Virus and Spyware Protection
If you are new to computers and want to have a computer that you can use safely for online transactions (banking, purchasing, etc...), you need to read and re-read this page until you understand everything here.
As most computer users know, it's very difficult to surf the web without annoying pop-ups or other distractions. This page is to help you have a better experience on the net and to help keep your computer healthy. Some of the malicious software (malware) can actually cost you money. Automated dialers can call chat lines without your knowledge. If you use a computer that is in any way connected to the internet or other computers, you are at risk of identity theft, theft of passwords, loss of important files and spying.
Many people complain that their computer is slow and they think they need more memory or a bigger hard drive. In most cases, these are not the problem. Your computer should operate as quickly as it did when it was new. If it doesn't, it's very likely infected.
Anti-virus software will be covered a bit later but since most people read just a small portion of any page, this is going to be placed ahead of the rest of the anti-virus information. If you have a computer using Windows XP, Vista or Win7 without an up-to-date anti-virus program running, please click the following link and download Windows Security Essentials. It's free and is the least intrusive anti-virus program that I've seen. It will regularly update itself to ensure that you always have the latest protection. When you install it, allow it to run a scan. There will be two choices. The quick scan will check for active infections. The full scan will scan your entire system. Allow it to remove any infections it finds.
Click HERE to download Microsoft Security Essentials.
While it's not possible (or, at least, not common) for malware to damage your computer, becoming infected could cost you the price of a new computer. Many older computers serve their owners perfectly well as they are. Many would not choose to buy a new computer but could be forced to if their computer becomes infected. Most owners have lost their original discs that were shipped with their computer. Some of the files needed to load the operating system are no longer available and the copies that can be found on the net are often corrupt or loaded with malware. If the owner no longer has the original Windows disc and it's not available from the original manufacturer, they will be forced to buy a new version. This could cost $100 or more. If they can't install it themselves and all of the drivers needed for the proper operation of the computer, they will have to pay someone else to do it. This could cost another $100 (possibly more). Since many computers use Windows XP and it's no longer widely available, they will have to buy a new version of Windows. The newer versions of Windows are not compatible with many of the older computers. This means that getting infected with a virus that severely damages the operating system (to a point that it cannot be repaired or is not practical to repair due to the time/expense involved), the owner may have no choice but to buy a new computer. FREE software can protect against most malware (did I mention it was FREE?).
Many people leave their computers on 24 hours a day. I don't see a problem with this because most computers draw very little power when they go to sleep/hibernate/standby mode. For those who leave them on, PLEASE make sure that your computer is not infected. Large numbers of infected computers can be used to attack servers or sites. This is generally done when the computer is infected with a trojan horse (type of malware - malicious software). If you're not 100% sure that your computer is completely clean, I'd recommend turning your computer off when it's not being used. This prevents it from being used to attack other computers/servers/sites.
If you're using a legitimate copy of Windows (most people are), turn the option for the automatic updates on and let Windows install all updates automatically. Many of the updates fix security flaws in the operating system and make it more difficult to become infected. For those who purchased a used computer that isn't from a well known manufacturer (Dell, HP...), and you can't afford to pay ~$100 for a new operating system, don't turn the automatic updates on. Many people will criticize me for suggesting that someone use a computer if they don't know 100% that the version of Windows is legitimate. I know that some people are struggling to make it and their children absolutely must have a computer for school work. This means that they may buy a used computer because that's all they can afford. If the automatic updates are turned on, the computer may cease to function properly if the version of Windows isn't legitimate or is one of the bootleg versions. It's all about being practical.
There are many different types of malicious software. The following are the most common types:
*: Even if you have broadband service, you may still have a modem. Many people have the ability to send faxes with their computer. The fax software may require a standard phone line hook-up to be able to dial the other fax machines. If this is the case on your computer, be very careful about what software you download from the internet.
Many sites will will ask you if you want to install their fancy-pants toolbar to help you better search the net. In most all circumstances, do NOT do it. Most are adware/spyware infected and will cause more problems than they solve. One of the few exceptions is the Google toolbar (http://www.toolbar.google.com/). When it asks if you want to allow anonymous usage statistics, tell it no. If you feel that you need more than one toolbar (from safe sites/companies), only have one active at a time. You can turn toolbars on and off in the browser you're using. If you have multiple toolbars active, it will take up more of the screen and allow less of the important content to be displayed.
The following is an example of a toolbar that was 'bundled' with undesirable software. This one is the 'mywebsearch' toolbar. This is only one variant of this software 'package/bundle' so anything similar should be carefully examined. On the Fun Web Products web site, they state that the web search toolbar doesn't contain any malware and that may be 100% true but every time I've seen the toolbar offered, it was bundled with other software. If you have this toolbar, run all of the software recommended throughout this page to check for problems. In the following Flash Graphic, you can right click and zoom in on the toolbar to better see what's on it. Use the left mouse button to move the desired area to the center of the window (after zooming). Notice the screensavers, smileys and cursors. These are common hooks to get younger people to download crapware.
