Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Administrator
Joined
·
124,141 Posts
Discussion Starter · #1 · (Edited)
The following article is currently hosted at @Corrine's website "So how did I get infected in the first place?" | The Security Garden. It was originally written in 2005 by @TonyKlein who is a well-known expert and highly-respected pioneer in the online security and malware removal communities. His article has been updated and kept current over the years by @Corrine who is also well-known for her expertise and significant contributions in the various online malware removal communites. Tony and Corrine have graciously granted Tech Support Guy permission to reproduce the article here along with any future updates and we are very grateful to them for sharing this valuable resource.

"So how did I get infected in the first place?"

You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices

1. Keep your Windows updated!


It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer. Either enable Automatic Updates or get into the habit of checking for Windows updates regularly.

Operating Systems

Windows 11 was released October 5, 2021. Windows 8.1 and Windows 10 are still officially being supported. Windows XP reached end of support April 8, 2014, Windows Vista reached end of support April 17, 2017, and Windows 7 reached end of support January 20, 2020. Windows 8.1 extended support ends January 10, 2023. For Windows 10 Versions, see the Windows lifecycle fact sheet noting that many versions have reached the end of support. Additionally note that "Microsoft will continue to support at least one Windows 10 Semi-Annual Channel until October 14, 2025.

To update Windows 8.1, Windows 10, and Windows 11 do the following:
  • Windows 8.1: Open the Search charm, enter "Turn automatic updating on or off", and tap or click Settings to find it.
  • Windows 10 and Windows 11: Go to Start > Settings > Update & Security.

Updates (even some old updates for Windows XP, Windows Vista and Windows 7) can be downloaded from the Microsoft Update Catalog. To see what updates have been released for supported operating systems, see Windows Update History:
2. Update 3rd Party Software Programs

The importance of updating third-party software is evidenced by the report by AV-TEST in which it is stated, "Adobe's Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware." (Complete article at Adobe & Java Make Windows Insecure.)

Third Party software programs have long been targets for malware creators. For those who forget to check third-party programs for missing updates, there are freeware programs available. A favorite of many is UCheck, which includes a long list of programs it monitors.

Of course, there are some third-party programs you may find you no longer need. Consider, for example, uninstalling Oracle Java, Adobe Shockwave Player, and, of course, the no longer supported Adobe Flash player.

3. Use a Standard/Limited User Account

Although an Administrator account is needed when setting up the computer, day-to-day usage should be with a Standard User Account which has limited permissions. An Administrator account provides the highest level of access to your computer whereas using a Standard User Account makes it more difficult for the computer to be infected.

Using a Standard User Account for everyday activities applies even if you are the sole user of the computer. For additional information, see Using a Standard/Limited User Account.

4. Watch what you download!

Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.

Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others are among the most notorious. P2P programs allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner

Note also that even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected. Do not open any files without being certain of what they are!

Pre-scan downloaded files for viruses and malware at one of these multi-engine single file scan sites. Both use a dozen or more well-known anti-malware scanners in a quick, easy scan with a report of results from all.

-- Virus Total (10mb limit): https://www.virustotal.com/gui/home/upload
-- Jotti's Malware Scan (15mb limit): http://virusscan.jotti.org/en

5. Avoid questionable web sites!

Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders.

Most of these drive-by attempts will be thwarted if you keep your Windows updated and your internet browser secured (see below). Nevertheless, it is very important only to visit web sites that are trustworthy and reputable

In addition, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is!

For more general information see this tutorial by Lawrence Adams of BleepingComputer.

Must-Have Software

*NOTE*
: Please only run one anti-virus and one anti-spyware program (in resident mode) and one firewall on your system. Running more than one of these at a time can cause system crashes and/or conflicts with each other.

6. Antivirus

An Anti-Virus product is a necessity. There are many excellent programs that you can purchase as well as antivirus software programs free for personal use. In addition, Windows Defender comes pre-installed on Windows 11, Windows 10, and Windows 8.1.

The following are antivirus software programs that are free for personal use:

-- Adaware Antivirus Free
-- Avast
-- AVG Antivirus Free
-- Avira
-- Comodo Free Antivirus
-- Kaspersky Free
-- Panda Free Antivirus
-- ZoneAlarm Free Antivirus

Please run only one antivirus resident at a time!

It is recommended to set your antivirus to receive automatic updates so you are always as fully protected as possible from the newest threats.

7. Internet Browser

Internet Explorer was pre-installed on Windows 8, Windows 10, and Windows 11 versions with the current version being Internet Explorer 11. However, the latest Windows browser is Microsoft Edge, a chromium-based browser and the Internet Explorer 11 expiration date is June 15, 2022. See Microsoft Edge Enhancements for IE Mode for instructions on how to enable IE Mode on Windows 10 and Windows 11.
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. As a result, if you elect to use a third-party browser, it is extremely important to keep it updated. Although not a complete list, third-party browsers include Brave, Firefox, Google Chrome, Opera, Pale Moon, and Vivaldi.

8. Firewall

It is critical that you use a firewall to protect your computer from hackers. The built-in Windows firewall blocks both incoming and outbound and has made numerous improvements over the years, although it can be disabled in the registry by malware.

If you prefer to install a third-party firewall, locate the vendor site rather than a third-party hosting site. Pros and cons of free firewalls can be found here. Please only use one firewall at a time!

Other Cleaning / Protection Software
Of the below-listed programs, passive protection like that provided by SpywareBlaster and a Hosts file program, can be used with active resident protection programs effectively. For example, the free version of Malwarebytes' Anti-Malware is an on-demand scan and clean program that will also not conflict with resident protection, Spybot is also on-demand but has resident protection if the Teatimer function is used.
Only scan with one program at a time and should be run with a shutdown/restart between scans.

9. Consider installing SpywareBlaster by Javacool

This excellent program blocks installation of many known malicious ActiveX objects. Run the program, download the latest updates, "Enable All Protection" and you're done. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.

Don't forget to check SpywareBlaster for updates every week or so.

See this helpful tutorial by Lawrence Abrams, Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware.

10. HOSTS File Program

Malwarebytes Browser Guard-- Malwarebytes Browser Guard filters out annoying ads and scams while blocking trackers that spy on you.

11. Anti-Malware and Anti-Spyware Programs (Select one or two)

MalwareBytes' Anti-Malware
Spybot
SUPERAntiSpyware Free Edition

Happy safe computing!!

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

*Note: The original version of this article was written in 2005 by Tony Klein and has been reproduced or linked to in thousands of locations. Tony is well known in the security community for his many contributions, including the CLSID List and "A Collection of Autostart Locations" hosted at the former Gladiator Antivirus site.

With permission from Tony, others in the security community as well as myself have continued updating it to include current operating systems and software program information. It has come to my attention that updated copies of the article are no longer being maintained at many sites.

The above represents another update of the original "So how did I get infected in the first place?" ©Tony Klein.

Revised: TonyKlein,Oct 30 2005, 05:00 AM
Reproduced and edited with permission of the author.

(Updated April 15, 2022)
 
1 - 1 of 1 Posts
Status
Not open for further replies.
Top