This website has lost 75% of its visitors due to Google's search-algorithm update called Panda, which now favours Google's own ads and products, business sites and Wikipedia on the first page of search results, making finding information sites like this one difficult, so if you value it as a source of computer information please bookmark it.
|
|
|
Click the relevant link to go to that information on this page:
The tricks used by hackers and web tricksters
Data encryption and compression
Microsoft Knowledge Base: Security articles
"Rootkits" are posing a new security threat to Windows systems
Computer Gripes: Software security issues
Using the HijackThis and CWShredder removal tools
Security Q&A problems dealt with on this site
Computer security: Relevant links to other sites
NETWORKING AND INTERNET PROBLEMS AND SOLUTIONSClick here! to visit the page on this site devoted to networking and Internet problems and their solutions, which includes security problems. |
1. - Take care if you receive e-mail messages suggesting that you search your system for certain named files and then delete them immediately because they're virus files. The chances are that they're crucial system files that will render your system unusable if removed. - Always only use an antivirus application that is updated regularly to find and deal with viruses.
2. - E-mail is the easiest way to sneak a malicious (virus) or invasive program (Trojan or spyware) into your computer. According to the Kaspersky Lab, the creator of Kaspersky antivirus software, over 90% of viruses are delivered via e-mail. So, if you haven't got your e-mail program (usually Outlook Express), your browser (usually Internet Explorer), Windows, and a software firewall (usually ZoneAlarm), set up not to open e-mail attachments, or run ActiveX and JavaScript components, etc., and you receive an unexpected or strange e-mail message, just delete it. Or use a program, such as MailWasher, which shows you what the e-mail messages headers are before you download them, and allows you to delete them before they're downloaded, blacklist, or bounce them.
Especially don't install Windows updates that appear to have been sent by Microsoft, because MICROSOFT DOES NOT E-MAIL UPDATES! If you installed the patch that came as an attachment to an e-mail or that takes you to a phoney site, such as the following example, you will be installing a virus or Trojan backdoor program that allows a hacker to gain remote access to your computer.
"Microsoft Customer, This is the latest version of security update, the "April 2006, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches."
But the best action you can take is to switch to using Mozilla's alternative programs - Firefox (browser) and Thunderbird (e-mail client/ program).
There are some very authentic-looking e-mail messages purporting to come from Microsoft Update, which attempt to seduce an unwary user into installing the latest "security patch" that is attached to the message. Of course, the attachment contains a virus or worm. These e-mail messages look as if they could be the real thing and even contain valid links to Microsoft's site.
But they can never be the real thing because Microsoft never sends security updates with e-mail messages! You have to obtain them from official sources such as Microsoft Update.
Learn How to Tell If a Security Bulletin is Really from Microsoft:
http://www.microsoft.com/security/incident/authenticate_mail.mspx
There are other less convincing trick messages that apologise for not sending you an attached "free program", or which return an undelivered message to you as an attachment.
There is also a scam involving e-mails supposedly from eBay that look genuine and require confirmation of your eBay account details, saying that your ability to trade using eBay will be impaired if you don't confirm them. No business or bank, including eBay, requires its customers to confirm their account details by e-mail.
3. - Even the configuration changes to Internet Explorer in Windows XP SP2 don't protect an unsuspecting user from a new phishing technique demonstrated by a British Web developer and detailed here:
Unfortunately, the technique also works when using other browsers. Using Mozilla Firefox, a programmer has shown that he can fake a site's appearance so that visitors believe that they're using a safe site. Phishing is the term applied to tricking users into providing personal information such as account numbers and passwords via a phoney site that looks like the real one, the surfing victim is totally unaware that they are not at the site they intended.
Malicious hackers frequently lure victims to convincing replicas of e-commerce sites such as eBay, where they're tricked into handing over financial and other private information. The method is said to be a key tool in credit card and identity theft. Miscreants have been hard at work sending out fake "click to confirm your account info" e-mails, supposedly from AOL, eBay, and PayPal, which lure the unwary to faked sites where they're asked to provide their account details for one phoney reason or another. It has now come to light that a bug in Internet Explorer allows the web addresses of faked sites to appear as if they're the real ones. The bug allows hackers to use a technique to display a false web address for a faked site. Therefore, never link to a site via a "friendly" third-party link, always enter the site's Home Page address yourself in the Address bar, and then access the site's other pages from it.