During testing to see what was installed on a computer when a particular piece of software was downloaded, I loaded the previous toolbar from a random internet site. After the toolbar was loaded, a dialer appeared in the next scan of the machine (even though the machine was previously scanned and was clean and no other software was loaded between the two scans). I believe the dialer was bundled with the toolbar. Since I didn't remember where I downloaded the first copy, to be fair, I went directly to the Fun Web Products site and downloaded a copy from them. The new copy did NOT include a dialer. It did, however include the MWSOEMON.EXE program that ran in the background. From researching this, it looks to be some sort of malware. You can search for yourself to come to your own conclusions.
If you need to download software, only download from reliable/trusted sites like MajorGeeks. This is the first place I go when I need software. They typically have several choices for each type of software I need. If you're downloading bootlegged software from warez type sites, you are VERY likely to get infected.
If your browser or a web page asks you to download a piece of software in order to do something on a web page and it's not a from a well known company (Microsoft, Macromedia, Adobe...), it's possibly infected with spyware, a trojan or browser hijacker (this is very common on adult sites, free mp3 download sites...). If you absolutely have to download a piece of software, do several Google searches (web and groups). In the search, include the name of the software and one of the following words virus, spyware, trojan or worm in each search. If you include all of the key words in a 'single' search, you may not get reliable results. If any of the searches returns information that indicates that the software may include malicious code, don't download it.
Don't download anything that offers great deals or better web searching. If you want a good deal, go directly to a well respected web site. If you want a good search engine, use Google. Many of the smaller search engines use Google anyway.
Fake AV software is everywhere. If you suddenly have something pop up on the monitor showing a scan in progress and then showing multiple infected files and it's not the anti-virus program you're using, you're likely infected with malware from the scanner that popped up. One tell-tale sign is when they require you to pay to get rid of the infections. In most cases, paying the maker of the fake AV software will only get rid of the pop-ups for a while but will NOT clean your computer. The supposedly infected files were likely not infected at all and the software that created the pop-ups will remain on your computer. Getting rid of this type of malware can be difficult because the people who distributed it can make a lot of money from those who pay them to get rid of the pop-ups. There are several free online scanners that can be used to check your computer if you think you're infected and don't currently have an active anti-virus program on your computer.
For malware that's not removable with the previous scanners (this is becoming more common), you may need to use a program called ComboFix. It's not quite as polished or user friendly as the previous scanners but sometimes it's the only program that can clean a computer. The following link has the latest version for download and links to techs that can help you get your computer clean again.
There are several quick scanners that will scan your system for active threats in less than a minute. It's good to use this type of scanner before you enter any sensitive information (for online banking, purchases, etc.). The one below is from BitDefender. It will install a small icon on the toolbar of your browser. Just before entering any passwords or credit card information, click the icon and let it scan. If it states that there are no threats, you should be safe (the word 'should' is used because nothing is 100% foolproof). Remember to use it every time you enter sensitive information.
If you don't need to monitor traffic and don't need any of the special features that the previously mentioned firewalls offer, simply use the firewall built into Windows. In Win7, the easiest route to the firewall dialog box is through the search function. Click the 'start' button and in the search box, type firewall. At the top of the search window, you'll see Windows Firewall with Advanced Security. Click that. When you do, a dialog box like the one below should be displayed to tell you if the firewall is on or off.
If any of the items have a red shield with an X instead of a green shield with a check, click the properties link to the right and turn it on.
The properties dialog box has several tabs. Click the relevant one to switch the firewall back on.
On many computers, you'll be alerted to problems by the action center flag. When there is a red circle with an x in it, there is a problem. If you click the flag, you will be given options. Here, it's allowing you to turn the firewall back on.
Anti-virus software protects your computer from virus infection. Some also protect against other infections but they are primarily designed to protect your computer from malicious, damaging software. The AV software is designed to run automatically when you boot your computer. If you don't want to spend the money on AV software, there are several that are free. Microsoft Security Essentials was mentioned at the top of the page. As was stated, it's the least intrusive AV software that I've used. I've had good luck with Anti-Vir. You can download it from MajorGeeks. After you install it, run the internet update (right-click on the icon in your systray). Anti-Vir will automatically remind you to update the software. If the AV program doesn't run a complete search on your machine when it's initially installed, do so manually (right-click on icon in systray). As with most free anti-virus programs, there are pop-ups that the software uses to either generate revenue or to try to get you to buy the full version of the software. Microsoft Security Essentials has none of this. Also, most free anit-virus software is not allowed to be used on business computers. Again, this is not an issue for Microsoft Security Essentials.
