Guide to Improve Security Shield in Microsoft Defender

Windows 10 users might be aware of the Microsoft Defender or Windows Defender – an in-built security tool that protects your device from malware. It silently works in the background and unleashes real-time security agents that check for changes in several areas of your system to find out the issues caused by spyware. It is powerful enough to remove ActiveX software, and it also has integrated support for the Microsoft SpyNet that helps you report spyware and other susceptible changes. All of its powerful features always work in the background to improve the security on your device. But you can take this security one step higher and save your desktop using the methods given below:

Remove Hidden Malware

Windows Defender automatically performs a Quick Scan on your system every day to check if there are any threats in your folders. But you can choose to do it manually by going to the Settings. Then, click on Update & Security and select Windows Security. Then, click on Virus & Threat Protection and tap on Quick Scan.

You can also choose to do a Full Scan by clicking on the Scan options. Doing so will ensure that all the programs and files on your PC get checked. If you want to check only a few files and folders, then click on Custom Scan. If you believe that the scan has failed to find the errors you suspected, then click on Microsoft Defender Offline Scan to find it hard to detect files. Don’t forget to take the backup of essential files and documents as these procedures might remove your files and restart the device to eliminate the errors.

If any error is detected while scanning, your PC’s screen will blackout, and you’ll be prompted to remove the errors. Your device will boot back to normal once the procedure gets completed.

Protection Against Ransomware

You don’t want to run into the threat of getting ransomware on your device as it will block your access to the files and might even threaten to publish the stored data. Ransomware makes the victim pay for giving them access to their files, but there is no assurity if that will happen. At times, the decryption fails to work and causes you to experience some major problems.

By default, Microsoft Defender’s ransomware protection is turned off so that you can access legitimate programs. But you can enable this protection measure to ensure that you don’t get threatened by ransomware. To use this method, follow these steps:

1. Go to Virus & Threat Protection screen and navigate to Ransomware Protection.
2. Click on Manage Ransomware Protection.
3. Turn on the toggle under the Controlled Folder Access to keep your data (e.g., Pictures, videos, folders, documents, etc.) safe.
4. To increase the protection, go to Protected Folders and click on ‘Add A Protection Folder.’
5. You can choose to allow some programs to access the files by clicking on ‘Allow an App Through Controlled Folder Access.’

Automatically Block Malware

As we mentioned, your device gets real-time protection against malware via Microsoft Defender. It also uses its updated virus definition to scan and block any unknown threat appearing on your device. It also offers a Cloud-Delivered Protection feature that protects the device against threats and uploads details about Microsoft’s suspicious files to check if they are safe for your system.

Usually, these features are enabled by default, but you should always check if these have been turned off, so ensure that you don’t let any malware fixate on your device. Sometimes, security programs for different purposes disable these settings automatically. So, ensure that you check these settings and enable the necessary features. You can make the settings using the steps mentioned below:

1. Go to Virus & Threat Protection and click on Manage Settings.
2. Under the same setting section, switch on the toggle for Cloud-Delivered Protection.
3. Turn on the toggle for Automatic Sample Submission to submit the analysis of the suspicious files to Microsoft.

You can rely on Microsoft to protect your privacy, and in case they detect any dangerous file on your desktop, they will block it on your PC and other Microsoft Defender users’ systems. They focus on securing the whole community.

Configure Defender’s Firewall Settings

Windows or Microsoft Defender Firewall can protect you as long as you keep the useful toggles on securing your system. Go to Windows Security and click on Firewall & Network Protection to ensure that the toggles for Domain, Private, and Public options are turned on. You can navigate to the Advanced Settings to customize the rules and regulations of the security settings. From the Advanced Settings, choose Inbound Rules (for controlling the data in your PC) or Outbound Rules (for managing data transfer). You can also choose to block some ports using the following steps:

1. From the Advanced Settings, select Inbound Rules and click on New Rule given on the right-hand sidebar.
2. From the New Inbound Rule Wizard, click on Port and tap on Next.
3. In the box given for Specific Local Ports, insert ’21’ and click on Next.
4. Now, select Block the Connection, and click twice on Next.
5. Add a name for the new rule, and click on Finish to apply the changes.
6. If you are unsatisfied with the new rule you created or experienced any problems, click on it and select Disable Rule or Delete.