The Phishing Filter in Internet Explorer 7 (IE7)
I used to have an example here of a site's link that had a visible address but was linked to a different site, but Internet Explorer 7 (IE7), due for official release some time in the second half of 2006, has a Phishing Filter that will mark this page as a suspicious page if I were to leave it in, so I removed it. If the filter detects a suspicious site, it makes the address bar go yellow, and a message saying Suspicious Website appears in a box beside it.
The Phishing Filter issues warnings about sites or webpages that show legitimate website addresses that link to sites that are illegitimate and designed to defraud the user or obtain bank account passwords, etc. To find out more about the filter, open Internet Explorer 7, click Help => Contents and Index and enter phishing in the search box.
You can download IE7 from http://support.microsoft.com/.
Scams that make users give away their passwords and other log-in details are becoming so sophisticated and difficult to spot as being con tricks that it is now imperative that people make sure that they never respond to e-mail messages from financial companies and banks unless they contact the business named in them first for authentication.
I have just received an e-mail with this heading: PayPal account suspended. When I opened it, the message said that there was a problem with my PayPal account and that I had to click what looked like a genuine PayPal link. But when I held the cursor of my mouse over the link, the real link that had nothing to do with PayPal was revealed in the bottom left-hand corner of the taskbar. Clicking on it led to a page that looked like the real PayPal log-in page on which clients enter an e-mail address and password. The page had all of the usual PayPal site menus, and even went to the real pages when I clicked on any of them. But the log-in page itself was a fake page that would deliver the login entries to the low-life con artists instead of to the PayPal site.
PayPal would never send such an e-mail in the first place, but if it did, the link to a log-in page would bring up a page that indicates that it is a secure page - on the page itself, and by showing the padlock icon in the browser's taskbar. The con artists can create a fake padlock icon on the page itself that is described as a "Secure log in", etc., but they cannot create secure pages that display a padlock icon that appears on the taskbar in the bottom right-hand side of the screen. Therefore, always look for it when you log on to a site that provides banking and financial services.
The low-life authors of these e-mail messages don't know that you have an account with any particular financial business; they merely send the e-mails to millions of known e-mail addresses and then just let the ignorance of some members of the public reap ill-gotten rewards for them.
If I had entered a fake password and e-mail address in the faked PayPal page, it would have accepted it, because it is designed to harvest the information no matter what it is. The real PayPal site would reject unrecognised log-in information. Therefore, you can test if a log-in page is genuine by using fake log-in information, but, if you do, you are telling the fake site that the e-mail address used in the scam is valid, and you are likely to receive increased levels of spam.
An email arrives from your bank informing you of a new feature or offer. The site looks authentic, which it is, but a popup window appears asking you to sign-in to view the details of the bank's new feature or offer. You enter your password and another popup window appears with details of the offer. At the bottom of the window you are asked to log off to protect your security, which, of course, you do. It all looks very normal, however your login name and password are now on a computer hacker's computer almost anywhere in the world.
These phishing tricks have become so sophisticated that it's becoming too difficult to tell them apart from the real thing, therefore, it's high time that users started deleting all e-mail from financial institutions. If you think that you can't be fooled, try seeing through the scams on this page: http://www.netriplex.com/phishfraud/phishing_test.aspx.
Malicious websites can change the contents of pop-up windows created by trusted websites such as online banks by making use of features built into browsers such as Internet Explorer 6.0, Mozilla 1.7.3, Mozilla Firefox 1.0, Netscape 7.2, Apple's Safari 1.2.4, Opera 7.54, and KDE's Konqueror 3.2.2-6. Other versions of these browsers might also be affected. Users would not be aware that alien content has been introduced into a pop-up window. Secunia's chief technology officer, Thomas Kristensen, has described the problem as perhaps the simplest phishing trick that has emerged to date. Secunia has given this vulnerability a "moderately critical" rating. It advises users not to browse untrusted sites while browsing trusted sites. In other words, if you're going to use a trusted site, such as an online bank, visit it first, conduct your business, and log out before you visit any untrusted sites.
