1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Practicing Safe Computing

Discussion in 'Technical Discussions' started by Digerati, May 10, 2011.

  1. Digerati

    Digerati Super Moderator Techie7 Moderator

    Malware Removal Notice: The purpose of this document is help you build your own security suite, set up your security defenses, and develop your own safe computing practices so you never need the services of a Malware Removal expert. This is not a malware removal guide. If you came to this post because you suspect your system is infected and has already been compromised, I recommend you follow these instructions and one of our certified Malware Removal experts will assist. When done, use this guide to prevent recurrence.
    __________________________________________________​


    Practicing Safe Computing


    Do not misunderstand! There are people on the Internet right now, trying to hurt you, and your family! The worst of the scum seek to terrorize, abduct, torture, sell into slave labor and sex rings, and kill our children! They exploit the elderly, weak, scared, and innocent. Predators don't care who you are.

    The hackers, thieves, spammers, software pirates, illegal software users, juvenile misfits, and cyber-terrorists don't care either. Many are very clever. Do not think otherwise. Do not let your guard down. Learn, then teach your children. Right now, badguys are trying to determine our email addresses, bank account numbers, credit card numbers, phone numbers, Social Security numbers, driver's license numbers, home addresses, birthdays, mothers' maiden names. They want to steal our money, open new accounts under our names, run up our bills. They want to tap into our wireless networks, steal our data and use our Internet access for nefarious deeds.

    It is a sad fact that we, as users, must be the linchpins for security protecting our computers, our personal information, and our families from predators, identity thieves, organized crime, terrorist, and all the wannabe followers - the badguys of cyberspace.

    The best defense will surely fail if the "human factor" fails. Losing concentration and compromising safe computing practices very quickly turns the user into the weakest link, resulting in exposed vulnerabilities and potentially compromised security and safety.

    How did we get in this security mess? Let's make sure we put the blame where it belongs; on the badguys! Badguys put us in this position. Not the software giants. Not the hardware industry. But bad people - and not just the usual suspects mentioned either, but bad guys in corrupt governments, ISPs, and law enforcement, and others who profit (tax free, I'm sure) from that malicious activity.

    They have forced the rest of us to become Information Technology (IT) security experts just so we and our families can safely use our computers in our own homes.

    Beyond that, failure to keep our systems free from malware and intrusions is not being a responsible Internet user. These vulnerable systems are primary targets (easy pickings) for badguys and may (most likely will) end up compromised. The compromised computer, under the control of the bad guy, then becomes a threat to the rest of us as it used by the badguy to send spam, launch DDoS attacks, and distribute more malicious code across our networks. Not good.

    What can we, as computer/Internet users do about it? Three things:
    1. Practice Safe Computing! Keep our systems patched, updated, scanned and blocked, and use a disciplined approach to operating the computer and using the Internet.
      • Patch operating systems and applications to the latest security patches, including Windows 8.1, Windows 7 SP1, Vista SP2, and our browsers, including Internet Explorer even if using an alternative browser as your default.
      • Update anti-malware signature/definition files promptly and apply operating system critical updates in a timely manner (see "Windows Update" under "Prevent Re-Infestation" below)
      • Scan using "real-time" anti-malware scanners for viruses, worms, Trojans, and spyware
      • Block unauthorized access attempts, spam and pop-ups using a good client-based (software) firewall, spam blocker, and pop-up blocker.
      • Self Discipline, the most crucial! Self discipline includes:
        • NEVER click on "To stop getting these spam messages, click here" links
        • Don't be "click-happy" on any unsolicited links, attachments, downloads or pop-ups
        • NEVER open attachments or downloads without first scanning for malware - regardless the source
        • NEVER visit sites bad guys are known to wallow in including illegal porn and gambling sites
        • Never participate in illegal filesharing of copyrighted materials like music files, movies, and other published documents and on Peer to Peer (P2P) sites or via torrents

          and finally...

        • NEVER skip any of the above.

    2. Limit Access. It is good practice for all users to use limited access, or "Standard" user accounts for normal day to day computer use instead of an "Administrator" account. Downloads are restricted with standard accounts making it less likely a badguy will be able to download and install malicious code on your computer, should a malicious site be visited by the user, or through a malicious redirection. Children should have standard accounts, always separate from the parents' accounts. You create or modify user accounts via the Control Panel, User Accounts applet .

