How To Protect Yourself From Infection -2014 edition

[Akolyte]

I Do work for AVG, but this guide is going to be completely honest and un-biased.  None of the things in this guide will be due to me working for AVG. 

 

Every Computer as we know it whether it’s a smartphone, a tablet or a desktop computer it can get infected with malicious software or what we call Malware.   

 

In this guide I'll talk about 3 different things: 

 

What Malicious software and compromised webpages look like so you can defend yourself from them.  

 

What Kind of software you can use to help you defend yourself against malware. 

 

And Finally how to remove existing malware infections.  

 

 

What Malicious Software and Pages Look Like and what they do: 

 

 

One of the sayings that is still valid in the security space is "If its too good to be true, its not" 

And that is extremely valid here.    

 

Popular Types Of Malware and How They Get You: 

 

 

Trojan: 

The Trojan is by far the most common serious malware infection I see.  Trojan's come in all different types.  The Most popular being the Trojan Horse.   

The Trojan disguises as a legit, often useful program or website and is really something horrible and malicious.  These days the software will even function normally to trick the user into thinking the software is indeed legit, when it really isn't.  

 

Worm: 

The Worm is a popular malware type, the Worm is like the updated Virus.  A Virus is actually a type of malware that is a piece of malware that spreads rapidly via offline methods.  The Worm is a virus but can spread through both online and offline methods and is often more deadly than the Virus.  Worms often aren't as dangerous as Trojans but in some cases can be the same or even more deadly.  

For example the KoobFace Worm, which is a popular worm still flying around the internet today, 

KoobFace is a worm that spreads through Facebook, how it does this is it infects one user's computer and then hijacks their Facebook account then spamming malicious Facebook apps, links and more to other users.   

 

Rootkit: 

Rootkits are a type of malware designed to hide deep within the operating system attempting to be invisible to the user.  And is often times successful at doing so as even experienced users would have a hard time trying to find the Rootkit.  Popular Rootkits included the MBR Rootkit and the TDSS Rootkit.  Both of which are extremely popular.  The MBR Rootkit hides inside of the Master Boot Record, making it extremely hard for a user to remove the malware and often have to reinstall.  The TDSS rootkit hides in critical system 32 files usually and redirects the user to advertisements.  

Some Rootkits have even been known to hide in the BIOS/UEFI of users.  

 

Botnet: 

Botnets are often bundled into other malware making them extremely popular.   

Botnets take a user's computer and hide, and often for months or even years remain dormant.  A Botnet allows a hacker to take the user's computer under their command, often Botnets are what allow hackers to do some violent DDOS attacks.  Botnets can also be used to send spam out to other users.  

 

Exploits: 

Exploit Kits are webpages, compromised or designed for them in the first place.  Made to run a specific exploit and exploit a piece of software on the user's computer.  Often times it’s the browser, allowing hackers to easily infect the user's computer, It is hard to tell when you are being infected with an Exploit because often your browser will just simply freeze for a second or two.  After doing so a Trojan, Worm, Botnet or other malware might have just got injected into your system.  These exploit kits are easy to make and there are even paid services that offer support, yes Support to hackers to help them create an exploit kit!   

 

Tools To Help Prevent Infections: 

 

There are a bunch of free and paid tools to help prevent you from getting infected, with the most popular being antivirus software.  So, I will list my most favourite tools and where to get them.  

 

1. AVG Antivirus Free Edition - Free  (www.free.avg.com) 

    AVG has been a Free antivirus pioneer in the antivirus market for a while now, and AVG doesn't offer the best protection but for free, I believe it’s the best you can get for free.  There are other suites out there like Comodo that can be better, but they cause major system slowdowns and interfere with software.  

