"To err is human, but to really foul up requires a computer."
(Paul Ehrlich)
MALWARE PREVENTION AND REMOVAL
Computer Tips for Microsoft Windows Users
Compiled by LymeInfo
www.lymeinfo.net
(Off Topic)
Malicious software that has been designed to damage or disrupt your computer is spreading rampant throughout the internet and is ubiquitous among PC users. Malware includes Viruses, Worms, Spyware, Adware and Trojans, although the line between these infections is getting blurred. Simply being connected to the internet puts you at risk! Due to the threat posed by malware, I would like to share some important information and tools for malware prevention and removal.
Windows users who do not actively follow prevention steps will have systems that are HIGHLY vulnerable to infection and are most likely already infected. Malware (a.k.a. scumware) has become highly sophisticated and an antivirus program, while important, will NOT offer the full protection your computer needs. Infections can make your computer go bonkers, manifesting as browser or desktop hijacking, ad popups, slowness, stolen passwords, mysterious toolbars, identity theft, etc. You may be infected without even knowing it!
The steps needed to protect your computer may seem overwhelming, but they are important. I have tried to list the programs as clearly possible, and I hope it will help to have the steps listed in one place. The following freeware/donationware programs are FREE of charge for personal use. If you need any assistance, visit the tech support forums listed down below. There are also some great articles about malware at the forums and in the articles section found at the bottom of this page. If you choose to use a program that is not mentioned below, beware of rogue/suspect programs (see articles section). Non-Windows users should visit the forums for tips on other operating systems. NOTE: Anything you do with your computer and with any information at this site is at your own risk.
Important Programs to Install
ALL of the following should be installed, updated, and run REGULARLY. Use these must-haves for prevention AND as the first step in treating an infection. For tips on running Spybot and Ad-aware see: Instructions from ThatComputerGuy.
- ANTI-VIRUS:
- CHOOSE ONE:
AVG*, Or
Avast, Or AntiVir.
You should have only ONE antivirus program on your computer. If you have more than one antiviral, they will conflict and offer less protection, not more. Only install a free antivirus if you do not already have an antivirus program (ie. McAfee, Norton, Kaspersky) that you update at least once a week to protect you from newly emerging variants. I personally removed the program that came with my computer before installing a free version. No antivirus program will find all viruses, but I have actually preferred the freeware for various reasons. I have set my program to run and update automatically, as well as scan emails. (To remove any programs you don't use, go to control panel ~~ add/remove programs).
- ANTI-SPYWARE:
- Spybot: "If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected, because more and more spyware is emerging that is silently tracking your surfing behaviour to create a marketing profile of you that will be sold to advertisement companies." After installing program, be sure to "search for updates" and "download updates." Then "search and destroy", "check for problems."
- ANTI-ADWARE:
- Ad-aware: "Ad-Aware is designed to provide advanced protection from known Data-mining, aggressive advertising, Parasites, Scumware, selected traditional Trojans, Dialers, Malware, Browser hijackers, and tracking components."
- SPYWARE PROTECTION:
- Spyware Blaster: "Prevent the installation of spyware and other potentially unwanted software! Spyware, adware, browser hijackers, and dialers are some of the fastest-growing threats on the Internet today. By simply browsing to a web page, you could find your computer to be the brand-new host of one of these unwanted fiends!"
- SpywareGuard: "SpywareGuard provides a real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method. An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard."
Additional Computer Tips
- FIREWALL:
- CHOOSE ONE:
Zone
Alarm* Or
Sygate Or
Kerio.
If you have a firewall that you purchased, you should skip this step. Firewalls control traffic between your computer and the internet. A firewall is an absolute necessity for computers with broadband connections such as DSL and cable modems in order to protect against hackers. Windows XP offers a firewall but it only alerts you to incoming activity. The above firewalls monitor both incoming and outgoing activity. NOTE: If your computer seems badly infected, add the firewall AFTER you are done cleaning your system. Your firewall will take a little getting used-to, and you will need to manually set the firewall to allow programs to access the internet such as your browser, email program, etc. Understanding and Using Firewalls from BleepingComputer.
- CLEANING UP FILES:
- CHOOSE ONE:
CCleaner* Or
Cleanup!
These cleaning tools empty the recycle bin, delete temporary files, and more. They free up space and enable Windows to run faster. They work quickly and do things for you that you would otherwise need to do manually. Do this step regularly. NOTE: Passwords and certain files will be deleted. This may cause some frustration when you need to re-enter passwords (for online banking, forums, etc.), but it is an important part of this step.