      Use strong passwords, preferably 8 characters or more, consisting of upper and lower case letters, numbers, and special characters (! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~). Do not use family names, pet names, birthdays, anniversaries, addresses or other easy to guess passwords. Do not write your passwords down on a notepad or a sticky note, or unencrypted spreadsheet. Use a password manager to store your passwords. Recommended include LastPass, Password Safe, KeePass Password Safe, RoboForm or SplashID.

      "Physical Security" is just as important for your passwords as it is for your computer (especially notebooks) and your identity. If a thief breaks into your home and steals your computer, he's going to quickly, but pretty thoroughly, hunt around within arm's length from your computer chair for a "secret" list of passwords. If found, he has the keys to your life. With a good password safe, you only have to remember one password - the one to get into the safe.

      I do not recommend allowing your browser save your passwords because that method provides no "physical security" should your computer be stolen.

    3. Vote! Demand your elected officials fund for enforcement of existing laws, and create new laws with teeth against all aspects of cyber-crime. Demand funding so the authorities have the resources needed to fight the badguys. Elect or demand appointment of judges that levy harsh punishments. Demand the United Nations enforce the existing laws on software counterfeiting, and the exploitation of children in servitude, forced labor and pornography, all of which use the Internet.

    Supplemental/Manual Scanning for Malware


    It is important to manually run through your security scans on a regular basis, even when you have a full, real-time security system in place. This is necessary to ensure nothing got by (or was "allowed" by) your defenses by you, or another person using that computer. Once a week is not unreasonable.

    "Malware" is the catchall word for malicious software to include viruses, Trojans, worms, spam, and spyware. As the security industry consolidates products and migrates towards "suites", anti-virus and anti-spyware products are evolving and merging into "anti-malware" products.

    Use the information below to assemble your own arsenal of tools to keep your systems free of malware, and your family safe. I personally have used these tools on the various computers on my network and frequently recommend them to friends, family, and clients. There are certainly many competing products that are just as effective and by all means, if you are more comfortable with another product, and it is not a "rogue" product, then use it. The main point is, keep it updated and use it!

    Important Note - Use Custom Install. For all programs you download and install, select the custom install option. Do not simply allow the defaults as this often will install ("foist") extra, unwanted, and unneeded software on your system to include toolbars, download managers, auto-updaters, or usage tracking software.

    Important Note - Update First. For all of the following suggested programs, and before every scan, use each application's "update" feature to ensure you have installed the latest signature/definition files. This is necessary even if you just downloaded the most recent version of the application.

    Important Note - Avoid Conflicts. To avoid conflicts, ensure only one firewall and one "real-time" (also known as "in resident", "in memory", "auto-protect" or "active scanning") scanner program of the same type is running at any given time. For example, only one firewall and one real-time anti-malware scanner should be running at a time. This is to avoid "two dogs guarding the same bone" issues, which at the very least, is probably a waste of system resources.

    Important Note - Back up. Performing major system scans and cleaning is never risk free. Although every program listed here has a long history of reliable performance, things can go wrong, especially with a problem system. Hardware can fail and power grid anomalies can wreck havoc. Use a good uninterpretable power supply (UPS) with AVR (automatic voltage regulation)! Look for "pure sinewave" or "approximation sinewave" outputs. Back up your important files regularly. And I recommend you create a System Restore “point” before running through the cleaning procedures. System Restore allows you to “roll back” system files, Registry keys, installed programs and drivers, etc. to a previous state.

    Important Note - Check EULAs. Be aware that most free software is free for home and non-commercial use only. Be sure to read the end-user licensing agreements (EULAs) before using.