 

2. Kaspersky Internet Security - Costs Money (www.kaspersky.com) 

Kaspersky is by FAR my most favourite paid suite.  And I'd definitely recommend dishing out the cash for it if you are able to.  Kaspersky causes little to no system slowdown, offers a rich set of features including File antivirus, Anti-banner, Anti-spam, parental controls, Advanced firewall, automatic Exploit prevention, Malware roll-backing, Application restriction and control,  Link advisor, Vulnerability Scan, Rootkit scan and EVEN MORE.  Kaspersky is a complete tank, and has always been a prime example for other antivirus software in the antivirus market. 

 

3. Malwarebytes Anti-Malware - Free/Paid (www.malwarebytes.org) 

Malwarebytes is a legend in the cyber-security area.  Sadly Malwarebytes has been getting lower and lower detection rates to the point now I'd recommend other on-demand scanning software over Malwarebytes.  However, the paid version is good to pair up with free antivirus software.  

 

4. Private Firewall - Free (www.privacyware.com/personal_firewall.html) 

Private Firewall used to be pay-ware however, now it is free.  And it is good, you can find better Firewalls out there but this one does a good job at being light-weight and not bringing thousands of alerts with it.  Private Firewall has a decent Firewall, but it also has a good feature, it has application control which is a Host Intrusion Prevention System.   This alerts you whenever an unrecognized program tries to make changes to critical system files such as the registry.  If your looking for the ultimate free protection, pair this up with AVG and your good as gold! 

 

5. Kaspersky Security Scan - free (http://www.kaspersky.com/security-scan) 

I'd actually recommend this as an on-demand scanner more than Malwarebytes, it has a higher detection rate and uses the cloud, it also finds system vulnerabilities.  Since this is an on-demand scanner you could have Malwarebytes and this on your system at the same time.  

 

6. Sandboxie - free/paid (http://www.sandboxie.com/) 

Sandboxie is a popular application which is a manual sandbox, this means you can manually run applications inside of the sandbox.  A Sandbox is like running an application inside of a file on your computer where it can't get out.  So, if you were unsure about a file.  Run it inside of the sandbox and see if its malicious then!  If you have Kaspersky there is no need for this, but if you want as much protection as possible for free, this is a must. 

 

 

How To Remove Infections Once Infected: 

 

Removing infections is fairly easy, depending on the level on infection.   Most infections can be removed by Downloading Malwarebytes and or Kaspersky Security scan and running scans. 

 

However, sometimes you get infected with serious infections such as Ransomware, someone I know recently got infected with some FBI moneypak ransomware.  Ransomware holds your file for ransom, it can come in different types.  The most popular right now being crypto-ransomware. This ransomware encrypts your files and asks you for money to decrypt it.   However, standard ransomware is still popular this ransomware starts at boot and fills your whole screen preventing you from doing anything else!   Sometimes this ransomware even starts in safe mode!   

 

The best way to remove this is by creating a Kaspersky Rescue CD, either on a USB flash drive or a CD/DVD.   

 

I hope you learnt at least one or two things from this guide!  I will be adding more things as time goes on! 

 

I also hope that you like this guide, if you feel anything should change.  Please, tell me down below

[RelentlessAF]

You could also just not download things from shady websites.

[Toddwjp]

rule one, dont use the internet,

 

rule two, let no one touch your pc but you

 

you are now safe

[bloowolf4562]

I personally use windows defender on windows 8.1

[Akolyte]

I personally use windows defender on windows 8.1

Windows Defender is fine for most people, as long as you have safe browsing practices Windows Defender is good

[Akolyte]

rule one, dont use the internet,

 

rule two, let no one touch your pc but you

 

you are now safe

don't use the internet? 

 

Mate, many people including me are addicted to the internet!  

[Akolyte]

You could also just not download things from shady websites.

true, but. 

 

What about legit websites that get comprimised?

 

What about malicious advertisements on webpages?

 

What about safe downloads with malware bundled?

 

What about USB flash drives that are infected?

 

What about someone else on your network that is infected and it spreads over to you? 