Note well that if you click on a link that is asking you to provide confidential data, make sure that it goes to a secure webpage. A secure site has https:// in the web address instead of just http://. The s in the address stands for secure. A small padlock icon must appear on the status bar on the bottom right-hand side of the browser's window. Clicking on the padlock reveals the details of the security certificate - an SSL secure certificate that has been issued to the website, and it should reveal a particular secure website's real address.
SSL stands for Secure Sockets Layer, which allows information between a website (the network server computer within which the website resides) and a web browser, such Internet Explorer, to be encrypted (encoded), thereby securing the information being sent online.
However, if an e-commerce (electronic commerce) website doesn't have an SSL secure certificate, then visitors who make a payment receive a "certification not valid" error message from their browser. An SSL secure certificate provides the customers of an e-commerce website with the comfortable feeling that they're dealing with verified traders and businesses, not thieves.
The owners of an e-commerce website have to purchase the right to use SSL before they can use an SSL secure certificate. Fly-by-night thieves can't do that because doing so will identify them and lead the police straight to them should they use it to steal money from consumers.
A site devoted to phishing scams: http://www.netriplex.com/phishfraud/
Put your anti-phishing-scams skill to the test on the site here:
Test your Phishing Skills: http://www.netriplex.com/phishfraud/phishing_test.aspx
Zonelabs.com: - Protect Yourself from Phishing Scams [The link is too long to show]
Anti-Phishing Working Group: http://www.antiphishing.org/
Read the article called, How to surf the Internet more safely with Internet Explorer here: http://www.infinisource.com/techfiles/surf-safe.html.
The security of data stored on external hard disk drivesThe major problem presented by external data storage drives is one of security. For that reason, the industry now offers external storage drives that feature a variety of security mechanisms that range from providing the encryption of all data content to access protection provided by a fingerprint scanner. For example, Lock Box is the name of a drive from MicroSolutions that makes use of a fingerprint sensor. Access can only be achieved by people with fingerprints that the drive recognises. For more information on it, enter the names in as a search query in a search engine. For general information, use search term such as: security + "external hard disk drives". Beware of restoring back-ups created on a compromised computerAfter a computer has been compromised by one or more viruses, worms, spyware, etc., consider carefully if you should risk recovering its operating system and programs by restoring back-up copies or a master disk image. It is very easy to overlook the fact that the infection occurred long before the back-ups or master disk image were created. Some malware can exist for a relatively long time before it its identified by the developers of the virus and spyware scanners. If that was the case, restoring infected back-ups will restore the malware that compromised the system in the first place. This also applies to using the System Restore feature in Windows Me and Windows XP. For instance, it is possible for a virus scanner to detect a virus in the System Restore files after a virus has been cleared from the rest of the system. Beware of phoney laptop hotspotsFor those of you who don't know, a hotspot is a place that allows a user equipped with a laptop computer that is itself equipped with a wireless network adapter to log on to the Internet, either as a free or as a paid-for service. It can be difficult to determine if you have logged on to to genuine hotspot or not. All a con artist has to do is give the wireless connection installed on a laptop a plausible name or SSID (Service Set Identifier), and set it to be connected to on an Ad Hoc basis that connects computers equipped with wireless adapters directly to each other instead of via a wireless access point (a wireless switch). Then, when someone comes along to the bar or pub, etc., who is under the impression that it offers a hotspot to its customers, that person's wireless-equipped laptop will identify all of the open networks in the area. If the person decides to network with the con artist's computer instead of make use of the genuine hotspot, he or she won't be connected to the web. If the genuine hotspot requires users to enter a credit-card number before it allows them to use it, the con artist can create a phoney web page that allows those details to be stolen. If the unsuspecting person is able to make use of websites, such as the sites of banks, etc., they have been cached on the con artist's laptop computer. Any logon or account details that the person enters will also be made known to the thief. Anyone who makes use of a hotspot is best advised to make use of them to access public websites only, but if you have to access a private account of any kind, you should make sure that the site address starts with https:// instead of just the http:// and that the secure yellow padlock icon appears on the bottom bar of the browser that means that the connection to the site is securely encrypted. You should also make sure that your wireless network settings are set so that you have to connect manually instead of automatically to wireless networks or hotspots. To disable the ability of Windows XP to connect automatically to any available network or hotspot, double-click the wireless network's icon in the System Tray (Notification Area) in the bottom left corner of the screen. In the window that presents itself, click Change the order of preferred networks, and then click the Advanced button that appears under the Wireless Networks tab. Enable the Access point only option and disable the the Automatically connect option, and click on Close. **** Click here! to go directly to information on this site on wireless networks, and visit the Networking Problems pages on this site to find out which problems have been covered. |
Click here! to go to the information on data encryption and compression on this website.