    Clean Out the Clutter

    • Delete Temporary Files before scanning to rid system of thousands of temporary files. This action often significantly reduces scanning times and may clear out files that are corrupt or are infected with malware. Deleting cookies as well ensures all "tracking cookies" are removed too. Note that deleting cookies will force the manual entry of user names and passwords for sites requiring them on your next visit, so make sure you know them.
      • Windows Disk Cleanup. One distinct advantage Windows Disk Cleanup has over most other cleaners is that it has the option to delete all but the most recent Restore Point. This is significant because malicious code can hide there too. To delete temporary and no longer needed files (including old System Restore points) with Windows Disk Cleanup:
        • In My Computer, right click on drive, then select Properties > Disk Cleanup,
        • When Disk Cleanup calculation is complete, check the desired Files to delete boxes - uncheck Compress old files unless you are very low on disk space (Note: Highlighting each entry will reveal a description of items being deleted),
        • Optional - Remove all System Restore points, except the most recent
          • Click the More Options Tab,
          • Under System Restore, click Clean up... to remove all but the most recent restore points, then follow prompts to complete action,
        • Click OK and follow prompts to complete and exit Disk Cleanup.
      • Temp File Cleaner (TFC) by OldTimer - a very thorough temporary cleaner.
      • CCleaner - a popular alternative cleaner for more advanced users. During installation, uncheck the option to install the Yahoo toolbar, or download CCleaner - Slim for the version without the toolbar. Before first use, check Options > Settings and ensure Only delete files in Windows Temp folders older than 24 hours is unchecked. You can also configure CCleaner to leave cookies from the trusted sites you visit often. For advanced users, CCleaner has an excellent Registry tool that checks for "issues", cleaning unused "orphaned" entries missing shortcuts. It is very conservative and as such, is much safer than more aggressive cleaners. It always prompts the user to backup the Registry before making changes. Like any Registry cleaner, it is best when used to maintain a Registry in good order, rather than to fix a long neglected, and broken registry.

      Note
      : Some files cannot be deleted while Windows is running. They will be marked for deletion at next boot. Expect the computer to take longer to boot up the first time after cleaning with one of the above utilities.

      Also note that the cleaning process may clear out Windows "fetch" settings that allow Windows and your applications to load faster. These fetch settings will automatically be reconfigured (unless disabled by the user) for the user, based on the user's computer use, after a few computing sessions.

      Tip: Delete all Temporary Internet Files and Cookies before defragmenting your hard drives. It is counterproductive to defrag with 1000s of tiny temporary files on the drives. For this reason, I don't recommend defrag programs that run in the background and defrag automatically, unless you have lots of free disk space.
    Manual Scanning for Malware - No single anti-malware program gets them all. Therefore, it is necessary to use an arsenal of tools and periodically, perform manual scans. Past controversy over some makers' decisions to delist known spyware emphasizes the need to attack on multiple fronts. I recommend you download, install, and use the latest versions of one or more of the following:
    A special note about MB3 Premium, the paid version of MB3. MB3 Premium contains a "real-time" that is designed to play well with other real-time scanners.

    Real-time Scanning for Malware - If you don't have a current real-time anti-malware scanner, get one NOW!. There are several excellent anti-malware programs to choose from, some free, some not.

    I personally use and recommend Windows Defender (WD) which is built into Windows 8 and Windows 10. If still using Windows 7, then I recommend Microsoft Security Essentials (MSE). I use WD, along with MB3 Premium on my primary Windows 10 system.

    For those concerned about reports that WD and MSE are inadequate because they do not score as highly as other antimalware solutions in synthethic laboratory tests, do not fall for the hype. For the vast majority of users, WD/MSE are just fine. See Ask Leo! What Security Software Do You Recommend? to see how WD/MSE protect you.

    Scan with one, two or all three (in turn) of these free scanners as a double or even triple check.

    • Scan for Rootkits - Rootkit is a term originating in the UNIX world to describe a set of "stealthy" tools used to obtain and/or maintain root access. A person with "root" access can do anything. Windows rootkits gain access by exploiting known vulnerabilities on un-patched systems, then use that access to install a "back door" to maintain that access to your system. Malwarebytes has a scan for Rootkits option (disabled by default). Or use one of the following:
    Prevent Re-infestation - Use the above tools to clean your system, and to help prevent future attacks from compromising your system again. In addition to those tools you also need the following:
    • Firewall - I recommend Windows Firewall. It is already included in Windows and works just fine. If you choose to use an alternative to Windows Firewall, that's fine. Just do not use more than one software based firewall at a time. In most cases, if you install a 3rd party firewall, Windows Firewall will automatically be disabled. The alternatives are effective, but require additional user interaction to configure and use properly.

      As always, select the "custom install" option to block installing extras you don't need.

