How-to Guide Your Mouseclick Matters Guide

Discussion in 'Tutorials & Guides' started by Nico@FMA, May 12, 2013.

  1. Nico@FMA

    Nico@FMA Level 27

    May 11, 2013
    Security Consultant, ICT Advisor and Developer
    Friesland (Harlingen)
    Windows 7
    Hello everyone,

    After searching the forums i have notice that there are so many good guides out there, but i also have noticed that most guides forget to mention some basic things.
    So here i am going to make a attempt to write down a few tips that can enhance your security and can smoothen your Internet experience.

    Antivirus + FW & Antispyware.
    One of the biggest mistakes ever made is to blindly trust a your security suit.
    You might say why is that? Well if you allow me i will try to explain it to you.
    Your AV & AS will generally offer a reasonable defense against a wide range of malware related dangers.
    And most come with a comprehensive set of tools that in theory should add a significant bonus in hardening your system.
    That said if you follow the instructions given by your AV +FW & AS then its save to assume that virtually all of them will get the job done in protecting you.
    But that said they have a common weak spot which is more deadly then ANY virus ever created and thats your click habits.
    Your protection suit regardless of brand is just as good as you allow it to be. Your mouse click will make your protection trustworthy or untrustworthy
    To many times in my professional ICT & Security career i have come across people who made the same basic mistake and that is NOT reading & acting and just clicking to get rid of a alert, Or just click to get it over with assuming that your protection suit will deal with it.
    Fact is your protection suit will NOT always deal with it period.
    And hence why i have said do not trust your protection suit just because it looks nice and says: "Its all ok".
    (Your mouse click the biggest virus ever created might already have taken over your system :D)

    A common myth is that protection suits are made to: Literally protect you a 100%, They always clean your system and never fail and If they do not report a problem that your system is automatically regarded clean by default.
    Wrong Wrong so WRONG.

    Antivirus, Antispyware, Firewalls they where never intended to stop 100% of all the viruses & malware out there.
    Because when the security industry started many years ago it became clear that they would NEVER be able to achieve a 100% security.
    So instead they focused Detection & Alerting, Prevention and IDS/HIPS (And variants) with the aim to root out a BIG chunk of the most common parasites.
    So that they could offer you a reasonable standoff against common attacks and dangers.
    This was purely with user friendliness in mind as all the brands realize that there is no: "can do it all" package out there.
    There are millions and millions of viruses & attacks and other dangers to your PC out there, So there is NO WAY a protection suit is going to cover all of them and be successful.
    Thats said only a fraction of the dangers out there that can be considered as seriously dangerous.
    So a good thumb rule is that 80% of all the dangers out there can be covered by a well setup system with the idea in mind that the other 20% is not going to reach you anyway.
    Usually its save to assume that the average user has more to worry about misunderstanding and misusing their browser and computer habits and more importantly misinterpreting alerts and basic computer warnings and practices.

    All the well known and respected brands have a huge database with signatures, patterns and data that enables your protection to deal with a good portion of the most common dangers automatically.
    And in most cases the AV vendor will provide you with additional help if the protection fails in a attempt to clean & repair a particular problem.
    But as i have said before your behavior and understanding is a key factor which can lead to protection or infection.
    For example most malware and dangers out there are well documented and covered by your protection, so if you would follow the advise given then you are usually save, BUT here is a simple scenario that will render ANY protection useless:

    Imagine you are on a instant messenger program, Skype, Msn, Yahoo, Google-talk and you are chatting to a friend, family, work contact or even just a random person then most users make a basic mistake.
    For the sake of argument in this scenario you are chatting to your father who is afteral MOST trust worthy right?
    And suddenly your father send a picture of his new car.
    Now ask yourself the question how many users would accept the file without even blinking?
    And without realizing they just invited a VERY nasty pest into their well secured system.
    Because you just did fail to realize that your fathers PC might be infected and spread malware using contacts in his favorite instant messenger program.
    The moment you accepted that file there is a 95% that the file will successfully invade and infect your system without you actually clicking on the physical file itself, this because good old windows will read the file, index it and store it which is everything the file needs to penetrate your system without you knowing.
    And by the time you or your protection suit noticed this infection it could be all to late, because most of these pests will try to hit your protection from the inside out and 75% of those pests will actually manage to at least damage the system, not to mention that they actually have proven to outsmart MANY well known protections suits.

