|
The “M” Word – Protecting Yourself from Malware
By Bryan Lambert – August 8, 2010
|
In this year, 2010, malware seems to be as ubiquitous as the air we breathe. While computer users today are much more savvy against the threat of malware, there’s still more that we can do. In this Tech Tip we’ll look at some very practical things to do to keep yourself protected as well as some things that you can do if you have inadvertently picked up some malware on any of your PC computers .
Protecting Your Computer
In a nutshell this is what you’ll need to keep your computer humming along:
- Have some kind of anti-malware protection on your computer and keep it current. While many new notebook computers and PCs come with trial anti-malware software, it is up to you to keep it current (for a price). There are, however, free alternatives.The viagra and premature ejaculation foremost among them is Microsoft’s own Security Essentials. It doesn’t come with Windows, but can be easily downloaded and installed. Other free programs include the popular AVG ; AVast , Avira and BitDefender (they have paid versions as well) while the usual suspects round up the paid products: MCAfee , Norton , Panda , Kaspersky and Trend Micro . This is not an exhaustive list by any means as there are many other free and paid programs that can be used.
- Keep your computer up to date.You can rely on automatic updates, but to be sure that nothing is being missed you may want to manually run updates from time to time – particularly on the Operating System and the Web Browser.For example, in Windows Vista and 7, click on Start button and in the search box type in Windows Update – the first program listed will be the Windows Update program. Click on this and check if you have any updates to run. In XP, go into the Control Panel and click on Windows Update there.With the browser, if you are running Windows Explorer, your Windows Update will update that. With other browsers, check their help files for how to update them. Besides that, also be sure that you have your firewall up and running.
- Don’t fall for bogus phishing scams, fake anti-virus scans, software from “nowhere.” Because of increased protection, malware programmers are hitting the most vulnerable target in the chain – you. If they can get you to install the program from a fake anti-virus scan that pops up while you’re surfing,a bogus link in your e-mail, in your messenger or on a website then they get by all those protections that have been carefully laid in place. Just don’t do it.
OK – you got “something” – Now what?
No computer is perfect – even with all your protections in place, something may slip through. If something does, there are things that can be done to minimize damage and risk.
- If you have access to a second computer, download onto a flash drive some tools to scan and hopefully fix your PC. Typically you can grab one or two antivirus programs available (I’d recommend AVG or AVast mentioned earlier) and a good, free anti-spyware program (I highly recommend Malwarebytes ). Install these on the infected computer and run a full scan on the computer. Depending on how bad the infection is, you may need to pull the computer off the Internet while running these scans.If you can get to the Internet, then be sure to get the latest updates for these programs. You may also look into running either Panda’s or Trend Micro’s online scanner programs. Be sure to scan ALL drives.
- If you have second computer or the infected computer has access to the Internet – then simply look up your computer’s symptoms online to see what other people are seeing and possible ways to fix it. There will be some dead ends, but often you can find out what is causing you the problems as well as how to fix it.
- After all the scans, run the more advanced tool, HijackThis from Trend Micro (a free tool) to see exactly what is running. HijackThis also gives you the ability to manually remove items as well.While you are at it, you can also run Trend Micro’s other free tools, RUBotted and RootkitBuster . If you cannot make heads or tails of the log files from HijackThis, there are many sites out there that will help you with it.
- If all else fails, you can always format and restore your PC back to the original configuration.
What about everyone else?
What about other Internet connected computers and devices that aren’t Windows based? Are they vulnerable to malware ? You bet that they are!This includes Linux; FreeBSD; OSX and UNIX based computers; Android; BlackBerry; iOS; Microsoft and Symbian based SmartPhones/devices. Is there anything that you can do to protect yourself here?There is.
Besides making sure that you are up-to-date on all the latest software patches, just know what kind of software and apps you are loading. Many companies, such as Symantec and others , are now making security software for these other non-Windows based operating systems and devices.
While there hasn’t been widespread infections in the past – it doesn’t mean that they won’t be the target in the future – remember, there is no such thing as a perfect, invulnerable OS.Of course, it’s up to you if you to do this if you think you may need protection on these other items.
Wrapping it up
Keeping your PC safe isn’t rocket science. It involves keeping your security software, operating system and other software up-to-date; watching what gets installed on your computer and knowing what to do if something gets through. When it comes to security, no one tip can possibly cover everything. So, we open this up to you too – what do you use personally to keep your computer safe.
|
By Adrian Kingsley-Hughes | April 2, 2009, 4:45am PDT
It’s time for Microsoft’s policy of tying the availability of Windows Updates to Windows Genuine Advantage (WGA) validation to end.
Brian Livingston writing for Windows Secrets had the following to say:
“It’s ridiculous to say that Microsoft provides all security updates to Windows users, whether or not they pass Windows Genuine Advantage (WGA) validation. No, Microsoft doesn’t.
“First of all, a system that fails WGA is restricted in using Microsoft’s update and download sites.
“WGA has a reputation for rating some PCs as unlicensed when in fact they’re completely legitimate. For this reason, many people exit Windows Update at this point and turn off Automatic Updates (if it was enabled) rather than risk disabling their expensive computers.”
Windows Update and WGA are interlinked . If you have a PC that doesn’t validate as running a genuine copy of Windows (or you are uneasy about putting it through the validation process for whatever reason), then you are limited to receiving only those updates that are labeled as “Critical”. While this still gives users access to the most important updates, it means that users miss out on updates classified as “Important” or “Moderate”.
To make matters worse, back in 2006 someone at Microsoft decided to push an update for the WGA mechanism (KB905474) through the Windows Update mechanism and marked it as a “Critical” update. This mixing of genuine security updates and marketing propaganda was an enormous abuse of trust on Microsoft’s part (Apple later pulled a similar stunt when it pushed Safari to Windows users though its software update mechanism) and shouldn’t have been allowed to happen.
It’s now time for Microsoft to disconnect WGA from all Windows related updates. Same goes from Office Genuine Advantage and updates for Microsoft Office. The current situation doesn’t make good sense. I don’t have a problem with Microsoft demanding that users wanting additional content (games, new apps, templates viagra and alcohol and so on) have to go through a validation process, but ALL updates should be available to ALL users, irrespective of whether users are running a genuine copy of Windows or not. Users who have unwittingly been sold a counterfeit copy of Windows shouldn’t be penalized and have their security compromised. In fact, when it comes to security updates, even those who know they are running a pirated copy of Windows should get access to all updates. It’s in everyone’s best interests that as many machines as possible are patched.