from Mike Nagy, IT Consultant at Computer Works of Toledo
Malware is a broad term that refers to software designed to infiltrate or damage a computer system without the owner's consent. Popular forms of malware include spyware, adware, fraudware, viruses, worms and trojans. These programs are responsible for a significant decrease in user productivity due to their impact on PC performance and time spent on attempted self-repair. More catastrophic results include unauthorized access to company information by outside hackers, deletion of critical information and even operating system corruption leading to complete system failure. The solution is to proactively scan for and remove malware programs on a regular basis by a qualified PC administrator using utilities designed for the task.
If your proactive efforts have not been successful at preventing infection, it is often very difficult to completely remove infections like the Vundo virus or one of the myriad of variants (now classified as “Fraud Ware”). If you have physical access to the computer, then performing a “Clean Scan” process is the most reliable method of removing the Vundo Virus; however, as we often find ourselves attacking these types of infections on remote computers. The instructions below provide a reliable method of virus removal, for at least 80% of affected computers. This process can take between 2 to 6 hours, depending on the level of infection, with the average computer taking about 3 ½ to 4 hours.
1. Establish the Remote session using GoToAssist (G2A), GoToAssist Express (G2A-x), Log-Me-In or a similar utility.
• Make sure to upgrade the remote session to “Run As A Service” or setup the “Unattended Support” option if available
2. Verify the computer has a valid Antivirus program installed, and that it has the latest virus Definitions.
• If no valid Antivirus program is installed, the current Antivirus product has been disabled, or the current Antivirus product is expired; then download a current Trial or Free Antivirus program such as: AVG 8.x Free or ClamWin, which are available from http://www.filehippo.com
3. Download, install and update the most recent version of the following programs:
• SpyBot Search and Destroy (Spybot) http://www.filehippo.com/download_spybot_search_destroy/
• MalwareBytes’ Anti-Malware (aka: MBAM) http://www.malwarebytes.org/mbam.php
• Super Antispyware. http://www.superantispyware.com/
• A reliable Registry Cleaning Utility. I recommend one or both of the following:
i. Crap Cleaner (CCleaner) - http://www.filehippo.com/download_ccleaner/
ii. EasyCleaner - http://personal.inet.fi/business/toniarts/ecleane.htm
4. Disable System Restore:
• Right Click on the “My Computer” Icon
• Select “Properties”
• Select the “System Restore” Tab
• Check the box “Turn Off System Restore”
• Approve the prompt message, and Click “OK” to close the Properties Window
5. Perform Registry and Application Cleanup (the instructions provided here are for CCleaner. You can also perform similar operations using EasyCleaner)
• Select the ”Cleaner” button (Left Margin Bar)
i. Select the “Analyze” button (at the bottom) to catalog Temp files, the browser cache, and cookies
ii. Select the “Run Cleaner” button (bottom right)
• Select the “Tools” Menu (Left Margin Bar)
• Select the “Uninstall” Menu Button
i. Uninstall ALL toolbars (i.e. Yahoo Toolbar, Google Toolbar, MSN Tools, etc.)
ii. Uninstall All “Browser Helper” applications (i.e. Yahoo Browser Protection, WebX, Dell Redirector, etc.)
iii. Uninstall ALL Messenger programs (i.e. AOL, MSN, Yahoo Messenger, etc.)
iv. Uninstall Google Desktop and Microsoft Desktop Search (Indexer)
v. Uninstall all “search tools” or “search assistant” applications
• Select the “Startup” Menu Button
i. Delete all “deactivated” startup items
ii. Disable any item that is suspect (i.e. XP_Antispyware_2008.exe, ZEDO.exe, etc.)
• Select the “Registry” Button (Left Margin Bar)
i. Select the “Scan for Issues” button (at the bottom)
ii. Select the “Fix Selected issues…” button (bottom right) – approve all prompts, but do not save the current registry values
iii. Repeat the above registry cleaning as needed until all invalid registry entries are removed – this may take 6 or more times
6. Restart the PC in Safe Mode (With Networking)
• Use the Remote Utility to “restart in safe mode” if it is available.
• If not, force the PC into Safe Mode at the next startup
i. Click “Start”
ii. Select “Run…”
iii. Type “msconfig” in the Run Command prompt and select “Ok” or press the [enter] key
iv. Select the “Start in Safe Mode with Networking” radio button
v. Click Apply
vi. Click “OK”, then select “Restart the Computer” when prompted
7. Once the computer is at the desktop in Safe Mode, run Malwarebytes’ Anti-Malware (MBAM) and perform a “quick scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the Antispyware scan below, if the computer has sufficient hardware resources
8. Open Super Antispyware and perform a “Quick Scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the MBAM scan above, if the computer has sufficient hardware resources
9. Open Spybot, and select the “Check For Problems” button (this scan may take up to 1 ½ hours) *** This scan can be performed at the same time as the Antivirus scan below, if the computer has sufficient hardware resources
• Select “Fix All Problems” then approve any prompts from this program
10. Setup Spybot to automatically run on the next PC startup
• Click on the “Mode” Toolbar Menu
• Select “Advanced Mode” and approve the prompt
• Select the “Settings” Menu button
• Highlight the “Settings” sub-menu
• Scroll down to the “Scan Priority” sub-menu
i. Select the “Highest” radio button
• Scroll down to the “Automation” sub-menu
i. Select the “Run Spybot on the Next System Startup” radio button
ii. Select the “Run Scan when program starts” check box
iii. Select the “Fix all problems” check box
• Select the “Spybot S&D” Menu Button
• Close Spybot
11. Open the Antivirus program and perform a “Full System Scan” (this is typically a “console mode” scanner in Safe Mode and may take up to 2 hours) *** This scan can be performed at the same time as the Spybot scan above, if the computer has sufficient hardware resources
12. Repeat Registry Cleanup (Step # 5 above using CCleaner or Easy Cleaner)
13. Restart the Computer in Normal Operation Mode (Reset the MSCONFIG boot option if this method was used to force a restart in Safe Mode)
14. Upon login, Spybot should automatically start to run and check for problems.
• If Spybot does not startup automatically, then immediately repeat/verify step 13 above.
• Once Spybot completes the scan, and fixes any problems, review the “fixed” items to insure there is no evidence of persistent virus activity then close Spybot
15. Run the Antivirus program. Once the Antivirus program completes, review the log to insure there is no persistent virus activity, then close the Antivirus program
16. Open Internet Explorer and verify the Home Page and security options, and that there are no installed Toolbars
17. Verify the clients Data is intact and programs are working normally.
• Re-install any programs which do not work normally
NOTES:
If no persistent virus activity is encountered:
• Perform a final registry cleanup for EACH user login on the computer (using CCleaner or Easy Cleaner)
If persistent virus activity is encountered:
• The computer cannot be “cleaned by normal means” and should have the Hard Disk Drive formatted and the Operating system reinstalled. If a format and OS reinstallation are still not an option, then a “Clean System Scan” must be performed, or the system should be removed from service or replaced.
