5 easy tips to avoid infections

Discussion in 'Tutorials & Guides' started by Jack, Mar 13, 2012.

  1. Jack

    Jack Administrator
    Staff Member

    Jan 24, 2011
    8,653
    14,797
    Bucharest
    Windows 10
    Default-Deny
    1. Don't run unknown programs on your computer.

    Before clicking the 'Run' button make sure you know what the program is and always keep in mind from where you got it.

    [​IMG]

    Everyone has seen this type of alert however most of the user for some reason decide to ignore it and allow the file to run without any kind of restriction.
    Files that don't have a digital signature or were downloaded from a unknown source should always be treated as dangerous.
    I strongly recommend that you check each file before allowing it to run :
    1.Scan it with your installed AV engine
    2. Scan it with an on-demad scanner like Hitman Pro or Malwarebytes Anti-Malware
    3.Submit the file virustotal.com to be scanned with 43 AV engines
    4.Submit the file at threatexpert.com in order to see how it behaves and what system changes performs
    Even so it's strongly recommended that you run the file in a virtual environment like Sandboxie or Bufferzone until you can decide if the file is malicious or not.

    2. No keygen = No infections
    Keygen , cracks and patches are the most common ways of getting your PC infected.
    I strongly advise you to avoid them, as there is little quality control in the world of illegal software, and it is easy for an attacker to name a piece of malware after a popular movie, album, or program to tempt you into downloading it.

    3. Download files only from trusted sources.
    You can drastically reduce the risk of an infection by knowing what and from where you are downloading a file.
    As a general rule it's recommended that you download files from known and reputable sites that have confirmed that the download is malware free.
    If you are unsure about the quality of a download, leave the site and research the software you are being asked to install. If it is OK, you can always come back to site and install it. If it is not OK, you will avoid a malware headache.

    4. Use common sense while online
    If it's sounds to good to be truth then most likely is!
    You'll not win the lottery and you'll not get an amazing prize on the Internet so don't fall for this type of scams.
    Ignore emails or websites who promise you a great prize as there is always a catch behind this type of promises.
    Completing a survey will not grant you a iPhone or 1000$ instead it will give the cyber criminals your personal details.

    5. Keep your PC up-to-date and secure
    Always update your OS or software when an update is available as this can greatly reduce the chances of an exploit.
    Also keep in mind that a simple antivirus engine doesn't do the job anymore, you need to have a layered system protection as malware threats are constantly changing and improving thus making the antivirus engine obsolete.
    An antivirus engine, firewall , HIPS , site advisor and sandbox are security layers which every computer needs to be safe in today's world.
    Another common mistake made by Windows users is to disable the User Account Control.
    [​IMG]
    I strongly advise you to let this Windows feature enabled and pay a very close attention to this pop-ups , as this could save your PC from an infection.

    Other Quick Security Tips :
    - Uninstall Java if you don't really need it as this is one of the most exploited programs.
    - Use complex passwords for you online accounts - Passwords should be a minimum of eight characters and contain a combination of letters (uppercase/lowercase), numbers, and special symbols (!,@, #, &, %,*)
    - Do not open email attachments from unknown sources or files sent through an instant messenger
    - Don't give out your details to people who don't have a legitimate need to know them.
    - While on social networks it's best to be reserved when allowing people to see your profile or updates.
    - Use a Limited/Standard User Account (LUA) - When using a Limited/Standard User Account , your user profile might still getting compromised, but not Windows 7 basic operating system in the background. Even your profile got hit, all your pictures, MP3 files or documents can be restored easily by logging in to another account that is not yet compromised.
     
    kev216, norman, Zar_ and 25 others like this.
  2. WinAndLinuxTutorials

    Trusted

    Aug 23, 2011
    2,126
    157
    Schoolboy
    Jordan
    Just one more tip: Don't install programs just by clicking Next, Next.... read carefully what the installer says. :D
     
    norman, Zar_, Svoll and 6 others like this.
  3. jamescv7

    jamescv7 Level 61
    Trusted

    Mar 15, 2011
    12,664
    17,722
    Web and FileMaker Developer
    Philippines
    Windows 10
    Microsoft
    Also some of the programs from the trusted source doesn't have the digital signature.

    Be aware also that files with digital signature doesn't mean its safe cause even malicious one can provide known publisher. The function of digital signature is that the name of the publisher who made the file itself.
     
    Parsh, Svoll and Logethica like this.
  4. ZeroDay

    ZeroDay Guest

    Jack stop it! with the good advice I'll have no customers left haha. Only messing if more people followed those simple rules the net would be much safer.
     
    Svoll, simbelmayne and Tornado like this.
  5. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,163
    29,643
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    The problem is that many users do the ooposite:

    n°4 : (looking for warez without common sense in some obscure websites)
    n°3 : (download the warez from this site when found)
    n°2 : (download the keygen)
    n°5 : (disable the UAC for not be annoyed when launching the keygen)
    n°1 : (allow the keygen to run)

    and then call me because their computer is infected !

    thanks all of them for allow me to have an easy job by their stupidity :D
     
    soccer97, Svoll, Logethica and 3 others like this.
  6. Valentin N

    Valentin N New Member

    Feb 25, 2011
    1,258
    49
    Student, Writer@techsweden.org,
    Germany
    My list.

