Tutorial 5 easy tips to avoid infections

1. Don't run unknown programs on your computer.

Before clicking the 'Run' button make sure you know what the program is and always keep in mind from where you got it.

RR5vO.png


Everyone has seen this type of alert however most of the user for some reason decide to ignore it and allow the file to run without any kind of restriction.
Files that don't have a digital signature or were downloaded from a unknown source should always be treated as dangerous.
I strongly recommend that you check each file before allowing it to run :
1.Scan it with your installed AV engine
2. Scan it with an on-demad scanner like Hitman Pro or Malwarebytes Anti-Malware
3.Submit the file virustotal.com to be scanned with 43 AV engines
4.Submit the file at threatexpert.com in order to see how it behaves and what system changes performs
Even so it's strongly recommended that you run the file in a virtual environment like Sandboxie or Bufferzone until you can decide if the file is malicious or not.

2. No keygen = No infections
Keygen , cracks and patches are the most common ways of getting your PC infected.
I strongly advise you to avoid them, as there is little quality control in the world of illegal software, and it is easy for an attacker to name a piece of malware after a popular movie, album, or program to tempt you into downloading it.

3. Download files only from trusted sources.
You can drastically reduce the risk of an infection by knowing what and from where you are downloading a file.
As a general rule it's recommended that you download files from known and reputable sites that have confirmed that the download is malware free.
If you are unsure about the quality of a download, leave the site and research the software you are being asked to install. If it is OK, you can always come back to site and install it. If it is not OK, you will avoid a malware headache.

4. Use common sense while online
If it's sounds to good to be truth then most likely is!
You'll not win the lottery and you'll not get an amazing prize on the Internet so don't fall for this type of scams.
Ignore emails or websites who promise you a great prize as there is always a catch behind this type of promises.
Completing a survey will not grant you a iPhone or 1000$ instead it will give the cyber criminals your personal details.

5. Keep your PC up-to-date and secure
Always update your OS or software when an update is available as this can greatly reduce the chances of an exploit.
Also keep in mind that a simple antivirus engine doesn't do the job anymore, you need to have a layered system protection as malware threats are constantly changing and improving thus making the antivirus engine obsolete.
An antivirus engine, firewall , HIPS , site advisor and sandbox are security layers which every computer needs to be safe in today's world.
Another common mistake made by Windows users is to disable the User Account Control.
Windows_7_UAC.png

I strongly advise you to let this Windows feature enabled and pay a very close attention to this pop-ups , as this could save your PC from an infection.

Other Quick Security Tips :
- Uninstall Java if you don't really need it as this is one of the most exploited programs.
- Use complex passwords for you online accounts - Passwords should be a minimum of eight characters and contain a combination of letters (uppercase/lowercase), numbers, and special symbols (!,@, #, &, %,*)
- Do not open email attachments from unknown sources or files sent through an instant messenger
- Don't give out your details to people who don't have a legitimate need to know them.
- While on social networks it's best to be reserved when allowing people to see your profile or updates.
- Use a Limited/Standard User Account (LUA) - When using a Limited/Standard User Account , your user profile might still getting compromised, but not Windows 7 basic operating system in the background. Even your profile got hit, all your pictures, MP3 files or documents can be restored easily by logging in to another account that is not yet compromised.
 

malbky

New Member
Jun 23, 2011
1,010
Most installers come bundled with open candy which shows adds which is a kind of spyware/adware. To skip it look for installer without open candy the site usually provides this or use the /nocandy switch.
 
