Malware Prevention Guide

Preventing your Windows PC from being infected by malware

This malware prevention guide is intended for the average/above average home user that wants to protect their PC using Anti-Malware products and techniques.  Some of these solutions are free, some aren’t.  If you follow this guide then there’s no reason for you to ask “what’s the best way to protect my PC from being infected?”.  If you’d like to add another way to protect your PC from malware please add it as a comment below.

    1. Make sure your PC is setup to install Windows critical and security updates.  Updates are one of the most important ways you can prevent your PC from being infected.  By default Windows updates are installed at 3Windows 7 Automatic Updates am.  If your PC is asleep or turned off your updates will NOT be installed.  Either make sure your PC is on at 3 am or change the install time to when your PC is turned on.  You MUST reboot after your updates have been installed.  Installing your Windows updates are super critical.  If you need step-by-step instructions you can find them here.
       
    2. If you need to use Java (not to be confused with Javascript) make sure you install Java updates when they pop-up in the bottom right hand corner.  If you don’t receive an update notification then go to Java.com, download and install the latest version of Java.  If you don’t use Java just uninstall it.
       

  1. Install the latest version of Adobe Reader.  You will be notified when Adobe Reader updates are available.  Install them!

    Adobe-Reader-Updates

  2. Install the latest version of Adobe Flash Player.  You will be notified when Adobe Flash Player updates are available.  Install them!
     
  3. Install the latest version of the browser you are using.
    http://www.google.com/chrome
    http://www.mozilla.org/
    For IE – Check for updates. 
     
  4. If you don’t want to look for updates manually you can use something like Secunia – read more here http://secunia.com/vulnerability_scanning/personal/).
     
  5. Turn off Autorun / Autoplay.  Lot’s of people use flash drives, they’re great.  However, worms like them too (like Conficker).   If you insert a flash drive with a worm on it the worm will jump from USB to the PC instantly (and viceversa).  Turning off autorun minimizes the chance that the worm will automatically jump from the flash drive to the PC.
    How to disable autorun/autoplay in any version of Windows 

     

  6. Buy a new AntiVirus every year.  Download it or go to the store, doesn’t matter.  95% of the new clients I meet believe they norton-internet-security-2012have the latest antivirus because they are renewing their antivirus subscription.  Not true.  They are simply receiving antivirus database updates, not program updates.  Some antivirus applications may do program updates automatically, however I barely see this.  If you want an Antivirus / Antimalware that works really well right outta the box then grab Symantec’s Norton Internet Security (NIS).  The lastest versions of NIS are extremely light on your system and very effective at preventing malware.  If you can’t afford to pay for antivirus then I currently recommend either Avast Antivirus Free.
     
  7. Install some realtime “companion” anti-malware.  Companion anti-malware, like MalwareBytes Pro, works alongside your anti-virus without slowing your computer down while drastically increasing your protection.

The malware landscape looks like this *right now* (and hasn’t changed that much this year)

Fake AntiVirus and Fake System Utilities

These fake apps are either loaded via hacked websites or trojans that already exist on your PC.  They’ll popup messages saying that your computer is highly infected or that your hard drive is damaged and ready to die. These messages are intended to scare you into buying the fake application.  

NOTE: Fake system utilities will hide all the applications and files on your computer making it look like they have been deleted.  Your files are simply hidden and not deleted…it’s just a scare tactic.

Rootkits – Rootkits are specialized malware that usually have the following characteristics and abilities:

  • they are completely hidden from your conventional antivirus and some specialized removal tools.
  • they will redirect your searches on the internet to bad sites.
  • they will disable your antivirus.
  • they will download other pieces of malware (like fake antivirus).
  • sometimes they’ll prevent your computer from booting (like the one I’m working on right now).
  • they may patch system drivers (usually just 1-2 random drivers).
  • they may infect master boot records.
  • they may allow a remote attacker to view, change, upload or delete any file on your PC and execute commands.

,

23 Responses to Malware Prevention Guide

  1. Bubbanater07 December 1, 2011 at 3:39 pm #

    very nice matt, when are you gonna do that youtube review?

    • Anonymous December 2, 2011 at 3:04 am #

      I’m uploading the NIS 2012 review tomorrow night (probably late). I’m finishing the VM as I write this.

      • ZOU December 3, 2011 at 5:20 pm #

        Have you seen anything yet that Kasperky’s bootable disk cannot cure?

      • Dave December 3, 2011 at 9:56 pm #

        Can’t wait.

      • Bubbanater07 December 4, 2011 at 4:25 am #

        you must of got behind we are all still wating patiently for that review.