- WINDOWS UPDATE:
- It is imperative to update Windows regularly!!! Visit the Windows Update page. If you use Windows XP you may set it to update automatically (Start ~~ Control Panel ~~ Security Center). Keeping Windows updated is important to keeping your system secure. If you use other Microsoft products, such as Office, update those as well. If you are badly infected, skip this step temporarily unless advised otherwise at the forums.
- DISK DEFRAGMENTATION:
- Defragmenting your hard drive will keep your computer running at its best. It takes quite some time for the disk defragmenter to run, so you will need to let it run at a time when you will not need the computer. How to Defrag your computer.
- INTERNET BROWSERS:
- If you use Internet Explorer (IE), DON'T! But if you are stubborn, set your IE security levels. Also see IESpyad and BugOff! in the next section. However, I strongly encourage using Mozilla Firefox instead. Firefox is recommended by security experts as a safer browser than Internet Explorer. See the instructions on how to use the adblock feature in Firefox. Also see IE View Add-on for Firefox. Other alternatives to Internet Explorer include Opera and Safari. See Penn State Tells 80,000 Students To Chuck IE. While it is important to stop using IE, I would not suggest removal of it. Info on removal. You can set your default browser using Set Browser. Choose "specify location" and double-click on firefox or your other browser of choice.
Optional Nifty Programs & Tools
- BugOff! for Internet Explorer disables 3 exploits that are commonly used by browser hijackers.
- IE Spyad for Internet Explorer prevents a long list of restricted sites from damaging your computer.
- Google toolbar blocks pop-ups in Internet Explorer, but is not a substitute for removing adware.
- Winpatrol alerts you to changes that occur on your computer without your permission.
- Startup Control Panel allows you to configure which programs run when your computer starts.
- Castlecops Startup List educates you about programs that load when you start your computer.
Additional Programs for Resistant Infections
- CHOOSE ONE Anti-Trojan: The
Cleaner*, Trojan
Hunter,
TDS, Trojan Scan Online
Scanner.
Some of these programs are not freeware, but offer free trial periods and may be either purchased or uninstalled when the trial expires. - Online scans: Trend Micro Housecall, Trend Micro Spyware Scan, Panda Active Scan, BitDefender (see "scan online"). More info about online scans.
- Ewido Security Suite
- McAfee AVERT Stinger
- A-Squared
- CWShredder
STILLLLL Having Problems?
- If you followed the above steps and your system is still infected and causing you problems such as pop-ups, slowness, etc. you must be going nuts by now. You may have a really nasty bug but don't worry, there's hope! Install and run HijackThis!, but do not do anything with it besides saving the log. Post the log to one of the forums found below, and be sure the advice you receive is from someone at the forum who is authorized to help. In your post tell them about your problem and what removal steps you already tried. At the very least, they will want to know that you ran updated versions of Spybot, Ad-Aware and an anti-virus program.
- After removing a serious infection from your
computer, be sure to follow the advice of your helper
regarding the final steps to take.
Also be sure to re-read and follow the various prevention steps found
above. A few other tips follow.
- Run CCleaner or Cleanup (links above)
- If you viewed hidden files and folders, set it back so they are hidden. Start ~~ Control Panel ~~ Tools (at top) ~~ Folder Options ~~ View. Select "Do not show hidden files and folders" as well as "Hide protected operating system files."
- Turn System Restore off, restart, then turn it back on. See here.
- Celebrate! and stay vigilant.
Forums
- Spyware Info***
- 247 Fixes
- Bleeping Computer
- That Computer Guy
- Geeks to Go
- Counterexploitation
- Wilders Security
Articles
- Why did I get infected in the first place?
- Criticisms of Internet Explorer
- Spam Blocker Reviews
- Understanding Spyware, Browser Hijackers, and Dialers
- Email spoofing - Who really sent that email?
- Tips to reduce email spam
- Virus and Malware Protection Programs
- Additional Reliable Malware Removal Resources
- Firefox- Time for a change
- Why security is important and more info
- Advanced Users Only: How to Analyze HJT Logs
- Browser Security Tests
- DO NOT DOWNLOAD THESE spyware removers in disguise
- Rogue/Suspect Anti-Spyware Resources
- How to Recover from an Internet Explorer hijacking
- System Restore Windows XP; Windows ME
- Hot to repair Internet Explorer
- Malware defined
- Download.com
* When a program is followed by a *, this simply represents the program that I consider the most user-friendly out of the several good options that are available.
*** Disclaimer: The above information, as with all information at this website, is for informational purposes only. Anything you do with your computer and with any information at this site is at your own risk.
