Preventing a Virus Infection

Viruses* are a huge problem on a Windows PC. Nearly half of our work is virus removal, often times repeat customers will be reinfected. I’m often asked where they come from and how to prevent them. I’ll attempt to answer the best I can, though this post is by no means comprehensive.

(*for the sake of this article, I’m saying virus, but I’m referring to a variety of malware)

So, where do viruses come from?

Well, a lot of places. Social Media sites like Facebook or Twitter can easily spread links to infected sites. Legitimate sites can unknowingly have banner ads with an infected script or a link to a malicious site. Downloads from peer-to-peer services or an untrusted site can be infected. File formats, pdfs for example, can also introduce infections to your system. Some take advantage of exploits in Windows or your programs and can ‘let themselves’ in, so to speak. Additionally, the old answer of “e-mail” or “from an infected disk/flash drive” are still applicable.

So, what do you do to prevent a virus infection?

The old stand-by answer that nearly any computer tech will say is “be smart about what you click”. Honestly, that advice is still true, but it’s outdated. As I said, a perfectly legitimate site can be infected with a script to install a virus. These days you don’t even have to click and you’re infected. The advice does apply to e-mails, downloads and sites, though. Beware of music downloaded via p2p services, don’t follow links sent to you by Nigerian princes, and disregard e-mails from your bank telling you that they lost your account info and that they need you to log in.
Along the same lines, keep Windows and other software up to date to help avoid exploits. Older versions of programs like Flash or Adobe Reader are known to have serious exploits that can easily infect Windows.

A strong antivirus program is a must, even better is a full internet security package. I recommend Kaspersky Internet Security. A full featured firewall will protect you from network attacks. A strong antivirus will catch files that you download. Antispam and antiphishing will help sort out the bad e-mails. And a link scanner will help keep you from visiting negative sites.

The next key is using good software. Internet Explorer comes on every Windows computer, but speaking strictly in terms of security, it’s a terrible browser. I recommend Google Chrome. Not only is a good, fast browser (You’ve seen the commercials, right?) it has some great security features other browsers don’t, like sandboxing. I’ll talk more about that in a bit.
Chrome, as well as other browsers, will typically warn if you’re about to visit a known bad site. For a second opinion about sites, plugins like Web Of Trust will warn of malicious sites and even give you a rating of the link before you click. If you want to prevent automatic scripts, you can use the NoScript plugin in Chrome or Firefox. Additionally, AdBlock lets you set up a black list of advertisements or banner ads.
In addition to using the good software, avoid the bad. Avoid programs like Lime/Frost/Spark Wire or Bearshare. Choose wisely whose toolbar you want to install, and ask yourself if you really need a little dancing koala as your mouse cursor.

I mentioned sandboxing earlier. Sandboxing, is essentially giving a program its own little space; A “sandbox to play in.” A program in a sandbox only has access to its own functions and settings, it can’t make changes to Windows or your files unless you explicitly allow it. Both Kasperksy and Chrome have a sandboxing feature. Kaspersky can sandbox any program, through the “Safe Run” feature. If a virus makes a change to the program, you just close it and no harm is done. Chrome has sandboxing built in as part of the browser. A malicious script is generally unable to get outside of Chrome’s sandbox to make changes to Windows or any other part of your system.
There are also free sandboxing applications available to use. Comodo Internet Security is free to home users and has a sandbox feature for any application. Additionally, Sandboxie is a stand alone sandbox utility that can be used with any security software.
I recommend sandboxing your web browser and IM clients. Other online applications (such as Outlook) can also be sandboxed, but may not work correctly without some tinkering.

I also like webmail, as a security measure. Not everyone may agree, or even like web based e-mail. Webmail does give a few safeguards, though. First, you only have to download attachments that you want. Outlook and other e-mail clients allow this, too…but it’s an obscure setting that I’ve never seen used. Secondly, almost all webmail services implement their own antivirus scanning engine now. You know before you download if the file is infected. Generally, files that can be infected aren’t allowed to be sent through services like Gmail.

Finally, I also like to recommend OpenDNS or Norton DNS as part of the equation. A DNS service is something like a phone book for your computer. You type in www.google.com, a DNS server tells your computer that you want to look at information at 72.14.204.104 and sends you to Google’s Web Page. OpenDNS and NortonDNS allow you to filter that information a little. Both DNS services allow you to block categories of information, such as pornography, gambling, chat sites, etc. They also automatically block out some malicious sites, helping to keep you from visiting a known infected site.

Unfortunately, nothing is 100% foolproof when it comes to preventing viruses. Having said that, if you follow all of the advice above, you will be fairly safe while online. If you’re in Chillicothe, Ohio, and would like help setting any of this up, give us a call!

Leave a Reply

Your email address will not be published. Required fields are marked *