Preventing a Virus Infection

Viruses* are a huge problem on a Windows PC. Nearly half of our work is virus removal, often times repeat customers will be reinfected. I’m often asked where they come from and how to prevent them. I’ll attempt to answer the best I can, though this post is by no means comprehensive.

(*for the sake of this article, I’m saying virus, but I’m referring to a variety of malware)

So, where do viruses come from?

Well, a lot of places. Social Media sites like Facebook or Twitter can easily spread links to infected sites. Legitimate sites can unknowingly have banner ads with an infected script or a link to a malicious site. Downloads from peer-to-peer services or an untrusted site can be infected. File formats, pdfs for example, can also introduce infections to your system. Some take advantage of exploits in Windows or your programs and can ‘let themselves’ in, so to speak. Additionally, the old answer of “e-mail” or “from an infected disk/flash drive” are still applicable.

So, what do you do to prevent a virus infection?

The old stand-by answer that nearly any computer tech will say is “be smart about what you click”. Honestly, that advice is still true, but it’s outdated. As I said, a perfectly legitimate site can be infected with a script to install a virus. These days you don’t even have to click and you’re infected. The advice does apply to e-mails, downloads and sites, though. Beware of music downloaded via p2p services, don’t follow links sent to you by Nigerian princes, and disregard e-mails from your bank telling you that they lost your account info and that they need you to log in.
Along the same lines, keep Windows and other software up to date to help avoid exploits. Older versions of programs like Flash or Adobe Reader are known to have serious exploits that can easily infect Windows.

A strong antivirus program is a must, even better is a full internet security package. I recommend Kaspersky Internet Security. A full featured firewall will protect you from network attacks. A strong antivirus will catch files that you download. Antispam and antiphishing will help sort out the bad e-mails. And a link scanner will help keep you from visiting negative sites.

The next key is using good software. Internet Explorer comes on every Windows computer, but speaking strictly in terms of security, it’s a terrible browser. I recommend Google Chrome. Not only is a good, fast browser (You’ve seen the commercials, right?) it has some great security features other browsers don’t, like sandboxing. I’ll talk more about that in a bit.
Chrome, as well as other browsers, will typically warn if you’re about to visit a known bad site. For a second opinion about sites, plugins like Web Of Trust will warn of malicious sites and even give you a rating of the link before you click. If you want to prevent automatic scripts, you can use the NoScript plugin in Chrome or Firefox. Additionally, AdBlock lets you set up a black list of advertisements or banner ads.
In addition to using the good software, avoid the bad. Avoid programs like Lime/Frost/Spark Wire or Bearshare. Choose wisely whose toolbar you want to install, and ask yourself if you really need a little dancing koala as your mouse cursor.

I mentioned sandboxing earlier. Sandboxing, is essentially giving a program its own little space; A “sandbox to play in.” A program in a sandbox only has access to its own functions and settings, it can’t make changes to Windows or your files unless you explicitly allow it. Both Kasperksy and Chrome have a sandboxing feature. Kaspersky can sandbox any program, through the “Safe Run” feature. If a virus makes a change to the program, you just close it and no harm is done. Chrome has sandboxing built in as part of the browser. A malicious script is generally unable to get outside of Chrome’s sandbox to make changes to Windows or any other part of your system.
There are also free sandboxing applications available to use. Comodo Internet Security is free to home users and has a sandbox feature for any application. Additionally, Sandboxie is a stand alone sandbox utility that can be used with any security software.
I recommend sandboxing your web browser and IM clients. Other online applications (such as Outlook) can also be sandboxed, but may not work correctly without some tinkering.

I also like webmail, as a security measure. Not everyone may agree, or even like web based e-mail. Webmail does give a few safeguards, though. First, you only have to download attachments that you want. Outlook and other e-mail clients allow this, too…but it’s an obscure setting that I’ve never seen used. Secondly, almost all webmail services implement their own antivirus scanning engine now. You know before you download if the file is infected. Generally, files that can be infected aren’t allowed to be sent through services like Gmail.

Finally, I also like to recommend OpenDNS or Norton DNS as part of the equation. A DNS service is something like a phone book for your computer. You type in, a DNS server tells your computer that you want to look at information at and sends you to Google’s Web Page. OpenDNS and NortonDNS allow you to filter that information a little. Both DNS services allow you to block categories of information, such as pornography, gambling, chat sites, etc. They also automatically block out some malicious sites, helping to keep you from visiting a known infected site.

Unfortunately, nothing is 100% foolproof when it comes to preventing viruses. Having said that, if you follow all of the advice above, you will be fairly safe while online. If you’re in Chillicothe, Ohio, and would like help setting any of this up, give us a call!

Welcome to ModulaOne Network!

ModulaOne Network is the answer to all your on-site IT computer services, serving home and business users in the Central, Ohio area. Jobs we undertake are computer, laptop, and server repairs, maintenance, IT support, data recovery, server management, web design and development, networking, and upgrades. We are available 24/7 on call support via ticket, email, and phone/sms for emergencies.

Whatever your IT problem or needs, ModulaOne Network can assist you with getting your computer, laptop, server, or network back up and running, we can also build, supply and setup custom built computer systems built to order from your own computer specifications or we can order from top brands such as Toshiba, IBM, Dell, Sony, Fujitsu Siemens, Compaq, HP, Asus, Acer and many more.

Why choose ModulaOne Network?

* We are leading experts in all aspects of IT computer services.
* We offer the complete package for your IT support service.
* We offer on-site IT support for you at your convenience.
* We have very competitive rates and experienced engineers.
* We offer a quick response time, and same day turnaround.
* We have a No Fix – No Fee! policy

Security is a top priority for ModulaOne Network. We are committed to protecting and securing all client data, through the use of firewalls, regular backups, and additional security measures in place to protect against the loss, misuse or alteration of your information.