 

What about if your browsing the chrome extensions, and download a malicious one? 

 

 

There are allot more things so think about than just browsing to shady websites. 

[lutewan]

what u need to change the font back to normal

[Akolyte]

what u need to change the font back to normal

Oh sorry, I spent a few days just making sure everything was correct and verifying it with my team before posting it here.  It was written in MS office. 

[harrynowl]

Oh sorry, I spent a few days just making sure everything was correct and verifying it with my team before posting it here.  It was written in MS office. 

I'll do it for you.

 

I Do work for AVG, but this guide is going to be completely honest and un-biased.  None of the things in this guide will be due to me working for AVG. 

 

Every Computer as we know it whether it’s a smartphone, a tablet or a desktop computer it can get infected with malicious software or what we call Malware.   

 

In this guide I'll talk about 3 different things: 

 

What Malicious software and compromised webpages look like so you can defend yourself from them.  

 

What Kind of software you can use to help you defend yourself against malware. 

 

And Finally how to remove existing malware infections.  

 

 

What Malicious Software and Pages Look Like and what they do: 

 

 

One of the sayings that is still valid in the security space is "If its too good to be true, its not" 

And that is extremely valid here.    

 

Popular Types Of Malware and How They Get You: 

 

 

Trojan: 

The Trojan is by far the most common serious malware infection I see.  Trojan's come in all different types.  The Most popular being the Trojan Horse.   

The Trojan disguises as a legit, often useful program or website and is really something horrible and malicious.  These days the software will even function normally to trick the user into thinking the software is indeed legit, when it really isn't.  

 

Worm: 

The Worm is a popular malware type, the Worm is like the updated Virus.  A Virus is actually a type of malware that is a piece of malware that spreads rapidly via offline methods.  The Worm is a virus but can spread through both online and offline methods and is often more deadly than the Virus.  Worms often aren't as dangerous as Trojans but in some cases can be the same or even more deadly.  

For example the KoobFace Worm, which is a popular worm still flying around the internet today, 

KoobFace is a worm that spreads through Facebook, how it does this is it infects one user's computer and then hijacks their Facebook account then spamming malicious Facebook apps, links and more to other users.   

 

Rootkit: 

Rootkits are a type of malware designed to hide deep within the operating system attempting to be invisible to the user.  And is often times successful at doing so as even experienced users would have a hard time trying to find the Rootkit.  Popular Rootkits included the MBR Rootkit and the TDSS Rootkit.  Both of which are extremely popular.  The MBR Rootkit hides inside of the Master Boot Record, making it extremely hard for a user to remove the malware and often have to reinstall.  The TDSS rootkit hides in critical system 32 files usually and redirects the user to advertisements.  

Some Rootkits have even been known to hide in the BIOS/UEFI of users.  

 

Botnet: 

Botnets are often bundled into other malware making them extremely popular.   

Botnets take a user's computer and hide, and often for months or even years remain dormant.  A Botnet allows a hacker to take the user's computer under their command, often Botnets are what allow hackers to do some violent DDOS attacks.  Botnets can also be used to send spam out to other users.  

 

Exploits: 

Exploit Kits are webpages, compromised or designed for them in the first place.  Made to run a specific exploit and exploit a piece of software on the user's computer.  Often times it’s the browser, allowing hackers to easily infect the user's computer, It is hard to tell when you are being infected with an Exploit because often your browser will just simply freeze for a second or two.  After doing so a Trojan, Worm, Botnet or other malware might have just got injected into your system.  These exploit kits are easy to make and there are even paid services that offer support, yes Support to hackers to help them create an exploit kit!   

 

Tools To Help Prevent Infections: 

 

There are a bunch of free and paid tools to help prevent you from getting infected, with the most popular being antivirus software.  So, I will list my most favourite tools and where to get them.  

