Why did I get infected in the first place?

You usually get infected because your security settings are too low or you blindly click yes to everything.

If you are reading this article as part of a post-infection clear-up, then please be aware that several anti-malware tools that are commonly used by helpers on online help forums reset various windows settings to the default that windows came with. These aren’t always the safest option but are the default windows options. If you follow the advice below, especially setting “show known file types“ you will be much safer.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

  • Watch what you download! Many freeware programs and P2P programs are amongst the most notorious, coming with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself. There is no such thing as a free lunch and many “free” programs on the net contain adware or spyware.
  • Read carefully the EULA before installing anything and if it says “Supported by Advertising” or similar wording be very wary and expect problems and pops ups etc. Be careful what add-ons, toolbars and extensions you install in your browser. Very few of them are needed, useful or safe. All the majority of these add-ons will do is slow down browsing and cause unwanted adverts and pop-ups on your computer.
  • Be extremely careful when downloading from software sites. A high number of these sites use their own “download manager” which stealthily installs so-called “optional” programs that cause pop-ups, adverts and search divert, unless you are scrupulous about watching what it does, and carefully uncheck everything it offers, apart from the program that you actually want.
  • Set your folder options to “show known file types“. The default for windows is to hide known file types and that way, when you receive an email saying open this picture or read this important document, you don’t see the .exe at the end. Once you set known file types to show, it is much less likely that you will accidentally click on a malware file & open it, thinking that it is a picture from a friend or a document that you are expecting. This shows you how to set it for Windows 7 or Vista and this for Windows 8
  • Watch out for sites that insist you need a special codec to watch the video or listen to music on the site. 99% of the time they are trying to install malware. If you already have Windows Media player, Flash, Quick time or Real player installed, there should never be any need to install a special player or codec from the site.
  • Phishing and Identity theft: Be very wary of links in emails allegedly coming from your Bank, Building Society, Insurance Company, PayPal, etc. Hover your mouse over the link to see whether it is the correct Bank website etc. If the address showing in the hovered link isn’t the same as the address it says it is, then don’t click on it. Go to your bank’s website via a known good link. If you do happen to accidentally click on a suspicious link, don’t panic, but simply close the browser window and definitely don’t enter any information in the site.
  • Malicious Email attachments: Be very careful with email attachments. The basic rule is NEVER open any attachment to an email, unless you are expecting it. Now that is very easy to say but quite hard to put into practice, because we all get emails with files attached to them.
  • Our friends and family love to send us pictures of them doing silly things, or even cute pictures of the children or pets. Never just blindly click on the file in your email program. Always save the file to your downloads folder, so you can check it first. Most ( if not all) malicious files that are attached to emails will have a faked extension. That is the 3 letters at the end of the file name. Unfortunately, windows by default hide the file extensions so you need to Set your folder options to “show known file types.
  • Then when you unzip the zip file that is supposed to contain the pictures of “Sally’s dog catching a ball” or a report in word document format that work has sent you to finish working on at the weekend, you can easily see if it is a picture or document & not a malicious program. If you see .EXE or .COM or .PIF or .SCR at the end of the file name DO NOT click on it or try to open it, it will infect you. While the malicious program is inside the zip file, it cannot harm you or automatically run.
  • When it is just sitting unzipped in your downloads folder it won’t infect you, provided you don’t click it to run it. Just delete the zip and any extracted file and everything will be OK. You can always run a scan with your antivirus to be sure.
  • Smart Filter: Keep it turned on at all times. If you are using Vista or Windows 7, then Internet Explorer 8, 9, 10 and 11 has an inbuilt smart filter that scans all websites that you visit and all web based downloads. It will alert you and block access to known infected websites and unknown or malicious executable files that you are attempting to download. It won’t block Zip or Rar files.
  • Obviously smart filter only works if you use Internet explorer as your browser and not if you use Firefox or Chrome. If you are using Windows 8 or 8.1, then you are much better protected, because smart filter is inbuilt to windows and scans/checks and blocks ( if needed) any file you download or open on your computer. This way it works on all browsers and any files received by email as well as web scanning.
  • Facebook, Google+, Twitter and other Social Networking sites: Don’t get carried away with what you post on these sites and remember that a lot of what you post will be public and it is rather like walking down the local High Street and shouting out to everyone in earshot, everything that happened last night, your name & address and phone number and where you hide the spare keys to your front door. Never post when you are going away or that the house will be empty overnight.
  • A lot of thieves, fraudsters and other criminals, hang around and monitor Social Networking sites and use the information they gain from them to do lots of nasty things to you. Also remember what you post can be read by all your friends and often your boss. Don’t let something you wrote when you had a few drinks or you were in a silly or bad mood, come back and bite you, a few weeks, months or years later.

Keep Windows and programs up to date.