These methods will help you make the most out of Microsoft Defender and get the best security levels on your desktop.

Source:-   Guide to Improve Security Shield in Microsoft Defender

 

Top File Extensions That Can Be Potentially Dangerous for Windows

Every bit of data on the internet is saved in a file format with different extensions. But, before downloading any file from an email or the internet, you must stay cautious about some file extensions. In this article, we will mention some file extensions that can be dangerous for your system. Before getting into file extensions, make sure you have active anti-virus software on your PC to protect you from any virus and malware files.

Some file extensions carry a specific code, or they can execute an arbitrary command which can be damaging for your system. Some media file extensions like JPEG and MP3 are considered safe because they cannot carry codes. Still, there have been many cases where the images in the file contain some maliciously crafted image that can put your system’s data at risk.

Some potentially dangerous file extensions are:

.EXE

EXE is an executable file that can run a program and execute commands with a single click. Sometimes, they can self-execute few commands. Files with EXE extensions carry the most potential danger than any other file extensions.  These files can easily transmit any malware, viruses, and spyware. When you open any EXE file without proper scanning, it launches the malware into your system and corrupts it.

.BAT

BAT file is a batch file that contains a list of commands, and when you open it, that series of commands are launched in order. Batch files can be used to transmit binary executable codes into your system. MS-DOS used these files, and their nature of running the series of in-order commands makes it the perfect option for launching any virus or malware into your system.

.SCF

SCF stands for Shell Command File, and these types of files are shortcuts with the run command. These file’s extensions stay invisible even if you have set your extensions to appear. So you will have to stay more aware with a file that has double extensions. The feature that makes these files more dangerous is that once you open the folder containing the SCF file, it automatically triggers the command. The attacker can plant an SCF file containing a non-printable character on the website that you use the most and can easily access your downloaded data from those websites.

.COM

COM file is the original type of program used by MS-DOS. It is similar to the EXE file, and it can be saved in a binary format. Once you open the file that contains malware, it automatically executes the set of instructions intended to harm your system.

.CMD

CMD format was introduced with Windows NT, and it is similar to the BAT file. Despite having similarities with the BAT file, CMD files are run by CMD. These files can be used to write malware, and it can open specific programs on your computer repeatedly, which can make your system slow and vulnerable to crash. These files can also be used to delete specific data in a directory.

.MSI

MSI file is a Microsoft installer file, and it can contain installation information for other applications. These kinds of files are generally used for Windows update and installation of third party software.

.VB/.VBS

VB and VBS files are used for hiding viruses and malware. VBS stands for Virtual Basic Script, and they are written in VBScript scripting language. These files contain code that can be executed within Internet Explorer or Windows through a Windows-based script host.

.WS/.WSF

WSF stands for Windows Script files, and they contain executable scripts with Jscript and VBScript code. They can only run if Windows Scripting Host 2.0 is installed. These files are usually delivered as email attachments and can damage your system if you open it without checking the integrity of its source.

.SCR

SCR is a screensaver file that is used to show vector graphics, animations, slideshows, or videos. These files contain executable codes which makes it the perfect place for programmers to hide any malicious code.

.PIF

PIF files are program information files for MS-DOS programs. Windows treats PIF files the same as EXE files because they don’t contain any executable codes. These files contain information about how MS-DOS programs should run, and these files can be used to transmit harmful viruses and scripts.

.HTML

HTML language is used to create web pages, and this format is the perfect place to hide any Trojans and worms.