  • Like
Reactions: Svoll and Logethica

whizkidraj

Level 8
Nov 9, 2012
363
One more important tip I would suggest is to always have a look at ur start-up programs before shutting down the PC or restarting as there are other family members too who install some programs from unknown source and then I always have to deal with finding the right one and keeping an eye on the start-up programs everyday. Best tool for this is CCleaner which now also comes with the Scheduled Tasks option in Tool > Startup. So always do check that also mate. Cheers for CCleaner ! :)
 
  • Like
Reactions: Svoll and Logethica

softwareFREEk

New Member
Dec 27, 2012
621
big reason why I love disposable email addresses and MalwareTips giveaways :p

Disabling ActiveX/Scripting/Java/iframes etc etc. is useful

some malware that has been prevalent since mid 2000's
is malware enbedded in .jpg, .doc extensions (.jpg embedded with executable)
click on a picture without scanning first and wallah.
Facebook had one recently thought to be the file icon but alas was NOT, I think Germany? but
could be wrong as I do not do facebook..
 
  • Like
Reactions: Svoll and Logethica

mohitpatel09

Level 1
Jan 17, 2013
29
Opensource softwares like Process Hacker 2, VLC media player does not specify publisher name but they can be trusted.

So be sure to make differences between legitimate and malicious softwares and learn about opensource and other softwares and their UAC notifications.
 
  • Like
Reactions: Svoll and Logethica

Littlebits

Retired Staff
May 3, 2011
3,902
If you follow these basic rules, all you will need is a good AV, secure browser and Windows Firewall. Most infection occur because users ignore Windows File Checker and UAC warnings, if the file is not digitally signed by a trusted vendor then don't run it unless you have got it from a trusted source like vendor's official website, Softpedia, MajorGeeks, FileHippo, etc.

You can use your host file to block OpenCandy and other online installers that use third-party adware or use a portable version instead.

HostsMan with MVPS Host block list will block OpenCandy and most of the other online installer adware.

Thanks.:D
 
I

illumination

Keeping the PC/programs up to date and not running unknown programs will pretty much cover most users. The majority of infected systems i have seen have been caused by these issues.
 
  • Like
Reactions: Svoll

Ramblin

New Member
May 14, 2011
1,014
Three tips that work for me, I believe in them and no one has mentioned.

One, just like Java can be a problem, plugins and extensions also can be. If we don't use a plugin, we should get rid of it. Four years ago when I started learning how to be safe, I had 13 plugins in my PC. The funny thing is that I did not know what they were, how they got in or if they came with Firefox. I thought they all came with Firefox. Wrong. None came with Firefox is what I learned. Anyway, little by little I stated learning about what they were and how I got them. When I finished with them, only one remained. That was Flash. I kept Flash because I use Flash. All the others plugins that I had, I had no use for any of them.

If it sounds familiar, you should take a look at your plugins or Active X and get rid of them if you don't use them.

Two, I normally stay around the same sites all the time. I visit all kind of sites but I have never gotten anything that looks or acts like malware from sites that I have bookmarked. What I am trying to say is, get to know the sites that you visit and bookmark and visit sites that you know that you never had any kind of problem when you have visited them in the past. Stay around the sites that you bookmark. I feel that the less that I go away from my bookmarks, the safer that I am. Thats my experience.

Three, searches. Be extremely careful when doing searches. The last few times that I got infected or was close to getting infected was doing searches and I am not talking about searching for the "good stuff", I mean searching for things like Dr Webb or Emsisoft. Sounds unbelievable but is true. Well, now that I know a little how the bad guys work, those close encounters with malware while searching for security products don't seem rare anymore.

Bo
 
  • Like
Reactions: Svoll and Logethica

MidniteQue

New Member
Feb 4, 2013
38
Just thought as a recent convert who just a month or so ago was completely ignorant of the dangers on the web. Some bad stuff in my new computer woke me up. Now I soak up protection info. Sadly my friends don't hear me when I try to warn them.
 
  • Like
Reactions: Svoll and Logethica

MidniteQue

New Member
Feb 4, 2013
38
malbky said:
Most installers come bundled with open candy which shows adds which is a kind of spyware/adware. To skip it look for installer without open candy the site usually provides this or use the /nocandy switch.

I have OpenCandy on my computer. Don't know how it got there. Mostly I didn't read the checked boxes when I downloaded a program. Cannot get it off computer. I read that it is a nasty program. Wild Tangent is another. It came pre-installed by HP with computer. Hate it when programs refuse to uninstall and don't supply an uninstaller.
 
