Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

COMPUTER SECURITY - a short guide to staying safer online

A Library of tips, tricks, and informative articles - Fixes are for use under your own supervision and at your own risk.

COMPUTER SECURITY - a short guide to staying safer online

Unread postby Gary R » December 5th, 2010, 11:05 am

Computer Security - a short guide to staying safer online.Image (so this doesn't happen to you)

(by Gary R and Wingman)



The purpose of this topic is to describe some of the potential security risks you may face when browsing the Internet, and to recommend ways to minimise the threats they pose to you.

You will notice I say minimise, I do not say eliminate. Sadly the number of potential threats to your computer increases every day, and the methods used to breach your security and exploit your computer get ever more sophisticated.

It is impossible to be 100% safe when online, however by following the guidelines described in this topic, you can greatly reduce your chances of contracting an infection.

How do I find the information I need ?

This topic is divided into a number of posts, each of which will deal with a particular subject. The subjects are listed below. Clicking on any of the links will take you to the related post.

Last edited by Wingman on December 6th, 2015, 10:51 pm, edited 2 times in total.
Reason: Re-ordered index
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: COMPUTER SECURITY - a short guide to staying safer onlin

Unread postby Gary R » December 5th, 2010, 11:08 am

Securing your computer

Many people are under the delusion that it is possible for them to secure their computer against all attacks, and that they can therefore safely behave as they wish when they are online, clicking on anything they want, and visiting any sites they wish, secure in the knowledge that they have a firewall and an anti-virus program that will save them from all ills.

Sorry to disillusion you, but that is not, nor will it ever be true.

The purpose of installing protective programs on your computer is to minimise the number of online threats you will be subject to, and they generally do a very good job as long as you appreciate their limitations.

How your defensive systems work
I think it might be helpful at this point to give a simplified overview of how your defensive systems work so you can understand what some of these limitations are ....

The average home computer has approximately 64,000 ports through which it can communicate. By default these ports are open and can be used by any program which cares to access them, either from within the computer or from without. If you were to go online with a computer in this condition you would quickly be attacked and your computer would be infected.

To prevent this you install a Firewall. A firewall will close all open ports and you then open the ones you need by setting "rules" for them according to the instructions supplied with the Firewall program. Usually you will have ports open for your Internet Browser, your e-mail client, and the update functions for various programs.

These "open" ports will not be fully accessible, in that they will only allow a communication if it was instigated from within your computer. Any unsolicited communications from outside are blocked.

However if you are tricked into starting the communication, then as far as your Firewall is concerned it is a legit transaction and it will open the port. So by clicking on malicious links, replying to unsolicited e-mails and attachments, and downloading from unsafe sources, you are effectively bypassing any protection your Firewall supplies.

At this point your Anti-Spyware and Anti-Virus programs take over. The real-time-protection in these constantly scan the data stream in your open ports looking for things that match with items in the database they have within them. If they find something then they will alert you, or quarantine it, or delete it, according to the rules set within the program.

However as you can see, if the database does not contain details of the infection that's attacking you, then your Anti-Virus or Anti-Spyware programs will not protect you. There are new infections (or new variations of old infections) created every day, which is why it's vital to keep your programs up to date. Even with a fully updated database though, you are still playing catchup, which is why your Firewall, Anti-Virus and Anti-Spyware programs cannot ever give you 100% protection.

Adding more and more programs will not give you more and more protection, it's up to you to take some responsibility for your online actions, and modify them to give your programs the best chance of protecting you.

Please read the section .... Types of threat .... to see how you can modify your online browsing habits to give yourself a better chance of not contracting an infection.

So now you realise that your protection can never be absolute, let's look at what you can do to make it as effective as possible .....

  • Follow safe online browsing habits.
  • Keep Windows and your programs up to date.
  • Use a firewall.
  • Use an Anti-Virus and an Anti-Malware program.
  • Minimise your chances of visiting infected sites.
  • Control the sites that can use scripting on your browser.
  • Use a Sandbox when browsing.

  • Follow safe online browsing habits - browsing with caution is the single biggest thing you can do to reduce your chances of contracting an infection. You can fit every protective system under the sun, but if you act like an idiot online then sooner or later you will contract an infection. So take some responsibility for your behaviour and give yourself a much better chance of staying uninfected.