Computer Support, Network Services, Printer Repair, Ink & Toner Supplies in Toledo, OH
Wednesday, December 30, 2009
Friday, December 11, 2009
5 Good Computing Habits
Working off a slow, disorganized computer can be frustrating—and it happens to the best of us. This article is designed to give you some easy-to-follow guidelines on how to keep your computer on the right track using tools in Microsoft Windows Vista and Microsoft Windows XP.
1. Organize your folders
We all know how easy it is to dump files into the wrong folder when we're in a hurry. But one way to make sure you'll keep your files organized is to remove the clutter with a filing system that makes sense for the way you use your computer. Here are a few tips to get you started:
Start clean
Begin by deciding which files you no longer need on your hard drive.
Think it through
Take the time to plan the best way to organize your files. How do you spend your time on the computer and what do you create? Do you work with photos and image editing software, surf the Web, write short stories, research school projects, or play games? The folders you create in Documents (called My Documents in Windows XP) can be easily tailored to show you just the kind of data about your files that you need to track.
Use subfolders
After you have an idea of the kinds of items you produce and want to save, create folders and subfolders to store your files. Be sure to use logical, easy-to-understand names. For example, within Documents, you might create additional folders called Projects, HR Benefits, and Career. Then, within the Projects folder, you could create subfolders for each different project.
Windows Tip
To create a new subfolder with Windows Vista or Windows XP, simply right click anywhere in the folder, select New, and Select Folder. Type the name for the new folder and press Enter. For more tips about creating a well-organized filing system, see 7 tips to manage your files better.
Create a new folder using the File and Folder task pane.
2. Clean up your hard disk
Now that you've organized your files and folders, and cleaned up your desktop, you can organize the data itself. Windows includes two utilities—Disk Cleanup and Disk Defragmenter—that help you free up more space on your hard drive and help your computer work more efficiently.
Disk Cleanup compresses your old files so you can free up storage space.
Disk Defragmenter scans your hard drive and consolidates files that may be scattered across the disk
Not sure how often to run these utilities? It's really up to you—some people like to run both weekly, others prefer monthly, and a few only run them every few months. It's not a bad idea to do both at least once a month. Windows Vista users take note: Disk Defragmenter is automatically scheduled to run once a week (Sunday at 4 a.m.). You can change the scheduled time for this feature or turn it off, if you prefer.
To find both programs, click Start, point to All Programs, then point to Accessories, and then choose System Tools.
3. Use System Restore
System Restore is one of those programs that can be a life-saver when you've been the unfortunate recipient of unstable software, a badly timed power outage, or a damaging thunderstorm. System Restore records important documents, settings, and preferences on your computer. If the unthinkable happens and your computer files are damaged or inaccessible, you can use System Restore to restore your computer back the same state it was in before the data was lost.
System Restore creates restore points daily, and whenever you install device drivers, automatic updates, and some applications. Still, it's a good idea to get into the habit of creating a system checkpoint (called a restore point) whether you're about to install new software, or take any action you suspect might make your computer unstable. That way, if there's any conflict at all, you can restore your computer to the point just before you began the installation.
To use System Restore:
If you're using Windows XP, visit Microsoft Update to start the update process. If it's your first time to visit Microsoft Update, you might need to sign up to the service. Windows Vista users don't need to sign up for Microsoft Update: an account is automatically created for you during the registration process.
To use Microsoft Update:
For high-priority updates, click Express Install (recommended). If you're just looking for general updates that aren't critical, choose Custom Install.
The site will do a quick check of your system to see whether any new updates are available that have not been downloaded to your computer. When the check is finished, a window appears showing you any new updates ready for download.
Follow the on-screen instructions and click Install Now to update your computer with the latest software improvements.
Once you've visited the Microsoft Update site, you should also configure your computer to receive critical updates automatically. This service is called Automatic Updates (Windows Update in Windows Vista) and it's free. Learn how to turn it on in Windows Vista and Windows XP.
Turn Windows Update on in Windows Vista
If your computer seems sluggish or if you begin to see lots of pop-up advertisements, even when you're not surfing the Web, your computer may be infected with spyware, adware, or other unwanted software. Learn more about spyware and what it can do to your computer. Fortunately, there's Microsoft Windows Defender, which is included in Windows Vista, and is available as a free download for Microsoft XP SP2. Alternatively, there are other free anti-spyware software programs available.
Find more tips at the Microsoft at Work website
1. Organize your folders
We all know how easy it is to dump files into the wrong folder when we're in a hurry. But one way to make sure you'll keep your files organized is to remove the clutter with a filing system that makes sense for the way you use your computer. Here are a few tips to get you started:
Start clean
Begin by deciding which files you no longer need on your hard drive.
Think it through
Take the time to plan the best way to organize your files. How do you spend your time on the computer and what do you create? Do you work with photos and image editing software, surf the Web, write short stories, research school projects, or play games? The folders you create in Documents (called My Documents in Windows XP) can be easily tailored to show you just the kind of data about your files that you need to track.
Use subfolders
After you have an idea of the kinds of items you produce and want to save, create folders and subfolders to store your files. Be sure to use logical, easy-to-understand names. For example, within Documents, you might create additional folders called Projects, HR Benefits, and Career. Then, within the Projects folder, you could create subfolders for each different project.
Windows Tip
To create a new subfolder with Windows Vista or Windows XP, simply right click anywhere in the folder, select New, and Select Folder. Type the name for the new folder and press Enter. For more tips about creating a well-organized filing system, see 7 tips to manage your files better.
Create a new folder using the File and Folder task pane.
2. Clean up your hard disk
Now that you've organized your files and folders, and cleaned up your desktop, you can organize the data itself. Windows includes two utilities—Disk Cleanup and Disk Defragmenter—that help you free up more space on your hard drive and help your computer work more efficiently.
Disk Cleanup compresses your old files so you can free up storage space.
Disk Defragmenter scans your hard drive and consolidates files that may be scattered across the disk
Not sure how often to run these utilities? It's really up to you—some people like to run both weekly, others prefer monthly, and a few only run them every few months. It's not a bad idea to do both at least once a month. Windows Vista users take note: Disk Defragmenter is automatically scheduled to run once a week (Sunday at 4 a.m.). You can change the scheduled time for this feature or turn it off, if you prefer.
To find both programs, click Start, point to All Programs, then point to Accessories, and then choose System Tools.