    Look at the name - if it only contains for numbers, such as 92678.exe then it might be a malware

    Look at the the file ending - a file should only consist of one file ending, such as .exe, .jpg and never of two file ending such as .jpg.exe, .avi.exe and so on.

    Ask this: Should the file be executive? - executive files have .exe has ending but unexecutive file should never have .exe as ending (double file ending) such as pdf - pdf.exe, word - .doc.exe, avi - .avi.exe, jpg - .jpg.exe and so on.
     
    norman, Svoll and Logethica like this.
  7. HeffeD

    HeffeD New Member

    Feb 28, 2011
    1,597
    12
    This is however, dependent on your Windows settings. If you have Windows set to hide known file extensions, all you will ever see is myfile.pdf even if the full name is myfile.pdf.exe.

    I would recommend against using the hide 'feature'.
     
  8. Hungry Man

    Hungry Man New Member

    Jul 21, 2011
    656
    6
    I've found that asking users to change behaviors leads nowhere - if they want to test out that program they will, if they want to run that crack they will.

    Good tips though.
     
    Svoll and Logethica like this.
  9. HeffeD

    HeffeD New Member

    Feb 28, 2011
    1,597
    12
    Sad, but true!

    And all too often, their security software will complain about the crack, so they disable it or create an exception for it to run. Then they are surprised when the crack contains a payload they weren't expecting.
     
    Svoll and Logethica like this.
  10. McLovin

    McLovin Level 61
    Trusted AV Tester

    Apr 17, 2011
    8,768
    6,392
    I stream ✌
    Queensland, Australia
    Windows 10
    Trend Micro
    In that case you would then upload it to websites like VirusTotal, to check if the file is dangerous or not.
     
    Svoll and Logethica like this.
  11. Ramblin

    Ramblin New Member

    May 14, 2011
    940
    134
    Except that I don't use a user account and prefer not to use more than one real time security application at the same time, no layered security setup for me, I strictly follow everything else.

    Nice piece of advice you posted here Jack, you too Heffe.

    Bo
     
    Svoll and Logethica like this.
  12. LochNess

    LochNess New Member

    Apr 2, 2011
    80
    3
    Jack, Good Advice... Thanks

    I generally "stop", "take a deep breath" and "think" before opening any file... "Speed Kills"... Sorry for Lame Pun... I just couldn't help it... ;-)
     
    Svoll and Logethica like this.
  13. jamescv7

    jamescv7 Level 61
    Trusted

    Mar 15, 2011
    12,664
    17,722
    Web and FileMaker Developer
    Philippines
    Windows 10
    Microsoft
    There are some reasons that a user is curious on how the file worked so its good that a virtualized software is installed in order to observe the behavior and its impacts.
     
    aries1104, Svoll and Logethica like this.
  14. HeffeD

    HeffeD New Member

    Feb 28, 2011
    1,597
    12
    If they are going to be disabling their security to install something they don't know about, they're definitely not going to be uploading it to VirusTotal.
     
    Svoll and Logethica like this.
  15. McLovin

    McLovin Level 61
    Trusted AV Tester

    Apr 17, 2011
    8,768
    6,392
    I stream ✌
    Queensland, Australia
    Windows 10
    Trend Micro
    That's true, never put it that way. Funny to see thought that people will disable security for something that is counted as a threat.
     
    Svoll and Logethica like this.
  16. Fiona_scrol

    Fiona_scrol New Member

    Mar 14, 2012
    15
    2
    On Windows 7 Ultimate 64 bit,
    browsing with Mozilla Firefox, is there any reason to do this?
    I have IE and Chrome on my computer.
    Do the two browsers get infected easily?
     
    Svoll and Logethica like this.
  17. MrXidus

    MrXidus Super Moderator (Leave of absence)

    Apr 17, 2011
    2,173
    931
    Australia
    The browsers don't get infected, Your system does depending on what you are downloading. :)

    Keeping the browsers up to date is a good way to avoid exploits that are harmful.
     
    Svoll and Logethica like this.
  18. jamescv7

    jamescv7 Level 61
    Trusted

    Mar 15, 2011
    12,664
    17,722
    Web and FileMaker Developer
    Philippines
    Windows 10
    Microsoft
    Browsers comes to be vulnerable and can expose threats at vary levels so everything must be updated not only for browsing experience but fixed security issues well.
     
    Svoll and Logethica like this.
  19. Overkill

    Overkill Level 30
    Trusted

    Feb 15, 2012
    2,106
    1,997
    USA
    Windows 7
    Default-Deny
    I'm not too experienced with keygens etc...i've always been told that lots are false positives and are harmless is this true at all?
     
    Svoll and Logethica like this.
  20. Ramblin

    Ramblin New Member

    May 14, 2011
    940
    134
    Don't install keygens, if you do, eventually you will get infected.

    Bo
     
    Svoll and Logethica like this.
Loading...
Similar Threads Forum Date
New VirusTotal.com Graph Makes It Easy to Visualize Malware Security News Jan 8, 2018
AI in Photos makes it easy to find and create the perfect holiday photo or video Operating Systems Dec 14, 2017
Expired Driver Easy pro version for FREE Giveaways Archive Sep 21, 2017