Methods of protection against malware. Protecting your computer from malware

Everyone knows that to protect against malware you need to use antiviruses. But at the same time, you can often hear about cases of viruses penetrating computers protected by antivirus. In each specific case, the reasons why the antivirus did not cope with its task may be different, for example:

• The antivirus has been disabled by the user
• Antivirus databases were too old
• Weak security settings were set
• The virus used an infection technology against which the antivirus had no protection
• The virus got onto the computer before the antivirus was installed and was able to neutralize the antivirus tool
• It was new virus, for which anti-virus databases have not yet been released

But in general, we can conclude that simply having an installed antivirus may not be enough for complete protection, and that additional methods need to be used. Well, if antivirus is not installed on your computer, then without additional methods protection is not enough at all.

If you look at the reasons given for example for the antivirus to miss the virus, you can see that the first three reasons are related to misuse antivirus, the next three - with the shortcomings of the antivirus itself and the work of the antivirus manufacturer. Accordingly, protection methods are divided into two types - organizational and technical.

Organizational methods are aimed primarily at the computer user. Their goal is to change the user's behavior, because it is no secret that malware often gets onto the computer due to the user's rash actions. The simplest example of an organizational method is the development of computer rules that all users must follow.

Technical methods, on the contrary, are aimed at changes in computer system. Majority technical methods is to use additional funds protection that expands and complements the capabilities of antivirus programs. Such protection measures may be:

• Firewalls are programs that protect against attacks over the network.
• Anti-spam tools
• Fixes that eliminate holes in the operating system through which viruses can enter

All of the methods listed below are discussed in more detail.

Organizational methods

Rules for working at the computer

As already mentioned, the most simple example organizational methods protection against viruses is the development and compliance with certain rules for processing information. Moreover, the rules can also be divided into two categories:

• Information processing rules
• Rules for using programs

The first group of rules may include, for example, the following:

• Do not open mail messages from unknown senders
• Check removable storage devices (floppy disks, CDs, flash drives) for viruses before use
• Scan files downloaded from the Internet for viruses
• When working on the Internet, do not agree to unsolicited offers to download a file or install a program.

The common place of all such rules are two principles:

• Use only those programs and files that you trust and whose origin is known
• All data coming from external sources- from external media or over the network - check carefully

The second group of rules usually includes the following characteristic points:

• Ensure that security programs are always running and that security functions are activated
• Regularly update anti-virus databases
• Install patches regularly operating system and frequently used programs
• Do not change the default settings of programs that provide protection unless necessary and fully understand the nature of the changes.

Two general principles can also be traced here:

• Use the most current versions security programs - since the methods of penetration and activation of malware are constantly improving, security program developers are constantly adding new protection technologies and expanding the database of known malware and attacks. Therefore, for best protection, it is recommended to use the latest versions
• Do not interfere with antivirus and other security programs to perform their functions - very often, users believe that security programs unnecessarily slow down the computer, and seek to increase productivity through security. As a result, the chances of your computer becoming infected with a virus significantly increase.

Security policy

On a home computer, the user sets the rules for himself that he considers necessary to follow. As he accumulates knowledge about the operation of a computer and about malware, he can consciously change protection settings or make decisions about the danger of certain files and programs.

In a large organization everything is more complicated. When a team unites a large number of employees performing different functions and having different specializations, it is difficult to expect reasonable behavior from a security point of view from everyone. Therefore, in every organization, the rules for working with a computer must be common to all employees and officially approved. Typically, the document containing these rules is called a user manual. In addition to the basic rules listed above, it must necessarily include information about where the user should turn if a situation arises that requires the intervention of a specialist.

Wherein User's Manual in most cases it contains only rules limiting its actions. Rules for using programs may be included in the instructions only in the most limited form. Since most users are not sufficiently competent in security issues, they should not, and often cannot, change the settings of security tools and somehow influence their operation.

But if not the users, then someone else must still be responsible for setting up security tools and managing them. Usually this is a specially designated employee or group of employees who are focused on performing one task - providing safe work networks.

Security employees have to install and configure security programs on a large number of computers. If each computer decides anew what security settings should be set, it is easy to assume that different employees will, at different times and at different times, different computers they will install, albeit similar, but several different settings. In such a situation, it will be very difficult to assess how protected the organization as a whole is, since no one knows everyone set parameters protection.

