MALWARE PREVENTION

This section of the Malware Help web portal describes how we can prevent Malware from infecting our PC. You can either jump right in, and read the section from beginning to end, or select what interests you most. As a minimum, we suggest reading the outline introduction to Malware and how to protect your PC.

Make a selection from the following:

● HowHow doesdoes mymy PCPC getget MalwareMalware?

● WhatWhat cancan II dodo toto preventprevent gettinggetting MalwareMalware?

● HowHow dodo II configureconfigure WindowsWindows toto helphelp meme?

● WhatWhat toolstools areare avaliableavaliable toto avoidavoid MalwareMalware?

How does my PC get Malware?

Since Malware is distributed as some form of executable software code, it must be introduced to the computer in some manner. Today there are several ways that Malware may be introduced into your computer, such as:

● FROM - Opening a Malware program disguised as an Email attachment. For more tips on how to keep email safe, see: link;

● FROM A WEBSITE - Downloading files from the internet, to which a Malware program is attached;

● FROM A POP-UP WINDOW ADVERTISEMENT: Loading programs/software recommended by advertisers to which Malware “trojans” are attached. For more detail on what do do if you get a pop-up window that requests you to click somewhere: link

● FROM ANOTHER PIECE OF SOFTWARE: Installing new software or updating software already on the computer with software, to which a Malware program is attached;

● EXTERNAL MEDIA - Using infected flash drives, USB drives, or VDD/CD's (like the old floppy disk method);

● SOCIAL MALWARE - Allowing third parties, usually from a convincing telephone caller, to control the computer remotely through the internet.

In most cases some form of deceit is involved and the innocent user is unaware of the danger or possibility. An example would be the telephone caller from “” or “Windows” to help rid your computer of viruses. Or the email from Paypal or your bank which informs you that your account has been compromised, and that you should “click here”. HOME What can I do to prevent getting Malware?

In terms of Malware prevention you are the first line of defense, and whether you believe it or not, are the cause of any intrusion. So, here are a few “operating practices” that will help limit any damage caused by Malware:

● ALWAYS KEEP SOFTWARE UPDATED – particularly the software (e.g. or .1). Here's how to do that: link

● SLOW DOWN AND READ THE SMALL PRINT – read before you click and be sure you are aware of where the click will take you. Remember, “If it sounds too good to be true, then it is”!

● ONLY DOWNLOAD SOFTWARE THAT YOU NEED – usually, the more actively a product is promoted, the more likely it is to be damaging.

● NEVER INSTALL SOFTWARE FROM AN UNKNOWN SOURCE – preferably use only secure websites, and preferably only those endorsed by Microsoft. Avoid third party downloading websites unless you are sure they are trustworty. At this time, www.ninite.com is a good downloading website for Windows software. See how to know whether a website is secure:link

● KEEP COMMON UTILITIES UPDATED – most Browsers use plugins to assist with media content of websites. For Example Adobe Flash and Java are often used as plug-ins to Browsers. These plugins need to be kept updated. Here's more about Java and Flash: link

● USE RANDOM, COMPLEX PASSWORDS, and change them regularly. Here's some password tips link

HOME How do I configure Windows to help me?

Depending on which operating system (OS) you use (Windows 7, Windows 8.1, even XP and Vista), you can configure Windows to minimize inadvertent entry of Malware:

● Permissions – all operating systems use some form of User Account to separate different users. Account Permissions allows two types of accounts - “Standard” and “Admin”. Often, when you are the only user of a particular PC, initial set up will probably include one or at most two accounts – a “Guest” account and a “Named” account (your name usually) which are assigned “standard” and “admin” permission respectively. A good practice is to have TWO named accounts – a day to day use account with “standard” permission and an “admin” account for use only when “admin” permission is needed. This way if there is a security breach, the associated Malware will most likely only have “standard” account permission and therefore damage will be limited. How to manage users in Windows 7/8/8.1: link

● User Account Control – UAC defines what types of download operations will be allowed without authorization. There are four levels, with Level 2 providing a reasonable level of protection. How to set UAC in Windows 7/8/8.1: link

● “Autorun” – this secures any external devices such as DVD players and USB ports and avoids them automatically running (and installing Malware). You can do this by following Microsoft's procedures, which differ by operating system and are described in Microsoft Knowledge Base articles 967715 and 967940 which are frequently referenced for this purpose.

