Friday, March 20, 2020

"So how did I get infected in the first place?"


Updated from the original article by Tony Klein. (See Note*)

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

"So how did I get infected in the first place?"


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:


Safe Computing Practices

1.  Keep your Windows updated! 

It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.  Either enable Automatic Updates or get into the habit of checking for Windows updates regularly.

Operating Systems

Only Windows 8.x and Windows 10 are still officially being supported. Windows XP reached end of support April 8, 2014, Windows Vista reached end of support April 17, 2017, and Windows 7 reached end of support January 20, 2020. Windows 8.x extended support ends January 10, 2023.  

For Windows 10 Versions, see the Windows lifecycle fact sheet noting that many versions have reached the end of support.  Additionally note that "Microsoft will continue to support at least one Windows 10 Semi-Annual Channel until October 14, 2025.  

To update Windows 8.x and Windows 10 do the following:
  • Windows 8.x:  Open the Search charm, enter "Turn automatic updating on or off", and tap or click Settings to find it.
  • Windows 10:  Go to Start > Settings > Update & Security.

Updates (even some old updates for Windows XP, Windows Vista and Windows 7) can be downloaded from the Microsoft Update Catalog.  To see what updates have been released see Windows Update History:  
2.  Update 3rd Party Software Programs

The importance of updating third-party software is evidenced by the report by AV-TEST in which it is stated, "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware." (Complete article at Adobe & Java Make Windows Insecure.)

Third Party software programs have long been targets for malware creators.  For those who forget to check third-party programs for missing updates, there are freeware programs available.  A favorite of many is UCheck, which includes a long list of programs it monitors. 

Of course, there are some third-party programs you may find you no longer need. Consider, for example, uninstalling Oracle Java, Adob Shockwave Player, and, of course, the no longer supported Adobe Flash player.

3.  Use a Standard/Limited User Account

Although the Administrator account is needed when setting up the computer, day-to-day usage should be with a Standard User Account which has limited permissions. An Administrator account provides the highest level of access to your computer whereas using a Standard User Account makes it more difficult for the computer to be infected.

Using a Standard User Account for everyday activities applies even if you are the sole user of the computer. For additional information, see Using a Standard/Limited User Account


4.  Watch what you download!

Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself.  Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.

Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others are among the most notorious. P2P programs allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner

Note also that even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected. Do not open any files without being certain of what they are! 

Pre-scan downloaded files for viruses and malware at one of these multi-engine single file scan sites.  Both use a dozen or more well-known anti-malware scanners in a quick, easy scan with a report of results from all.

 -- Virus Total (10mb limit):  https://www.virustotal.com/gui/home/upload
 -- Jotti's Malware Scan (15mb limit):  http://virusscan.jotti.org/en 

In addition, the use of registry cleaners, system optimizers and the like are not recommended.  Modifying registry keys incorrectly can cause Windows instability or make Windows unbootable.  With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix.  Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities

5.  Avoid questionable web sites!

Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders.

Most of these drive-by attempts will be thwarted if you keep your Windows updated and your internet browser secured (see below). Nevertheless, it is very important only to visit web sites that are trustworthy and reputable

In addition, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is!

For more general information see the first section, "Educate yourself and be smart about where you visit and what you click on", in this tutorial by Grinler of BleepingComputer.

Must-Have Software

*NOTE*: Please only run one anti-virus and one anti-spyware program (in resident mode) and one firewall on your system. Running more than one of these at a time can cause system crashes and/or conflicts with each other.

6.  Antivirus

An Anti-Virus product is a necessity. There are many excellent programs that you can purchase as well as antivirus software programs free for personal use. In addition, Microsoft Defender comes pre-installed on both Windows 8.x and Windows 10.

Although there are excellent licensed antivirus programs, the following are antivirus software programs that are free for personal use: 
 
 -- Avast
 -- Avira
 -- Kaspersky Cloud
 -- Sophos

Please run only one antivirus resident at a time!

It is recommended to set your antivirus to receive automatic updates so you are always as fully protected as possible from the newest threats.

7.  Internet Browser

The latest Windows browser is Microsoft Edge, a chromium-based browser which eliminated BHO's (browser hijack objects) and ActiveX.  Although Internet Explorer was pre-installed on Windows 8 versions with the current version being Internet Explorer 11it is recommended that users of Internet Explorer change to Microsoft edge.  

For websites that still require Internet Explorer, see this Microsoft Support document:  Internet Explorer mode in Microsoft Edge.  Note also that Internet Explorer will reach end-of-life on June 15, 2022.  

Many malware infections install themselves by exploiting security holes in the Internet browser that you use. As a result, if you elect to use a third-party browser, it is extremely important to keep it updated.  Although not a complete list, third-party browsers include Brave, Firefox, Google Chrome, Opera, Pale Moon, and Vivaldi. 


8.  Firewall

It is critical that you use a firewall to protect your computer from hackers.  The built-in Windows firewall blocks both incoming and outbound and has made numerous improvements over the years, although it can be disabled in the registry by malware.

If you prefer to install a third-party firewall, locate the vendor site rather than a third-party hosting site. Pros and cons of free firewalls can be found here.  Please only use one firewall at a time!

Other Cleaning / Protection Software

Of the below-listed programs, passive protection like that provided by Malwaebytes Browser Guard and SpywareBlaster, can be used with active resident protection programs effectively.  For example, the free version of Malwarebytes' Anti-Malware is an on-demand scan and clean program that will also not conflict with resident protection, Spybot is also on-demand but has resident protection if the Teatimer function is used.

Only scan with one program at a time and should be run with a shutdown/restart between scans.


9.  Consider installing one of these additional programs

Malwarebytes Browser Guard -- Malwarebytes Browser Guard filters out annoying ads and scams while blocking trackers that spy on you.  However, it is only supported on Chrome, Edge and Firefox browsers.

SpywareBlaster is an excellent program that blocks spyware, adware, browser hijackers and dialers. Run the program, download the latest updates, "Enable All Protection" and you're done. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.

Don't forget to check SpywareBlaster for updates every few weeks.  See this helpful tutorial by Lawrence Abrams, Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware.


10.  Anti-Malware and Anti-Spyware Programs (Select one or two)

MalwareBytes' Anti-Malware
Spybot
SUPERAntiSpyware Free Edition




Happy safe computing!!

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

*Note:  The original version of this article was written in 2005 by Tony Klein and has been reproduced or linked to in thousands of locations. Tony is well known in the security community for his many contributions, including the CLSID List and "A Collection of Autostart Locations" hosted at the former Gladiator Antivirus site.

With permission from Tony, others in the security community as well as myself have continued updating it to include current operating systems and software program information.  It has come to my attention that updated copies of the article are no longer being maintained at many sites.

The above represents another update of the original "So how did I get infected in the first place?" ©Tony Klein.

Revised: TonyKlein,Oct 30 2005, 05:00 AM
Reproduced and edited with permission of the author.

(Updated 16September2021)
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


No comments:

Post a Comment

Neither spam nor comments containing vulgarities will be approved.