This site will look much better in a browser that supports web standards, but it is accessible to any browser or Internet device.

Sandi's Site

 

 

How do we keep our computers clean of spyware, malware, viruses, foistware, adware etc etc etc?

First we need to understand how our PCs can be infected.

I wrote an article for the Internet Explorer Community site about the most common infection routes back in March 2005 - I recommend you read it as an introduction to how the bad guys can get their stuff onto your PC: Help prevent the infection

I also recommend that you read the infamous Microsoft article... The 10 immutable laws of security

Ok, so now you know about some of the ways that stuff can get on to your computer and some of the harsh realities of computer security.  Lets have a look at prevention.  Remember, antivirus software and anti-spyware protective software can only do so much - there will always be bad stuff out that cannot be detected for a while.  And, with the increasing use of rootkits to hide malware, its getting harder and harder to use software for prevention.  We must be more proactive about computer security and safe hex, and careful when we are surfing the Web.

 

1.    Stay informed

When it comes to malware and viruses, prevention is far better than cure.  Although we can download and install various protective softwares to minimize the risk to our computers, knowledge is the ultimate weapon. 

Visit http://www.microsoft.com/security/ on a regular basis to check for the latest in the ongoing battle between Microsoft and those who would hijack your browser, or take over your computer.

Keep an eye on the Microsoft Spyware information site:
http://www.microsoft.com/athome/security/spyware/default.mspx

Sign up with the Microsoft Security Notification Service or subscribe to the RSS Security Bulletin feed

http://www.microsoft.com/technet/security/bulletin/notify.mspx

 

Visit the Internet Explorer community regularly:
http://www.microsoft.com/windows/ie/community/default.mspx

2.  Keep your computer up to date

 

Use Windows Update or Office Update, regularly.  Download and install all critical patches relevant to your computer, ESPECIALLY those related to Internet Explorer and Outlook Express.

Enable Automatic Updates.

 

3.  Use a firewall

 

Windows XP has a firewall - turn it on!

 

VERY IMPORTANT WARNING

The XP firewall cannot be considered to be equivalent to products such as Trend, Sygate, ZoneAlarm and Kerio. If your computer is infected, the XP firewall may NOT stop your computer from sending data OUT.  Until things improve I must suggest that a third party firewall be used.

 

I also recommend that you leave the Windows Firewall enabled, even if you have a third party product installed.  This is because Windows Firewall provides boot time protection - protection during that short period of time between when the network starts and a third party firewall fires up.  Your third party firewall may not have the same ability.  Some firewalls insist that the Windows Firewall be disabled before they will work - in such cases, I recommend you accept the demand, and disable Windows Firewall.

 

Even if you don't have XP there are various firewalls available (some of which are free), including ZoneAlarm, Kerio Personal Firewall and Sygate.  Select the one that best suits you according to your level of experience and knowledge, and start using it.

 

4.  Use an antivirus programme and keep it up to date

 

There is a free one available from http://www.grisoft.com/us/us_dwnl_free.php.  If you are willing to pay, my personal favorites are Vet (www.vet.com.au)  and Trend.  I personally use both of these products on my home network.

 

5.  Use an anti-spyware product and keep it up to date

 

The products that I use on my network are  Windows Defender (aka Microsoft Antispyware) and Trend Antispyware.  On PCs that require additional protection (such as those used by children, teenagers or the more voyeuristic) I recommend SpywareBlaster.  It is important to note that SpywareBlaster's autoupdate facility is a pay-for service - at only $9.95 per PC per year its a small price to pay.

 

The Spyware Warrior web site hosts a comprehensive comparison of anti-spyware products which I think you will find very useful when deciding what product to use:
http://spywarewarrior.com/asw-features.htm

The end result of all this analysis is a list of “trustworthy” products:
http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy

Spywarewarrior also hosts a regularly updated, comprehensive list of rouge or suspect anti-spyware products (products that are of “unknown, questionable or dubious value”):
http://www.spywarewarrior.com/rogue_anti-spyware.htm

 

Randy Knobloch, Microsoft MVP (aka Siljaline), works hard to keep people informed about the latest updates for various anti-spyware products.  Keep an eye on his site for downloads relevant to software you have installed.  Randy's personal blog is at http://www.msmvps.com/siljaline/ and his info-posts can also be found at Security Tools Updates.