To avoid the described situation in organizations, the choice of protection parameters is carried out not at the discretion of responsible employees, but in accordance with a special document - the security policy. This document describes the dangers of malware and how to protect yourself from them. In particular, the security policy should provide answers to the following questions:

• Which computers should be protected by antiviruses and other programs
• What objects should be scanned by the antivirus - do you need to scan archived files, network drives, incoming and outgoing mail messages, etc.
• What actions should the antivirus perform when it detects an infected object - since ordinary users cannot always correctly decide what to do with an infected file, the antivirus should perform actions automatically, without asking the user

Anti-malware protection

Discover the work of modern Trojan horse on your computer is quite difficult. However, the following recommendations can be made for detecting and removing Trojan programs:

1. Use an antivirus program.

Be sure to use an antivirus program to scan files and disks, updating it regularly antivirus database through the Internet. If the database is not updated, the result of the antivirus is reduced to zero, since new Trojans appear with no less regularity than antivirus updates. virus databases.

Therefore, this method cannot be considered absolutely reliable. Sometimes, as practice shows, if a Trojan server is embedded in an executable file, antiviruses in many cases cannot detect it. To date, antiviruses have proven themselves to be the best in this regard. Kaspersky Anti-Virus And Dr. Web.

Along with antiviruses, there are specialized programs(antigens) that can find, identify and destroy most Trojans, but fighting them is becoming more and more difficult. As such a program designed to search for and destroy Trojans on your computer, we can recommend Trojan Hunter.

2. Install a personal firewall (firewall) and carefully understand its settings.

The main sign of the Trojan's operation is unnecessary open ports. When the Trojan program server is launched, the firewall from the inside will block its port, thereby depriving it of communication with the Internet. The firewall provides additional protection, however, on the other hand, the user simply gets tired of constantly responding to program requests regarding the operation of a certain service and the passage of data through a certain port. Sometimes there are extreme cases when even the firewall and antivirus are powerless to do anything, as they are closed by a Trojan. This is also a signal to the user that a Trojan is present in the system.

To monitor open ports, you can also use port scanners or programs that show open ports. currently ports and possible connection outside users.

Among firewalls, a fairly high-quality product is Agnitum Outpost Firewall Pro, allowing you to configure the operation of applications and the required user level.

3. Limit the number of strangers who have access to your computer because it's enough big number Trojans and viruses are transferred to external media(floppy disks and disks). It is also recommended to periodically change passwords for particularly important accounts.

4. Do not download files and photos from dubious sites(home pages with photos, etc.). Quite often, the photograph and the Trojan server are attached (“glued”) together to lull the user’s vigilance, and this factor is beyond doubt. Here the Trojan disguises itself as a picture. In this case, the icon will really be from the image, but the extension will remain *.exe. After double-clicking on the photo, the Trojan starts and does its dirty work.

5. Do not use dubious programs supposedly speeding up the computer's operation on the Internet by N times (speeding up the operation of a CD-ROM, mouse, mouse pad, etc.). In this case, you need to pay attention to the program icon, especially if you have not agreed with anyone in advance. In this case, you can ask the sender a question, and, if there is no positive answer, delete such a program.

6. When receiving a letter from an unknown recipient You should pay special attention to the extension of the attached file. It is possible to mask the name of the virus-contained file extension *.exe, *.jpg, *.bat, *.com, *.scr, *.vbs with a double ending (*.doc.exe), and the exe letters can be separated by a large number of spaces or moved to the next line.

When you receive a letter with an attached archive (file with extensions *.rar, *.zip, *.arj), you should not immediately open it and view the files. If possible, it should be saved on disk, then checked with an antivirus program and only then opened. If a virus is detected in the archive, you must immediately delete the entire archive without attempting to save it or, especially, open the files.

7. If you use Windows XP, then If you are at risk of opening an infected file, create a restore point. For Windows 98, it is recommended to install a similar program that allows you to roll back the system (for example, Second Chance or another similar type).

8. When using standard mail client Windows (Microsoft Outlook Express) should be disabled automatic receipt mail, which can launch an encoded Trojan located in the body (inside) of the letter. You can also use a more secure and faster email client instead of Outlook Express The Bat! being one of the best.

9. Monitor tasks and services running on the system. Practice shows that 99% of Trojans are registered to be launched in system registry. For effective removal Trojan from the system, you must first remove the registry entry or the line that launches it, then restart the computer, and only then calmly delete this file.

10. If your PC behaves suspiciously and you need to continue working, manually enter your username and password in the windows, without saving them in the browser or email client.

11. It is advisable to make copies important files, saving them on a floppy disk or CD. This will help quickly recover lost data in the event of a possible system crash and subsequent formatting hard disks.

