| CyberDefenseGuide A How-To Guide To Internet Security and Windows Repair |
| Internet Security | Windows Repair |
| Remotescan Remote Virus Removal and Security Maintenance Service Remotescan |
| Antivirus |
Remove malware and secure your pc against viruses with the following advice.
NOTE: If your pc doesn't boot up properly or you cannot access the desktop properly try following the advice in my Windows Repair section.
Backup your important data and make a Restore Point before beginning maintenance so you have a working configuration you can go back to
if your pc breaks down and stops responding. Malware can defend itself against removal by forcing a system crash and/or replicating itself.
Installing security programs that conflict with eacother can also cause breakdowns and unexpected behaviour.
If you have to restore your pc to a previous point make sure you manually remove the virus causing the breakdown,
or uninstall the last program you installed, before restarting maintenance again, check Event Viewer and research the error
message by using the search engines or searching for it at Microsoft's site.
Restoring your pc can also restore malware that had been removed so it will mean restarting maintenance from the beginning.
Before you reach the point of system breakdown again, try rebooting, working in Safe Mode or skipping your current step of maintenance.
Try the step again later after more malware has been removed or inactivated.
After maintenance delete all your previous restore points and make a fresh one, as long as your pc is definately working properly.
By default Windows installs remote support services that make your pc vulnerable to reinfection by malware.
If you are not using these services you can switch them off by running Unsafe Services Off.bat, and Restart your pc.
The more security programs you install, like antivirus antispyware antikeyloggers etc, the more chance of errors caused by conflicts in system access,
eventually causing a Windows breakdown (BSOD) where you will need to use a restore point to make your pc work again.
This is because many security programs can hook into the same Windows functions at a critical level and consequently interfere with
the operation of other security programs using the same functions.
Security Advisories from Secunia
Secunia advisories are reports of vulnerabilities found in all types of programs and operating systems.
Secunia continuously updates advisories to reflect new data whenever new security vulnerabilities are discovered.
On average Secunia releases between 15 and 20 new advisories and updates more than 20 Secunia advisories on a daily basis.
Suggested Freeware Security Programs
These security programs provide a pretty solid level of defense to the average pc.
To test the defenses of your current security programs go to Leaktesting and if necessary install Comodo Firewall.
Because everyone's pc is set up in a different way one pc may have problems with the suggested list where other pcs do not.
This list is tried and tested on Windows XP Pro SP3, and everything is compatible with Windows 7 and Vista.
Comodo Internet Security with Comodo Antivirus - firewall, antivirus scanner and realtime virus monitor
Avira AntiVir - realtime protection against viruses, rootkits & spyware
a-squared Free - virus scanner and realtime monitor
Comodo BoClean - virus scanner and realtime monitor
Comodo SecureEmail - for Outlook and other email clients
Comodo AntiSpam - spam blocking for Outlook, Outlook Express, Windows Mail, and Netscape Messenger.
Mozilla Firefox with AdBlock Plus, Web Of Trust, and QFX KeyScrambler
Realtime Antivirus Performance Issues
Most anti-virus monitoring programs like Avira and A-squared can slow your whole pc down, tasks can take longer to run
and can be more choppy, especially if your pc's hardware is a little more basic. If you have a new pc with over 3GHz of processing
power then you will probably not notice any performance problems at all and can disregard this advice.
You can run the AVOff.bat file and monitoring will turn off giving you back some performance.
Remember to run the AVOn.bat file to switch monitoring back on before you go online again.
It's only recommended you do this if you're offline from the internet (right-click the blue connection symbol in the System Tray next to the clock
& select Disable) and you're not opening any unsafe files. Before you turn AV off make sure you have scanned newly downloaded files for viruses
by using Avira AND A-squared AND Comodo (if it is installed) on the right-click menu.
Avira has a setting to prevent it being switched off by the bat file. You will need to right-click the Avira icon in the System Tray and select Configuration.
Tick the Expert Mode, open the General menu, select Security and untick 'Protect processes from unwanted termination', then click Apply.
Then you can run AVOff and Avira's programs will switch off.
You can also switch off the System Tray icon by running Task Manager by pressing Ctrl, Alt and Delete at the same time, then right-click avgnt.exe
and selct End Process. To switch it back on go to C:\Program Files\Avira\AntiVir Desktop and double-click avgnt.exe
Once you have switched Avira back on, go to the Start Menu and under Avira click 'Start AntiVir'. Then go back to Configuration and tick the
'Protect processes' box so that malware cannot switch it off while you're online.
If you are definately offline (network connection Disabled or internet cable removed from its slot on your pc) and you need a bit more performance,
you can also switch off Comodo Firewall by right-clicking its icon in the System Tray and selecting Exit. However, it is advised that you reboot in
order for it to automically switch itself back on before going online again.
Update All Your Software
DOWNLOAD Secunia Personal Software Inspector
Detects vulnerable and out-dated programs and plug-ins which expose your PC to attacks.
Unpatched programs and plug-ins are rarely blocked by traditional anti-virus and are therefore increasingly "popular" among criminals.
The only solution to block these kind of attacks is to apply security updates, commonly referred to as patches. Patches are offered free-of-charge
by most software vendors, however, finding all these patches is a tedious and time consuming task. Secunia PSI automates this and alerts you when
your programs and plug-ins require updating to stay secure.
Virus Removal Procedure
In most cases a pc infected with viruses is unresponsive and slow, making it difficult to do any maintenance.
Since most viruses will try to access the internet, sometimes constantly, you can regain a lot of performance by simply
disconnecting from the internet. Rightclick the Local Area Connection icon in the notification area or tray and click Disable,
or click Start/Control Panel/Network (and Internet) Connections. In the Network Connections window
rightclick the Local Area Connection that is Connected and click Disable.
To make your pc faster and let you do maintenance on it succesfully you can try my advice under Performance.
If your pc is still slow and difficult to use you can try using Safe Mode where viruses have much less control over your pc.
Cleanup
Follow my advice under Cleanup to remove any temp files where malware may be lurking and reduce the
number of files that will have to be checked for malware by the antivirus scanners.
Scans
Install the Suggested Security Programs above and/or choose from this list of Antivirus Scanners.
Scan your entire harddrive(s) with each scanner.
Follow the advice for each scanner to enable Heuristic mode where it is available.
Advanced Scans
To remove any remaining malware use this list of Advanced Scanners.
Analyse the programs running on your system by using Autoruns,
GMER and Process Explorer to find any remaining malware.
Latest Security Threats from Sophos
General
Hoaxes
Viruses
©Helptree Services 2010