I do not claim to know everything, in fact the older I get, the less I seem to know. However I am a Microsoft Certified Systems Engineer, work with computers for a living, have been programming computers since the late 1970's, and think I know a good deal. I am not a security expert. The following is simply from my experience. It also applies much more to Windows PCs than linux/macs/etc. as I have little experience outside of Windows PCs. Hopefully some people will find my advice as helpful as I find the advice about firearms for those much more experienced than myself.
My advice in order of importance:
1) Don't be dumb. Seriously, we all do dumb things from time to time. We do dumb things because we are on autopilot and not really thinking, or because we get complacent, etc. The simple truth is that nothing else will keep you safe if you are dumb even once. For example, several of the programs I list below will notify you if something is strange or allow you to bypass the security for certain legitimate reasons. If you just rubber stamp things without really asking yourself if this should be happening, you are going to be one of those people you see on the net saying, "I used X, Y, Z, etc. and I still got a virus/malware/spyware/etc.." Probably 95% of those people dropped their guard and did something dumb. They may not even have realized it. As an example, if you didnt start an installation program FROM A TRUSTED SOURCE and one of the programs below asks if is ok for some program to modify your registry....DONT BE DUMB and click OK. If your firewall program says "XYZ is trying to access the internet", and you dont know exactly what XYZ is and why it needs internet access...you better not click ALLOW! The easiest way to throw all the below prevention in the garbage is to be dumb. Moving on...
2) Be suspicious of EVERYTHING. If you don't know what it is...leave it alone! This applies to wbesites, downloads, emails, files, links, etc. Unless you are 95% sure it is safe...dont touch it. For example, my wife's computer is usually at least mildly infected. Why? because she clicks on every link/attachment/etc. she gets. I ask "Were you expecting that attachment from..." "No." BAD ANSWER. "Do you even know that person?" "No." Then why are you clicking on it?!?!? If you think its legit but you weren't expecting it, send them an email: "I got XXX from you, what is it?"
A LOT OF BAD STUFF COMES FROM SOMEONE YOU KNOW WHO GOT INFECTED. When they got infected, it sent itself to all their friends emails, instant messenger accounts, facebook, etc. Why? Because most people blindly open stuff from people they know.
Don't fall for the their best weapon..."Its from my friend...it must be safe." Remain always suspicious.
Also, if you think something like an email is legit, but it is important like your, bank account, etc. DO NOT click on the links in it. Call your bank, if its legitimate they will tell you. Never click on a link in a email you weren't expecting. Some scammers build websites that look EXACTLY like your bank, but the url is slightly off or the hidden url is different than what you see. If you log in with your account name and password...boom you got scammed.
NEVER GIVE ANYONE SENSITIVE INFO OVER THE PHONE, EMAIL, ETC. UNLESS YOU CONTACTED THEM and even then only if it is appropriate and essential. If your bank calls about fraudulent activity and wants you to verify your identity using your account number and social security number... DON'T DO IT! Tell them to give your their name/extension/whatever and you will call the 800 number on the back of your card and ask for the fraud department and transfer to them. DON'T TRUST ANYONE. Remain suspicious.
3) Especially with links in emails, check where the link is really sending you. Does it at least match? Usually if you hover over a link you will get some sort of message showing you the real location. If not, right click it and sometimes you can inspect it or view it. Sometimes you can copy the link address then paste it into like notepad or word to see what the link really is. If you are expecting to go to ABCbank.com and the link is "http://ebam252.midehest.au/16_1_35220_9802A2050209.htm"... let me tell you, you are about to be scammed. Also, be aware of more subtle things like ABC.bank.com. Don't see anything wrong? Look again ABC{dot}bank{dot}com looks almost like ABCbank{dot}com, but it is not. Some scammers are very tricky.