 

1. AVG Antivirus Free Edition - Free  (www.free.avg.com) 

    AVG has been a Free antivirus pioneer in the antivirus market for a while now, and AVG doesn't offer the best protection but for free, I believe it’s the best you can get for free.  There are other suites out there like Comodo that can be better, but they cause major system slowdowns and interfere with software.  

 

2. Kaspersky Internet Security - Costs Money (www.kaspersky.com) 

Kaspersky is by FAR my most favourite paid suite.  And I'd definitely recommend dishing out the cash for it if you are able to.  Kaspersky causes little to no system slowdown, offers a rich set of features including File antivirus, Anti-banner, Anti-spam, parental controls, Advanced firewall, automatic Exploit prevention, Malware roll-backing, Application restriction and control,  Link advisor, Vulnerability Scan, Rootkit scan and EVEN MORE.  Kaspersky is a complete tank, and has always been a prime example for other antivirus software in the antivirus market. 

 

3. Malwarebytes Anti-Malware - Free/Paid (www.malwarebytes.org) 

Malwarebytes is a legend in the cyber-security area.  Sadly Malwarebytes has been getting lower and lower detection rates to the point now I'd recommend other on-demand scanning software over Malwarebytes.  However, the paid version is good to pair up with free antivirus software.  

 

4. Private Firewall - Free (www.privacyware.com/personal_firewall.html) 

Private Firewall used to be pay-ware however, now it is free.  And it is good, you can find better Firewalls out there but this one does a good job at being light-weight and not bringing thousands of alerts with it.  Private Firewall has a decent Firewall, but it also has a good feature, it has application control which is a Host Intrusion Prevention System.   This alerts you whenever an unrecognized program tries to make changes to critical system files such as the registry.  If your looking for the ultimate free protection, pair this up with AVG and your good as gold! 

 

5. Kaspersky Security Scan - free (http://www.kaspersky.com/security-scan) 

I'd actually recommend this as an on-demand scanner more than Malwarebytes, it has a higher detection rate and uses the cloud, it also finds system vulnerabilities.  Since this is an on-demand scanner you could have Malwarebytes and this on your system at the same time.  

 

6. Sandboxie - free/paid (http://www.sandboxie.com/) 

Sandboxie is a popular application which is a manual sandbox, this means you can manually run applications inside of the sandbox.  A Sandbox is like running an application inside of a file on your computer where it can't get out.  So, if you were unsure about a file.  Run it inside of the sandbox and see if its malicious then!  If you have Kaspersky there is no need for this, but if you want as much protection as possible for free, this is a must. 

 

 

How To Remove Infections Once Infected: 

 

Removing infections is fairly easy, depending on the level on infection.   Most infections can be removed by Downloading Malwarebytes and or Kaspersky Security scan and running scans. 

 

However, sometimes you get infected with serious infections such as Ransomware, someone I know recently got infected with some FBI moneypak ransomware.  Ransomware holds your file for ransom, it can come in different types.  The most popular right now being crypto-ransomware. This ransomware encrypts your files and asks you for money to decrypt it.   However, standard ransomware is still popular this ransomware starts at boot and fills your whole screen preventing you from doing anything else!   Sometimes this ransomware even starts in safe mode!   

 

The best way to remove this is by creating a Kaspersky Rescue CD, either on a USB flash drive or a CD/DVD.   

 

I hope you learnt at least one or two things from this guide!  I will be adding more things as time goes on! 

 

I also hope that you like this guide, if you feel anything should change.  Please, tell me down below 

[DildorTheDecent]

I personally use windows defender on windows 8.1

Defender is great for browsing The Pirate Bay. Doesn't block it completely and lets you know if your GTA V PC is slightly faulty. 

[GuideMe002]

Adblock Plus solve the issue with those suspicious Advertisement. it literally remove them. Safe Browsing guys  
-No Pop-Ups
-No Ads.

[Akolyte]

Adblock Plus solve the issue with those suspicious Advertisement. it literally remove them. Safe Browsing guys

-No Pop-Ups

-No Ads.