To clean infected machines, I recommend that you run the following software. All can be downloaded from MajorGeeks. It's a good idea to run them on a regular basis to see if you're computer is infected (even if it's not currently showing signs of infection). Be sure to update them each time you use them. There is usually a link in the window that allows easy updating.
Anti-Vir (this is my first line of defense)
MalwareBytes (after I've scanned a computer with the resident anti-virus software, this is the next scanner I use)
Spybot Search and Destroy (use the immunize function after cleaning your machine)
SuperAntiSpyware (Similar to MalwareBytes)
Hijack This (for advanced users or those working within a forum of computer experts)
Many of the Anti-virus vendors have 'rescue' discs that can be used outside of the Windows operating system. The software is burned to a CD. You load it into (or leave it in, after burning) your CD drive and re-boot your computer. If your computer tries to boot to the CD drive before it tries to boot to the hard drive (this is a common configuration), it will boot to the anti-virus program (or sometimes give you the option to boot normally or to the anti-virus program). Once the AV software boots, it will begin scanning (or give you options on the type of scan you want to perform). This type of scan cannot be disabled by malware as can happen when scanning inside the Windows environment. THIS is the link to the Anti-vir download page. The ISO file is an image file and you'll need software to burn it to a CD. If you double-click on the ISO file (after downloading) and the file doesn't open or you're asked what you want to open it with, download ImgBurn. It's a free CD/DVD burning package that's very good and very intuitive. After installing ImgBurn, double-clicking on the ISO file should open ImgBurn and start the burning process.
Spybot Search and Destroy:
If your machine has multiple user names, I'd recommend deleting all of them except the main user (which is also the administrator). Sometimes, having multiple users makes it difficult to get a machine completely cleaned. There is an option to save all of the files from each user so nothing will be lost.
After the machine is clean in safe mode, run the scans again in normal mode. You may have to run all of the software I recommend on this page several times to clean a badly infected machine. Remember that the people that write the malware are very knowledgeable about computer systems and know how to avoid having their malware removed. It may take several tries and several Google searches to be able to remove some of the worst offenders.
If you are knowingly infected, the following software may be able to help. If your computer is infected with some viruses, you will not be able to run it from your hard drive because it will become corrupted by the virus. Burning it to a CD on a clean machine will allow it to run on your infected machine.
Unlock the SD card to load files from clean computer. LOCK the card. Insert the card reader in the infected computer and transfer the files or install the software that you need to use to clean the infected computer. Remember to lock the SD card BEFORE installing it in the infected computer to prevent the transfer of the infection to the SD card (which could infect your clean computer). Some malware will try to propagate by loading itself onto any writable media. In the following photo, you can see the lock on the side of the SD card. If you're unsure that it's locked, try transferring a file to it (when it's in the clean computer) to see if the computer will write to it. It should not and should give you an error message telling you so.
The following card reader can accept either SD cards or micro SD cards.
Security Forum Help:
* After you have your email address for a while, you'll begin getting unsolicited email asking you to help someone distribute money or to get money out of a foreign country. These are essentially all people trying to get you to send them money. They will do it in a way that will make it unrecoverable. These scams have been going on for much longer than there has been an internet. I remember reading about some that were done via snail mail in the early 1900s. Don't fall for these scams. The people running them are very good at trying to make you feel guilty for not helping them. If you want examples of these types of schemes, visit the 419 Baiters page (not now, continue reading this page until the end).
* When you visit some sites, they will tell you that you need to allow the installation of software to continue. On well respected sites, the option is entirely yours. If you decide not to download the software, you will still be able to browse the page but the functionality may be reduced. On less well-respected sites, the problem is that the only apparent choice you have is to click on the dialog box to allow the software to be loaded onto your computer. On those sites, you can not go 'back' and the dialog box is 'locked' on top of the browser window. One option you have is to hit ctrl-alt-delete. This will bring up the task manager. Click on the 'processes' tab and end all of the IEXPLORE.EXE processes. This will close the browser windows. After all of the windows close, you can re-open the browser and visit a different site. If you download the requisite piece of software, it's likely that you will have downloaded some sort of malware. Of course, downloading software from companies like Microsoft, Macromedia and Adobe is perfectly fine. It's when you're 'forced' to download software from less well known companies that you run into trouble.
If you're using Firefox, the process is essentially the same but in Firefox, it will try to open the pages that were open when you force them to close in the task manager. To prevent this from happening, close the new Firefox window as soon as possible when it attempts to open. When it restarts the third time, it will tell you that it can't display the previous window. When it does this, select 'new session'. This will open the browser to your normal home page.