Antivirus Dr. Web

For detection unwanted programs and actions on the files containing them, the usual means of anti-virus components are used Dr.Web. Dr.Web for Windows includes the following components:

Dr. Web Scanner for Windows - antivirus scanner with graphical interface. The program starts at the user's request or according to a schedule and produces antivirus scan computer. There is also a version of the program with an interface command line(Dr.Web console scanner for Windows);

SpIDer Guard for Windows - antivirus guard (also called a monitor). The program is constantly in random access memory, checking files on the fly, as well as detecting manifestations viral activity;

SpIDer May for Windows workstations - mail antivirus guard. The program intercepts requests from any email clients on your computer, detects and neutralizes email viruses before the mail client receives letters from the server or before the letter is sent to the mail server. The component is not included in Dr.Web for servers;

Dr. Web Module automatic update for Windows - allows registered users to receive updates to virus databases and other files of the complex, and also installs them automatically.

Dr.Web for workstations also includes a Task Scheduler for Windows and a scanner for the DOS environment.

Using Dr.Web® program

Scanner for Windows

The scanner is installed as normal application Windows and is launched by the user's command (or by the Scheduler's command). After starting the program, its main window opens (Fig. 7.1).

Immediately after launching the program, with default settings, it performs an anti-virus scan of RAM and Windows startup files. Scanning of other file system objects is performed at the user's request. File system is presented in the central part of the window in the form of a hierarchical tree. If necessary, it can be expanded to directories of any level. If this level of detail is not sufficient, click the button Show files. Select the required objects from the hierarchical list. Figure 7.2 shows a situation in which the entire logical drive C: and one of the files on the floppy disk.

Rice. 7.2

To start scanning the selected objects, click the button

on the right side of the main window. Actions when viruses are detected

By default, Dr.Web for workstations only informs the user about all infected and suspicious objects. You can use the program to try to restore the functionality of an infected object (cure it), and if this is not possible, to eliminate the threat emanating from it.

For this:

1. Click on the line with the desired object in the table of detected infections with the right mouse button. To select objects in the report list, the following keys and key combinations are additionally used:

Insert– select an object and move the cursor to the next position.

Ctrl+ A- select all.

button on numeric keypad – invert selection.

2. In the opened context menu(Figure 7.3) select the action you want to take.

Rice. 7.3

3. When choosing an option cure it is also necessary to choose the action that will be taken if treatment is not possible. Customizable program parameters

The program's default settings are optimal for most applications and should not be changed unless necessary.

In order to change the program settings, you need to:

1. Select the item in the main menu of the program Settings, then in the submenu that opens, select the item Change settings. A settings window will open containing several tabs (Fig. 7.4).

Rice. 7.4

2. Make the necessary changes. Press the button if necessary Apply.

3. When finished editing the settings, click on the button OK to save changes made or on the button Cancel to refuse them.

The default settings of Dr.Web for workstations are optimal for the mode in which scanning is performed at the user's request. The program scans the selected objects in the most complete and detailed manner, informing the user about all infected or infected objects and allowing him to make a decision on how to react to their detection. The exception is objects containing joke programs, potentially dangerous programs and hacking programs: they are ignored by default. However, in cases where scanning is performed without user intervention, settings may be used to ensure that the program automatically responds to detecting infections.

Configuring the application's reaction to detecting infected objects

Go to the tab in the settings window Actions(Fig. 7.5).

Rice. 7.5

1. Select from the drop-down list Infected objects the program's response to detection of an infected object. Most suitable for automatic mode is the value Cure.

2. Select from the drop-down list Incurable objects the program's reaction to the detection of an incurable object. This action is similar to that discussed in the previous paragraph, with the difference that the option cure absent. In most cases, the most suitable option is Move.

3. Select from the drop-down list Suspicious objects the program's reaction to the detection of a suspicious object (completely similar to the previous paragraph). It is recommended to set the value here Inform.

4. The program’s reaction to detecting objects containing advertising programs, dialers, joke programs, potentially dangerous programs and hacking programs, and when viruses or suspicious code are detected in file archives, containers and mailboxes.

5. Uncheck Confirmation request so that the program performs the prescribed action without prior request.

SpIDer Guard for Windows

By default, the watchman starts automatically every time booting Windows, and a running watchman cannot be unloaded during the current Windows session. If you need to disable the watchdog for a while (for example, when running a real-time CPU-critical job), you should cancel the setting automatic start watchman (this action is described below) and then restart Windows.