4) Keep your main software up to date. I don't care what browser, anti-virus, anti-spyware, etc. you run...if it is not up to date, you are going to get infected sooner or later. Setting it all to auto update on start-up is ideal. This stuff should be updated daily. Also you need to make sure your other software is up to date: flash, java, etc. To find out if you are up to date, try both of these and use the one you like more:
F-Secure Health Check - Free Online Technology (Click the check box next to the license terms then click on "run scan")
OSI - Consumer - Products (Click on "start scanner")
5) Use a firewall. Hopefully you are using a router or something with a built in hardware firewall between your computer and the internet. Even the built in windows firewall is better than nothing if you haven't messed the settings up. Go to Firewall Test, Web Tools and Free Internet Security Audit and run the firewall and anonymous tests. For a more thorough test go here: https://www.grc.com/x/ne.dll?bh0bkyd2 Either one should tell you if your firewall is working correctly. See if its working correctly. If it isn't, go here: Personal Firewall Reviews I have used zonealarm in the past. Currently I just use windows firewall, but I know its working well.
6) Use good FREE anti-virus and anti-spyware. (I personally dislike MacAfee and Norton) My recommendation is http://www.microsoft.com/security_essentials/ If you are one of those people who feel you must pay to get something good, fine - I recommend NOD32 (ESET - Antivirus Software with Spyware and Malware Protection)
7) Employ a multilayer defense. In addition to your chosen front-line Anti-virus and Anti-spyware Add:
SpywareBlaster | Prevent spyware and malware. Free download.
The home of Spybot-S&D!
Malwarebytes' Anti-Malware : Malwarebytes (free version is fine, just update it and run a scan weekly)
8) Secure your Hosts file. You can read about it here, but it is a bit confusing: Blocking Unwanted Parasites with a Hosts File To simplify, download this: http://mvps.org/winhelp2002/hosts.zip Then unzip it. Then run mvps.bat NOTE: For Windows7 users and Vista Users, right click on mvps.bat and choose "Run as Administrator"
9) Browsers...honestly...if you do all of the above your browser does not really matter much. If you want to be a little safer, a browser like google's chrome (Google Chrome - Get a fast new browser. For PC, Mac, and Linux) is safer than Internet Explorer simply because it is targeted less. If you want my opinion on the best security, you should run Firefox (Firefox web browser | Faster, more secure, & customizable) with adblock plus (https://addons.mozilla.org/en-US/firefox/addon/1865) and noscript (https://addons.mozilla.org/en-US/firefox/addon/722) and WOT (https://addons.mozilla.org/en-US/firefox/addon/3456). After installing all four, if the website does not seem to be working, right click on the noscript button in the lower right corner and temporarily enable one script at a time starting with the one that includes the site's name until the site works and ONLY if you trust the site. If you are comfortable with things, next time allow instead of temporarily allow. If you just blindly enable all scripts on all sites....see #1 because you missed the point about not being dumb.
10) Don't be dumb. Please.
Ok, so what if you do something dumb and get infected, or as a result of following the steps above you find out you have already been infected? In my opinion, removing the infection correctly is an art-form and even the best removers/cleaners are only halfway decent at undoing the damage correctly. Your best bet is to do a re-install:
0) Download your antivirus/spyware install files to a to a USB drive and copy all your important documents, etc. to it too. If you need more space consider an external USB hard drive.
1) Unplug your computer from the internet.
2) Reformat your system using your manufacturer's disks. ****NOTE: This will return your system to like you just bought it. ALL of your programs and files are GONE FOREVER, that's why you backed the important things up to the USB drive.****
3) Install your anti-Virus/antiSpyWare software, do not update it when prompted because your internet is still disconnected.
4) Plug the internet back in
5) Update your anti-v/sw software
6) Run windows update Keep running it and rebooting as needed until you are up to date.
7) Run F-Secure Health Check - Free Online Technology and update anything else that needs it.
8) Reinstall whatever other programs you need.
9) Run F-Secure Health Check - Free Online Technology and update anything else (yes, again)
10) Copy your data back
11) Don't be dumb again!
Now if you don't want to go through that hardship, here are your options from best to worst:
1) Get someone who knows what they are doing to help you like a friend, your teenager, your friend's teenager, etc. BUT THEY MUST KNOW WHAT THEY ARE DOING.
2) Use the built-in removal tools included above.
3) Deal with the infection.
4) Take your computer to the "experts' at Best Buy, Office Depot, etc. Seriously, I have never heard of someone having long term success, and some had problems almost immediately. I am sure there are success stories and I hate anecdotal evidence, but its all I have so I can't recommend this option.