Are you using a sandbox at least?

[Akolyte]

Defender is great for browsing The Pirate Bay. Doesn't block it completely and lets you know if your GTA V PC is slightly faulty.

Was that a joke? Or, or are you being serious.

If your being serious you probably should stop surfing the pirate bay, and secondly use a different antivirus

[DildorTheDecent]

Was that a joke? Or, or are you being serious.

If your being serious you probably should stop surfing the pirate bay, and secondly use a different antivirus

Not paying for antivirus. Never. Not even this free trial crap. Also cannot wait for the obligatory PirateBay rant. 

 

http://i.gyazo.com/b3143e4b56e08ef8b2d5755e2310dec6.png

 

There you go. Also ABP is a real help. 

[IdortMasterRace]

Some of the information in the OP regarding anti-virus software is just horrible, sorry to say.

 

AVG is one of the worst anti-virus programs you can use. It is one of the most well-known pieces of software for false positives, as well as purposely reporting certain software (such as pirated content) as viruses when actually they are totally clean. We don't need to turn this into a piracy debate, but it DOES have its benefits, and if you want a piece of software telling you what you can/can't download while lying to you in the process then go ahead and use AVG. In addition, AVG falsely detects HTML-enabled email messages as malicious and deletes the messages. Also because it is one of the most popular anti-viruses, it has the most people trying to break it and find exploits.

 

Windows Defender is also pretty bad for similar reasons. Because it now comes bundled with Windows 7 and 8, it is incredibly common (as every Windows user will have it installed) and thus has the most people trying to break it and find exploits similar to AVG. Even Microsoft themselves has acknowleged this.

 

Third, you shouldn't be paying any money for anti-virus software. Free (as in free beer) virus protection software is always perfectly fine.

 

Malware Bytes and Common Sense 2014 is all you need. I haven't been using anti-virus since about 2005, because I don't download things that I have no clue what they are, neither do I browse risky websites. I run a regular Malware Bytes scan, and have never had a single problem.

[IdortMasterRace]

true, but. 

 

What about legit websites that get comprimised?

 

What about malicious advertisements on webpages?

 

What about safe downloads with malware bundled?

 

What about USB flash drives that are infected?

 

What about someone else on your network that is infected and it spreads over to you? 

 

What about if your browsing the chrome extensions, and download a malicious one? 

 

 

There are allot more things so think about than just browsing to shady websites. 

 

NoScript and AdBlockEdge will protect you from any dodgy website. Even legit websites that get comprimised. Anyway, it's not as simple as just visiting a site and suddenly having a virus.

 

Same with malicious advertising. Use NoScript and AdBlockEdge.

 

Safe downloads with malware bundled? That doesn't sound like a safe download at all. You should be making sure what you are about to download is safe before you even start downloading it to begin with.

 

USB flash drives infected? How so? Don't tell me you put random, used flash drives into your computer where you have no idea what's on them, right? Besides, an anti-virus would not protect you from a malicious USB drive, as the files are already connected to your system.

 

If someone on your network is able to write files to your computer, you've already failed. This isn't as simple as you make it sound.

 

Again, make sure whatever extension you're about to download is safe, and not malicious. This comes under just downloading any old item from the internet.

[Builder]

-snip-

You are one of the few people I've met on this forum that knows anything AT ALL about computer security. I'm the other person. Nice to meet you!

 

Would you agree that the whole "common sense is all you need" approach is wrong? I've been trying to convince people of it for MONTHS now, and they still think Windows Defender and carefulness is all you need to protect yourself.

[IdortMasterRace]

You are one of the few people I've met on this forum that knows jack all about computer security. I'm the other person. Nice to meet you!

 

Would you agree that the whole "common sense is all you need" approach is BS? I've been trying to convince people of it for MONTHS now, and they still think Windows Defender and care is all you need to protect yourself.