  • Windows Update and Internet Explorer. Go to IE > Tools > Windows Update > or use Start > Programs> Windows Update ( select Custom) and install ALL Critical and Security Updates listed. It’s extremely important to always keep current with the latest security fixes from Microsoft. Install ALL those patches. Internet Explorer 6 is no longer recommended and you are strongly advised to immediately update to IE8 for XP (IE10 for Vista and Windows 7 or Windows 8, IE 11 is also now available for Windows 7 and is inbuilt to Windows 8.1).
  • It doesn’t matter if you normally use an alternative browser such as Firefox, Safari or Google Chrome. Just having IE6, which is vulnerable to so many exploits, installed on your computer is enough to allow malware & exploits onto your computer with no action on your part. Microsoft now issues security updates on the second Tuesday of every month and non-security updates on the 4th Tuesday. Make sure you do a windows update as soon as you can after 6 pm UK time or 1 pm US Eastern time to get the latest updates on those days.
  • Oracle Java
    I do not recommend that you have Java installed at all unless you absolutely need it. The amount of malware infections that occur due to Java vulnerabilities is so high nowadays. The vast majority of users get by very well without Java but If you do need it then:
    Oracle Java gets regularly updated so make sure you update that regularly and Uninstall any previous versions once you have updated. NOTE: the Java updater does not always remove the previous vulnerable versions

Please follow these steps to remove older version Java components and update.
Updating Java:

  • Download the latest version of Java Runtime Environment (JRE) 7.
  • Scroll down to where it says “Java Platform, Standard Edition”.
  • Look in the right-hand box that says “JRE” Click the BLUE “Download” button
  • That takes you to the list of the latest list of Java SE Runtime Environment 7 Downloads with selections for every type of operating system
  • Check the box that says: “Accept License Agreement”.
  • Click on the link to download the appropriate Windows Offline Installation and save to your desktop.
  • Close any programs you may have running – especially your web browser.
  • Go to Start >Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.
  • However, the much easier and less confusing way is to go to www.java.com and press the red “Free Java Download” button.

Adobe Flash, Acrobat Reader etc Keep Adobe reader and flash updated. One of the most common avenues of infection is outdated and vulnerable versions of these 2 products. If you are using Windows 8 or 8.1 then flash is inbuilt and will automatically update for Internet Explorer. You will still need to use the flash updater to keep Firefox updated. Chrome automatically updates Flash.

  • Always use a standard or limited user account for day to day computer use, especially for internet use. This applies mostly to Windows 7, Windows 8 and Vista because many programs running on XP don’t work properly unless run on an admin account. but try and see if you can work on a limited user account on XP. On W7 and Vista set UAC to the highest level and always password the admin account.
  • Windows 8 or 8.1 only have UAC on the middle level. When a program or person tries to alter settings or add something new, then you get an alert and you cannot continue until you either allow it by typing the admin password or refuse it by pressing NO. This ONE thing will stop 99.9% of malware and unwanted programs from installing. Read THIS LINK for full details about UAC
  • Internet Options – ActiveX controls and Plug-ins. Go to Internet Options/Security/Internet, press ‘default level’, then OK. Now press “Custom Level.” Set the following options as described here:
  • Setting the Internet Zone for Additional Security: Sites that you know for sure are above suspicions like online banking and other secure sites only can be moved to the Trusted Zone in Internet Option/security.
    Never put sites like Facebook, Myspace, MSN or any other similar type of social networking site in the trusted sites zone.
  • So why is ActiveX so dangerous that you have to increase the security for it?
    When your browser runs an ActiveX control, it is running an executable program. It’s no different from double-clicking an exe file on your hard drive. Would you run just any random file downloaded off a website without knowing what it is and what it does?
  • Scan at http://secunia.com/vulnerability_scanning/personal / for out of date and vulnerable common applications on your computer and follow their advice and links to update them
  • Install a good Antivirus and firewall. I recommend Kaspersky UK Store | Kaspersky USA Store for a paid-for antivirus and Microsoft Security Essentials (https://www.microsoft.com/security_essentials/) for a free one
  • Install a good Antispyware with real-time protection. I recommend 2 programs as have good real-time protection as well as good cleaning capabilities SuperAntispyware or Malwarebytes Anti-malware.
  • Passwords: If you have been infected then be aware that a lot of the newer malware/spyware is designed to steal your private information. That includes all passwords, logins to forums & other websites and most of all your Bank, Credit card or PayPal details. It is vital that after you have been cleaned up you change all your passwords and on many occasions, it is necessary to get in touch with your bank or other financial body to inform them that your details may ( probably have ) been stolen
  • Never, EVER use the same password on different sites. Always use a different password for each site you log in to. Don’t use simple passwords, like your name, Your Husband’s/Wife’s, your Boyfriend’s/Girlfriend’s, Your Dog’s or Cat’s name. Always use a strong password with a mixture of letters and numbers and different characters. Something like jenny, Rover, 12345, 54321, password, login or similar words are absolutely useless. You need something like TsfE£%9& to stop them being guessed
  • I strongly recommend using ROBOFORM to keep & create safe secure passwords And make sure your Antivirus and Firewall is switched on and kept updated and do not allow unknown programs or processes to access the net or your computer, always block and ask for advice