  • Keep Windows and your programs up to date - once a month on the 2nd Tuesday of the month Microsoft release a series of "patches" to resolve problems and security vulnerabilities that have been found for the various versions of Windows. It is important that you install any security related patches. For most people the simplest way to do this is to enable Automatic Updates in Windows. Alternatively experienced computer users can opt to have Windows prompt them when patches are available.

    Below are links to guides for how to set up Automatic Updates for the various versions of Windows. Some of the Operating Systems mentioned below are no longer supported by Microsoft but we know some people are still using them.

    XP
    Vista
    Windows 7
    Windows 8
    Windows 10 *
    * Windows 10 Home users will not be able to defer updates. Only Windows 10 Pro and Enterprise users will be able to defer updates.


    Just like Windows, it is important to keep your other programs up to date as well. Old versions of java, flash, your browser, and a whole lot of others, can be exploited, so it is important you have the latest versions installed on your computer.

    To make the job easier for you Patch My PC Home Updater is an update program that will scan your computer for any out-of-date programs and notify you which they are, then with one click you can update them all (if there are any you don't want to update, then de-select them before clicking on the Perform Updates button).

    FileHippo also have an update program that can be used to check for the latest versions of the programs on your computer.


  • Use a firewall - all the later versions of Windows (XP, Vista, Windows 7, Windows 8, Windows 8.1, Windows 10) come with a firewall, so make sure it is switched on. Most people now also connect to the internet via a modem or router which will also act as a hardware firewall.

    However most people leave their router with the manufacturer's default settings. This is not secure. The default SSIDs (Usernames) and Passwords for a great many routers are well known to hackers, and many can be looked up online at sites like THIS.

    THIS article gives some good advice on how to make your Wi-Fi connection more secure. I recommend you read through it, and that at the very minimum you should change your router's password. There is a step by step example of how to do so HERE.

    For advice on how to create a strong password read THIS article.

    Generally the combination of a hardware firewall and the inbuilt Windows firewalls will be sufficient to guard your ports, however you can expand the functionality of your firewalling by installing a 3rd party firewall and using that instead of the inbuilt Windows firewalls. There is a list of free 3rd party firewalls in the section .... Links to free security applications and online scanners.

    Vista, Windows 7, 8.x and Windows 10 also have UAC (Universal Access Control) fitted. UAC is what is known as a process firewall. UAC only allows processes to run on your computer if they have been given permission, it is a really valuable addition to your computer's security and should never be switched off. Yes the pop-up requests for permission can be a little irritating sometimes, but believe me they shade into insignificance compared to the irritation and inconvenience you will suffer having to deal with a full blown infection.

    Most UAC alerts will be as a result of something you are doing, they are expected and it is a simple matter to allow them, but if one flashes up that you were not expecting, then read carefully what the alert says and if you're not sure then disallow it. You may just have saved yourself a whole bundle of grief.

  • Use an Anti-Virus and an Anti-Malware program - viruses and malware are not the same thing, and the programs used to detect and protect against them operate in significantly different ways, so it is important that you have one of each installed on your computer.

    Installing more than one of each will cause conflicts and will result in less not more protection.

    Because viruses and malware are constantly evolving it is essential that you keep your anti-virus and anti-malware programs updated to the latest definitions. You are much more likely to contract one of the newer infections that is "doing the rounds" than an older infection variety. An out-of date AV or AS program, or a program using out-of-date definitions is not going to protect you. Most of the reputable programs have settings to allow them to update automatically, use them. If the program you use does not allow auto-updating, then you should update it manually on a daily basis.

    There is a list of free Anti-Virus and Anti-Malware programs in the section .... Links to free security applications and online scanners.

  • Minimise your chances of visiting infected sites - you will greatly reduce your chances of getting infected if you do not visit sites that are known to spread infections.

    There are two ways of doing this ....

    • Block access to those sites using a HOSTS file.
    • Get notification of sites with a dubious reputation using one of the various "site evaluation" programs.

    There are links to HOSTS files and site evaluation programs in the section .... Links to free security applications and online scanners.

  • Control the sites that can use scripting on your browser - by disabling the use of scripts within your browser you can significantly reduce the chances of contracting a "drive-by" infection. Unfortunately this also has the effect of disabling the functionality of a great many legitimate website applications, and for this reason it is not an option that most people would choose to use.

    For users of Firefox however there is a compromise.

    NoScript is an add-on extension to Firefox, which permits you to allow or deny the use of scripts on a site by site basis. The default condition for all sites is to block scripts, and you then add sites you know and trust to a "whitelist" so that scripts are allowed when you visit those sites.

