July 17, 2012 13:26 Avoiding Malware #212611
Top
jirka82

Avatar

Administrator
Join Date: 19.6.2009
Posts: 3892
Please bear in mind that no anti-virus solution protects against 100% of threats one can encounter on the web. Anti-malware protection is a constant never-ending struggle between malware creators and security experts. Unfortunately, there is always a certain time gap between a new virus is published and corresponding virus definitions are released by anti-virus creators. Our virus specialists do the best to provide virus definitions in timely manner, but it is technically impossible to investigate a virus before it is publicly available. Therefore, we recommend caution when browsing the web and downloading new software. Keep in mind that the anti-virus software is not a free out-of-jail ticket in this context. Below you can find in a few recommendations for more cautious online life.

1. Keep your software fully updated
- That includes operating system updates (Windows updates can be found here), anti-virus software updates (AVG is updated automatically by default; more information about updating it manually can be found in this FAQ article) and even individual application updates.
- By individual application updates, we mean especially your e-mail client software, PDF viewer, Java runtime environment, document processing suite, web browser and other applications used for viewing and processing data from external sources.
- Usually, applications themselves do notify you on a new update available.
- When downloading updates from website, make sure to use official site, not a 3rd party portal. I.e. if installing the Adobe Acrobat Reader, download the software directly from www.adobe.com.
- Patching security holes in applications and the operating system prevents new malware from exploiting such holes and running arbitrary (malicious) code.

2. Avoid running suspicious software
- An unexpected attachment in an e-mail? Suspicious pop-up advert offering a system optimization software? Strangely formulated instant message from your buddy including a web link? A new controversial or attractive Facebook video or link? We recommend doing some web research before running such code/video or following a provided link. Generally, these avenues are used by malware creators to infect your system.
- To avoid drive-by downloads, prevent visiting suspicious websites. These are again often presented in social network messages, because social networks are especially efficient in spreading malicious links in no time. Such messages are even considered to be quite trustworthy (the message is forwarded or liked by one of your friends, after all...).
- Sometimes, even a well-known website is compromised for a while and may deliver malicious code. This is usually detected by the AVG LinkScanner.
- Friend of yours brought you some data on an USB stick? Think twice before running or viewing a suspicious file.
- If you'd like to know whether a particular file is detected by individual anti-virus applications, you can use the VirusTotal or the Jotti service to check it.
- Also, we would like to encourage you to provide us with suspicious files as described in this post. Our virus specialists will check the code and include it in AVG virus definitions with one of the following updates, if necessary.

3. Be cautious in grey zones
- A lot of software can be downloaded in peer-2-peer networks, some are accompanied with cracks or keygens which could be infected.
- When downloading "warez" or "pirated" software there are chances the application is not quite clean.
- Hacks or cracks for a newly released attractive software (like new video games) are often presented by malware creators even in social networks. We suggest not to follow links to external websites in such posts.
- We recommend avoiding such software completely, not only due to the security reasons, but this behavior may be illegal as well.

4. Use standard operating system user accounts
- Do not work under administrative user accounts. Standard user accounts are much more suitable for day to day work. When accidentally running a malware with limited access rights, the harm done is lower, sometimes the malware is prevented from doing any harm at all.
- When running a malware under administrative account, you are giving it access throughout the whole system.
- In Windows Vista and newer, we recommend enabling the UAC functionality (it is enabled by default).
- When the UAC dialogue pops-up, make sure to check what application is it related to. If unsure about the particular application, do some web research before allowing it.
- Generally, allowing an action without understanding the message completely is a dangerous tactics, no matter the dialogue is related to (firewall, system message, ...).



Unfortunately, you could get infected even though you are following all the recommendations above. In such case, please do not hesitate contacting AVG customer care experts or describe the situation in AVG Forums. We will assist you removing the malware.