HOME What tools are available to avoid Malware? While not 100% guaranteed, Malware issues can be practically eliminated through use of the following simple “Barriers”:

● Firewall – software which when enabled, blocks unauthorized access through the computers internet interface hardware. Windows 7 and 8 both have built-in Firewall software, which should be always turned on.

● Anti-Virus – software that checks all data entering the computer, either through media or from the internet, to be sure it is free of known viruses. Again, Windows 7 and 8 have free Virus Detection Software available for download (Windows 7) or within the installed Operating System (Windows 8), which should be enabled.

● Spyware Prevention – software which blocks entry of “cookies” and other programs which run in the background to either report operating practices, or look for critical data. For example, Malwarebytes (download from www.ninite.com) operating in real time will provide some Spyware protection. Follow link for more information related to Firewalls, Anti-Virus and Spyware Prevention tools: link

● Security Tools – tools which when installed will assist and prevent inadvertent entry of Malware. For example browser add-ons designed to assist with safe internet browsing, etc. Follow link for more information related to security tools; link

● Software Maintenance – use of various tools and scans in a preventative manner. Using various Malware scans are covered in more detail in the Malware Removal section. However, in addition to preventative scans, we need to be sure all critical software is updated, and that we have critical data backed up. Follow link for more information related to Updates and Backup: link

HOME How to avoid Malware while using Email

Webmail vs. Email program? The difference between accessing Email via the internet (e.g..google.com) vs. an Email program on your computer (e.g. Mail, Thunderbird, etc.), is that with an Email program you a viewing a copy of your mailbox whereas with Webmail, you are directly accessing your mailbox. Using a program is inherently safer, since you can recover mistakes easier, and minimize data traffic over the internet (which is more susceptible to Malware intrusion). See following for directions to install – link. Windows Live Mail is installed as part of Windows Essentials, a free Microsoft download. When installing, be sure to only select Live Mail, and deselect the other add-ins; you do not need these other programs associated with Windows Essentials. Thunderbird is available from www.ninite.com Email attachments – One of the oldest ways to spread malware is through email attachments

● Do not open attachments from people you do not know

● If a friend sends you an attachment that looks suspicious contact them first before opening the attachment

● Never open that end in .exe, .bat, .com, .vbs Phishing Emails – Phishing emails will try to convince users into clicking on a link within the email. The link will take the user to a website that will either try to make the user manually install malware or will perform a “drive-by” download to install the malware.

● Never click on links in an email

● Find out how to protect yourself from Phishing Emails - link BACK How to avoid Malware from pop-up Windows

What is a pop-up Window? Popup alerts falsely tell the user that their machine is infected with a virus or has some other problem that needs to be fixed such as Driver Updates. The user is asked to click on the alert to install the software (really Malware in disguise) that is purported to fix the problem or a “drive-by” download will be initiated.

What to do and what not to do: ● Do not click or engage with the popup window. In the example to the right, you would not click on the “Pause” or “Stop” buttons.

● Do not close window or Browser normally ● Open Task Manager - Win7 – CNTL-Alt-Delete Win8/8.1 – select Windows Icon (bottom left corner), Right Click and sect Task Manager from menu

● Look for Browser under Application tab, select and close application

BACK Firewall, virus detection, and anti- spyware software Depending on which operating system (OS) you use (Windows 7, Windows 8.1, even XP and Vista), these tools are available within the OS or are from third parties.

● Virus Detection Software – Microsoft Security Essentials (MSE - Windows 7) and Windows Defender (Windows 8.1) are free and do not come with other bundled software and ads. Windows 7 – download Microsoft Security Essentials from www.ninite.com Windows 8.1 – comes with Windows Defender

● Firewall – MSE and Windows Defender both come with a built in Firewall which should be kept activated.