  2. char1661 December 1, 2011 at 10:39 pm #

    Very nice for basic users, though I think step 1-5 could be condensed in simply update EVERYTHING, no matter how small. Also, I hate to be, well, pushy i guess, but when are you going to upload a new review? It’s been like a month since you said you would review Norton

    • Anonymous December 2, 2011 at 3:04 am #

      Look for it tomorrow night (late). It’s a biggy.

  3. Shaun Zhang December 2, 2011 at 12:41 am #

    Buy a new antivirus every year?
    Do you mean switch into a different antivirus every year?
    For me, I use free antivirus only, do you mean that free antivirus isn’t enough?
    I wouldn’t be spending money buying antivirus every year, they have subscriptions, not unless if I can get a lifetime licence for my antivirus product.

    • Anonymous December 2, 2011 at 3:05 am #

      No, same brand (if it’s working for ya).

  4. Shaun Zhang December 2, 2011 at 1:10 am #

    I thought it was switching to a different antivirus, but you are talking about Antivirus program updates,
    By the way, I don’t usually get such infections, except that my computer sometimes acting by itself, which I believe that my computer got hacked, I only got some adwares on my computer which I detected by using Malwarebytes antimalware.
    I am asking you one unralated question
    Do you disconnect from the internet before you change your windows logon password?
    I do.
    There was once that my computer got hacked, and my computer was acting by itself, as soon as I changed my logon password while my internet connection is on, I felt that the hackers still gained access to my computer because the computer is still seemingly acting by itself.
    So I thought, right, I will disconnect from the internet before I change my password, this will make sure that the hackers will not use keyloggers to monitor my keystrokes through my internet connection, regardless of whether or not the hackers will monitor my keystrokes through my internet connection, I am still disconnectiing from the internet before I change my password as an extra safety precaution, after I disconnect from the internet, I log off, and log back on again, then I cnahge my password.
    After I reconnected to the internet, my computer become perfectly normal, it no longer acts by itself.

  5. Anonymous December 2, 2011 at 2:10 am #

    Very good guide Matt.

    • Anonymous December 2, 2011 at 3:02 am #

      Thanks, much appreciated

  6. Anonymous December 2, 2011 at 3:05 am #

    Oh yeah, if you like the guide please share it on Facebook!!!

    • Adam December 2, 2011 at 4:07 pm #

      Shared!

  7. Shaun Zhang December 2, 2011 at 3:55 am #

    Can you do a review on Comodo Internet Security 5.8 when you have time for it?

  8. Anonymous December 2, 2011 at 7:29 pm #

    You left out one of the most important tips: Use a Standard or Limited user account, and only log in to an administrative account for performing tasks that require it, such as installing software or changing system settings.

  9. Bo December 3, 2011 at 2:13 am #

    Very nice guide. Thank you.
    What do you think about doing manual updates to flash for Firefox and IE? I do those at least as often as I see updates to a browser, Chrome or Firefox, or an update to Adobe Reader. Haven’t seen the flash update automatically yet.

  10. Bo December 3, 2011 at 2:14 am #

    Oops. Missed the flash update bullet.

    Thanks for the great guide.

  11. Shikhak December 28, 2011 at 6:46 am #

    Very impressive blog, the guidelines listed by you are really good and I will follow them for sure. Not only this, I will also install a good Antivirus from a reliable source like http://www.immunet.com so as to provide all over protection to my computer.

  12. Jeremy January 3, 2012 at 8:34 am #

    I also run a computer repair business myself Fake AntiVirus and Fake System Utilities = Rogue i can agree with this year i would say about 70% of my work has been this type.
    Also most people do not hear about the antivirus Zonealarm its always over looked i recommend it to all of my customers and 90% of my customers that keep it updated never have a problem maybe it runs a little to well.

    Nortons & Mcafee antivirus are no good in my opinion ive seen this first hard endless times.
    again its just my opinion from my work but keep up the great work matt i refer to your reviews and information.

    -My Site-
    http://www.theofficialgeek.com

  13. Basscarp January 4, 2012 at 3:48 pm #

    Matt, you are the man. I have been following your site/advice for about 3 years and the information you give is awesome for helping us rookies clean up our and family computers.
    Keep it coming, you are providing a wonderful service for society… Basscarp.

  14. Kimball55 July 21, 2012 at 4:49 pm #

    Can you please review Webroot

Trackbacks/Pingbacks

  1. Malware Removal Guide - February 26, 2013

    […] prevention guide […]

Leave a Reply