The reason I recommend the re-install method is not because I want to cause you great frustration and effort, but because once you have been infected, removing all the infection is unlikely and since you were compromised, there is a higher likelihood of getting infected again, even if you aren't dumb. The scammers/hackers/etc. are good at what they do.
Good luck, be smart, be skeptical, and be safe.
My advice in order of importance:
1) Don't be dumb. Seriously, we all do dumb things from time to time. We do dumb things because we are on autopilot and not really thinking, or because we get complacent, etc. The simple truth is that nothing else will keep you safe if you are dumb even once. For example, several of the programs I list below will notify you if something is strange or allow you to bypass the security for certain legitimate reasons. If you just rubber stamp things without really asking yourself if this should be happening, you are going to be one of those people you see on the net saying, "I used X, Y, Z, etc. and I still got a virus/malware/spyware/etc.." Probably 95% of those people dropped their guard and did something dumb. They may not even have realized it. As an example, if you didnt start an installation program FROM A TRUSTED SOURCE and one of the programs below asks if is ok for some program to modify your registry....DONT BE DUMB and click OK. If your firewall program says "XYZ is trying to access the internet", and you dont know exactly what XYZ is and why it needs internet access...you better not click ALLOW! The easiest way to throw all the below prevention in the garbage is to be dumb. Moving on...
2) Be suspicious of EVERYTHING. If you don't know what it is...leave it alone! This applies to wbesites, downloads, emails, files, links, etc. Unless you are 95% sure it is safe...dont touch it. For example, my wife's computer is usually at least mildly infected. Why? because she clicks on every link/attachment/etc. she gets. I ask "Were you expecting that attachment from..." "No." BAD ANSWER. "Do you even know that person?" "No." Then why are you clicking on it?!?!? If you think its legit but you weren't expecting it, send them an email: "I got XXX from you, what is it?"
A LOT OF BAD STUFF COMES FROM SOMEONE YOU KNOW WHO GOT INFECTED. When they got infected, it sent itself to all their friends emails, instant messenger accounts, facebook, etc. Why? Because most people blindly open stuff from people they know.
Don't fall for the their best weapon..."Its from my friend...it must be safe." Remain always suspicious.
Also, if you think something like an email is legit, but it is important like your, bank account, etc. DO NOT click on the links in it. Call your bank, if its legitimate they will tell you. Never click on a link in a email you weren't expecting. Some scammers build websites that look EXACTLY like your bank, but the url is slightly off or the hidden url is different than what you see. If you log in with your account name and password...boom you got scammed.
NEVER GIVE ANYONE SENSITIVE INFO OVER THE PHONE, EMAIL, ETC. UNLESS YOU CONTACTED THEM and even then only if it is appropriate and essential. If your bank calls about fraudulent activity and wants you to verify your identity using your account number and social security number... DON'T DO IT! Tell them to give your their name/extension/whatever and you will call the 800 number on the back of your card and ask for the fraud department and transfer to them. DON'T TRUST ANYONE. Remain suspicious.
3) Especially with links in emails, check where the link is really sending you. Does it at least match? Usually if you hover over a link you will get some sort of message showing you the real location. If not, right click it and sometimes you can inspect it or view it. Sometimes you can copy the link address then paste it into like notepad or word to see what the link really is. If you are expecting to go to ABCbank.com and the link is "http://ebam252.midehest.au/16_1_35220_9802A2050209.htm"... let me tell you, you are about to be scammed. Also, be aware of more subtle things like ABC.bank.com. Don't see anything wrong? Look again ABC{dot}bank{dot}com looks almost like ABCbank{dot}com, but it is not. Some scammers are very tricky.
4) Keep your main software up to date. I don't care what browser, anti-virus, anti-spyware, etc. you run...if it is not up to date, you are going to get infected sooner or later. Setting it all to auto update on start-up is ideal. This stuff should be updated daily. Also you need to make sure your other software is up to date: flash, java, etc. To find out if you are up to date, try both of these and use the one you like more:
F-Secure Health Check - Free Online Technology (Click the check box next to the license terms then click on "run scan")
OSI - Consumer - Products (Click on "start scanner")
5) Use a firewall. Hopefully you are using a router or something with a built in hardware firewall between your computer and the internet. Even the built in windows firewall is better than nothing if you haven't messed the settings up. Go to Firewall Test, Web Tools and Free Internet Security Audit and run the firewall and anonymous tests. For a more thorough test go here: https://www.grc.com/x/ne.dll?bh0bkyd2 Either one should tell you if your firewall is working correctly. See if its working correctly. If it isn't, go here: Personal Firewall Reviews I have used zonealarm in the past. Currently I just use windows firewall, but I know its working well.