Click an article's six-digit number to go to that article. Or click on a number and then conduct your own search of the Knowledge Base by making use of the Bing Search box.
For the links to other security-related Knowledge-Base articles (on firewalls, passwords, etc.) go to the Diagnostics page on this site.
| Windows Defender may block some programs when you start a Windows Vista-based computer - This issue occurs because a program or a service that has User Account Control (UAC) restrictions tries to start during the Windows Vista startup process or logon process. To simplify these processes, Windows Defender blocks programs or services that require UAC confirmation from running. APPLIES TO • Windows Vista Ultimate • Windows Vista Enterprise • Windows Vista Business • Windows Vista Home Premium • Windows Vista Home Basic • Windows Vista Starter • Windows Vista Enterprise 64-bit edition • Windows Vista Home Basic 64-bit edition • Windows Vista Home Premium 64-bit edition • Windows Vista Ultimate 64-bit edition • Windows Vista Business 64-bit edition • Windows Defender | |
| Overview of security features in Microsoft Windows Vista (917793) - Provides an overview of new security features in Microsoft Windows Vista. Include Windows Firewall, Windows Defender, and BitLocker Drive Encryption. Also covers improvements in Internet Explorer 7. | |
|
|
The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000 |
|
|
Flaw in the Microsoft Java Virtual Machine (VM) Could Enable System Compromise - affects most versions of Windows and Internet Explorer |
|
|
How to strengthen the security settings for the Local Machine (or the My Computer) zone in Internet Explorer [If applied, ActiveX Controls and Java applets will not run in the Local Machine zone] |
|
|
You cannot use the settings on the Privacy tab in Internet Options to permit or to block cookies for a Web site that is in a custom zone in Windows XP Service Pack 2 |
|
|
ActiveX Security Setting Changes Automatically After Upgrade [Internet Explorer] |
|
|
How to configure the Pop-up Blocker in Internet Explorer [that is added with the installation of Windows XP SP2] |
|
|
How to Use System Policies [poledit.exe] On a Standalone Computer [Windows 95/98/98 SE] |
"Rootkits" - powerful collections of programs working in unison that can be used to monitor a system or network secretly - are becoming an ever-increasing security risk to computer and network administrators.
Computer security expert Mark Russinovich, the man who discovered the infamous Sony CD Rootkits defines a Rootkit as: "Software that hides itself or other objects, such as files, processes, and Registry keys, from view of standard diagnostic, administrative, and security software."
The name Rootkit originated long ago in relation to the UNIX operating system. A Rootkit on the UNIX platform generally describes a collection of tools that can obtain and maintain root access to a system by using stealth programming techniques.
On the Windows platform, the tools that can gain root file access to the system exploit known system vulnerabilities. Maintaining access is accomplished by installing a backdoor Trojan program on the system.
In Windows, a separate tool hides the other Rootkit tools that have infected the system. It can hide files, folders, user accounts, system processes, registry entries, and even network connections.
The system has to be compromised in order for the Rootkit tools to be installed, something that can be achieved by the latest spyware and adware.
Once a computer has been infected, the collection of Rootkit programs is used to control the system, or locate sensitive information on the system and upload it to its manipulator.