 

I've re-read your post three times and still confused at what you're trying to say.

[Builder]

I've re-read your post three times and still confused at what you're trying to say.

You're smart about security. You're the only other person aside from myself that I know on this forum who knows what they're talking about when it comes to security.

[IdortMasterRace]

You're smart about security. You're the only other person aside from myself that I know on this forum who knows what they're talking about when it comes to security.

 

Oh my bad, I thought you were saying the opposite. Yes, common sense is all you need pretty much. There's nothing wrong with the occasional MalwareBytes scan though, but otherwise just don't do stupid stuff and you'll be fine. Again, I haven't used anti-virus software since about 2005 (probably earlier) and have never had a security issue.

[Builder]

Oh my bad, I thought you were saying the opposite. Yes, common sense is all you need pretty much. There's nothing wrong with the occasional MalwareBytes scan though, but otherwise just don't do stupid stuff and you'll be fine. Again, I haven't used anti-virus software since about 2005 (probably earlier) and have never had a security issue.

Well, I thought you were sensible, but perhaps not.

 

Antivirus is very necessary for Windows. I'd even say it's worth it to get a paid antivirus. The system is so frequently compromised it's an awful idea not to.

[IdortMasterRace]

Well, I thought you were sensible, but perhaps not.

 

Antivirus is very necessary for Windows. I'd even say it's worth it to get a paid antivirus. The system is so frequently compromised it's an awful idea not to.

 

A comprimised OS isn't something an anti-virus would help with, because whoever comprimised the entire operating system could easily disable whatever software they wanted, including the anti-virus. Just having a piece of software running wouldn't protect you in that instance.

 

As I've said, I haven't used one in almost a decade, and had no issues, especially not with a comprimised operating system. Microsoft are normally pretty good with their security updates anyway for the most part.

 

Also, please stop with "I'd even say it's worth it to get a paid antivirus", you're literally paying for placebo.

[Builder]

A comprimised OS isn't something an anti-virus would help with, because whoever comprimised the entire operating system could easily disable whatever software they wanted, including the anti-virus. Just having a piece of software running wouldn't protect you in that instance. I realize. I didn't mean individual systems got compromised, I mean that the software's integrity is frequently compromised.

 

As I've said, I haven't used one in almost a decade, and had no issues, especially not with a comprimised operating system. Microsoft are normally pretty good with their security updates anyway for the most part. No shit, they send out security updates ALL THE FREAKIN TIME! By compromised I meant that vulnerabilities are very publicly discovered quite often.

 

Also, please stop with "I'd even say it's worth it to get a paid antivirus", you're literally paying for placebo. Placebo? I'm sorry, what? Are you suggesting that paying for an antivirus does not net you a higher detection rate?

[IdortMasterRace]

 

A comprimised OS isn't something an anti-virus would help with, because whoever comprimised the entire operating system could easily disable whatever software they wanted, including the anti-virus. Just having a piece of software running wouldn't protect you in that instance. I realize. I didn't mean individual systems got compromised, I mean that the software's integrity is frequently compromised.

 

As I've said, I haven't used one in almost a decade, and had no issues, especially not with a comprimised operating system. Microsoft are normally pretty good with their security updates anyway for the most part. No shit, they send out security updates ALL THE FREAKIN TIME! By compromised I meant that vulnerabilities are very publicly discovered quite often.

 

Also, please stop with "I'd even say it's worth it to get a paid antivirus", you're literally paying for placebo. Placebo? I'm sorry, what? Are you suggesting that paying for an antivirus does not net you a higher detection rate?

 

 

Uh, in what instance does paying suddenly give a higher detection rate? I'm not sure if you're being serious at this point. If any anti-virus makes you pay for it to suddenly start detecting more things, it is an awful anti-virus to begin with and you should stop using it to begin with.

 

Again, comprimised software isn't something an anti-virus would help you with.