

Make your Internet Explorer more secure.

• From within Internet Explorer click on the Tools menu and then click on Options
• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
• Change the Download unsigned ActiveX controls to Disable
• Change the Initialize and script ActiveX controls not marked as safe to Disable
• Change the Installation of desktop items to Prompt
• Change the Launching programs and files in an IFRAME to Prompt
• Change the Navigate sub-frames across different domains to Prompt
• When all these settings have been made, click on the OK button.
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
• Next press the Apply button and then the OK to exit the Internet Properties page.

Protect against Tracking Cookies

• From within Internet Explorer click on the Tools menu and then click on Internet Options.
• Click once on the Private tab
• Under Settings click on Advanced
• Place a check next to Override automatic cookie handling
• Under First Party Cookies choose Accept
• Under Third Party Cookies choose Block
• Then click Ok

Step #2

Use an AntiVirus Software - Choose only one - More than one will conflict. It is very important that your computer has anti-virus software running to protect against viruses. Update Antivirus prior to manual scans as necessary or as used.

Here is a list of free antivirus programs. Please only choose one, having more than one can cause problems, such as crashes and your computer to slow down.

AntiVir Personal
AVAST Home Edition
PC Tools AntiVirus Free

Update your AntiVirus Software - Now that you have AntiVirus Protection, it is imperative that you remember to update your Antivirus software at least once a week. If you do not update your antivirus software then you will be vulnerable to new threats.

Use a Firewall - One Firewall only will protect you against hackers. Without a firewall your computer is susceptible to being hacked and taken over. Never Run more than one Firewall active on your computer at the same time because they can conflict and cause unwanted problems. This includes not running Windows native firewall at the same time as an installed software Firewall.

Here is a list of free Firewalls. Please only choose one.

Online Armor
Sunbelt Personal Firewall
Comodo Firewall Pro
ZoneAlarm Free (For Windows XP)

Anti-Spyware

AntiSpyware software protects you from malware and spyware that try to steal your personal information.

SpywareBlaster
SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

Malwarebytes' Anti-Malware

SUPER Anti-Spyware

Spybot Search & Destroy

Other Tools

WinPatrol

IE/Spyad
IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.

WOT Internet Security

MVP Hosts

Step #3

Keeping Windows Updates current.

Firstly, please do the following:

• start
• Run
• type 'services.msc' without the quote
• Click 'startup type' second from the right at the top after extending the utility
• Check that Automatic Updates is on Automatic and started
• File
• Exit

Then go to

• Start
• Control Panel
• Automatic Updates
• Enable 'Turn off Automatic Updates'
• OK

Explanation why turning off WU is explained here.

To obtain your Windows Updates each two (in case there are non critical updates) or four weeks manually, go to

Windows Updates after the second Tuesday in the month to get your most recent updates . Click on Custom after the page loads, so you can be in control of what is installed on your system.

Keeping Java Runtime Environment up to date.

There are several ways you can do this:

Go to Java Downloads for All Operating systems and choose which is best for you.

When you are online at WhattheTech, watch AplusWebMaster's advice in Discussion/Security advisories & Vulnerabilities info sub-forum.

Don't forget to verify your Java after you have updated it.

Make sure you uninstall all old Java installations from Add and Remove after obtaining the latest update

It is recommended to run
Secunia Personal Software Inspector (PSI) 1.0 at least once a month to make sure your software, Windows Updates, Java, ActiveX and more are all as up-to-date as they can be.

Sandboxie - Sandbox software for application isolation and secure Web browsing
Sandboxie runs programs (including browsers) and opens e-mail attachments in an isolated space which prevents them from making permanent changes to other programs and data in your computer.