Skip to main content

A guide to making your own security toolkit

Do your family and friends turn to you whenever they have computer security problems? Do they ignore the fact that you're wearing your "No, I Will Not Fix Your Computer" T-shirt? You may as well bow to the inevitable and make preparations to help them.

You can make the job much easier by putting together a USB-based security toolkit that you can carry on your key ring. If you already have the necessary tools to hand, the repair process will be much quicker. You can even leave them with some free protection, so you won't have to come back next week and fix the same problem.

Malware clean-up tools

Don't assume that your friend who has encountered a problem has been visiting shady Internet sites. Perfectly clean sites have been hacked in such a way that simply opening the page downloads malicious software to the victim's system.

Worse still, many modern threats include countermeasures to fight back when you try to install antivirus software. Some tweak the Registry to disable launching of known antivirus executables. Others monitor Internet access and specifically prevent access to security company websites, so you can't update or register the product. They're ingenious, in a bad way.

When you can't install the full power of an antivirus solution, you may be able to wipe the system clean with a free clean-up-only tool. Malwarebytes' Anti-Malware Free may be the best known tool in this category. Tech support agents in some security companies routinely use it to help users who run into trouble at installation. A few years ago I even encountered a Symantec tech support agent using it (strictly against Symantec policy, of course).

Symantec tech support agents no longer need Malwarebytes, because they can unleash Norton Power Eraser on resistant malware infestations. It, too, is a free download. It lagged behind MalwareBytes in my hands-on testing overall, but it was significantly more effective against rootkits (malicious programs that hook deep into Windows to hide their actions).

Comodo Cleaning Essentials also did well against rootkits, and its overall capability when it comes to malware clean-up is better than many commercial products.

So which one should you keep on your handy-dandy USB drive toolkit? That's easy – all of them! If one doesn't do the job, turn to the next.

Bootable Rescue USB

"I don't know what happened," your sibling moans. "I was just checking my Facebook status, and my computer crashed, and now it won't even start." That scenario could have many causes, but if a Trojan or other malicious program caused it you may still be able to save the day.

Just about every antivirus vendor offers a free bootable "Rescue CD" for just this kind of problem. The CD boots into an alternate operating system, usually a version of Linux. There's no possibility that Windows-based malware could interfere with this scan, since Windows isn't even running.

On the other hand, carrying a CD in your pocket just isn't practical. Fortunately, some vendors will optionally let you create a free bootable "Rescue USB," among them Kaspersky, AVG, and Norton. Do note that the Norton Bootable Recovery Tool is only free for Norton customers. You need to enter your product key with each use, and you can't use it commercially.

If your favourite security vendor only offers a bootable CD, not USB, there's still hope, as long as you're willing to do a little tinkering. You need to download the ISO image that represents the bootable CD and use an open source tool called UNetbootin to make a USB drive that boots into the CD image. I haven't done this myself, but the Internet is full of explanatory pages and videos on how to achieve this.

After creating your bootable rescue USB, test it a few times. Boot from it, make sure that it works, and verify that you understand how to use it. You do want to look like the expert you are when it comes to a crisis, after all.


Leave them protected

Okay, you've spent an hour cleaning up uncle Bob's computer (hope he entertained you while waiting for the antivirus scan to finish). You could just go home, and face the prospect of doing it all again next week. Or you could leave Bob with protection that will head off the next problem.

Sounds like a good idea? Then stock your toolkit with a full-scale free antivirus program. I’d recommend AVG Free or Avast, but there are certainly plenty of options. ZoneAlarm Free Antivirus + Firewall is another possibility (which includes ZoneAlarm's powerful firewall for added protection). You might find you have trouble installing the free antivirus program on thoroughly infested systems, so use a clean-up tool before installation.

Still more protection

Sometimes you'll be asked to help with an email or social networking account that's been hacked. There's a pretty good chance the "hack" simply involved someone guessing (or seeing) your friend's lame password. Depending on how proactive you think your friend can be, you may consider setting up a password manager. Doing so will let your friend configure secure sites to use strong passwords without suffering brain-strain trying to remember them all.

LastPass is a good option here, and the program stores highly encrypted password data online, so you can use it across multiple computers. If portability isn't an issue, and if the friend in question needs something a bit simpler, Dashlane is another good bet. As you engage in better security habits, Dashlane awards you points and badges. That may be just the thing to get your friend more interested in better security!

You can carry the Dashlane installer on your toolkit, and LastPass too, but in the latter case it may be easier to just sign your friend up online. Don't peek during the master password entry stage!

Keep them up to date

Many malicious attacks rely on exploiting vulnerabilities in the operating system, browser, or popular programs. As soon as possible after an exploit is discovered, the affected company releases a security patch. Install the patch and you're safe, at least until the next exploit. Don't install it and you're worm bait.

When trying to fix someone else's computer you'll definitely want to check for the latest Windows Update files and install any that are missing. That's just one part of the story, though. The free Secunia Personal Software Inspector 3.0 will check for a huge number of security patches in a wide variety of program categories and, in many cases, it will offer an automatic process to apply the patch.

You can install Secunia from your toolkit USB stick, perform a one-time scan and update, and then uninstall it. Then again, you might just want to leave it on your friend’s computer. If you leave it in place, it will periodically check to make sure the system hasn't missed any new critical updates.

Mischief managed

Now that you've got a fully equipped pocket toolkit, you can cut through security problems in no time. Run a standalone clean-up antivirus or, if the computer won't boot, a bootable rescue tool. Install free antivirus protection to head off the next problem. Make sure Windows is fully updated. Then install any additional tools you think they'll actually use. If you’re well prepared, fixing dad’s computer suddenly becomes much less of a chore…