6) Use good FREE anti-virus and anti-spyware. (I personally dislike MacAfee and Norton) My recommendation is http://www.microsoft.com/security_essentials/ If you are one of those people who feel you must pay to get something good, fine - I recommend NOD32 (ESET - Antivirus Software with Spyware and Malware Protection)
7) Employ a multilayer defense. In addition to your chosen front-line Anti-virus and Anti-spyware Add:
SpywareBlaster | Prevent spyware and malware. Free download.
The home of Spybot-S&D!
Malwarebytes' Anti-Malware : Malwarebytes (free version is fine, just update it and run a scan weekly)
8) Secure your Hosts file. You can read about it here, but it is a bit confusing: Blocking Unwanted Parasites with a Hosts File To simplify, download this: http://mvps.org/winhelp2002/hosts.zip Then unzip it. Then run mvps.bat NOTE: For Windows7 users and Vista Users, right click on mvps.bat and choose "Run as Administrator"
9) Browsers...honestly...if you do all of the above your browser does not really matter much. If you want to be a little safer, a browser like google's chrome (Google Chrome - Get a fast new browser. For PC, Mac, and Linux) is safer than Internet Explorer simply because it is targeted less. If you want my opinion on the best security, you should run Firefox (Firefox web browser | Faster, more secure, & customizable) with adblock plus (https://addons.mozilla.org/en-US/firefox/addon/1865) and noscript (https://addons.mozilla.org/en-US/firefox/addon/722) and WOT (https://addons.mozilla.org/en-US/firefox/addon/3456). After installing all four, if the website does not seem to be working, right click on the noscript button in the lower right corner and temporarily enable one script at a time starting with the one that includes the site's name until the site works and ONLY if you trust the site. If you are comfortable with things, next time allow instead of temporarily allow. If you just blindly enable all scripts on all sites....see #1 because you missed the point about not being dumb.
10) Don't be dumb. Please.
Ok, so what if you do something dumb and get infected, or as a result of following the steps above you find out you have already been infected? In my opinion, removing the infection correctly is an art-form and even the best removers/cleaners are only halfway decent at undoing the damage correctly. Your best bet is to do a re-install:
0) Download your antivirus/spyware install files to a to a USB drive and copy all your important documents, etc. to it too. If you need more space consider an external USB hard drive.
1) Unplug your computer from the internet.
2) Reformat your system using your manufacturer's disks. ****NOTE: This will return your system to like you just bought it. ALL of your programs and files are GONE FOREVER, that's why you backed the important things up to the USB drive.****
3) Install your anti-Virus/antiSpyWare software, do not update it when prompted because your internet is still disconnected.
4) Plug the internet back in
5) Update your anti-v/sw software
6) Run windows update Keep running it and rebooting as needed until you are up to date.
7) Run F-Secure Health Check - Free Online Technology and update anything else that needs it.
8) Reinstall whatever other programs you need.
9) Run F-Secure Health Check - Free Online Technology and update anything else (yes, again)
10) Copy your data back
11) Don't be dumb again!
Now if you don't want to go through that hardship, here are your options from best to worst:
1) Get someone who knows what they are doing to help you like a friend, your teenager, your friend's teenager, etc. BUT THEY MUST KNOW WHAT THEY ARE DOING.
2) Use the built-in removal tools included above.
3) Deal with the infection.
4) Take your computer to the "experts' at Best Buy, Office Depot, etc. Seriously, I have never heard of someone having long term success, and some had problems almost immediately. I am sure there are success stories and I hate anecdotal evidence, but its all I have so I can't recommend this option.
The reason I recommend the re-install method is not because I want to cause you great frustration and effort, but because once you have been infected, removing all the infection is unlikely and since you were compromised, there is a higher likelihood of getting infected again, even if you aren't dumb. The scammers/hackers/etc. are good at what they do.
Good luck, be smart, be skeptical, and be safe.