* Do not use the computer with broadband service without the firewall AND virus software running. Both PC Tools Firewall Plus and Anti-Vir will have pop-up reminders about every 2 weeks asking if you want to update the software. You need to allow the software to update itself so that you have the best protection against the most recently produced malware.
* Do NOT click on any flashing banners that say that you've won a prize. This includes all of the little games that ask you to see if you can hit a target. Most of these 'games' are nothing more than gateways into the world of spam.
* Do NOT enter your email address anywhere except for legitimate sites (Wal-mart and other major retailers may be OK but you will likely be added to their mass mailing lists if you don't opt-out -- look for a 'check-box' that allows you to opt-out). When you enter your email on most sites, they will be added to a huge database that will email you with significant amounts of spam (undesirable email).
* Do NOT enter your email address or passwords into any email forms in unsolicited email. If it seems to be from a business you deal with, go directly to the business' site and log in to see if there is a request for information. If you think the email is from an unscrupulous source, forward it to the business that it appears to be from. Most of the time the proper address for this type of reporting is 'SPOOF@business.com' (i.e. firstname.lastname@example.org, email@example.com...). Most businesses want to know when this type of email is being sent out and will respond quickly to it.
* When you see an address on a web site like ebay.com it will generally have 'ebay.com' in the address. Even if it has a link to a different section of the site, you will see the 'ebay'com'. If you receive an email that contains what is supposed to be an ebay address and looks similar (i.e. www.ebay.subscribe.com), you see that the 'ebay.com' is broken up and the address is likely not an ebay address. Also, when you receive an unsolicited email from a company, you should look at a couple of things. When you position your mouse over a link, look at the status bar (at the bottom of your browser window) to see if the link matches the text in the link. Try it with the following examples:
* Many times, the address will have a number instead of a name. In virtually all of the cases, these are sites to avoid. Most legitimate sites want you to be able to remember their names so they use a name.com/name.org/name.net type address. Sites that use an IP address are more likely to have malicious intent.
* I strongly recommend against filling the 'auto-fill' forms such as those offered in the Google toolbar (or in any other software). Having this information on your computer in a location that's going to be common to many computers means that it will likely be targeted by trojans. In my opinion, it's best to take the time to fill in forms manually when it's needed on a web site.
As you know, spam in email can be very frustrating. It takes time to go through it and find which emails are legitimate and which are ads. While many of the more respected merchants follow the rules that allow you to be removed from their mailing lists, most others don't. There are a few things you can do to help reduce spam in your email.
Turning Off Graphics:
‡: When you look at an image file name, you will notice that they end in .jpg, .gif .bmp or .png (there are others also). When someone is trying to get you to open a piece of malware, they may use a similar looking name but it will have an additional extension. For example, a file name like coolcar01.jpg is an image file name but a file name like coolcar.jpg.com or coolcar.jpg.exe would likely be malware.
The following extensions are a small sample of possibly dangerous file extensions. Note that .com is in there. This is not the .com on a web address. This is a Microsoft DOS program extension. You also see .zip. While .zip files are not dangerous, the files contained within them may well be dangerous. Some virus scanners may not be able to scan within the zipped archives so be very careful opening them. After unzipping them, scan them with virus scanning software to make sure that they're safe.
The best way to prevent propagation is to prevent getting infected. This can be done if you always use a firewall and 'up_to_date' AV software. To prevent malware such as worms from sending themselves out to other computers on the net, you can help by removing their source of email names. When certain types of malware try to spread themselves, they look for all email addresses on your computer (in address books, html files, text files...) and they use those addresses as the next targets. While you can not prevent them from accessing all of the different types of files, you can help prevent them from using the addresses in your address book (in Outlook Express and other email clients). You should modify the addresses in your address book by adding a single letter or a short string of easily recognizable letters to all addresses. For example firstname.lastname@example.org would become email@example.com. The xxx is easily noticed and removed when you need to send an email. If you don't modify the addresses and you get infected, a worm may send out infected files to all of the people in your address book. Since the recipient will know you and will likely trust you, they will likely open the file without thinking and will themselves become infected. Using an email service like Yahoo mail or Hotmail will help you to stay virus free (from those viruses that are delivered via email). I know that Yahoo uses AV scanning software on all incoming and outgoing email. The automatic scanning of the mail and the on-line address book prevent hackers from getting new addresses. Please note that scanning software is not foolproof. If something looks suspicious, don't download it.
Note on Faked Email Names:
Freeware Programs This site has a list of the most popular freeware programs. I've never had a problem with spyware or other malware from any of the programs that I've downloaded from the site.
|Contact Me: firstname.lastname@example.org|
Perry Babin 2005 - Present
All Rights Reserved