    The advantage of this method is that when browsing to an unknown site you are protected from scripting exploits, but once you have determined that the site is safe, with a couple of clicks or so you can enable scripts and access the full functionality of the site.

  • Use a Sandbox when browsing - sandboxing is a system in which your browser (or other programs) runs within a virtual environment. Any changes made while using the sandbox are confined within the sandbox. So if you come across something malicious when browsing, then any alterations it may make to your computer are restricted within the sandbox environment, and when you close the sandbox those alterations are deleted.

    Sandboxes are not 100% secure, and it is possible for some infections to "break out" of them, which is why it is important not to rely on them as your sole means of protection. However if used sensibly they can significantly add to your protection when browsing.

    There are links to sandboxing programs in the section .... Links to free security applications and online scanners.


Last edited by Gary R on April 28th, 2020, 6:09 pm, edited 11 times in total.
Reason: Added unsupported Windows comments and highlights
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: COMPUTER SECURITY - a short guide to staying safer onlin

Unread postby Gary R » December 5th, 2010, 11:10 am

Types of threat

Before I start describing the various types of online threat, I think it is important to understand why these threats exist.

Traditionally, malware creation was restricted to a few technically gifted but "mischievous" individuals who wanted to have "fun" at the expense of others. From there it progressed to being the province of unethical advertisers who installed programs on their unwitting victims computers to pop-up advertisements for which the advertiser got a per-click revenue. From there things have moved on again.

Most modern malware is the creation of professional criminals who wish to make money from you.

There are a number of ways in which they can do this ....

  • Theft - if you take part in online banking, or use your computer for buying things online, your banking and credit card account details can be stolen and used.

  • Identity theft - as well as theft of your banking and credit details, any personal details on your computer can be used to allow someone to assume your identity, setting up accounts and making purchases in your name.

  • Advertising revenue - click through payments are still a valuable source of income to the unethical, and many infections use pop-ups and search re-direction to maximise the attacker's click through payments.

  • Using your computer to distribute spam or porn - the free space on your hard drive is a valuable resource to the distributors of spam and porn, who are more than happy to use your computer as a host server for their wares.

  • Selling your information and data to others - by making you part of a botnet, your attacker can sell you as an "assett" to other criminals, so that they can exploit your computer as well. There is an active market for botnets, which are sold or rented out by botherders to those who have "use" for one.

So what types of threats are there and how should you handle them ?

Below are some of the most common ways to pick up an infection ....

  • P2P file sharing - by far the greatest number of people who visit this forum for help with an infection, are people who use P2P (peer to peer) file sharing programs. By using P2P you are massively increasing your chances of getting your computer infected.

    We always require people seeking help here to remove any P2P programs before we will help them, since by keeping them you are practically guaranteed to get infected again.

    The threats to your computer from P2P are 3 fold ....

    • Many P2P programs come with spyware functionality pre-installed.

    • You are downloading from unknown sources. Most malware writers specifically target P2P distribution, offering "free" or "cracked" goodies as bait to entice you to download their creations.

    • Unless properly configured, users of P2P programs are usually giving access to a great deal more of their computer than they may realise. Most people do not configure the programs properly.

    As you can see, even if you use one of the "clean" P2P programs, you are still at high risk of contracting an infection.

    Further information:

    http://www.us-cert.gov/cas/tips/ST05-007.html
    http://www.fbi.gov/scams-safety/peertopeer/oeertopeer
    http://www.benedelman.org/spyware/p2p/
    http://www.pcworld.com/article/126230/i ... works.html
    http://www.zdnet.com/blog/networking/in ... ag=nl.e550

  • Infected e-mails - are one of the oldest ways of distributing malware, yet it's amazing how many people still get infected by opening them.

    Quite simply, if you get an e-mail from someone you don't know, then delete it. Don't open it to see what they want, if you didn't contact them, then there's no good reason why they should want to contact you.

    Infected e-mails may however also come to you from someone you know. If someone you know has contracted a computer infection, then the first thing the infection will do is contact everyone in his or her address book and send them an e-mail containing a copy of the infection.

    These usually come in one of two ways.

    • As an attachment. Never open e-mail attachments, no matter who they come from, until you have contacted the person who supposedly sent it, and confirmed with them that they have sent you an attachment.

    • As an embedded html/javascript code. The safest setting is to have your e-mail client set to view incoming e-mails in text only, that way any malicious html code cannot execute. Of course this means you don't have all the pretty formatting that html provides, but it does mean that you cannot be exploited by a hidden html/javascript code.

