PC Security

Protection against malware

There is no need to pay for malware protection, because there are several free scanners. Here are reviews of the best of them – free and paid for:

“Expert Reviews is the only site to use live viruses in its attack tests, making our results the most accurate you can find. Please read our full test methodology to find out exactly how we test.”

http://www.expertreviews.co.uk/internet-security

Note that some of the scanners reviewed, such as Microsoft Security Essentials and AVG Anti-Virus Free edition 2014, provide protection against all types of malware.

However, note well that when polled by newsletters and PC websites, the majority of computer users always say that they prefer using individual anti-virus, anti-spyware, firewall, and other security tools, which they say are preferable to all-in-one security suites, such as Symantec’s Norton Internet Security. This is no doubt because they know from experience that the individual-tool approach is less problematic. Moreover, if you were to ask highly experienced PC repair technicians, they will almost certainly all say that standalone products outperform security suites.

In my opinion, the reason that relatively poor security suites, such as Norton Internet Security and McAfee Internet Security Suite, are regularly reviewed as being the best security products has more to do with commerce than with real-world experiences of users. PC publications and websites will almost all run the adverts of the major security companies and it is therefore in their interests to promote not criticise them. For example, only the Windows Secrets newsletter ran articles exposing how unreliable the McAfee SiteAdvisor website-rating service can be. None of the major PC magazines and websites did likewise when I asked them to do their own take on the Windows Secrets’ exposé. I put that down to their not wanting to damage their advertising relationship with McAfee, which is major computer-security company.

I personally would not use the Norton (Symantec) and McAfee products regardless of the good reviews because of bad experiences I have had with them. I find that using the Windows Firewall, accessed from the Control Panel, even the one provided by Windows XP, the free Microsoft Security Essentials or the free AVG malware scanners and the Web of Trust browser plugin provide adequate protection. I have yet to fall foul of any security threat that resulted in a financial loss or that couldn’t be recovered from by simply using the malware scanners just mentioned, System Restore or restoring a backup or system image . Web of Trust (WOT) warns you before you interact with a risky website, both from within the browser (Internet Explorer, Firefox, Opera, etc.) and from within search-engine results by placing green or yellow or red marks beside each link to indicate its security rating.

I used to use the Commodo Firewall and the  ZoneAlarm Free Firewall, but they kept nagging me to purchase the paid-for product. Moreover, they didn’t seem to do any better than the Windows Firewall. Remember that all modern router-modems, usually just called routers, provide a hardware firewall that is enabled by default. It provides security by using Network Address Translation (NAS) technology that gives the computers within a network their own IP addresses that differ from the router’s own IP address that connects it to the web.

I also use the free version of Malwarebytes’ Anti-Malware. Apparently most of the calls to Microsoft’s support lines involve spyware infections and Microsoft recommends using the free version of this program. It allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real-time. You pay around $25 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating.

Just remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real-time, so if you use AVG Anti-Virus and you install another scanner that scans for viruses and/or spyware, you should disable AVG’s real-time monitoring and only use it for manual scans. Scanners that monitor your system in real-time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers. Download the free version from malwarebytes.org.

The free CCleaner is a utility that every computer should have installed. If you appreciate it, you can make a donation to its developer. It has a Windows Registry cleaner as well as a system cleaner and some other tools.  However, recently it appears to have been got at by Google. Now when an update is installed, if you don’t want them, you have to disable a default installation of Google’s Chrome web browser and Google Toolbar and CCleaner asks you if you want what it calls ‘intelligent cookie management’ enabled, which, of course doesn’t delete the cookies that Google’s services and products place in the system. Needless to say, I choose not to have anything that has to do with Google installed or made functional.

Rootkit Trojan viruses hide below the level at which the operating system functions, so aren’t usually detected by a standard virus scanner. Windows XP is 16 years old in 2016, still has about a third of computers running it, has weaker security than Windows Vista or Windows 7 & 8.1 and it has had much longer to become infected with rootkits so it isn’t surprising that systems running it are mostly responsible for spreading rootkit infections to other computers. Rootkits can be detected and removed by special rootkit scanners. Most of the major security companies also provide rootkit scanners. Saphos Anti-Rootkit is well-regarded. Note that on 8 April 2014 Microsoft’s extended security support for Windows XP ended, leaving XP wide open to exploitation by hackers.

Note well that if you are visiting a website that produces a message saying that malware has been detected on your PC, offering a free security scan if you click a button to give the OK, don’t click the button, press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab.

It can be very difficult to remove such malware once it has compromised a system, because it can shut down antivirus programs and forbid the user from accessing websites that provide online virus scanning, such as the free scanner provided from kaspersky.com.

When they have infected a system some of these phony antivirus programs can produce messages asking you to buy them and then scan the system. Of course, they can’t scan for anything because they are malware themselves. Some of them ask for you to enter your credit card number in order to make a purchase of the scanning software. If that happens you should first try using the antivirus software that you should be running in real-time monitoring your computer to remove it by running a system scan. Note that you should be using an antivirus program that is updated regularly online. The free version of AVG Anti-Virus updates itself daily. Avast is another well-regarded free scanner.