3. Use System Restore
System Restore is one of those programs that can be a life-saver when you've been the unfortunate recipient of unstable software, a badly timed power outage, or a damaging thunderstorm. System Restore records important documents, settings, and preferences on your computer. If the unthinkable happens and your computer files are damaged or inaccessible, you can use System Restore to restore your computer back the same state it was in before the data was lost.
System Restore creates restore points daily, and whenever you install device drivers, automatic updates, and some applications. Still, it's a good idea to get into the habit of creating a system checkpoint (called a restore point) whether you're about to install new software, or take any action you suspect might make your computer unstable. That way, if there's any conflict at all, you can restore your computer to the point just before you began the installation.
To use System Restore:
- Click Start, and choose All Programs.
- Point to Accessories, then point to System Tools, and then choose System Restore.
- When the program begins, choose Create a restore point and click Next.
- Enter a description of the restore point and click Create. After a few seconds, the program will tell you the date, time, and description of the new restore point.
- Click Close to exit System Restore.
4. Keep Windows and Office up-to-date
Computer programs are continually improved based on customer feedback and continuing product testing. As problems are resolved, you should benefit from those improvements. By checking Microsoft Update regularly, you can make sure you've got the most recent Windows and Office improvements available to you.If you're using Windows XP, visit Microsoft Update to start the update process. If it's your first time to visit Microsoft Update, you might need to sign up to the service. Windows Vista users don't need to sign up for Microsoft Update: an account is automatically created for you during the registration process.
To use Microsoft Update:
For high-priority updates, click Express Install (recommended). If you're just looking for general updates that aren't critical, choose Custom Install.
The site will do a quick check of your system to see whether any new updates are available that have not been downloaded to your computer. When the check is finished, a window appears showing you any new updates ready for download.
Follow the on-screen instructions and click Install Now to update your computer with the latest software improvements.
Once you've visited the Microsoft Update site, you should also configure your computer to receive critical updates automatically. This service is called Automatic Updates (Windows Update in Windows Vista) and it's free. Learn how to turn it on in Windows Vista and Windows XP.
- Click Start, and then click Control Panel.
- Under Windows Update, select Turn automatic updating on or off.
- Select a setting. Microsoft recommends selecting Automatic: Automatically download recommended updates for my computer and install them. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. We recommend choosing a time when you will not be using the computer for other tasks.
- Change Settings dialog box
- Turn Windows Update on in Windows XP
- Click Start, and then click Control Panel.
- Click Performance and Maintenance.
Note: If the Performance and Maintenance category is not visible, click Switch to Category View.
- Click System.
- In the System Properties dialog box, click the Automatic Updates tab.
- Select a setting. Microsoft recommends selecting Automatic: Automatically download recommended updates for my computer and install them. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. We recommend choosing a time when you will not be using the computer for other tasks.
Important : If you choose an option in step 5 other than the one we recommend, you must download and install every critical update. If you download the updates, but forget to install them, your computer will not be protected with all the latest enhancements.
Turn Windows Update on in Windows XP
5. Run antivirus software AND a spyware detection and removal tool
Updating your Windows software is just the first step in keeping your computer safe. Next, you'll want to download and install antivirus software and keep it up to date. Your computer may have come with a free trial of antivirus software, but if you don't renew your subscription, you won't be protected from all the latest threats.- Click Start, and then click Control Panel.
- Click Performance and Maintenance.
- Click System.
- In the System Properties dialog box, click the Automatic Updates tab.
- Select a setting. Microsoft recommends selecting Automatic: Automatically download recommended updates for my computer and install them. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. We recommend choosing a time when you will not be using the computer for other tasks.
- Ifyou choose to have Automatic Updates notify you in step 5, you will see a notification balloon when new downloads are available to install. Click the notification balloon to review and install updates.
5. Run antivirus software AND a spyware detection and removal tool
Find more tips at the Microsoft at Work website
Monday, October 12, 2009
Citrix Myth #5 - User experience on XenApp is not as good as locally installed apps
Some people believe that apps delivered with XenApp are not as good as installed apps. Actually, XenApp provides a "better than installed" experience.
Monday, September 28, 2009
Monday, August 31, 2009
Thursday, August 20, 2009
Bigfoot uses Citrix XenApp?
Forget everything you thought you knew. Watch this startling new footage that sheds light on the very existence of Bigfoot — but even more importantly — the misconceptions that may be keeping you from reaping the full benefits of Citrix XenAppTM (which you may know as MetaFrame or Presentation Server).
Don’t be fooled, XenApp delivers all Windows® applications as a service to users anywhere — while reducing application management costs by up to 50%. It’s shocking. It’s amazing.And it’s true.
Watch the incredible footage for yourself!
Don’t be fooled, XenApp delivers all Windows® applications as a service to users anywhere — while reducing application management costs by up to 50%. It’s shocking. It’s amazing.And it’s true.
Watch the incredible footage for yourself!
Thursday, August 6, 2009
Tuesday, May 26, 2009
Integrity in Ethics - The Practice of Client Retention
Computer Works of Toledo is celebrating 10 years of serving the business communities of Northwest Ohio through the delivery of IT related products and professional services. It is fitting that as we celebrate this milestone, we are honored by a nomination for the Better Business Bureau 2009 Torch Award for Marketplace Ethics. This annual program acknowledges those who demonstrate a commitment to outstanding ethical business practices in dealings with their employees, vendors, customers and community.
Computer Works of Toledo understands that what we do is less important than how we do it. We have worked hard at forming long-term relationships by using a partnership for success approach. Some of our clients have been with us from the beginning, which is a testament to the value of that approach. Our motto, ‘Understanding Objectives – Delivering Results,’ in conjunction with a mission statement to conduct business ethically, is only part of the equation. It takes integrity to consistently deliver that commitment to ethics across all business dealings. This is especially true when presented with difficult circumstances, such as hard economic times.
To validate our efforts, we rely on positive feedback from our clients. In his nomination, Mike Deye of Hale Performance Coatings wrote, “When computers break, work comes to a complete stop. What I am impressed with, is when a call is made for a repair, they are here like lightning! On top of that, all repairs are done 100% accurate, and usually an improvement is made.” Mr. Deye went on to say, “When I am out and about, it seems that bad service is easy to find. It has been a long quest of ours to find a company like Computer Works.”
At Computer Works of Toledo, we know that integrity in ethics in the interest of client retention is a practice that is never completely satisfied. We continually strive to improve on the delivery of our products and services to meet the expectations of our clientele. Were it not for the feedback- both positive and critical- from our loyal clients, we would not be celebrating 10 years in business or the Marketplace Ethics Torch Award nomination. As our business model evolves to meet the demands of the regional IT market, what is at our core will never change. Conducting business ethically, and with integrity, will always come first. Above all else, we are solution advisors and relationship people.