With the default settings, the guard checks opened files on the fly (for files on the hard drive - only when opened for writing, for files on removable media– always), while each file is checked in the same way as a scanner, but with “softer” scanning conditions. In addition, the watchman constantly monitors the actions running processes, characteristic of viruses, and when detected, blocks processes with a message to the user.

If an infection is detected, SpIDer displays a window containing the path to the infected object (Fig. 7.6).

Rice. 7.6

The composition of available reactions depends on the infection detected. Reactions Disinfect, Rename, Move And Delete similar to the same scanner reactions. When you press the button Prohibit the infected file is marked as inaccessible by Windows. When you press the button Switch off An attempt is made to shut down Windows gracefully. SpIDer Mail for Windows workstations

The mail guard SpIDer Mail for Windows workstations is included by default as part of the installed components, is permanently located in memory and is automatically restarted when Windows boots. Its main task is to automatically intercept all calls from any mail program on your computer to mail servers.

Any incoming letter instead of a mail client, an anti-virus mail guard receives and exposes antivirus scanning with the greatest degree of detail. If there are no viruses or suspicious objects, it is transmitted mail program“transparently” - as if it came directly from the server. Similarly, outgoing messages are checked before being sent to the server.

From the book The Essence of COM Technology. Programmer's library by Boxing Donald

From book Internal organization Microsoft Windows(Ch. 8-11) author Russinovich Mark

CHAPTER 8 Security Protecting sensitive data from unauthorized access is critical in any environment where multiple users access the same physical or network resources. The operating system, like individual users, must have

From book Mobile Internet author Leontyev Vitaly Petrovich

Protection from malware Philosophers say that every phenomenon in the world has two sides, and the light side is always accompanied by the dark side. Not being a philosopher, the author of this book has more than once become convinced of this unfortunate fact in practice. Of course, this is still a big question

From book Windows Vista without tension author Zhvalevsky Andrey Valentinovich

Anti-malware protection After a firewall and automatic updates, the third pillar of computer security is a group of programs that fight computer viruses and spyware. Why isn't a firewall enough for this?

From the book Windows Vista author Vavilov Sergey

Anti-malware protection After a firewall and automatic updates, the third pillar of computer security is a group of programs that resist the penetration of viruses, spyware and other unwanted programs. About installing antivirus software

From the book Internet 100%. Detailed tutorial: from beginner to professional author Gladky Alexey Anatolevich

Windows Defender 7 – effective protection from spyware In the operating room Windows systems 7 includes a program called Windows Defender and is designed to protect your computer from spyware. We will get to know her in this

From the book Internet - easy and simple! author Alexandrov Egor

Protection Using the following recommendations, you can protect your computer from viruses: – Archive your data. These are not empty words, and do not neglect them under any circumstances. Periodic creation backup copies important information With

From the Linux book: Complete Guide author Kolisnichenko Denis Nikolaevich

Protection As you yourself probably understand, there is no 100% protection from hackers. If the websites of the largest companies engaged in computer security, then where should we, ordinary users, go?! But in fact, a self-respecting hacker does not care about ordinary

From the book Firebird DATABASE DEVELOPER'S GUIDE by Borri Helen

15.5. FTP Security Very useful, especially when organizing virtual nodes, is the DefaultRoot configuration directive, which allows you to specify a directory that would appear to users as the root. For example, the DefaultRoot value "~" configures the server so that the root

From the book Linux through the eyes of a hacker author Flenov Mikhail Evgenievich

Data protection A huge disadvantage of file server database systems is the insecurity of data from errors, damage and destruction due to their physical availability when sharing files by clients and establishing direct control over them from

From the author's book

4.7. Securing Services This book will cover many backend services. The safety of their operation for the system as a whole depends not only on correct settings the service itself, but also on the rights that you give it. Hackers very often attack certain services and search for

From the author's book

4.13.4. Additional protection In addition to filters based on rules defined by the administrator in firewall Several additional protection mechanisms can be implemented that work regardless of your configuration or can be enabled by special

From the author's book

9.5.4. Network protection The squid service can be both a means of protecting a network and a tool for a hacker to penetrate a network. To prevent external users from using a proxy server to connect to computers local network, must be added to configuration file

From the author's book

14.5.5. Protecting yourself from eavesdropping Although it is possible to detect that you are being eavesdropped, sometimes it may be too late. While you are looking for a hacker, he may have time to catch a package with passwords and hack the system. If the audition is carried out by a program that

