Fight malware I – Defend your turf
The following guide is part of a series that is primarily addressed to students, but can be utilized by anyone. My hope is that it will serve to help you in your fight against malicious software. Many times friends have come to me complaining about their slow computers and ever-annoying computing problems. It is amazing how much internet crud accumulates to lead to these symptoms. To a student, the computer is one of the most important tools while at university and, the last thing that needs to happen is for you to use the excuse that the computer ate your paper!
Do you have a PC with an internet connection? If so, then accept the fact that it is only a matter of time before your computer becomes a victim of those nasty pieces of software lurking around the internet. Don’t worry; it happens to even those of us who are cautious of the websites we visit and the software we download. Thankfully, getting infected does not mean that your world has ended, but it may seem so when one of your important documents is swallowed up! This article, by far, does not claim to be the definitive guide on how to purge your system of malware. However, for now, we hope that this guide will point you in the right direction as to what you should do in order to better protect your PC from an infection. We will discuss the cleanup process in a future article.
Before you continue reading
Before you proceed, you are probably asking yourself, “What is malware?” Wikipedia.org gives a simple definition:
Malware, short for malicious software, is software designed to infiltrate or damage a computer system without the owner’s informed consent.
Malware encompasses a large variety of malicious software including worms, trojans, viruses, spyware and adware – most of which you have probably heard of before. They are capable of doing a number of horrible things including (but not limited to) deleting important files, slowing down your computer, collecting your personal data and sending that data to others for nefarious purposes. No one in their right mind wants their passwords or credit card information to get into the wrong hands. Unfortunately, these things happen every day because innocent victims do not know how to protect themselves or are ignorant of the dangers.
An unintentional invitation
Believe it or not, malware gains control over our computers because we, either intentionally or unintentionally, give them permission. Many of the free software we download can be bundled with malicious software. Did you ever wonder where all those pop-ups came from after you simply downloaded a program from a banner ad that promised to make your computer ten times faster? Or perhaps you notice a bunch of browser toolbars appearing after installing a P2P file sharing program your friend told you about? Spyware and adware have a way of attracting us by posing as legitimate software, when in fact, under the hood, they are the ones that we should be avoiding. Malware authors are even going as far as disguisng themselves as programs intended to remove other malware. In actuality, they are simply “rogue” malware removal tools that are as bad as other malicious software out there.
Prevention is better than cure
You have heard the saying that prevention is better than cure. The same applies when it comes to preventing malware infection. It is always better to block a virus from entering than to deal with it after entry. You may do a great job of cleaning up, but at the risk of losing a few of your personal files or personal information. For this reason, you should set up a defense system consisting of:
- Regular checks for Microsoft Windows updates – [REQUIRED] Fix vulerabilities in Windows and other Microsoft products so that malware have fewer potential entries to exploit. Visit the Microsoft Update website regularly and download the latest recommended updates and security fixes. Updates for Windows Vista/7 can be more easily downloaded through the Windows Update Control Panel. You can also enable Automatic Updates so that updating occurs in the background.
- A good antivirus with live background monitoring – [REQUIRED] Every Windows computer should have antivirus software installed. While there are many that you can purchase, there are also a few that are free. Avast Home Edition, AVG Antivirus Free, Avira AntiVir Free, BitDefender Free Edition and Comodo Antivirus (part of the Comodo Security Suite) are all great programs. However, to minimize conflict, only install one antivirus program. Remember to enable automatic updating of virus definitions because without them, your antivirus will be less able to detect the latest threats.
- A good firewall – [REQUIRED] Firewalls defend your computer from hacker intrusion, but did you know that they can also defend you from malware? Some malicious software propagate by connecting to other computers on the internet in order to download necessary files. A simple firewall can limit any outbound communication from your infected computer, thereby impeding further progression. A few of the free firewall solutions out there include the Comodo Personal Firewall (part of the Comodo Security Suite), Sunbelt Personal Firewall Free and Agnitum Outpost Personal Firewall Free, but the built-in Windows Firewall (XP and Vista/7) should be more than sufficient. Again, only install and use one of these.
- A safer web browser – [RECOMMENDED] Web browsers are the primary way in which we view internet content, so it should come as no surprise that malware take advantage of this fact to gain entry into our computers. There are no web browsers that are 100% secure, but there are some that are more secure than others. Microsoft Internet Explorer is a popular web browser because it is conveniently built into Windows, but IE has always had security vulnerabilities especially with its ActiveX controls. Mozilla Firefox is a safer and free alternative that has the ability to block ads and protect you from dangerous website scripts. I am not suggesting that you stop using IE altogether because some legitimate websites will require you to use it for features to work correctly. Just ensure that you have IE‘s Security Level set to ‘Medium’ or ‘Medium High’ and the following options selected under ‘Tools’ > ‘Internet Options’ > ‘Security’:
- Download signed ActiveX controls – Prompt (recommended)
- Download unsigned ActiveX controls – Disable (recommended)
- Initialize and script ActiveX controls not marked as safe for scripting – Disable (recommended)
- A more secure web browser – [REQUIRED] If you could block spyware and adware in their tracks, wouldn’t you? You can do this by filtering potentially dangerous websites, cookies and ActiveX-based software. Simply download, install, update and activate protection in SpywareBlaster while your web browsers are closed. You can complement this protection by activating the ‘Immunize’ feature from within Spybot Search & Destroy. Advanced users may consider letting IE-SPYAD and a streamlined HOSTS file block restricted sites instead.
- Real-time protection – [OPTIONAL] Only required if you frequently visit questionable websites, real-time protection tools such as SpywareGuard and Spybot Search & Destroy‘s Resident “Tea Timer” will monitor suspicious changes to Windows and stop potentially harmful events from occurring. However, only activate one real-time protection tool and expect to encounter false positives.
Remember: You need to keep these programs updated after installing them. Without the updates, they will have difficulty doing their jobs properly.
I hope that this article equips you with some basic knowledge needed to defend your computer from malware. The next part of this series will address some of the steps that can be taken if your established malware defenses are infiltrated.