  • Clicking on Pop-ups - it is surprising how many people get infected by the simple act of clicking OK on a pop-up Window. If you're not 100% sure that the source of the pop-up is from a source that you trust, then do not click on it.

    Two of the favourite ways to entice you to click on the pop-up are ....

    • The pop-up will resemble a "standard" Windows or Anti-Virus notification window and tell you your computer is infected and ask you to click to fix it. - Some of these pop-ups are an almost perfect facsimile of the genuine thing and are very believable.

    • The pop-up will tell you that you need to download a special codec to view some particular media. Very few websites require anything other than the standard codecs supplied with Windows for you to view their contents. By clicking on one of these pop-ups, instead of downloading and installing a codec, it's much more likely you'll be downloading and installing malware.

    Do not attempt to close the pop-up windows by clicking on the X in the top right corner of the window as usual, since this may also activate the malware installation. Instead hit Ctrl+F4 to close your browser. If this does not work you may need to shut down Windows to kill the pop-up window.

  • Downloading Freebies - is another of the most popular ways to contract an infection. Whether using P2P (the most popular option) or using the more conventional download methods.

    If something seems too good to be true, it is. Malware writers love to bait the trap by offering "free" versions of popular pay for programs, videos, music etc. You may or may not get the products you're hoping for, but they certainly won't be free because they'll almost certainly either be replaced with or accompanied by a package of malware.

  • Phishing - is a relatively new method of exploiting people online, where the attacker tries to convince them to part with important information, such as site passwords, bank account details, or credit card details, by pretending to be some legitimate person or organisation.

    The initial approach is usually (but not always) by e-mail. The attacker will purport to be from your bank (or some such body) and will spin you some plausible story and asking you to confirm your account details. They will supply a link in the e-mail to what looks like a legitimate website, where you will be requested to enter your account and password and/or other personal information.

    The site is of course just a very clever copy of your actual bank's website, and you have now given your attacker all the information he needs to empty your actual bank account, and/or to set up false bank and credit accounts using your name.

    Some of the cruder phishing scams are easily spotted by their unusual phraseology and poor English grammar. However many are very, very plausible. Just remember this ....

    No bank, credit card company, financial institution or reputable business will EVER contact you in this way, asking for this kind of information.

  • Bad or Infected Websites - some websites are just bad news (porn sites, warez sites, etc) and are set up to entice the unwary. Just visiting them, without even clicking on anything once you're there, can be enough for you to contract an infection. The simplest way to avoid infection is to avoid visiting those type of sites.

    The more insidious problem is when a legitimate website is host to a "poisoned" link. Unless a website is properly secured and administered it is a relatively simple task for an unscrupulous person to hack the site and replace legitmate links with ones that perform an entirely different purpose. Clicking on such a link will either take you to a website you did not intend to visit, or cause you to install software you did not intend to install, sometimes both.

    The two attacks described above are known as "drive by" infections, and are one of the more difficult problems to avoid, since potentially any website could be compromised. One way round them is to disable scripting in your browser, but that can mean a great many legit web applications will fail to display when you browse the internet.

    Users of Firefox can install an extension called NoScript which enables script permissions to be "allowed" on a site by site basis. This can reduce (but not eliminate) your chances of contracting a drive by infection, since only the sites you have "allowed" can run scripts on your computer.

    Users of Google Chrome can enable Safe Browsing which will produce a warning page if you encounter a website suspected of containing phishing or malware as you browse the web.

    Users of Internet Explorer 8, 9, 10, 11 or Edge should use the Smart Screen Filter.
    Note: Microsoft has announced that Internet Explorer 8 will not be supported on any version of Windows beginning January 12, 2016

    SmartScreen Filter is a feature in Internet Explorer 8, 9, 10, 11 or Edge that helps you avoid socially engineered malware phishing websites and online fraud when you browse the web.

    SmartScreen Filter advantages:

    • Checks websites against a dynamically updated list of reported phishing and malware sites.
    • Checks software downloads against a dynamically updated list of reported malicious software sites.
    • Helps prevent you from visiting phishing websites and other websites that contain malware that can lead to identity theft.