If you visit a website that requires downloading and installing a video player or picture viewer in order to view videos/pictures, switch the PC off and reboot or press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager (or access to it) and close that website down under its Applications tab, because the download is almost certainly malware that can compromise the security of your system in order to make you buy phony software, steal passwords, etc.

Users who are searching for porn using popular keywords at some time or other are sure to click on links to sites that require the user to install a program in order to view the porn. If they download and install that software, their systems will be compromised any number of ways from installing keyloggers that return the keystrokes made by the user to the hackers to allowing full remote access to the system.

Note that if you can’t get rid of a malware infection, it is advisable to start the system up in Safe Mode by constantly pressing the F8 key just before Windows shows its first graphics screen and starts to install itself at startup. (It is more difficult to get into Safe Mode in Windows 8.0/8.1. There is plenty of information on the web on how to do so.) Pressing that key brings up the boot manager that has Safe Mode as one of the options. You can run malware scanners in that mode more effectively, because a very basic version of Windows is running and the malware won’t have installed itself, but its files will still be detectable.

You can also try using System Restore to backdate the system files to a date prior to the infection. It is found under Start => All programs => Accessories => System Tools in Windows XP and Windows Vista. In Windows 7, just enter the words system restore in the Start => Search programs and files box to be presented with a clickable link that opens it. However, note well that malware can often disable System Restore, or the changes that the malware makes to the system can prevent it from working.

If that is the case, there are ways to restoring the system manually, but they are so involved, involving editing the Windows Registry, etc., that it is easier to perform a repair install of Windows, which retains your folders, files and settings. An even easier option would be to restore a system image created with a backup program and saved to an external hard disk drive – the best option to store a big system image that requires more storage space than a single DVD of Blu-ray disc provides. Using more than on disc increases the chances of not being able to restore the system image.

Note that you must have a Windows XP/Windows Vista/Windows 7/8.1 installation CD/DVD in order to perform a repair installation and you will have to add any missing service packs and security updates if you haven’t created a customised CD/DVD that contains the contents of the installation CD/DVD that you have plus the missing service packs. The process of creating an up-to-date boot CD/DVD is called slipsteaming. Making backups and system images is a superior method of restoring Windows.

Note that you should consider using the OpenDNS service from http://www.opendns.com/ as your computer or network’s DNS server, which translates web addresses into the IP addresses. For example, 209.86.14.54 was the IP address of this website at the time of writing this. Entering http://209.68.14.54 into a browser would bring up https://www.pcbuyerbeware.co.uk/. It is the DNS server that does the translation. Note that the IP address of a website changes regularly unless it has a fixed one. A Dynamic IP Address system, used by the host of many websites, gives the site an IP address that is available from a pool of addresses.

After your computer or network has been set up to use OpenDNS, it can prevent it from accessing many bad websites, and, among many other options, it can be configured to prevent children from gaining access to adult websites. Here is how to get the best out of this free service:

Use OpenDNS  – http://use.opendns.com/

The Windows Firewall provides adequate protection in the versions from Windows XP to Windows 10 when used with a good malware scanner running in real time, others kept up-to-date and run manually and other security software, such as IBM’s Trusteer Rapport, that protects log-in sites, but it does not automatically block or provide alerts about intrusive software, which could be malware, trying to access the web from within your computer.

The following pages show how to customise the Windows Firewall:

Understanding Windows Firewall settings –

http://windows.microsoft.com/en-gb/windows/understanding-firewall-settings#1TC=windows-7

How to Create Advanced Firewall Rules in the Windows Firewall –

http://www.howtogeek.com/112564/how-to-create-advanced-firewall-rules-in-the-windows-firewall/

Note that you must have the 64-bit version of Windows Vista/7/8.1/10 installed to use a 64-bit version of software. Most (but not all) 32-bit software will run on the 64-bit versions of Windows Vista and Windows 7/8.1/10.

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system –

http://support.microsoft.com/kb/827218

Some malware can cripple malware scanners. If this happens to you and you can still go online using the computer, there are many free online scanners, such as Trend Micro’s HouseCall that provides 32-bit and a 64-bit scans.

Here is a link to brief video introduction on phishing, which is an online method used to trick people into sending their logon user names and passwords to online stores, banking sites and payment sites, such as PayPal, to cyber criminals.

Gone Phishing – http://news.bbc.co.uk/1/hi/business/7715787.stm

This article provides insight into the world of the computer hacker:

Gaining access to a hacker’s world –

“For a short time in February, I had complete control over 21,696 personal computers around the world. These were machines whose owners had not taken the basic security precautions necessary to stay safe online.” –

http://news.bbc.co.uk/1/hi/programmes/click_online/7938201.stm

Page 6. System encryption software