The Rootkit programs are invisible to most of the current detection tools such as antivirus, network intrusion and detection, and anti-spyware products.
As explained, the Rootkits that can infect Windows systems need to compromise it beforehand. Therefore, the main defence against having the system compromised in the first place is to make sure that all of the security updates and patches available for the operating system are installed. For Windows systems, visit the Microsoft Update site.
A current virus scanner loaded with the latest virus definitions should also be set to monitor the system.
Examining the services and processes that are running on the system on a regular basis is also advisable. On larger networks, host scanning can provide the system administrator with valuable information that indicates a compromised system. A free utility from Sysinternals, such as TCPView, shows which applications have opened web ports on the system.
Another tool made available free from Sysinternals is called the Process Explorer.
Sysinternals was an independent organisation but it is now owned by Microsoft. Visit http://www.microsoft.com/technet/sysinternals/default.mspx for the great free utilities.
It can identify the DLL files and processes that have been opened or loaded by a particular program.
Rootkit information is available on Microsoft's site:
Strider GhostBuster Rootkit Detection - http://research.microsoft.com/rootkit/
You should be able to find other tools by entering free + rootkit + reveal + detect + utility as a search query in a search engine.
Experts say that Rootkits will soon be installed in the flash memory of the BIOSJanuary 29, 2006. - Security experts are warning that Rootkits - hidden software that Windows cannot detect that can be used to implement digital rights management technology or be used to hide viruses and Trojan backdoor server software - will soon be hidden in the flash memory of the BIOS chip. The BIOS chip on a computer's motherboard stores the system configuration information that is required to boot the system, therefore reinstalling the operating system cannot remove a Rootkit installed in its flash memory. For Windows 9x versions of Windows, a BIOS file update is usually flashed into the chip by making use of a floppy disk that contains the flash utility, the new BIOS file, and the three MS DOS system files that make the disk bootable. However, MS DOS is not available in the Windows XP versions of Windows, so most of the motherboard manufacturers have created software that is downloaded from their websites. To update the BIOS now involves running the downloaded software that obtains the update and sets the system to install it the next time the system is started. The idea is to make the process as user-friendly as possible, which in turn means that most BIOS programs no longer prevent writing to the BIOS flash memory by default, which in turn means that such systems are vulnerable to being infected by a Rootkit that installs itself in the flash memory of the BIOS. Greg Hoglund, a Rootkit expert and CEO of the reverse engineering company HBGary, had this to say on the subject: "It is going to be about one month before malware comes out to take advantage of this. This is so easy to do. You have widely available tools, free compilers for the ACPI language [used to program BIOS files], and high-level languages to write the code in." Even if a computer's BIOS or a jumper on the motherboard itself is set to disable writing to the flash memory, an insider could flash a computer's BIOS chip with such a Rootkit before leaving a company in order to be able to gain access to the corporate network at a later date. |
The creator of ComputerGripes.com says that the site is "devoted to what stinks about computer products (hardware, software, web sites); specifically to the problems I have experienced in using them. It exists because the errors, bugs, poor documentation, and occasional stupidity in the field drives me nuts."
The site is worth visiting with regard to security issues because the information can be related to software security, such as the page devoted to the Adobe Acrobat PDF File Reader:
http://www.computergripes.com/AdobeAcrobatReader.html
If you have problems with a new version of a program, or it develops a security problem, you should visit OldVersion.com, where the old versions of many free programs that are no longer available are made available as free downloads: http://www.oldversion.com/.
Click on its title to go to this article for information on the HijackThis and CWShredder spyware removal tools: A website has hijacked Internet Explorer's Home page setting - AND other infection issues.
Click on its title to be taken to the problem or Q&A on another page of this site. Use your browser's Back button to return to this point on this page.
1. - Spyware and adware: Why a computer can suddenly slow down very markedly
2. - The System Restore feature in Windows XP stops working after cleaning a virus infection [This can happen in Windows Vista and Windows 7]
4. - Why can't I schedule Norton AntiVirus in Windows XP?