    My point here is always ask the person who sends the file: Hey dad did you send me a file? if he says yes then its usually ok if he says no well then you know enough.
    Never trust ANYONE on the net, even friends, family or work contact can screw up your pc (Willingly or unwillingly/unknowingly)
    And never ever believe that you are save if you cannot control your computer habits and mouse clicks.

    This is just one of the thousands of ways a user can be infected.
    Obviously a good protection suit (If they have a good self defense & tamper protection) Will be able to detect most pests and often will alert you that you just got infected. (Again they might not be able to remove the pest but at least they managed to alert you which is VERY important)
    And as i have mentioned before they have never been designed to 100% protect you, but they DO have been designed to alert you.
    In most cases this only works if you got a well rounded system with a solid updated configuration or you and your system will be dead in the water.
    Keep in mind only under the right conditions your protection should be able to perform at its best of its ability. (In theory)

    However its not that simple, some of these pests that are being spread over instant messenger networks are very well coded and often armed to the teeth, but p2p and chat network are just 2 out of the gazillions of ways a pest can reach you.
    Fact is tho that chat, p2p, and torrent networks are VERY effective and therefor very popular in spreading viruses.
    And because there is such a high success rate using these networks it automatically becomes so much more easy to spread a more advanced version of a Trojan, because the virus creator already did take into account that 75% of everyone will just accept the file and thus clicking on it which activates it.
    So really those nasty pests can only be spread using the help of your click and trust habits, because on the net itself they cannot be spread without your help and the simple reason for this is that the good old days where a simple vbs script could cause havoc are over, and made room for more advanced little Droppers, Trojans and Rootkits.
    And its exactly those pests who carry the biggest danger to your system as most of them are very well coded, extremely hard to detect & remove and most importantly they can be very destructive.
    So this technique is their biggest defense against detection itself, not to mention that mass infections like for example the iloveyou worm did will effectively kill the virus faster then it could spread as every AV in the world will catch them with their many honey pot networks and that does the creator of those viruses no good.
    Instead they want stealthy infections unknown, unseen and on a small scale, from this point forward they can slowly expand and create a huge network of slave pc's.
    For that they need admin rights and you are going to give it to them and you do not even know it.
    And the real bonus is that most users are using a admin account so the moment you accept a file you basically handed over the key to your pc as most of those pests rely on admin rights to be able to disable your total security and eventually destroy or take over your system.
    So the only thing the "hacker" needed to do is wait for another sorry Internet user to be ignorant and satisfy his trigger happy click finger.
    It might not sound nice but its the simple truth.

    On a flip side 7 out of 10 pests you will encounter on the Internet can be classified as annoyance at best, because if you take care and notice of your protection suit, and if you are running a fully patched and well maintained system you will be able to block those 7 out of 10.
    In regards to those remaining 2 out of 10 you will usually not find them being spread without your explicit approval.
    Afteral you where the one that accepted the picture of the new car from your dad remember?

    And that last remaining 1 out of 10 is just bad luck if you get infected by it, which is nearly impossible as those kinds of pests are not created to infect you, but they are made for a specific use and where never intended to target the general Internet user.
    These very dangerous and fantastic pieces of code are made to penetrate agencies and high value companies who spend millions and millions in defense and security.
    So as i said the odds are NIL that you will get hit by one of those, and if for whatever reason you do get hit by it, then its usually game over as those pests are made so well that it takes a ton of money to develop them, and a even bigger ton of money to detect/remove and repair the hit network.

    That being said, the moral of this little story is:
    No matter how good you are, no matter how good your protection is and no matter how much you think to know about computers everything is based upon that one single mouse click.