Bill Wass - Technical Services Manager
Computer Works of Toledo understands that what we do is less important than how we do it. We have worked hard at forming long-term relationships by using a partnership for success approach. Some of our clients have been with us from the beginning, which is a testament to the value of that approach. Our motto, ‘Understanding Objectives – Delivering Results,’ in conjunction with a mission statement to conduct business ethically, is only part of the equation. It takes integrity to consistently deliver that commitment to ethics across all business dealings. This is especially true when presented with difficult circumstances, such as hard economic times.
To validate our efforts, we rely on positive feedback from our clients. In his nomination, Mike Deye of Hale Performance Coatings wrote, “When computers break, work comes to a complete stop. What I am impressed with, is when a call is made for a repair, they are here like lightning! On top of that, all repairs are done 100% accurate, and usually an improvement is made.” Mr. Deye went on to say, “When I am out and about, it seems that bad service is easy to find. It has been a long quest of ours to find a company like Computer Works.”
At Computer Works of Toledo, we know that integrity in ethics in the interest of client retention is a practice that is never completely satisfied. We continually strive to improve on the delivery of our products and services to meet the expectations of our clientele. Were it not for the feedback- both positive and critical- from our loyal clients, we would not be celebrating 10 years in business or the Marketplace Ethics Torch Award nomination. As our business model evolves to meet the demands of the regional IT market, what is at our core will never change. Conducting business ethically, and with integrity, will always come first. Above all else, we are solution advisors and relationship people.
Bill Wass - Technical Services Manager
Friday, May 22, 2009
Vundo Virus Fix
Malware is a broad term that refers to software designed to infiltrate or damage a computer system without the owner's consent. Popular forms of malware include spyware, adware, fraudware, viruses, worms and trojans. These programs are responsible for a significant decrease in user productivity due to their impact on PC performance and time spent on attempted self-repair. More catastrophic results include unauthorized access to company information by outside hackers, deletion of critical information and even operating system corruption leading to complete system failure. The solution is to proactively scan for and remove malware programs on a regular basis by a qualified PC administrator using utilities designed for the task.
If your proactive efforts have not been successful at preventing infection, it is often very difficult to completely remove infections like the Vundo virus or one of the myriad of variants (now classified as “Fraud Ware”). If you have physical access to the computer, then performing a “Clean Scan” process is the most reliable method of removing the Vundo Virus; however, as we often find ourselves attacking these types of infections on remote computers. The instructions below provide a reliable method of virus removal, for at least 80% of affected computers. This process can take between 2 to 6 hours, depending on the level of infection, with the average computer taking about 3 ½ to 4 hours.
Establish the Remote session using GoToAssist (G2A), GoToAssist Express (G2A-x), Log-Me-In or a similar utility.
Make sure to upgrade the remote session to “Run As A Service” or setup the “Unattended Support” option if available
Verify the computer has a valid Antivirus program installed, and that it has the latest virus Definitions.
If no valid Antivirus program is installed, the current Antivirus product has been disabled, or the current Antivirus product is expired; then download a current Trial or Free Antivirus program such as: AVG 8.x Free or ClamWin, which are available from http://www.filehippo.com
Download, install and update the most recent version of the following programs:
SpyBot Search and Destroy (Spybot) http://www.filehippo.com/download_spybot_search_destroy/
MalwareBytes’ Anti-Malware (aka: MBAM) http://www.malwarebytes.org/mbam.php
Super Antispyware. http://www.superantispyware.com/
A reliable Registry Cleaning Utility. I recommend one or both of the following:
i. Crap Cleaner (CCleaner) - http://www.filehippo.com/download_ccleaner/
ii. EasyCleaner - http://personal.inet.fi/business/toniarts/ecleane.htm
Disable System Restore:
Right Click on the “My Computer” Icon
Select “Properties”
Select the “System Restore” Tab
Check the box “Turn Off System Restore”
Approve the prompt message, and Click “OK” to close the Properties Window
Perform Registry and Application Cleanup (the instructions provided here are for CCleaner. You can also perform similar operations using EasyCleaner)
Select the ”Cleaner” button (Left Margin Bar)
i. Select the “Analyze” button (at the bottom) to catalog Temp files, the browser cache, and cookies
ii. Select the “Run Cleaner” button (bottom right)
Select the “Tools” Menu (Left Margin Bar)
Select the “Uninstall” Menu Button
i. Uninstall ALL toolbars (i.e. Yahoo Toolbar, Google Toolbar, MSN Tools, etc.)
ii. Uninstall All “Browser Helper” applications (i.e. Yahoo Browser Protection, WebX, Dell Redirector, etc.)
iii. Uninstall ALL Messenger programs (i.e. AOL, MSN, Yahoo Messenger, etc.)
iv. Uninstall Google Desktop and Microsoft Desktop Search (Indexer)
v. Uninstall all “search tools” or “search assistant” applications
Select the “Startup” Menu Button
i. Delete all “deactivated” startup items
ii. Disable any item that is suspect (i.e. XP_Antispyware_2008.exe, ZEDO.exe, etc.)
Select the “Registry” Button (Left Margin Bar)
i. Select the “Scan for Issues” button (at the bottom)
ii. Select the “Fix Selected issues…” button (bottom right) – approve all prompts, but do not save the current registry values
iii. Repeat the above registry cleaning as needed until all invalid registry entries are removed – this may take 6 or more times
Restart the PC in Safe Mode (With Networking)
Use the Remote Utility to “restart in safe mode” if it is available.
If not, force the PC into Safe Mode at the next startup
i. Click “Start”
ii. Select “Run…”
iii. Type “msconfig” in the Run Command prompt and select “Ok” or press the [enter] key
iv. Select the “Start in Safe Mode with Networking” radio button
v. Click Apply
vi. Click “OK”, then select “Restart the Computer” when prompted
Once the computer is at the desktop in Safe Mode, run Malwarebytes’ Anti-Malware (MBAM) and perform a “quick scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the Antispyware scan below, if the computer has sufficient hardware resources
Open Super Antispyware and perform a “Quick Scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the MBAM scan above, if the computer has sufficient hardware resources
Open Spybot, and select the “Check For Problems” button (this scan may take up to 1 ½ hours) *** This scan can be performed at the same time as the Antivirus scan below, if the computer has sufficient hardware resources
Select “Fix All Problems” then approve any prompts from this program
Setup Spybot to automatically run on the next PC startup
Click on the “Mode” Toolbar Menu
Select “Advanced Mode” and approve the prompt
Select the “Settings” Menu button
Highlight the “Settings” sub-menu
Scroll down to the “Scan Priority” sub-menu
i. Select the “Highest” radio button
Scroll down to the “Automation” sub-menu
i. Select the “Run Spybot on the Next System Startup” radio button
ii. Select the “Run Scan when program starts” check box
iii. Select the “Fix all problems” check box
Select the “Spybot S&D” Menu Button
Close Spybot
Open the Antivirus program and perform a “Full System Scan” (this is typically a “console mode” scanner in Safe Mode and may take up to 2 hours) *** This scan can be performed at the same time as the Spybot scan above, if the computer has sufficient hardware resources
Repeat Registry Cleanup (Step # 5 above using CCleaner or Easy Cleaner)
Restart the Computer in Normal Operation Mode (Reset the MSCONFIG boot option if this method was used to force a restart in Safe Mode)
Upon login, Spybot should automatically start to run and check for problems.
If Spybot does not startup automatically, then immediately repeat/verify step 13 above.
Once Spybot completes the scan, and fixes any problems, review the “fixed” items to insure there is no evidence of persistent virus activity then close Spybot
Run the Antivirus program. Once the Antivirus program completes, review the log to insure there is no persistent virus activity, then close the Antivirus program
Open Internet Explorer and verify the Home Page and security options, and that there are no installed Toolbars
Verify the clients Data is intact and programs are working normally.
Re-install any programs which do not work normally
NOTES: If no persistent virus activity is encountered:
· Perform a final registry cleanup for EACH user login on the computer (using CCleaner or Easy Cleaner)
If persistent virus activity is encountered:
· The computer cannot be “cleaned by normal means” and should have the Hard Disk Drive formatted and the Operating system reinstalled. If a format and OS reinstallation are still not an option, then a “Clean System Scan” must be performed, or the system should be removed from service or replaced.
This tip brought to you by Computer Works IT Consultant Mike Nagy
If your proactive efforts have not been successful at preventing infection, it is often very difficult to completely remove infections like the Vundo virus or one of the myriad of variants (now classified as “Fraud Ware”). If you have physical access to the computer, then performing a “Clean Scan” process is the most reliable method of removing the Vundo Virus; however, as we often find ourselves attacking these types of infections on remote computers. The instructions below provide a reliable method of virus removal, for at least 80% of affected computers. This process can take between 2 to 6 hours, depending on the level of infection, with the average computer taking about 3 ½ to 4 hours.
Establish the Remote session using GoToAssist (G2A), GoToAssist Express (G2A-x), Log-Me-In or a similar utility.
Make sure to upgrade the remote session to “Run As A Service” or setup the “Unattended Support” option if available
Verify the computer has a valid Antivirus program installed, and that it has the latest virus Definitions.
If no valid Antivirus program is installed, the current Antivirus product has been disabled, or the current Antivirus product is expired; then download a current Trial or Free Antivirus program such as: AVG 8.x Free or ClamWin, which are available from http://www.filehippo.com
Download, install and update the most recent version of the following programs:
SpyBot Search and Destroy (Spybot) http://www.filehippo.com/download_spybot_search_destroy/
MalwareBytes’ Anti-Malware (aka: MBAM) http://www.malwarebytes.org/mbam.php
Super Antispyware. http://www.superantispyware.com/
A reliable Registry Cleaning Utility. I recommend one or both of the following:
i. Crap Cleaner (CCleaner) - http://www.filehippo.com/download_ccleaner/
ii. EasyCleaner - http://personal.inet.fi/business/toniarts/ecleane.htm
Disable System Restore:
Right Click on the “My Computer” Icon
Select “Properties”
Select the “System Restore” Tab
Check the box “Turn Off System Restore”
Approve the prompt message, and Click “OK” to close the Properties Window
Perform Registry and Application Cleanup (the instructions provided here are for CCleaner. You can also perform similar operations using EasyCleaner)
Select the ”Cleaner” button (Left Margin Bar)
i. Select the “Analyze” button (at the bottom) to catalog Temp files, the browser cache, and cookies
ii. Select the “Run Cleaner” button (bottom right)
Select the “Tools” Menu (Left Margin Bar)
Select the “Uninstall” Menu Button
i. Uninstall ALL toolbars (i.e. Yahoo Toolbar, Google Toolbar, MSN Tools, etc.)
ii. Uninstall All “Browser Helper” applications (i.e. Yahoo Browser Protection, WebX, Dell Redirector, etc.)
iii. Uninstall ALL Messenger programs (i.e. AOL, MSN, Yahoo Messenger, etc.)
iv. Uninstall Google Desktop and Microsoft Desktop Search (Indexer)
v. Uninstall all “search tools” or “search assistant” applications
Select the “Startup” Menu Button
i. Delete all “deactivated” startup items
ii. Disable any item that is suspect (i.e. XP_Antispyware_2008.exe, ZEDO.exe, etc.)
Select the “Registry” Button (Left Margin Bar)
i. Select the “Scan for Issues” button (at the bottom)
ii. Select the “Fix Selected issues…” button (bottom right) – approve all prompts, but do not save the current registry values
iii. Repeat the above registry cleaning as needed until all invalid registry entries are removed – this may take 6 or more times
Restart the PC in Safe Mode (With Networking)
Use the Remote Utility to “restart in safe mode” if it is available.
If not, force the PC into Safe Mode at the next startup
i. Click “Start”
ii. Select “Run…”
iii. Type “msconfig” in the Run Command prompt and select “Ok” or press the [enter] key
iv. Select the “Start in Safe Mode with Networking” radio button
v. Click Apply
vi. Click “OK”, then select “Restart the Computer” when prompted
Once the computer is at the desktop in Safe Mode, run Malwarebytes’ Anti-Malware (MBAM) and perform a “quick scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the Antispyware scan below, if the computer has sufficient hardware resources
Open Super Antispyware and perform a “Quick Scan” (this scan usually takes 20 to 25 minutes) *** This scan can be performed at the same time as the MBAM scan above, if the computer has sufficient hardware resources
Open Spybot, and select the “Check For Problems” button (this scan may take up to 1 ½ hours) *** This scan can be performed at the same time as the Antivirus scan below, if the computer has sufficient hardware resources
Select “Fix All Problems” then approve any prompts from this program
Setup Spybot to automatically run on the next PC startup
Click on the “Mode” Toolbar Menu
Select “Advanced Mode” and approve the prompt
Select the “Settings” Menu button
Highlight the “Settings” sub-menu
Scroll down to the “Scan Priority” sub-menu
i. Select the “Highest” radio button
Scroll down to the “Automation” sub-menu
i. Select the “Run Spybot on the Next System Startup” radio button
ii. Select the “Run Scan when program starts” check box
iii. Select the “Fix all problems” check box
Select the “Spybot S&D” Menu Button
Close Spybot
Open the Antivirus program and perform a “Full System Scan” (this is typically a “console mode” scanner in Safe Mode and may take up to 2 hours) *** This scan can be performed at the same time as the Spybot scan above, if the computer has sufficient hardware resources
Repeat Registry Cleanup (Step # 5 above using CCleaner or Easy Cleaner)
Restart the Computer in Normal Operation Mode (Reset the MSCONFIG boot option if this method was used to force a restart in Safe Mode)
Upon login, Spybot should automatically start to run and check for problems.
If Spybot does not startup automatically, then immediately repeat/verify step 13 above.
Once Spybot completes the scan, and fixes any problems, review the “fixed” items to insure there is no evidence of persistent virus activity then close Spybot
Run the Antivirus program. Once the Antivirus program completes, review the log to insure there is no persistent virus activity, then close the Antivirus program
Open Internet Explorer and verify the Home Page and security options, and that there are no installed Toolbars
Verify the clients Data is intact and programs are working normally.
Re-install any programs which do not work normally
NOTES: If no persistent virus activity is encountered:
· Perform a final registry cleanup for EACH user login on the computer (using CCleaner or Easy Cleaner)
If persistent virus activity is encountered:
· The computer cannot be “cleaned by normal means” and should have the Hard Disk Drive formatted and the Operating system reinstalled. If a format and OS reinstallation are still not an option, then a “Clean System Scan” must be performed, or the system should be removed from service or replaced.
This tip brought to you by Computer Works IT Consultant Mike Nagy
Tuesday, May 5, 2009
Best Practices for Networks
The following recommendations are ideal for most network types found in the small and medium sized organization. We do not warrant that by following these recommendations an organization is without risk of failure. Please consult with us if you require assistance implementing any of these practices.
1. Microsoft Updates
You should disable automatic installation of Windows Updates on servers. Updates can cause unexpected results, including server failure, which can be difficult to diagnose and/or reverse. You should; however, enable automatic updates on individual workstations.
2. Antivirus
Install antivirus software on every server and every workstation. If you use an internal email server like Microsoft Exchange Server, also protect your messaging with antivirus. The most effective management of antivirus scans are virus definition updates, and threat management is achieved with a network version of antivirus that is managed by a central server. It is also important to exclude certain files and folders from virus scanning due to the possibility of data corruption. This is particularly important on servers such as domain controllers, Exchange servers, and database servers.
3. Malware Management
Malware is a broad term that refers to software designed to infiltrate or damage a computer system without the owner's consent. Popular forms of malware include spyware & adware. These programs are responsible for a significant decrease in user productivity due to their impact on PC performance and time spent on attempted self-repair. More catastrophic results can include unauthorized access to company information by outside hackers, deletion of critical information, and even operating system corruption leading to complete system failure. You should proactively scan for and remove malware programs on a regular basis.
4. Internet Security
It is generally a necessity for most organizations to be connected to the Internet in order to conduct business in real-time. The way that this connection to the Internet is established is an often overlooked security risk. Without the proper hardware in place, the information stored on your network can be accessed by unauthorized persons. There are three types of hackers: The one who wants to retrieve data for personal or resale use, the one who wants to be destructive within a vulnerable network, and the one that wants to take control of your network computers in order to send spam or attack other companies. Whatever the motive, the results can be catastrophic and expensive to a business. The solution is a firewall appliance positioned between the private internal network and the public Internet.
5. Data Protection
It is recommended that a data backup solution be devised to facilitate disaster recovery. Data can be lost in a number of different ways including: Hard drive failure, database corruption, virus activity, end-user error, natural or man-made disaster, or Internet attack by unauthorized personnel. The value of data varies widely by organization but could result in an unrecoverable loss of revenue or even business failure.
There are a number of methods available for data backup including: Rewritable CDs and DVDs, external hard drives, online storage services, remote offsite data transfers, or the more traditional method of automated backup to tape media. Regardless of the method, it is a best practice to rotate data backups to a safe offsite location and to perform at least a semi-annual restoration and disaster recovery simulation to test the viability of your solution.
6. Remote Access
Most organizations operate outside the traditional four walls of the office space. Fast, easy, and secure access to the corporate environment from remote locations is becoming a necessity. A number of recent technology enhancements, coupled with the affordability of high-speed Internet access, are making the “virtual workplace” a reality. One of the earlier generation options in this area included pcAnywhere™.
Remote access is easier than ever before and serves a number of different needs including: Access from home, access for a roaming sales force, branch office connectivity, access to servers or individual office PCs, and access for Computer Works to quickly diagnose and resolve computer-related issues without spending time traveling to the office. Microsoft® Windows® Server 2003 makes it easy with two free built-in remote access licenses.
However, it is important to understand the risks that go along with providing remote access. Proper precautions must be taken to minimize the possibility of unauthorized access. Implementing and enforcing a strong password policy is a good first step. Eight-character passwords using numbers, upper and lower case letters, and even symbols can increase security not just from outside attackers, but from internal snooping as well. Additional steps such as encryption and biometric user identification can increase security substantially.
7. Junk Email
Spam is not just a can of mystery meat anymore. Spam is Internet slang for unwanted email, primarily unsolicited commercial email. Recipients of spam often consider it an unwanted intrusion that can be a financial drain by impacting the productivity of users, the performance of computers, and the speed of Internet access because of a “clogged drain.” Spam has also been linked with fraudulent business schemes, chain letters, and offensive sexual, political, hateful, or other inappropriate messages that may violate the company’s workplace or computer-use policies. Spam is also a favorite delivery method of viruses, worms, trojans, and other malware like spyware and adware.
The solution is to subscribe to an inexpensive service (about $45/mo. for 15 users) or install hardware or software on site that filters this content before it gets delivered to your Inbox. Worried about missing something? Most services let you view your own private quarantine so that you can release anything that was improperly categorized as spam. They will also provide the option of always allowing the sender or domain through in the future. This is referred to as a “white list”. One more bit of caution: If you ever find that your organization is unable to send email to common recipients, make sure that your domain name has not been inadvertently added to a “black list” as a source of SPAM. It happens often if your organization sends electronic newsletters or other mass emails.
8. New Microsoft Products
You should consult with a qualified Microsoft Partner before adopting any new Microsoft products for your corporate environment. Despite the media excitement over new product releases, it is important to understand what the impact will be in a production environment. New product development is exciting and is an integral part of our technical advancement over time, but a thoughtful, measured approach where thorough testing has been performed makes the most sense.
9. Toner Supplies
One area of IT that many people often overlook is printer maintenance. Regular maintenance of printers and copiers can maximize printer availability and print quality. The maintenance interval is dependent primarily on the printer’s workload and operating environment. Heavily-utilized printers and those in a harsh environment require more frequent care. There is a considerable cost savings with remanufactured and compatible consumables for your printers, fax and copy machines. You can trim your IT supplies budget for these items by as much as 50%. The newest generation of these supplies has a 100% satisfaction guarantee and the same success rate and quality as the original manufacturer (OEM) supplies. These products are available for almost all models from popular manufacturers like HP, Brother, Xerox, Canon, and Lexmark, among others. Computer Works deals with these trusted names and can help you understand the cost benefit.
10. Hardware Lifecycle Management
Most companies have equipment at various levels of age and capability. Replacing the vital parts of the IT infrastructure at predefined intervals can provide maximum resource availability, new features, and improved performance. Servers and other enterprise-level network equipment are designed to be operational around the clock for many years. Most equipment will continue to run beyond their decommissioning date, but replacing the most critical equipment before it fails allows for thorough evaluation, planning, and testing which makes for an easier transition.
These tips were brought to you by Bill Wass, Computer Works' Technical Services Manager
1. Microsoft Updates
You should disable automatic installation of Windows Updates on servers. Updates can cause unexpected results, including server failure, which can be difficult to diagnose and/or reverse. You should; however, enable automatic updates on individual workstations.
2. Antivirus
Install antivirus software on every server and every workstation. If you use an internal email server like Microsoft Exchange Server, also protect your messaging with antivirus. The most effective management of antivirus scans are virus definition updates, and threat management is achieved with a network version of antivirus that is managed by a central server. It is also important to exclude certain files and folders from virus scanning due to the possibility of data corruption. This is particularly important on servers such as domain controllers, Exchange servers, and database servers.
3. Malware Management
Malware is a broad term that refers to software designed to infiltrate or damage a computer system without the owner's consent. Popular forms of malware include spyware & adware. These programs are responsible for a significant decrease in user productivity due to their impact on PC performance and time spent on attempted self-repair. More catastrophic results can include unauthorized access to company information by outside hackers, deletion of critical information, and even operating system corruption leading to complete system failure. You should proactively scan for and remove malware programs on a regular basis.
4. Internet Security
It is generally a necessity for most organizations to be connected to the Internet in order to conduct business in real-time. The way that this connection to the Internet is established is an often overlooked security risk. Without the proper hardware in place, the information stored on your network can be accessed by unauthorized persons. There are three types of hackers: The one who wants to retrieve data for personal or resale use, the one who wants to be destructive within a vulnerable network, and the one that wants to take control of your network computers in order to send spam or attack other companies. Whatever the motive, the results can be catastrophic and expensive to a business. The solution is a firewall appliance positioned between the private internal network and the public Internet.
5. Data Protection
It is recommended that a data backup solution be devised to facilitate disaster recovery. Data can be lost in a number of different ways including: Hard drive failure, database corruption, virus activity, end-user error, natural or man-made disaster, or Internet attack by unauthorized personnel. The value of data varies widely by organization but could result in an unrecoverable loss of revenue or even business failure.
There are a number of methods available for data backup including: Rewritable CDs and DVDs, external hard drives, online storage services, remote offsite data transfers, or the more traditional method of automated backup to tape media. Regardless of the method, it is a best practice to rotate data backups to a safe offsite location and to perform at least a semi-annual restoration and disaster recovery simulation to test the viability of your solution.
6. Remote Access
Most organizations operate outside the traditional four walls of the office space. Fast, easy, and secure access to the corporate environment from remote locations is becoming a necessity. A number of recent technology enhancements, coupled with the affordability of high-speed Internet access, are making the “virtual workplace” a reality. One of the earlier generation options in this area included pcAnywhere™.
Remote access is easier than ever before and serves a number of different needs including: Access from home, access for a roaming sales force, branch office connectivity, access to servers or individual office PCs, and access for Computer Works to quickly diagnose and resolve computer-related issues without spending time traveling to the office. Microsoft® Windows® Server 2003 makes it easy with two free built-in remote access licenses.
However, it is important to understand the risks that go along with providing remote access. Proper precautions must be taken to minimize the possibility of unauthorized access. Implementing and enforcing a strong password policy is a good first step. Eight-character passwords using numbers, upper and lower case letters, and even symbols can increase security not just from outside attackers, but from internal snooping as well. Additional steps such as encryption and biometric user identification can increase security substantially.
7. Junk Email
Spam is not just a can of mystery meat anymore. Spam is Internet slang for unwanted email, primarily unsolicited commercial email. Recipients of spam often consider it an unwanted intrusion that can be a financial drain by impacting the productivity of users, the performance of computers, and the speed of Internet access because of a “clogged drain.” Spam has also been linked with fraudulent business schemes, chain letters, and offensive sexual, political, hateful, or other inappropriate messages that may violate the company’s workplace or computer-use policies. Spam is also a favorite delivery method of viruses, worms, trojans, and other malware like spyware and adware.
The solution is to subscribe to an inexpensive service (about $45/mo. for 15 users) or install hardware or software on site that filters this content before it gets delivered to your Inbox. Worried about missing something? Most services let you view your own private quarantine so that you can release anything that was improperly categorized as spam. They will also provide the option of always allowing the sender or domain through in the future. This is referred to as a “white list”. One more bit of caution: If you ever find that your organization is unable to send email to common recipients, make sure that your domain name has not been inadvertently added to a “black list” as a source of SPAM. It happens often if your organization sends electronic newsletters or other mass emails.
8. New Microsoft Products
You should consult with a qualified Microsoft Partner before adopting any new Microsoft products for your corporate environment. Despite the media excitement over new product releases, it is important to understand what the impact will be in a production environment. New product development is exciting and is an integral part of our technical advancement over time, but a thoughtful, measured approach where thorough testing has been performed makes the most sense.
9. Toner Supplies
One area of IT that many people often overlook is printer maintenance. Regular maintenance of printers and copiers can maximize printer availability and print quality. The maintenance interval is dependent primarily on the printer’s workload and operating environment. Heavily-utilized printers and those in a harsh environment require more frequent care. There is a considerable cost savings with remanufactured and compatible consumables for your printers, fax and copy machines. You can trim your IT supplies budget for these items by as much as 50%. The newest generation of these supplies has a 100% satisfaction guarantee and the same success rate and quality as the original manufacturer (OEM) supplies. These products are available for almost all models from popular manufacturers like HP, Brother, Xerox, Canon, and Lexmark, among others. Computer Works deals with these trusted names and can help you understand the cost benefit.
10. Hardware Lifecycle Management
Most companies have equipment at various levels of age and capability. Replacing the vital parts of the IT infrastructure at predefined intervals can provide maximum resource availability, new features, and improved performance. Servers and other enterprise-level network equipment are designed to be operational around the clock for many years. Most equipment will continue to run beyond their decommissioning date, but replacing the most critical equipment before it fails allows for thorough evaluation, planning, and testing which makes for an easier transition.
These tips were brought to you by Bill Wass, Computer Works' Technical Services Manager
Thursday, April 30, 2009
5 Simple Steps to PC Security
There are more than 200,000 programs out there that were made to infect the standard Windows PC. These programs can cause many problems- from a simple popup message to identity theft. In this article, I am going to give you some simple steps which will help you to keep your Windows PC operating smoothly. These simple steps can provide a layer of defense to these malicious attacks.
1. Keep informed about what infections are out there, and how they can infiltrate your system.
A computer virus is a computer program that can copy itself and infect a computer without your permission or knowledge. The term virus is also commonly used to refer to other types of malware, adware and spyware programs that do not have the reproductive ability. The primary difference between spyware and viruses is that a spyware program intends to embed, and a virus intends to spread.
Often times, these two equally dangerous but separate types of infections will work in together to exploit your PC. While the virus provides the way in, the spyware actually produces the un-desirable results. Viruses are sometimes confused with computer worms and Trojan horses which are technically different. A worm can spread to other computers without needing to be transferred as part of a host. While a Trojan horse is a program that appears to be harmless, but has a hidden agenda. Worms and trojans, like viruses, may cause harm to a computer’s hosted data, functional performance, or network throughput.
2. The first and most important layer of defense against these infections is a reliable anti-virus program.
Most modern anti-virus programs not only run scheduled scans to detect infections, but also provide real time monitoring of the system to prevent potential threats. You must keep the definition base up to date! As new infections emerge, anti-virus manufacturers release updates to their products that must be downloaded into the software to maintain their effectiveness.
3. A second layer of defense that is absolutely essential to maintaining the security of your PC is a firewall.
Newer operating systems such as Windows XP & Windows Vista have firewalls built into them. However, most experts agree that the Windows firewall is limited and provides little protection from real threats. The best type of firewall is a hardened firewall appliance. A firewall appliance is a physical device that stands between your computer and the internet to regulate what types of traffic are allowed into your local area network. By restricting what protocols can fo through the firewall, this will reduce the vulnerability of your systems to outside attacks.
4. When using a Microsoft Windows operating system, keep your system up to date.
Microsoft produces security patches and updates on a regular basis. These security patches are geared to prevent specific attacks which are intended to exploit their operating systems. Keeping your system up to date is just another way to keep these dangerous infections off of your computer. All current Windows operating systems also provide an Automatic Update feature which can download the security updates and patches for you on a regularly scheduled basis. It is a good idea to take full advantage of the feature by enabling Automatic Updates.
5. Cautious Internet usage, including a Corporate Internet Policy, is also effective to maintain the integrity of your PC.
Sites containing gambling, pornography, and social networking are often a haven for spyware & virus infections. Steer clear of these types of web content. If you are going to browse these sites, be sure that you know what you are installing, if prompted. This method of infection is commonly referred to as phishing, where a web site gets you to click on a link or object which covertly executes code in the background.
Peer-to-Peer applications are also known to be full of viruses. Peer-to-Peer applications allow computers connected to the internet to connect directly to each other for the purpose of file sharing. Common Peer-to-Peer applications include: LimeWire, BitTorrent, Morpheus, Kazaa, BearShare, Ares, and eMule. These programs are ill-advised for any business network or environment, and should only be used by a well-educated and cautious user.
These tips were brought to you by Computer Works' IT consultant Matt Towers
1. Keep informed about what infections are out there, and how they can infiltrate your system.
A computer virus is a computer program that can copy itself and infect a computer without your permission or knowledge. The term virus is also commonly used to refer to other types of malware, adware and spyware programs that do not have the reproductive ability. The primary difference between spyware and viruses is that a spyware program intends to embed, and a virus intends to spread.
Often times, these two equally dangerous but separate types of infections will work in together to exploit your PC. While the virus provides the way in, the spyware actually produces the un-desirable results. Viruses are sometimes confused with computer worms and Trojan horses which are technically different. A worm can spread to other computers without needing to be transferred as part of a host. While a Trojan horse is a program that appears to be harmless, but has a hidden agenda. Worms and trojans, like viruses, may cause harm to a computer’s hosted data, functional performance, or network throughput.
2. The first and most important layer of defense against these infections is a reliable anti-virus program.
Most modern anti-virus programs not only run scheduled scans to detect infections, but also provide real time monitoring of the system to prevent potential threats. You must keep the definition base up to date! As new infections emerge, anti-virus manufacturers release updates to their products that must be downloaded into the software to maintain their effectiveness.
3. A second layer of defense that is absolutely essential to maintaining the security of your PC is a firewall.
Newer operating systems such as Windows XP & Windows Vista have firewalls built into them. However, most experts agree that the Windows firewall is limited and provides little protection from real threats. The best type of firewall is a hardened firewall appliance. A firewall appliance is a physical device that stands between your computer and the internet to regulate what types of traffic are allowed into your local area network. By restricting what protocols can fo through the firewall, this will reduce the vulnerability of your systems to outside attacks.
4. When using a Microsoft Windows operating system, keep your system up to date.
Microsoft produces security patches and updates on a regular basis. These security patches are geared to prevent specific attacks which are intended to exploit their operating systems. Keeping your system up to date is just another way to keep these dangerous infections off of your computer. All current Windows operating systems also provide an Automatic Update feature which can download the security updates and patches for you on a regularly scheduled basis. It is a good idea to take full advantage of the feature by enabling Automatic Updates.
5. Cautious Internet usage, including a Corporate Internet Policy, is also effective to maintain the integrity of your PC.
Sites containing gambling, pornography, and social networking are often a haven for spyware & virus infections. Steer clear of these types of web content. If you are going to browse these sites, be sure that you know what you are installing, if prompted. This method of infection is commonly referred to as phishing, where a web site gets you to click on a link or object which covertly executes code in the background.
Peer-to-Peer applications are also known to be full of viruses. Peer-to-Peer applications allow computers connected to the internet to connect directly to each other for the purpose of file sharing. Common Peer-to-Peer applications include: LimeWire, BitTorrent, Morpheus, Kazaa, BearShare, Ares, and eMule. These programs are ill-advised for any business network or environment, and should only be used by a well-educated and cautious user.
These tips were brought to you by Computer Works' IT consultant Matt Towers
Subscribe to:
Posts (Atom)