5. - Problem: a recurring virus that hides in the system's System Volume Information folders
7. - The Blaster worm infects a new installation of Windows XP
8. - What keeps wanting to use my dial-up account to access the Internet?
9. - Half way through running it, the Windows XP SP2 update produces a "Control ID not found" error message [Provides advice on security utilities and removal tools.]
****
10. - Is it a security risk for a PC to have an ADSL connection always on?
12. - Problems posed by the Norton Internet Security suite
13. - A security alert prevents access to sites on the Internet
14. - Worm infection: A "Remote Call Procedure" (RCP) error keeps Windows XP shut down
15. - How can a wireless network be made secure?
16. - Various problems with Outlook Express
18. - How can I remove the Apropos virus/spyware from my PC?
(Free if marked as such; otherwise you pay for them.)
Some malware can cripple spyware and anti-virus scanners. If this happens to you and you can still go online, there are many free online scanners, ten of the best of which are listed on this page:
http://www.makeuseof.com/tag/10-free-online-malware-and-virus-scanners/
One of the best online virus scanners is not listed on the page above:
Version 2 of Microsoft Security Essentials is now available from the following page. The first version received excellent reviews and the second version is much improved, so it can be used as your computer's only anti-virus and anti-malware/spyware program running as a real-time scanner. You should not have more than one program of a particular type running as a real-time scanner monitoring a system, but you can install other scanners that can be run from time to time instead of working in real time, such as Malwarebytes' AntiMalware and SUPERAntiSpyware.
Microsoft Security Essentials -
http://windows.microsoft.com/en-GB/windows/products/security-essentials
Remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real time, so if you use AVG and you install another scanner that scans for viruses and/or spyware, you should disable AVG's real-time monitoring and only use it for manual scans. Scanners that monitor your system in real time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers.
Probably the best source of information about particular viruses - from Trend:
The "Spyware Warrior" site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites. -
http://www.spywarewarrior.com/
Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm
In conjunction with an anti-virus application, you should use the free or paid-for version of the ZoneAlarm firewall (or any other good software firewall) that blocks unauthorised intrusions, and Mike Lin's Start-up Monitor that informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up.
AVG Anti-Virus Free - http://www.free.avg.com/
Free Avast Home Edition - http://www.avast.com/
Free Virus Scanner - http://free-av.com/
ClamWin - free antivirus for Windows - http://www.clamwin.com/
"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." -
http://safety.live.com/site/en-US/default.htm
Sophos - Antivirus Alternative - http://www.sophos.com/ (Reviewed as the best Anti-virus program by Lockegnome)
Nod32 - An excellent paid-for virus scanner from: http://www.nod32.com/
E-Trust - used to be the free InoculateIT - http://www.my-etrust.com/
Norton AntiVirus - http://www.symantec.com/
F-Secure Anti-Virus [Five-star reviews] - http://www.f-secure.com/
Steganos AntiVirus - [Five-star reviews] - http://www.steganos.com/
McAfee VirusScan [Five-star reviews] - http://www.mcafee.co.uk/
Panda Antivirus Platinum - http://www.pandasoftware.com/
Panda Activescan web-based antivirus tool -
http://www.pandasoftware.com/activescan/
Download the program from the Internet in 6 minutes via a 56K modem. Install it and you can scan your system for viruses, worms, Trojans, etc. Virus files are updated daily for the best protection.
Free online anti-virus screening from Trend -
http://housecall.trendmicro.com/ (US) and http://housecall.trendmicro.com/uk/ (UK)
An excellent free online virus scanner from Kaspersky -
http://www.kaspersky.com/virusscanner
Virus Bulletin - inter alia, lists the the antivirus programs that have passed or failed virus tests. - Billed as "Independent Anti-Virus Advice" -
http://www.virusbtn.com/vb100/latest_comparative/index.xml
VCatch 3.7 - free - W9x/2k/XP - 300KB - captures ICQ, e-mail, etc., viruses -
Note that the VCatch utility downloads virus file updates automatically to your system from the Internet.