    Do not just click links for the sake of it, do not just accept files because they come from a trusted source, do not just click blindly when something tells you click here.
    And always read what your "alert" tells you.
    Read, monitor and verify your actions and then you can finally click yes or no and approve or disprove a action your PC/web page or program might want to carry out, never run a admin account and never ever side step the warnings given by your protection.
    And then there are those people who pair up multiple security suits on one system, lmao
    I have seen people pair up Mcafee and Norton while having 4 different firewalls running, needless to say their system crashed.
    (So please don't even try to stack protection like that)

    Side note: I do understand that some of the protection software available on the net can be confusing or to high tech and i do understand that you might not have enough knowledge to make a well calculated assessment of the alert given by your protection software so its easy to click yes and order your protection to do something it should actually not do mistakes happen and there is no shame in that.
    Because most protection software will verify your decision and in most cases it will alert you if that decision was the wrong one, and will offer a way to fix that. Afteral thats what those programs are made for, making your life easy.

    Keep in mind virtually all the malware and hackers out there count upon your ignorance.
    They need your mouse click harder then a running up president needs votes.

    Final note:
    Your common sense is the best protection your PC can ever have, if you take the trouble and effort to understand what you do on the net then your PC will take it from there. There is no bad PC and there is no bad protection there is only a bad user who failed to follow basic rules.
    And if you do not know what to do next? Then we will be more then happy to help you here at

    So next time your protection software tells you that something is going on or when your system says something or alerts you or when a web page asks click here then consider that your: Mouse click matters.

    Anyway let me know what you think and post a reply.

  2. Nico@FMA

    Nico@FMA Level 27

    May 11, 2013
    Security Consultant, ICT Advisor and Developer
    Friesland (Harlingen)
    Windows 7
    (PS: Sorry for possible spelling errors as English is not my native language.)
    kram7750, sunil22 and Malware1 like this.
  3. Littlebits

    Littlebits Retired Staff

    May 3, 2011
    Excellent guide and advice, thread has been stick.

  4. cloud3213

    cloud3213 Level 1

    Mar 12, 2013
    Excellent write up man, after not realizing the real dangers and potential damage malware/rootkits can do (up until 6 months ago) to ones' computer, I wish I read this article 7 months ago because I would still be able to use my HP Touchsmart tablet laptop safely. Now it is a mighty damn expensive paper weight because I gave up. I'm sane again though, after a long fight, day in and out, I bought a new laptop and locked IT DOWN! A huge lesson learned that I didn't come up in my IT classes but should have been common sense!
  5. souhrid

    souhrid Level 5

    Jun 29, 2012
    Thanks mate for writing such a big guide.We really appreciate your work...
  6. dragonking91

    dragonking91 New Member

    Mar 4, 2014
    @@ google translate....
    thanks a lot, that's great job!
  7. Oxygen

    Oxygen Level 42

    Feb 23, 2014
    United States
    Windows 10
  8. Terry Ganzi

    Terry Ganzi Level 23

    Feb 7, 2014
    All i can say is beautiful my friend beautiful.;)
  9. sunil22

    sunil22 New Member

    Oct 4, 2013
    Thanks mate a must for every computer user and who loves the mouse clicks :D with out thing twice where he is clicking that will wake the sleeping devil active in your system ;). Excellent article with real threats and security facts. :). My compliments and please keep us all informed with your valuable advice in future as the things happen in the cyber world in split seconds :D
  10. Oxygen

    Oxygen Level 42

    Feb 23, 2014
    United States
    Windows 10
    Something keeps bringing me back to this thread. :D
    Nico@FMA likes this.
  11. Witchsmeller Pursuivant

    Nov 26, 2014
    Just visiting a page can infect your PC.
    Cats-4_Owners-2 likes this.
  12. Nico@FMA

