Viruses & malware

If your computer is connected to the internet, it's fairly obvious you need to have active protection against viruses, worms, ransomware etc. (generally known as malware). That protection comes in the form of antivirus or antimalware software which broadly consists of two main parts; the software itself which is designed to detect, prevent and take action to disarm or remove malicious software and the definitions which contain signatures for malware that have been encountered which is one of the methods the software uses to tell whether something is in fact malicious software. Note: modern antimalware software invariably uses several methods of detecting malicious software.

Antivirus software companies estimate over 500,000 new malware threats are released per day. Computers can be at risk from infection by (for example); running a program which is or contains malware; opening documents; simply opening or previewing an email message; being connected to a computer which is infected by malware.

There is no algorithm that can perfectly detect all possible viruses.

There are three main lines of defence against attacks:

Be cautious when using a computer.
Have an effective backup and disaster recovery plan.
Have effective antimalware software installed and keep it updated.

Use caution when using a computer on the internet

The first line of defence against being attacked or infected by malware is you. No matter how much protection you have by installing antimalware software, it does not give you a licence to use your computer in an unsafe manner. As a general set of rules:

Be conscious at all times that the internet is not a safe place. There are literally millions of people out there whose intent is to get you. Whether it is by infecting your computer with a virus just because they can; hijacking your passwords and hacking your Facebook; putting ransomware on your computer which encrypts all your data and asks you to pay in order to decrypt it etc. You must constantly be vigilant in order to thwart their attempts.
Be cautious of websites that do not use server certificates. Nearly all legitimate websites nowadays use certificates so that the traffic that is transferred between your computer and the site server is encrypted. This is usually displayed as a padlock in the address bar of your browser which you can click on to get more information about the server and the certificate. Modern browsers will display a warning page instead of the requested web page if there is something wrong with the certificate. If you receive such a warning page, you should not proceed to the site. Please note that the fact that a web page displays a server certificate does not in itself mean the contents of the site are safe and free from threats.
Enable two-factor authentication where possible and strong passwords to block phishing attacks, stolen credentials, or other login compromises.
Be very careful when you download free software, music, games etc. from the internet. That is not to say that all free software is bad. On the contrary, there are many free software packages that are excellent but malicious software often comes packaged with other software so you just have to remember that you run a risk when you download and install free software.
While we are on that subject, monitor your children's activity on the internet. Apart from the obvious threat from grooming, children have a habit of downloading and installing free stuff they find on the internet and as mentioned above, not everything that is free is good. We have attended many households where a new computer is installed and within weeks the owner is complaining of poor performance or other problems and we arrive to find the computer festooned with malicious software because of the children's internet activity.
Make sure all installed software and operating systems are kept updated. This helps to prevent vulnerabilities from being exploited by the attackers.
Be wary when using your email package. As previously mentioned, opening or even simply previewing an email message could put you at risk. A golden rule is not to open email messages from people you don't know and certainly never click on any attachments to them, you should delete the message and any attachments. If the message is important and benign and you do not respond, the sender will most likely resend it. Even if an email is sent by someone you know, it doesn't mean the email is safe. Someone who has contacted you before may have been infected and one of the first things malicious software is likely to do is to interrogate the infected computer's contact list and email everyone on it with a copy of the infection.
Use your Junk Mail folder. Periodically open it and without previewing the messages, look down the list of senders and their subject lines and delete all that come from unknown senders or are obviously junk mail, that will get rid of most of the contents of your junk mail. Any that remain can probably be cautiously previewed.
Make sure all your connected computers have adequate protection, once one computer is infected, it is highly likely the infection will spread to others.
It probably goes without saying but do not browse or click on links that take you to sites that claim to offer pornographic images. These sites are frequently found to be a source of malicious software.
Publicly exposed remote desktop servers are a common way for attackers to first gain access to a network. Preferably disable them and if they must be enabled, you should monitor connections closely and audit logs for all remote connection protocols.
Audit the creation of new accounts and not use an administrator account for routine use of the computer.
Monitor changes to membership of the administrators group(s) for unauthorised users.
Scan for open or listening ports on the network and block them from being accessible.

Backup and disaster recovery

There is absolutely no substitute for a good disaster recovery plan. You should get reliable backup software, configure it, use it and most importantly test it regularly. In our view, it is more important than installing antimalware software as it not only gives you protection against viruses etc. but also against burglary, fire etc. For more information, see our article on backups.

Antimalware software

Windows 10 comes packaged with antimalware software called Microsoft Security Essentials, it is preconfigured and set to start running as soon as your computer starts and update itself automatically with Windows update. It may not be the best protection in the world but it does a fairly good job.

Windows 7 was a much-loved operating system, especially after the mess that was Windows Vista and many people are still using it. Like all operating systems before it, Windows 7 has eventually reached the end of its lifecycle. Microsoft support for Windows 7 with Service Pack 1 installed ended on January 14, 2020, and you will no longer be able to get security or software updates, Microsoft Security Essentials definitions, or in fact, technical support from Microsoft. This makes an upgrade an absolutely essential task for the safety of your PC. If you need help upgrading your operating system to the latest and best contact us for details of our support services.

Many people decide to add an additional layer of protection by installing a third-party antimalware package. There are many to choose from. such as such as those offered by Malwarebytes, Avast, McAfee, Kaspersky, Trend Micro and AVG. This list in no particular order of preference and is not exhaustive. All of the software vendors mentioned have been in the business for many years and may offer a free version of their software. If you decide to go with the free version, you will possibly be pestered by nag screens that tell you that you have problems with your computer or you are better off upgrading to their paid version which is usually offered on an annual subscription. Generally, we suggest you opt for the paid version which in addition to the free version offers enhanced protection against ransomware attacks etc.

Some packages may run happily alongside Microsoft Security Essentials whereas others may take over the protection of your computer from it completely. Note you should not install more than one third-party antimalware package as running multiple antivirus programs concurrently can degrade performance and create conflicts.

Should you be in the unhappy position of your PC being infected with malware, assuming the malware is allowing you to connect to the internet you can try running an online virus scanner such as Trend Micro's HouseCall. If you are not able to access the internet, using a different computer, you should download the Emsisoft Emergency Kit to a USB device then try running the "Start Emergency Kit Scanner" program on the infected computer.

You should open your antimalware software occasionally and perform a manual scan of your computer to double check you have no malicious software on it.

If your antivirus program has stopped working, you have a virus or other malicious software on your computer, you need help upgrading to Windows 10 or you have any other problems with your computer, you can always contact us for details of our support services.