● Anti-Spyware Software – again, MSE and Windows Defender both include built in Spyware protection, but it is not as effective as some of the Third Party software. Malwarebytes, paid version, which provides real time monitoring is worthy of consideration, and can be downloaded safely from www.ninite.com

● Beware of Third Party Anti Virus/Anti Spyware software – while some of the available commercial packages offer good virus detection, they come bundled with other security software which is substandard, and will cause significant loss of performance. For example, Norton, McAfee, Kaspersky, Avast, AVG, etc. all fit into this category and offer bundled packages. Some offer free anti-virus or trial software, but this is often plagued with frequent advertising.

● ACTION CENTER: Windows Action Center provides for updating and control of these security features: How to check Windows 7 Action Center: link How to check Windows 8/8.1 Action Center: link BACK Preventative security tools?

In addition to preventative configuration of Windows, additional protection can be provided by some powerful tools available from third part vendors. Some of these tools are offered by paid Virus Detection suppliers (McAfee, Norton, etc.), packaged with their anti-virus software, however in some cases they are inferior to those offered by specialist suppliers. Here are some suggestions:

● Install a Website Advisor - to monitor which websites are being visited and to advise their trustworthiness. While these are now packaged with the major Anti-Virus vendors, a better choice is to install “Web of Trust” (WOT), a free advisor which is available as an add-on/extension to the major browsers. It must be installed separately in each browser that is being used. WOT rates websites and will advise if a site is being addressed which has a bad reputation.

● Install a Spyware Monitor – Spyware is generally distributed using cookies, which are automatically generated and sent to your computer when you visit certain websites (What are cookies? - link) You can set browser options to block cookies, however they are also used to help establish secure connections for shopping, banking, etc. “Privacy Badger” is a browser add- on/extension that will block “bad” cookies. It is not available for Internet Explorer, which is a good reason to use Chrome or Firefox as the default browser.

● Install an Ad Blocker – annoying ads sometimes result in downloads which have Malware attached. “Ad blockers” are browser add-on/extension services designed to block ads. A good adblocker which is reliable and safe is “Adblock Plus”, available as an add-on for all major browsers.

● Use a secure Domain Name System (DNS) server like OpenDNS or a Virtual Private Network (VPN). This will provide a more secure browsing experience and avoid escalation of virus/malware which is designed to “phone home” and import additional destructive Malware. See more detail of how to change DNS or set up a VPN: link BACK Updates and backup?

As well as software configuration and good operating practices, some minimum maintenance is required to ensure you are fully protected:

● Updates – because Malware is continually changing, Microsoft and other key software providers like Google, Mozilla, Adobe, Oracle and others are continually updating their software to close any vulnerable areas, which hackers often use to infuse Malware. Keeping these software packages updated is therefore critical. How to Update Windows 7 : link How to Update Windows 8.1: link BACK How to Update Chrome Browser: link How to Update Firefox Browser: link

● Adobe Flash and Oracle Java RTE – both Adobe Flash Player and Java RTE (note – do not confuse Java Run Time Environment with Java Script) are notorious for security vulnerability and neither Adobe or Oracle do a great job of plugging their respective vulnerabilities. Therefore IF YOU DON'T USE THEM DON'T INSTALL THEM. Mose of us do not need Java RTE (unless you are heavy into 3D gaming), and most of us can do without Adobe Flash. Consider using Chrome as your preferred browser, since it has a built in Flash updater, and you do not need to install it separately - link

● Backups – use an external hard drive or USB flash drive. Also consider using a secure Cloud service (MS One Drive, Google Docs or Apple iCloud) to store critical files which you do not want to loose. External hard drives or other media can fail (money in the bank vs. under the mattress). Backup applications -

● Windows backup built into OS, files & folders and image backup available

● EaseUs – free, backs up files, folders, or an image BACK ● Bvckup 2 – free, simple backup for files only, non encrypted, very fast Browsing and how do I know a website is secure? For any downloads or financial transactions, or any time you provide confidential information via a website, ALWAYS use “secure” websites. These sites are easily identified by a lock symbol, and by the “https://” prefix instead of “http://”. Be extra careful if you do not see the lock, or the website prefix is “http://”. If you click on the lock, you will see a description of the website certificate and any cookies being sent. For further reading see: Wikipedia Link Here is an example for www.ninite.com:

BACK

If you are still unsure of a website's security, you perform a virus scan at www.virustotal.com, This website is owned by Google and provides a free virus scan of both files and websites, using 47 different virus detection algorithms. Password management Passwords are either easy to remember, but weak, or strong and hard to remember. We have lots of them, and are forever forgetting them or loosing the piece of paper we wrote them on. However, they are necessary and we need them to be strong to guard against misuse by Malware or other intrusion Here are a couple of suggestions to help manage passwords:

● Use a Password Manager. This is a tool that keeps all our passwords in one place and often works directly with a browser. Two such tools that are reliable and safe are LastPass and KeePass. See link for more details of these two password managers: link

● Create a Strong Password Core - even with a password manager, you still need to remember a strong password for the password manager. One way to create a strong password that is easy to remember was suggested by Bruce Schneier in 2008 and is still considered by many today one of the simplest and most effective: Schneier Method to Create Strong Password: from www.schneier.com “My advice is to take a sentence and turn it into a password. Something like "This little piggy went to market" might become "tlpWENT2m". That nine-character password won't be in anyone's dictionary. Of course, don't use this one, because I've written about it. Choose your own sentence -- something personal”.

● Modify Core to create unique passwords – e.g. Append the core with part of the associated website or organization for which the password is intended. For example, for Bank of America you might add :”bA” to the front and “Ca” to the back. Make up your own simple rules that only you know.

BACK What are “cookies”?

Generally, cookies are small pieces of data sent between a sender and a receiver. A cookie is created and interpreted by the sender, while the receiver only holds it and sends it back if the sender asks for it. When browsing the web, the sender is the server on which a website runs and the receiver is the web browser of the user that visits that website. Their purpose is to identify the user, check for his past activity on the website and provide appropriate content based on this data. There are various kinds of “cookies”, of which the most common are:

● Session cookies - exist in a temporary memory until the web browser is closed. They are not harmful because all their information is deleted when your browsing session is over.

● Persistent cookies - also called tracking cookies, are used to gather information about the user, recording his or her behavior on a specific website over a period of time.

● Secure cookies - an encrypted cookie works only when using a secure HTTPS connection. These cookies are used to ensure that their information cannot be stolen by potential hackers connected to the same network as the user.

● HttpOnly cookies - ensure that only the website that created them can use them. Only session cookies can be HttpOnly and they generally do not imply any privacy or security risks for users.

● Third-party cookies - belong to a different domain, other than the one that sent them. These cookies stir up privacy concerns because some ad networks use them to track way too much data about users in order to display targeted ads.

● Zombie cookie - cookies that recreate themselves after they are deleted. They are generally used by web analytics services and stored outside the browser because they are available across browsers installed on the same computer. They can also be used for malicious purposes because the web browser cannot control their existence. ● For more detailed information see: link BACK What is a DNS server and how do I change it?

What is a DNS Server? DNS (or Domain Name System) Servers are address books within the internet that change common web page names to an IP (Internet Protocol) address that will link to the associated website. So, when you enter a web address in your browser, your computer sends a request to the DNS Server to provide the IP address of that website so you can see it. Usually your Internet Service Provider (eg Suddenlink) provides this DNS Server. Why is DNS Important for Malware Protection? DNS Services are a common target for hackers and Malware. Typically the Malware attack may monitor internet traffic and redirect a request to a different website, which then downloads Malware to your computer. What can I do to be more secure? You can select which DNS Server to use, instead of that provided by your ISP. Two which are often recommended are OpenDNS or GoogleDNS. These servers are maintained to a very high security level and also offer additional services such as website blocking and anti-phishing services. They sell this service to businesses, but offer a free service to individuals. How do I change my DNS? You can change your DNS service easily either by changing your Network Settings through Control Panel. You can also change your router settings so that any computer on your home network will be directed to OpenDNS for example. Details instructions for changing DNS settings: Open DNS: 208.67.222.222 and 208.67.220.220 : link Google Public DNS: 8.8.8.8 and 8.8.4.4 : link BACK