From the author's book

14.6.8. DoS/DDoS protection The most effective protection against DoS attacks carried out through errors in programs is timely update these programs. But if the hacker directed his efforts to completely consume the server’s resources, then in this case difficult to defend, but necessary

From the author's book

14.10.3. Protection There is, in principle, no protection against password guessing and there cannot be. If a hacker gains access to the /etc/shadow file, then we can assume that he has the password in his hands. But if you follow the following rules, you can avoid hacking:? change your passwords every month. If a hacker hacks

Malware is a program that has been created specifically to allow an unauthorized user to perform actions on an information telecommunications network or information system as a result of which it is possible to cause harm to the user of this network or system. That is why security is extremely important in the modern world.

Navigator by methods

1 way. Eset Antivirus.

Ways to protect yourself from malware include this one. This is an integrated solution that will provide corporate users with comprehensive security for servers, mail and workstations. This antivirus has support for a variety of platforms. The product is installed on workstations and servers. It is also possible when using this type of antivirus centralized management over the network using the remote administration module.

In this game you will be able to try out hundreds of models of tanks and aircraft, and once inside the detailed cockpit, you will be able to immerse yourself in the atmosphere of battles as much as possible.

A computer, like any other electronic equipment, must be protected from the penetration of malware and viruses. When your system is infected, constant malfunctions occur, your computer shuts down or breaks down. There are a large number of antivirus programs that protect all elements of the operating system and processor from the influence of virus attacks.

Ways viruses get onto your computer
The malware gets onto the computer via removable media or the Internet. A virus may appear on flash cards or disks if you used these devices on another computer that is not protected by an antivirus program. Viruses can be stored indefinitely until the antivirus removes it. The most common way to add a malicious file to a computer is to go online. To use safely virtual space, you need to install an antivirus and enable protection against network attacks.

Types of virus attacks
Viruses are divided into types based on the way they influence the system. Malicious software affects the stability of the operating system and introduces various changes, launches unnecessary third-party programs and interferes with any running process. Viral worms have a negative effect on certain parts system unit. If such virus attacks are not cleaned up for a long time, this may lead to malfunction individual element, but due to the entire computer as a whole. Spyware is designed to track and share your information with scammers. classified information: logins, passwords or accounts. If you have such a program on your system, you can lose valuable information and more. Also, new virus applications are constantly being created that can harm your electronic device great harm.

Antivirus systems
Antivirus programs are developed by specialists who work in companies certified to create of this project. Such systems monitor malicious changes in programs and disinfect or remove them. The most popular antiviruses today are Dr. Web, Avast and Kaspersky. All of them completely ensure the security of your device. They work simultaneously and in constant mode, and when accessing the global network. The most reliable and effective is the antivirus of the same name, created in Kaspersky Lab. It finds even very encrypted and invisible virus attacks. When a virus tries to penetrate, it immediately blocks and asks you to choose one of the actions. You can first try to treat the object. If this is not possible, then you should remove malicious file. Kaspersky Anti-Virus is used in the most serious and secretive companies, where constant protection against unauthorized penetrations into the system is necessary. Of course, other antivirus programs are also effective in protecting your computer, but Kaspersky Antivirus is considered the most advanced and reliable among all systems.

If you want to use your computer for a long time without any failures, then you need to purchase the right antivirus software.

The downside of Windows' popularity is its vulnerability to external threats. After all, it is for the most common operating system in the world that most malicious software is created. Alas, having an antivirus installed on your computer does not provide a 100% guarantee that neither a virus, nor a Trojan, nor a network worm, nor a spy, nor an SMS ransomware, nor any other “malware” will penetrate the system. It is possible to fully protect your computer from malware only with an integrated approach - and with the help of software, and not without awareness of the user’s actions.

How to ensure complete computer protection? We will discuss this issue in detail below.

1. Antivirus

The number one way to protect your computer from malware is, naturally, an antivirus. Windows includes standard utility Windows Defender can detect spyware, but its functionality is very limited compared to third-party antivirus products. Only the latter can provide comprehensive protection from both viruses and spyware. The antivirus package, in addition to antivirus and antispyware functions, may contain other security modules. This is, for example, antispam filtering Email, firewall, parental control function, tracking the location of stolen laptops, etc. It is impossible to single out any particular antivirus from among today's offerings on the software market, since there is no ideal solution in this matter. Any ratings and tests with a loud statement about the victory of a particular antivirus in many cases may turn out to be a common marketing ploy by the developer of this product. After all, there is quite high competition in the sales market for antivirus solutions.