 

6.  Internet Explorer

  • Update to the latest version of Internet Explorer available for your operating system.

  • Disable install on demand (Internet Explorer and other) via Tools, Internet Options, Advanced.

  • Make sure that your Java VM is up to date.  You will find information about how/where to get java and how to update from this link.

  • You may like to use Mike Burgess' hosts file, available at http://www.mvps.org/winhelp2002/hosts.htm.

  • Do NOT give permission to a website to install or run anything on your computer unless YOU initiated the download. The prompt may look like either of these examples (the 2nd is from a new version of Internet Explorer):

 

 

6.  Outlook Express

  • DO NOT OPEN ATTACHMENTS!!!

  • If you REALLY REALLY REALLY want to open an attachment, and you were not expecting to receive it, reply to the email and ask 'Did you send me this?'  DO NOT OPEN THE ATTACHMENT UNTIL YOU GET A REPLY.  I'm serious.  Even pictures can be used as a route to infecting a computer that has not been fully patched.

  • Set OE to view all messages as plain text.

  • Make sure OE is set to 'restricted zone' (more info here)

  • Don't open spam. Delete it without opening it.

  • Watch out for phishing (more info here)

7.    Windows XP

 

By now, all XP users should be running Service Pack 2.  If not, I strongly recommend that you download and install it.  It will go a long way towards making your computer more secure, and protecting you from the seedier side of the internet.  Developers and those who own web sites may like to review the following document:

 

XPSP2 is being distributed already installed on some new computers, via Windows Update, or can be ordered on CD.  The URL for ordering XP SP2 is:

 

If you do not have broadband internet access, or if you have to pay by the byte for downloads, or you do not want to have to wait 4 - 6 weeks for the CD to arrive, several computer magazines distribute XP SP2 on their sampler CDs, so check out your local newsagent.

 

Unfortunately, Windows XP automatically gives user accounts full administrative rights. Create a 'limited user' account and use that account for all internet surfing and general computer usage. Only use an Administrator account if you wish to install software, or you have a programme that will only work properly under administrator. If you have only one account, do NOT set that account as 'limited user'. Create a new one especially for the purpose. Password protect your Administrator account. Write down the password on a sticker and, to ensure you don't lose it, do what I do - affix the sticker to the INSIDE of your computer case cover.

 

Windows XP SP2 includes many improvements including:

  • a pop up manager (picture here)

  • add on management and crash detection ("..Users will be able to view, enable, and disable the add-ons used by Internet Explorer, and identify add-ons that might be related to Internet Explorer crashes...")  (picture here)

  • a greatly improved firewall (on by default...boot time security...global configuration [all network connections use same setting]...stateful filtering...)

  • the ability to block all downloads from a particular publisher ("...This feature allows the user to block all signed content from a given publisher without showing the Authenticode dialog box to the user while doing so. This stops code from the blocked publisher to be installed. This feature also blocks installation of code with invalid signatures...")  Instead of just having only an 'always install' option, you will also have a 'never install' (picture here)

  • one prompt per control per page ("....It mitigates [stops] the social engineering trick of prompting the user a number of times for the same control. Even though users repeatedly refuse, they cannot get out of the loop, and they might eventually accept the installation out of frustration....") (picture here)

  • some pretty cool improvements to OE that the spammers are gonna hate (see this page for details).

  • automatic downloads (such as that used by Majorgeek and other software distribution sites) are disabled by default.  To enable go to IE tools, internet options, security. Click the custom level button and turn on the option to 'allow automatic prompting for file and code downloads'.

  • a "Security Centre", which is a central repository for information about firewall, antivirus, Windows Update and system settings (picture here)