  • Like
Reactions: Svoll and Logethica

McLovin

Level 76
Verified
Trusted
Malware Hunter
Apr 17, 2011
9,220
MidniteQue said:
I have OpenCandy on my computer. Don't know how it got there. Mostly I didn't read the checked boxes when I downloaded a program. Cannot get it off computer. I read that it is a nasty program. Wild Tangent is another. It came pre-installed by HP with computer. Hate it when programs refuse to uninstall and don't supply an uninstaller.

If you need help removing it, you can always post in the Malware Removal Forum. :)
 
  • Like
Reactions: Svoll and Logethica

Ramblin

New Member
May 14, 2011
1,014
MidniteQue said:
Wild Tangent is another. It came pre-installed by HP with computer. Hate it when programs refuse to uninstall and don't supply an uninstaller.

You do have an uninstaller,is not listed as Wild Tangents. Look for something like HP games or something like that. I have two HP computers and I uninstalled WT on both computers.

Bo
 
  • Like
Reactions: Svoll and Logethica

Aeonwolf

New Member
Mar 9, 2014
8
Edited it a bit.

2. No keygen = No infections
Edit: KeyGens are not a viruses! They are detected simply because you get the activation code for a products for free, so stop saying you'll get a virus to running a KeyGen.

Note: If you are a e-pirate & security freak like me, you would not just search for a KeyGen on Google.
There are many trusted crack/KeyGen providers


3. Download files only from trusted sources.
A file might not be trusted simply because the vendors are either now so popular or know.
Do some research on files you download

4. Use common sense while online
This does not need much explanation.
Don't be a retard while browsing the internet! It's a dangerous place.
 
Dec 16, 2013
429
I disagree, keygens can contain Trojans, and are a risk.
I agree with your point. Keygen sometimes have inside hide trojan or backdoors. If You (not specifically you ;)) really want a keygen you should go to the developer site and download it directly from their website and not from file-host sites (4shard etc..). Always upload the file to VirusTotal And check ESET-NOD32 Detection name. If the detection name is: Risktool/game Hack/Hack engine Than the file is (Most of the chance) clear from real malware
 

orlygul

New Member
Jan 13, 2016
2
I'v installed anti virus, ad block and who knows what else to my grandfathers computer and he still managed to get Malware to his pc... Thanks for the tips, especially with the java. Sadly, it can be hard to explain all those other points.. even though they seem to be obvious to anyone else.
 

Spawn

Administrator
Verified
Staff member
Jan 8, 2011
21,132
I'v installed anti virus, ad block and who knows what else to my grandfathers computer and he still managed to get Malware to his pc... Thanks for the tips, especially with the java. Sadly, it can be hard to explain all those other points.. even though they seem to be obvious to anyone else.
By default, Windows allows users to run with Administrative privileges (ie. Admin Account).

For less experience users, creating a Standard (Limited) user account will drastically reduce the risk to infection. You still need a good Antivirus and modern Browser with Ad-Blocking extension to protect the user from daily threats, but without the risk of malware compromising the system.

Once your PC is clean from malware (Malware Removal Assistance):
- Clean the Admin User Account - Remove all unwanted / old software.
- Important: Add Password Protection to the Admin User Account
- Check that UAC (User Access Control) is enabled, default is good.
- Install your security software; real-time Antivirus or Internet Security, on-demand Scanner (ie. Malwarebytes Anti-Malware Free)
- Check for any Windows Updates and install any Important / Security patches. (It is safe to Ignore the Recommended or Optional updates).
Now for your Grandfather:
- Create a new Standard User Account.
- Install Firefox, Chrome, Opera or your preferred choice - these will be installed locally to their profile, no Admin/UAC required.
- Install Adblocking extension or software
- Install any other software - these may need Admin privileges, so enter the Admin Password in the UAC prompt.
** Do not share the Admin password - This is for yourself to use, when performing any maintenance to the PC **

You can share your details here:
Security Configuration Wizard
 
Top