    Nico@FMA Level 27

    May 11, 2013
    Security Consultant, ICT Advisor and Developer
    Friesland (Harlingen)
    Windows 7
    Infact just having a clear and fresh install of windows the very first time you connect trough the internet from within the windows installation can already infect you.
    Cats-4_Owners-2 and Exterminator like this.
  13. jamescv7

    jamescv7 Level 61

    Mar 15, 2011
    Web and FileMaker Developer
    Windows 10
    Absolutely in the world of internet its already a breeding place of viruses even harmless one like tracking cookies straight on your temporary folder. ;)
    Kent and Cats-4_Owners-2 like this.
  14. smiler

    smiler New Member

    Dec 14, 2014
    thanks very much this has helped me heaps
    smokeyjoe likes this.
  15. donetao

    donetao New Member

    Sep 7, 2014
    Hi! I deal with senior citizens every day in my retirement center.Seniors are trusting people. My last encounter with malware found 1205 infections on a seniors PC. Mostly PUP's but 12 were malicious.The senior said "I have a anti-Virus; how could this happen?" I gave her a quick lesson on how to surf safer. Installed WOT on both browsers. Told her she might think about adding Malwarebytes Pro. She was using Chrome, which had gotten infected. Uninstalled Chrome. Installed Firefox. I'm not a fan of Chrome. Discussed creating a back up image of her OS. A back up image on a external drive that is free from infections is a great defense. The internet will only get worse.
    I never charge for my services.Seniors need all the help they can get.
    Very nice thread! Was a good read. All PC users need to read your thread.
    PS Using your brain and knowing where to click is your best defense these days. Times are changing fast and it will only get worse!
    PUP's are getting to be a real pain in the neck and more and more of them are showing up.
    Surf safely and watch those mouse clicks as the OP has wisely advised.;) Try to down load programs only from the authors site if you can!
    I trust FileHippo. CNET is no longer a trusted site IMHO.
  16. tonibalas

    tonibalas Level 39

    Sep 26, 2014
    Well done donetao for helping senior citizens this shows what kind of person you are and i am very thankful that you are here on this forum and can learn a lot from you:).
    Again well done;) :)
    frogboy and arslan ejaz like this.
  17. tallorder

    tallorder New Member

    Jan 15, 2015
    NE Arkansas, near MO. border
    Excellent points! Brings out a question I have, then. If I answer an email from a friend, and need to open it, not just read it, in the case of some jokes I get, am I asking for trouble? I am relatively careful to not open emails anymore, but how might I tell if one has a fake anything?
    frogboy likes this.
  18. donetao

    donetao New Member

    Sep 7, 2014
    Hi! @tallorder MHO is,any time you open a email with a attachments, you could get in trouble. I have WOT and Malwarebytes Pro on my PC.
    I have received at least two emails from friends that contained a malicious IP. One was from Russia, I don't remember the others. Malwarebytes warned me and blocked it. I called my cousin and told him that his PC may have been hacked. It mad him mad, but he never responded, so I don't open his attachments any more.;)Also WOT has given me warnings before. I'm not saying they will catch every thing, but so far I haven't been infected. I'm sure you will get plenty on replies on this. You feel like you have to open male from friends. I'm sure there is a program that will help you and someone here probably knows about it!
    tonibalas likes this.
  19. Elemec

    Elemec New Member

    Jan 23, 2015
    Yeah , What's worth of having the best paid/free AV + Everything else , If you go and click on viruses?
    Do like me , And test yourself , With only default settings + adblocker/adguard and unchecky.
    If you can live a year without an infection with this , No need for a mega antivirus.
    tallorder and yigido like this.
  20. tallorder

    tallorder New Member

    Jan 15, 2015
    NE Arkansas, near MO. border
    It isn't entirely myself that I am concerned about! My hubby uses this computer and he is easily convinced that ...must need that ..(update-driver-flash-plugin-) for (this) or that to work! It's telling me so, and she has 'anti-anti' on here, so, must be true! Click!:eek:

    Once every couple of months, and for much of the summer, my grand daughters are here. One listens, but the other one tries everything!:p ..followed by.. dramatics and tears, followed by.."I'm sorry, I didn't mean to mess it up- how'd THAT get on there or where did THAT window come from...? It just popped up all by itself..":mad:
Similar Threads Forum Date
Adware/PUP in Vuze Leap and Vuze Torrent Client - (Unchecky vs Mouseclicks) Tutorials & Guides May 19, 2015
What Really Matters Off Topic Feb 4, 2018
Q&A Does 32bit or 64bit security application matters? General Security Discussions Jan 16, 2017
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.