Unless your anti-virus solution deals with Trojan invasions, you should also use an anti-trojan application. Visit the following link for the relevant information.
Anti-Trojan Comparison - http://www.hackfix.org/software/antitrojan.html
Remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real time, so if you use AVG and you install another scanner that scans for viruses and/or spyware, you should disable AVG's real-time monitoring and only use it for manual scans. Scanners that monitor your system in real time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers.
April 22, 2009. - A telling message from an anonymous Microsoft employee: "I work for Microsoft technical support, and 90% of the calls are due to spyware infections, so we ask customers to download Malwarebytes' Anti-Malware. They have a totally free version. It's the one we use for clients. It's so effective, I feel confident the PC you're using to read this has infections. Are you surprised? Even if it's just minor adware, it's an infection still. If it weren't for Malwarebytes.org, I'd be spending more time per call and asking customers to reload Windows more often, because finding one infection could take forever. The application is painless to install, isn't too bulky, and requires no reboot after install. The application is a winner all around. The Internet is full of scams. It's shocking to see it day in and day out."
The free version of Anti-Malware allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real time. You pay just $24.90 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating.
Download the free version from http://www.malwarebytes.org/mbam.php.
SUPERAntiSpyware - "SUPERAntiSpyware is the most thorough scanner on the market. Our Multi-Dimensional Scanning and Process Interrogation Technology will detect spyware that other products miss! SUPERAntiSpyware will remove ALL the Spyware, NOT just the easy ones!" - http://www.superantispyware.com/
Spyware Stoppers - "Renegade programs can slip onto your system in an instant- and they can be maddeningly difficult to banish. Our tests reveal the most powerful tools for fighting back." - http://www.pcworld.com/article/id,119572-page,1/article.html
The "Spyware Warrior" site - The Spyware Warrior site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites. - http://www.spywarewarrior.com/
The Spyware Warrior Guide to Anti-Spyware Programs - Feature Comparison:
http://spywarewarrior.com/asw-features.htm
Spyware Warrior - http://spywarewarrior.com/ - has been exposing fraudulent and misleading anti-spyware products for several years. If you see an enticing advertisement for an anti-spyware, which can be delivered by reputable sites such as Google, Live.com, and Yahoo, you should check its reputation on the Spyware Warrior site before making a purchase, because the advertisements for products that generate false positives in order to fool users into purchasing their 'cure', and/or which use aggressive or misleading advertising can appear before the product is discredited with the advertisers, who then withdraw the advertisements.
XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners.
XoftSpy - http://www.xsoftspy.com/
Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm
XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners.
XoftSpy - http://www.xsoftspy.com/
Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm
You can use Web of Trust (WOT), a browser plugin, for extra protection. It can warn you if you're visiting undesirable sites in your web browser itself, which could Internet Explorer, Firefox, Opera, Chrome or Safari. It shows its website ratings in search engine results as well. - http://www.mywot.com/
Microsoft's Security Essentials is a free malware scanner (scans for all malware - viruses, spyware, worms, etc.) that replaced Windows Defender. It requires Windows Genuine Advantage verfication (that tests if you have a valid copy of Windows) to be downloaded and installed. I use it myself and have put it to the test by visiting all kinds of sites that deliver all kinds of viruses and malware without being infected. Fred Langa, the well-know computer expert, using it himself, also recommends it.
Microsoft Security Essentials -
http://windows.microsoft.com/en-GB/windows/products/security-essentials
"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." -
http://safety.live.com/site/en-US/default.htm
Microsoft has provided some details of its plans for Windows Defender and several related products, such as Live Safety Center and One Care Live at http://tinyurl.com/ahfh4. Unfortunately, two of the five listed services look as if they are going to be charged for. However, Windows Defender, Windows Live Safety Center, and the Malicious Software Removal Tool are to remain free.
If you're running AntiSpyware (beta 1), and want to use Windows Defender (beta 2), uninstall beta 1 and then install beta 2.
Spybot Search & Destroy - Home Page - http://www.safer-networking.org/
Ad-Aware - removes spyware, adware and other malware from your computer.
