Staying Malware Free


Windows has design issues…I have talked about it many many times.  However it IS possible to have a malware free system.  It’s really not that hard.  You do need to change your behavior on how you operate your windows systems.

1.  Have a security audit done if you’ve never had one done.

2.  Do NOT depend on the windows firewall.  If you don’t have at least a router or if you aren’t sure who have one Contact ETC-MD for details.

3.  Run Firefox or Google Chrome.  If you are not sure which one to use Contact ETC-MD.

4.  Don’t goto porn, warez, gambling..etc etc type sites.  If it’s a red-light disctrict on land it’s the same in cyber-land.  If you go to these places in cyber-land none of the above or below matter..you’ll be infected either immediately or very quickly.  NO anti-anything will save you either.

5.    If you have access to sensitive information then not only run anti-malware but a good UTM to scan everything before it even gets to your system is a must.  If you are a home user or a business with less than 10 computers the Microsoft Security Essentials is a decent, free product with automatic updates and no up selling tactics.  If you want best in class protection without a huge performance hit Contact ETC-MD.

6.  For Network Admins:  Block the following attachments: .com. .bat, .vbx, .hta, .inf, .jsa, .wsh, .vbs, .vbe, .shm, .pif, .scr, .cmd, .dll, .rtf, .zip, .exe.  This list is not exhaustive but this list contains the most common infection vectors in attachments.

6.  Never click a link in an e-mail .  This can be a tricky subject.  Hover your mouse(Don’t click any links) over the links and see if the address presented in the bottom bar matches the text of  the link.  If it doesn’t it’s a fake.  Contact ETC-MD.

7.  Remove admin rights from users as much as possible.

8.  Remove the ability for users to install ANYTHING.  This can easily be done via group policy. (This and #7 are the 2 things you can do on a network to stop at least 90% of all malware infections)

9.  Disable autorun.  This nukes most infections from usb keys(flash drives, thumb drives..etc etc etc.  Works great in conjunction with #8 and #7)

10. Ensure all systems are up to date with all security updates.  Not just Windows and Office but every third party program on your systems.  (This includes Acrobat, Flash, Java).

11.  If something you are installing wants to install something else as well as what you asked for…STOP THE SETUP PROCESS IMMEDIATELY and Contact ETC-MD.

12.  If you installed it you must keep it updated

13.  If you don’t use it or don’t know what it is uninstall it at once.  Old software is another target for malware entry into your system.

14. If you are informed of a possible infection or you suspect an infection please remember that you CANNOT reliably clean an infected machine from inside the infected operating system.  Contact ETC-MD for your recovery options.