Preventing Malware and Safe Computing


The following are some valuable tips for maintaining a secure PC and ensuring that your PC will not get infected in the future.


Backups :


It is extremely important that you make regular backups. Having these can make all the difference if your PC ever has a problem.


Backup Your Registry with ERUNT

• Please use the following link and scroll down to ERUNT and download it.
  http://aumha.org/freeware/freeware.php
• For version with the Installer:
  Use the setup program to install ERUNT on your computer
• For the zipped version:
  Unzip all the files into a folder of your choice.

Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe



Now create a fresh system restore point

Download SysRestorePoint to your desktop and unzip it to it's own folder.

• Double click SysRestorePoint.exe so that we can make a new system restore point.
• A box will pop up after it has made a new point, usually after a few seconds. Close that window and exit the program.

• Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

If you run Vista Premium, Business or Ultimate you have the ability to set automatic backups of your files.

• Click Start > All Programs > Accessories > System Tools > Backup Status and Configuration
• Click Back up files, and then follow the steps in the wizard.
• Select where you want to back up to ... another partition,hard drive, CD or DVD.
• Select which files you want to back up :
  
  Pictures, Music, Videos, E-mail, Documents, etc
  
  
• Select how often to back up:
  
  Daily, Weekly or Monthly.
  
  
• Select the day/time
  
  Then click on Save settings and Exit.

To restore the files:

Click Restore files and then follow the steps in the wizard.


Note:
The ability to set up automatic backups is not included in Windows Vista Home Basic ; however, Windows will periodically remind you to back up your files. It is NOT recommended to backup to the same drive that your Operating System is located on.




Now if you ever have a PC problem, you should easily be able to restore your PC to a previous time.



Peer-to-Peer ( p2p ) programs :


Peer-to-peer programs, eg : LimeWire, Bitlord, Kazaa, are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware.

You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.


Note :

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (msn, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.



Security Programs :


It is essential these days to have a few security programs installed and running on your machine. However, there are a few caveats, you should not install more than one anti-virus or firewall. This actually does more harm than good, and will cause a lot of issues for your PC.

• It is important to have a good anti-spyware program. We highly recommend MalwareBytes Anti-Malware and SUPERAntiSpyware
  
  
• SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  
  
• SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  
  
• Some good free firewalls are Online Armor or Outpost or Sunbelt Personal Firewall.
  Make sure you only use one firewall though. A tutorial on understanding and using firewalls may be found here.
  
  
• Here are some good anti-virus programs, make sure you only use one though :
  AntiVir or avast! or AVG.

It is important to keep these programs up to date. I would recommend using them once every 10 days.



Internet Browsers :


Picking the right internet browser is very important. You need to find one that suits your needs but that is also safe.

• Mozilla's Firefox browser is fantastic, as is Opera. Both are far more secure than Internet Explorer, immune to almost all known browser hijackers, and also have the best built-in pop up blockers (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
  Here
  
  While Opera can be downloaded from Here.

If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.

• NoScript - for blocking ads and other potential website attacks
• McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

Although, if you prefer staying with Internet Explorer I highly recommend you do this :

Make Internet Explorer more secure

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

Extras :


Below are a few more steps that we highly recommend

• OpenDNS is a very valuable feature that we strongly endorse here. It gives your PC the benefit of extra safety and increased browser speed. Enabling this takes hardly any time and is not complicated at all, even novice users will be able to set it up with the guide below.
  
  Another huge advantage of using OpenDNS is that it blocks phishing websites from loading on your computer. It uses data from Phishtank, a community site that is also used by Yahoo! Mail to determine if some particular website is part of any online phishing scam.
  
  To set this just have a look at the easy-to-use guide here
  
  
• There are certain programs that are security vulnerabilities, it is recommended that you keep everything updated. Two of the main vulnerabilities are Java and Adobe Reader. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. Make sure to uninstall all previous versions of Java as well since they can be exploited.
  
  You can also find the latest version of Adobe Reader here
  
  
  Suggestion :
  
  Foxit is a great free PDF alternative. It uses fewer system resources and is not vulnerable to the exploits affecting Adobe Reader. Providing full PDF functionality, Foxit is rapidly becoming the PDF reader of choice for many. Get it here
  
  
• Keep Windows updated by regularly checking their website at :
  http://windowsupdate.microsoft.com/
  This will ensure your computer has always the latest security updates available installed on your computer.
  
  
• TFC - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
  
• FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
  
  
• Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.

Advanced Tips :


The following suggestions are considered to be rather complicated for the average user, so I only recommend them if you know what you are doing or have a desire to learn more complicated procedures. A few of these programs listed below are paid products, I have tried to use free alternatives but it hasn't always been possible.

I have also tried to link to tutorials for each of the tools recommended. This tutorial is not to answer questions on how to use them


Image Backups

What is an image backup ? To put it simply, it will back up all your data into a single file, including system and registry data, allowing you to do an easy, fast, and complete PC restore should your computer ever crash.

Here are some suggestions

DriveImage ( my personal recommendation, it is also free )
Acronis
Macrium Reflect



Limited User Account

Using a Limited User Account can help decrease the effect of malware and other potential damaging things for your PC. A Limited User account lets you use most of the capabilities of the computer, but only an Administrator can make changes that affect other users of the computer.

Have a read of the following article for more detailed instructions on how to go about setting it up

Click


Tip : This sort of account would be very beneficial to use among any children in your family, or among those who are not comp savvy that have access to your PC.



DropMyRights

The following program is only for use on on Windows XP machines, this tool is not needed on Windows Vista or Windows Server 2008, because by default users are not administrators.

It can be downloaded from here


This program greatly increases the security of Windows XP by running selected programs in a restricted environment ( i.e. with lower rights ) even when logged on to Windows XP as an Administrator. It simply blocks them from performing certain security-breaking functions.


You can find a guide here on how to use it here



Sandbox Programs

One of the best forms of protection that you can use for your PC is a sandbox program. In laymans terms, what they do is let you install and run programs in a virtual environment, so any changes made will happen in the virtual environment and not in the real PC.

So if your PC was to get infected by a piece of malware while in this virtual setting, or anything else that may damage the machine, all you have to do is close this virtual session, reboot the PC, and it will be back to normal.


Here are some sandbox programs that I recommend

Returnil
Sandboxie



HIPS

These programs may conflict with your other security protection programs. If this is the case ( ie : you notice massive slow down or BSODs ) then uninstall them.


HIPS ( Host Based Intrusion Prevention System ) is considered as one the best steps in protecting your PC. What these programs do are prevent changes made to your PC by unauthorised sources. It allows you to very closely monitor what runs on your PC.

Here are some recommendations

ProcessGuard
Threatfire ( there is a tutorial located in this link as well )
DriveSentry ( this is a firewall so it will conflict with other firewalls )


Now after all these steps, your PC will be extremely secure. However it is important to note that you can still get infected if you are not careful. One of the best security programs you can have is common sense. As malware gets more sophisticated, you need to be more wary. If you do get caught though and the above steps cant help fix it, we will be here to help you out


Regards

The GeeksToGo Team