      Important Note - Routers and Firewalls: If you have a router you still need a software based firewall on each system on your network. This is true even if it is a network of just one computer. If you are not using a router, you should, especially if you are using broadband (cable or DSL high-speed Internet). Ensure your router uses NAT (Network Address Translation). NAT is a very effective security feature that provides hardware firewall type features. Note that some routers advertise firewall features that are not true firewalls. Read the fine print, or ask questions. There are several offerings for under $50.00USD. Some offer dial-up support, and some include a print server for network printing. Using a router also allows you to disable printer and Internet connection sharing on your connected computers.
    • Pop-up Blocker - There are several good pop-up blockers, including those found in the latest versions of Internet Explorer, Firefox and other popular alternatives. I recommend you enable them. Many add-in toolbars, such as Google Toolbar and Yahoo Toolbar, also have pop-up blockers. It is fine to also use one of those. However, I caution against using more than one or two pop-up blockers to avoid conflicts and confusion. The thing to remember is the "self-discipline" portion of Practice Safe Computing from above; if a pop-up gets through, just close the pop-up, do not click on any links.
    • Spam Blocker - Spam is inevitable if you have an email account. Most ISPs offer spam blocking tools or there are several client (computer) based spam blockers. However, NO spam blocker is perfect, so I caution you to remember that. Some spam messages will not be identified, and some legitimate messages will be falsely identified as spam. I recommend you select an option that tags "suspected" spam, and/or moves suspected spam to a spam/quarantine folder, rather than automatically deleting them. For example, my ISP appends (tags) the subject line with "--spam--", which is easy for me, and computer based spam filters, to spot.

      I prefer and recommend a client based spam blocker if you have multiple email accounts. There are many to choose from. I use and strongly recommend MailWasher Pro. There is a bit of a learning curve, but by far, what puts it above and beyond all other spamblockers is that you process all your mail from all your accounts on the servers! That is, BEFORE the email is downloaded on to your system. This is huge, in my opinion. Other spamblockers download the entire email (and attachments!), dumps it on to your machine, and then analyzes it for possible malicious code. To me, that's like asking a stranger to step inside your home, THEN asking him what he wants.
    • Windows Update - The vast majority of users of the 1.5+ billion Windows computers in the world today allow Windows Update to automatically download and install updates and they never have problems. So reports that say Windows Update will mess up your system are greatly exaggerated. That said, Microsoft has not been 100% perfect in pushing out reliable updates; some have broken a few machines. However, because keeping our systems current is one of the best ways to keep our systems secure and running optimally, and because Microsoft has improved this process greatly in recent years, I recommend leaving Windows Update in the default settings - that is, automatic download and install.
    I know all of the above is a lot but this is what it takes to get and keep your systems clean, running at full performance, and safe for you and your family to use. Fortunately, it gets easier to manage once it is all set up and you become more familiar with the features. I recommend all scanners be scheduled to update, then scan on a regular basis - weekly at a minimum. It is an important part of Practicing Safe Computing to also set up a routine to regularly scan your system(s) manually.

    ***************

    Comment: Security Suites. Security suites like Norton Internet Security, Bitdefender Total Security, et al are complete security packages containing a firewall, anti-malware, spam blocker, pop-up blocker, and more. They are managed through a single user interface (UI) or control panel. Some suites are free, most are not. Suites are less expensive than buying individual components from several vendors, and with only one UI to learn, are typically easier to use. That makes them attractive for many users. Most importantly, if kept properly updated, they do provide an effective defense strategy.

    ***************

    Referrals: If you were referred to this post as part of the resolution process being worked in another thread, when done with the above scans, please post a status update in the original thread.

    ***************

    DISCLAIMER: Please note this was compiled by me and should in no way be construed as policy of this site, nor is this site responsible for any outcome that may come about by following it. Although many users have successfully used this guide, I cannot guarantee success, nor can I promise any outcome. That said, I have personally used all these products on many computers to clean them of clutter and to prevent infestation without incident. I anticipate you will have no problems if you follow the stated precautions.

    ***************

    Edit History
    2-7-2017 - Updated comments about Windows Defender and MB3
    7-16-2016 - Updated links and minor edit changes
    8-7-2015 - Significant updates to address Windows 10
    3-6-2014 - Significant updates to address Windows 8/8.1 and other changes.
    10-18-12 - Updated link to AV-Test labs.
    1-25-12 - Updated link to Techie7
    11-17-11 - Corrected link and amended comment for TFC.
    8-22-11 - Added IE9 and Windows 7 SP1 content, minor formatting edits.
    6-22-11 - Amended Limit Access section, password content, added physical security content, minor formatting edits.
    3-10-11 - Typo fix
    1-25-11 - Typo fix
    11-12-10 - Minor edit to preface paragraph
    10-31-10 - Minor grammar edit
    10-3-10 - Minor formatting and amended CCleaner entry to mention CCleaner - Slim
    10-1-10 - Version 3 Major Rewrite to include Windows 7 (32 and 64-bit)