.ZIP

ZIP files can easily carry multiple files in a single folder. These files can be used to hide any viruses, and it can transmit it to your system when you unpack the contained files.

How can you avoid hidden malware in files?

In this digital age, your data is always vulnerable to spyware attacks and malware. Viruses can also be transmitted through email attachments and external devices. We receive millions of spam messages daily, and most of them are harmless, but sometimes we come across a malicious file which is designed in such a way that prompts you to open it. It can be in the form of a gift card or coupon codes. You can follow these simple steps to protect yourself from possible viruses or malware:

• Make sure you have updated anti-virus software which can detect any malicious files.
• Block commands of automatic execution of file launch or unapproved executables.

Make sure you check the integrity of the file’s source before opening it or running it on your system.

Source:-   File Extensions Dangerous for Windows

 

How to Get Rid of Viruses From Android

The chances of getting affected by a virus or malicious software are relatively less in Android as compared to a Windows laptop. However, sometimes malicious apps can be found on the Play Store, and chances are that you may install them unknowingly. These viruses or malicious apps can cause a significant dent in your phone’s performance. Here we are mentioning how you can identify these viruses and get rid of them from your Android.

How to Know If Your Phone Has Viruses

There is no specific aspect to look into for identifying if your phone has a virus. However, there are certain signs that your phone may show hinting towards a possible malicious app or file. For instance, you may notice that your phone has suddenly become slower in performance, you may find in-app purchases that you don’t remember doing yourself, you may notice unrecognized apps installed in your device. If you are facing some of these signs, don’t worry, getting rid of viruses from your Android device is reasonably straightforward.

Removing Unrecognized Files or Apps

You can make use of the Safe Mode provider in Android to uninstall the unrecognized app or file. Follow the steps as mentioned below;

1. You need to press and hold the Power button followed by pressing and holding the Power Off button. You will get the option to boot into Safe Mode, click OK.

Alternatively, you can also power off the device as usual and then press and hold the Power button until you see the manufacturer’s logo. As soon as you see the manufacturer’s logo, press the Volume Down button along with the Power button until you’re booted into Safe Mode.

2. Once you reach the safe mode, you need to head over to the settings and then go to apps.

3. Carefully scroll through the list of apps and look for any app that you don’t recognize. If you find any such app, click on it and then select the Uninstall button to get rid of those apps from your device.

4. If you are unable to directly uninstall the apps as the Uninstall button is responsive to clicks, it can mean that the app has device administration access. You can remove the device administration access by going to the security settings and selecting the option called Device Administrators, make sure you remove this app from the administrator-list.

5. You can simply press and hold the power button again to boot into the normal mode and exit the safe mode.

Factory Reset Your Device

If you fail to remove the virus from the above method, you can always factory reset your device to bring it back to a fresh state. Make sure you’ve backed up your data before performing a factory reset as doing so will wipe out all the data from your device.

1. Once you are done with your backup, hold the power button, and then power-off your device.

2. Now you will need to boot into the recovery mode, for doing so you need to press the Volume Down and the power button simultaneously when the phone is switched off.

3. You can use the volume up and Volume down button for navigation in the recovery mode, find the option called Wipe Data, and then tap on it. You will be asked for confirmation if you want to proceed with wiping all the data, select yes to continue.

4. This will completely format your local storage. Now reboot your device and then recover your data from the created backup.

Staying Cautious

Prevention is always better than cure. It is best to follow such practices that reduce the chance of your Android getting infected with a virus or malware. You should always keep your phone’s software up to date. Head over to the Play Store and make sure that Google Play Protect is turned on. The Play Protect is a Google service that automatically scans for malicious files in your Android apps. You should avoid using clone apps as much as possible; these apps are most likely to contain viruses. As an additional security measure, you can also install antivirus apps for adding an extra layer of security to your device. And the most important point is to avoid installing apps from outside the Google Play Store in the form of third party APKs. Follow these tips to have a safe and sound Android experience.

Source:-  Remove Viruses From Android