T11M

A large part (to be honest over 90%) of my consulting business is based upon fixing computers that have been infected with viruses and malware. The majority of the time these infections could easily have been prevented.  However, over the past few years we have seen a serious escalation in the abilities of Black Hats (malicious computer crackers) to create near believable phishing attempts, pop ups, and other delivery methods for their malicious software.  One of the most recent viruses that I have dealt with on multiple user machines is “Microsoft Antivirus 2009″.  This virus can be exceptionally malicious and does an amazing job of hooking into the operating system and altering your ability to remove it.  The worst part is the longer you allow these new viruses to operate on your computer the more damage they cause.  In every case I have completely wiped the computer’s hard drive and started over with a fresh installation of Windows.  Side note: It is best practices to always perform a complete reinstallation of a computer’s operating system when it has been infected with malicious software.  The extent to which viruses and spyware can penetrate your computer have reached the point where regardless of the anti virus software you use, it is nearly impossible to know if you have purged your system of the malicious software.  So here are a few guidelines to hopefully help you avoid malicious software on the internet.

1. Never open email attachments from anyone you do not trust! NEVER! And sometimes don’t even open attachments from people you do.
2. Unless you know exactly what the files are and that they are trustworthy do not open files with these extensions: .exe, .bat, .vbs, .scr, or .pif.
3. Never click on a popup no matter how good the offer or how much it looks like a real windows notification.  If you have a web browser open (Internet Explorer, Firefox, Opera, etc.) then any notification could be malicious.
4. If a window won’t let you close it, there is a good possibility it is trying to deliver malicious software to you.  Use the task manager to end that program.
5. If you are surfing the Internet, do not believe anything that states your computer has been infected with a virus.  Websites that say your computer is infected with a virus are only trying to con you in to downloading their software, which is most likely a virus.
6. Don’t disable Windows firewall or Defender.  These programs help block malicious software.
7. Test your firewall with ShieldsUP! to see if you have any rogue open ports.
8. Always update your computer’s operating system.  If you are still running Windows XP make sure that your computer is updating by visiting Microsoft’s software update site.  http://update.microsoft.com.  Vista users should ensure that their system is updating regularly.
9. Remember that anti virus (AV) software is a reactive measure, not a preventative measure – it doesn’t protect your system from viruses that it doesn’t know about.  Update your AV frequently.
10. Don’t give your user account administrative privileges.  If you don’t have the ability to install software then it is very unlikely that the malicious software won’t either.
11. Don’t let your children play games on the Internet or torrent (download) files.  There are just too many opportunities for your system to become infected.

Here are some good links to read.  They explain the various threats on the internet as well as some key methods to avoid infection:

• User’s Guide to Avoiding Virus Infections
• Top 10 Tips for Avoiding Viruses
• Don’t be a Computer Virus Victim