    Smart Screen Filter - IE8 FAQs
    Smart Screen Filter - IE9 Features
    Smart Screen Filter - IE10 (Win 7) FAQs
    Smart Screen Filter - IE10 FAQs
    Smart Screen Filter - IE11 (Win 7) FAQS
    Smart Screen Filter - IE11 FAQS
    Smart Screen Filter - Edge (Win 10) Windows 10 - Turn SmartScreen Filter On-Off

Last edited by Wingman on December 6th, 2015, 10:44 pm, edited 5 times in total.
Reason: Added Google Chrome and Microsoft Edge references
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: COMPUTER SECURITY - a short guide to staying safer onlin

Unread postby Gary R » December 5th, 2010, 11:12 am

Backing up your data

Making regular backups should be a part of everyone's computer practice. Most of you will have files on your computer that you do not want to lose, but I would not be at all surprised if a great many of you reading this article have never taken the time to make a backup copy of those files.

There are any number of reasons however why you should, a few of which I've listed below ....

  • You may have a hardware failure and you can no longer boot your computer ... hardware faults are rare these days, but they do still occur, and the most common of these are hard drive failures. If your disk develops a fault it is not always possible to recover the data from it.

  • Your Operating System gets corrupted and you can no longer boot your computer ... there can be any number of reasons why your Operating System may get corrupted, such as a faulty update, an "over enthusiastic" anti-virus program, an untimely power failure, etc. etc. etc.

  • Software on your computer gets corrupted and you can no longer boot your computer ... the software programs on your computer are generally safe and reliable, but like any code they can become corrupted, and if that happens they can cause a whole range of problems, including "locking out" your computer. If that happens, the only solution sometimes is to reformat your machine, and that of course means all data on the hard drive gets removed.

  • You contract an infection and you can no longer boot your computer ... the writers of Malware are not concerned about writing "safe" code, and they don't care at all if one of their creations damages your machine because of poorly written code. When removing Malware from a machine there's also always a risk of damage to your machine. It is not too uncommon for computers that are badly infected with Malware to become unbootable.

  • You contract a Ransomware infection, and all your files get encrypted so that you can't access them ... the latest trend in Malware infections, is for an attacker to encrypt your personal files, and demand payment from you to decrypt them. Although the infection can usually be removed, the same can not always be said about recovering the encrypted files. The best defence against these type of infections is to have a good set of backups that you can restore to.

I'm always stunned by how reluctant people can be to backing up their data, yet making a backup of your files is so easy. Most versions of Windows have inbuilt backup facilities (XP Home requires they be added from the installation disk) which in most versions of Windows can be set to run a backup schedule automatically.

Below are links to more information ....


Cloud Backups vs Offline Backups

There's a trend now towards backing up your data to the "Cloud", and whilst Cloud based backups are convenient, they do have one significant drawback as far as Ransomware infections are concerned. You see most Cloud based backup systems are "reflections" of the data contained on your hard drive, and are "synchronised", so that when you make a change to the file on your hard drive, its Cloud based backup is similarly changed.

Whilst this behaviour is desirable under most circumstances, it's an absolute disaster if you have contracted a Ransomware infection, since when the files on your hard drive get encrypted, their Cloud based counterparts will get encrypted as well. This of course means that they'll be no use whatsoever as a recovery option.

Because of this, I recommend that you take the time to create at least one "offline" backup, which is kept on detachable media (like a USB connected drive) and which should only be physically attached to your computer when you're making (or restoring from) a backup.

Last edited by Wingman on December 6th, 2015, 10:42 pm, edited 1 time in total.
Reason: Updated backup links, added Win10 backup
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: COMPUTER SECURITY - a short guide to staying safer onlin

Unread postby Gary R » December 5th, 2010, 11:15 am

Links to free security applications and online scanners



Note 2: - You should only have ONE (1) active Anti-virus program providing real-time protection. Having multiple AV products running at the same time can cause a variety of problems, including false positive scan results, normal processes to malfunction and system instability. If using a 3rd party Anti-virus product... Turn Off Microsoft Security Essentials(MSE), - Turn Off Windows Defender in Win 8.x or Turn Off Windows Defender in Win 10

Note 3: - Many free security programs come with the Ask-Toolbar, this is usually pre-checked in the default installation. There will usually be an option not to install it, we strongly recommend you take that option and do NOT install Ask-Toolbar.



Last edited by Gary R on July 1st, 2022, 5:08 am, edited 15 times in total.
Reason: Added Defender links, notes and various links
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Malware Removal Library - Tips, Tricks, and Information



Who is online

Users browsing this forum: No registered users and 3 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware