Every computer that is connected in some way to the internet should be running software designed to protect the system from the numerous security risks that are easily encountered in "cyberspace". In a perfect world, this would be all that the user would need to do to protect a computer from viruses and spyware. Unfortunately, due to the dynamic nature of the internet, and the almost constant proliferation of new bugs, viruses, and spyware, even the best anti-virus software will never be able to provide 100% protection for your computer. The following is a guide that provides basic maintenance and troubleshooting steps that the general user can use to cleanup and safeguard their system.
- First, as stated, make sure that you are running the most current updates for an anti-virus software package. If you do not have software of this type on your computer, a good freeware anti-virus program is AVG Antivirus, which is free to individual users for home/dorm-use. Although most reputable anti-virus applications will automatically download current updates, in the end it is the user's responsibility to make sure that software is current. Updates should be performed at least once a week. This is (as mentioned earlier) crucial to the effectiveness of the software, because new security risks arise daily. (It is also imperative that all Windows Security Updates and Service Packs be installed, especially Service Pack 2 with the Firewall enabled.)
In addition to anti-virus software, most people will also want to run anti-spyware/adware applications on their computer. While not necessarily malicious, spyware and adware nevertheless pose a serious risk to your personal information. The majority of these programs are downloaded in conjunction with free software that the user has installed on his or her computer, but some are bundled with more "reputable" programs that the user has paid for! Adware and spyware usually run totally unnoticed in the background, "mining" the user's personal information and at the very least using up system resources. Spybot Search & Destroy and AdAware are two software packages that are excellent for screening your system for adware and spyware. Be aware, however, that most of the time "free" software will be disabled if the adware/spyware associated with it is eliminated. A few software packages that are notorious for bundling malware are:
- Kazaa, Morpheus, iMesh, BearShare, (and any number of other "Peer-to-peer" file sharing programs.): Peer to peer (or "P2P") file sharing puts your computer at the highest risk for infection. In addition to this, most "free" P2P applications of this type come bundled with adware that cannot be disabled without disabling the P2P application as well.
- RealPlayer: a media player that is (unfortunately) the only player able to play A/V files with extension ".rm" Unless a user has a very pressing need to view files of this type, it is strongly recommended that this application be avoided.
After running updated malware removal software on your computer, you can also check your (Windows) system directly.
- Pressing Ctrl-Alt-Delete at the same time will bring up the Windows-Security Menu.
- Click on the Task Manager button.
- Choosing the Processes Tab will display a full list of all processes that are currently running on the computer. Running a check on google using the name of any of these processes (svchost.exe, for example) should display any number of websites that will reveal what the process's job is. If the process has something to do with malware, your web-search will most likely find some sites that will not only tell you what the process is doing, but should also contain instructions on removing the problem. If you suspect that a process may be suspect, you can also go directly to an antivirus website such as Symantec or Sophos, and search their online database directly for information.
- Though all these steps go a long way toward keeping your system secure, new security threats are always popping up, and "hackers" can be quite ingenious when it comes to finding ways to bury their code in your system. If the steps listed above don't seem to be helping, don't be afraid to ask for help from the CIS Helpdesk, at x77777.