An antivirus should detect viruses, rootkits, spyware and other malware during scanning, and also protect against them in real time. Free antivirus products can also handle these tasks. Everything else is for everyone.

Emergency boot disk or flash drive (LiveDisk) with an antivirus product – Must Have for each computer user. There will be almost the only way solutions to the problem if the system is blocked by SMS ransomware.

2. Firewall

While an antivirus is only a tool for detecting and isolating malware, main task A firewall (also known as a firewall) is to prevent viruses, network worms from entering a computer and counter attacks from hackers. Only in pairs can these two tools provide your computer with protection.

Windows is equipped with a standard firewall, but there are third party firewall programs. They perform essentially the same function, but provide advanced users with flexible configuration options, including enabling paranoid modes, which ask users for permission for almost every step.

Antiviruses that do not include a third-party firewall get along well in the system, working with the standard firewall. But not every antivirus can work with third-party firewalls. Often, the use of third-party firewalls is possible together with antiviruses from the same developers.

3. Windows Update

Majority created viruses aimed at Windows vulnerabilities, therefore, timely updating of the operating system is no less important aspect of security than having an antivirus.

You should not use anything that is not supported by the company. Microsoft version Windows. Thus, Windows XP, for which there has been no support since April 2014, needs to be replaced, if not with the current version 8.1, then at least with Windows 7, for which the software giant undertakes to supply security updates over the next 5 years.

4. Disable Remote Assistance

To provide computer help in mode online Windows provides standard function remote assistant, through which any user, having special file invitations and access password, over the Internet can connect to a computer and control it. In most cases, Remote Assistance is active in the system by default. If it is not used or is rarely used, for security reasons it makes sense to deactivate it.

The remote desktop feature in Windows is initially inactive, but if it has ever been enabled and remains enabled, you need to disable it.

5. Account Control

The standard User Account Control feature, which pirate collectors like to disable Windows versions, must be active at least at the medium security level. This way, executable files launched without the user's knowledge will be blocked.

This is far from a panacea, but it can help in cases where a computer is infected with viruses that cannot bypass system control accounts.

6. Secure browser

A browser is precisely the program that directly works with the Internet, and it, like no other program on a computer, must be subject to essentially the same requirements in terms of reliability as an antivirus. The most secure is the most popular browser in the world - Google Chrome. This browser is regularly updated and has a built-in anti-malware system that warns users about the dangers of the sites they visit and the files they download.

Plus, in Google store Chrome you can find a lot of extensions from developers of antivirus products that enhance security while surfing the web.

If you wish, you can take advantage of offers from the developer of antivirus products Comodo. Comodo Dragon (based on Chromium) and Comodo IceDragon (based on Mozilla Firefox) – browsers with an increased level of security and privacy that come with a set of pre-installed extensions from the developer.

7. Security of email clients

Email software clients offer greater functionality for working with email correspondence than a web interface mail servers. And the probability of getting email With executable file malware is not a reason to give up the convenience of email clients. The selected email client must be up to date and support the antivirus module.

The security of the email client lies entirely with the antivirus, so there will already be requirements for the latter - it must be able to scan local email databases, check incoming letters on the fly and send suspicious files in quarantine.

8. Antivirus scanning of removable media

Even if a disk, flash drive or SD card is connected to the computer from the hands of the most honest person in the world, this is not a reason not to check the removable media before running the antivirus. If the installed antivirus by default does not provide the function of automatically scanning connected removable media, perhaps this point needs to be set in the settings.

Removable media pose a lesser threat than Internet channels, however, there are frequent cases of computer infection through them.

9. Additional protection for known dangerous steps

When handing over your computer to another person (especially a beginner) or consciously taking steps that are potentially fraught with danger - for example, testing dubious programs, it would not be a bad idea to resort to additional measures security.

If home computer is used by only one user, as a rule, he works on it with an administrator account, which is created when Windows installation. The administrator account provides access to all system files, settings, services, installed programs, which, in fact, is what is needed in some cases to run malicious programs on a computer. When transferring a computer with an additionally created account to another person regular user you can prevent infection by malware, since in this case they will not be able to run on the system due to limited account rights.

In fear of catching malware, you don’t have to give up researching dubious software. For these purposes, you can use special programs to so-called freeze the operating system. In Windows “freeze” mode, all changes made to it are not saved, and after a reboot, the system will return exactly to the state it was in before this mode was activated. Among such programs are Deep Freeze, Toolwiz Time Freeze.