The new free version, called Ad-Aware SE Personal Edition, replaces Ad-Aware 6.0 and is a 2.48MB download.
Go to http://www.lavasoftusa.com/ for more information.
Here is one download location for the free version:
http://www.majorgeeks.com/download506.html
The German Home Page - http://www.lavasoft.de/
Antivirus Specialist GRISOFT Acquires Anti-malware Expert Ewido Networks -
http://www.ewido.net/en/press/20060419a/
Comodo Antivirus - http://www.comodo.com/home/internet-security/antivirus.php
Other free products from Comodo, such as Business Firewall & Antivirus, System Cleaner and BackUp - http://www.comodo.com/products/free-products.php
Click on its title to go to this article for information on the HijackThis and CWShredder removal tools:
A website has hijacked Internet Explorer's Home page setting - AND other infection issues
Free adware/spyware online scanning is available here:
http://aumha.org/a/noads.htm, which implements Andrew Clover's marvellous parasite-scanning script.
Microsoft Windows Malicious Software Removal Tool (KB890830):
http://go.microsoft.com/fwlink/?LinkId=40458
SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
Note well that you may have to run Spybot and Ad-Aware in Safe Mode in order to remove some spyware and adware. You can do that by pressing the F8 key just before Windows 98 or Windows XP starts to load at start-up. A boot menu presents itself with several boot options, including Safe Mode.
Note that you must uninstall any firewall as fully as possible before installing a new one. Most firewall makers (including ZoneLabs, the creators of ZoneAlarm) have detailed instructions for doing so that go beyond using the Windows Add/Remove Programs utility. This is because one firewall program can leave entries in the Windows Registry that can interfere with the functioning of its own updates and other makes of software firewall.
If you have been blacklisted by an ISP that has erroneously identified your IP address as being a source of spam, visit http://www.mail-abuse.org to find out the reason so that you can defend yourself against it.
Microsoft Baseline Security Analyzer -
"Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems." -
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
Microsoft Security Center -
http://www.microsoft.com/security/default.mspx
Google Online Security Blog -
"The latest news and insights from Google on security and safety on the Internet" -
http://googleonlinesecurity.blogspot.com/
Secunia.com - http://secunia.com/ - monitors vulnerabilities in more than 4000 security products, including the Internet Explorer, Mozilla Firefox, and Opera browsers.
A computer can have several old programs installed on it that require patches or updating in order not to be a security risk. The most common programs are Java, Flash Player, QuickTime, Adobe Reader, WinZip 8.x, RealPlayer, Yahoo! Messenger 8.x, and Winamp 5.x. Sometimes when you install the latest version, the old version can be left installed. If that is the case it doesn't present a security risk, because the latest version is being used. You can check if you have any unpatched software by downloading and using the free Secunia Personal Software Inspector.
Secunia Personal Software Inspector (PSI) -
"The Secunia PSI is available free of charge. Secure your PC. Patch your applications. Be proactive. Scan for Insecure and End-of-Life applications. Track your patch-performance week by week. Direct and easy access to security patches. Detect more than 300,000 unique application versions." - https://psi.secunia.com/
Anti-Phishing Working Group: http://www.antiphishing.org/
A site devoted to phishing scams: http://www.netriplex.com/phishfraud/
Put your anti-phishing-scams skill to the test on the site here:
Test your Phishing Skills -
http://www.netriplex.com/phishfraud/phishing_test.aspx
ComputerGripes.com - The site is worth visiting with regard to security issues because the information can be related to software security, such as the page devoted to the Adobe Acrobat PDF File Reader:
http://www.computergripes.com/AdobeAcrobatReader.html
Intrusion Detection Software (IDS)
Consider using some Intrusion Detection Software (IDS), which can often catch intrusions that virus and spyware scanners and tools miss, but which all too often uses up plenty of system resources. therefore choosing the right product can be difficult, involving trading off the degree of protection that is provided against the system resources used.
Guide to Intrusion Detection and Prevention Systems (IDPS) -
http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf
Several of the reviewed IDS products are freeware. You can find more such information by entering intrusion detection software as a search query in a search engine.
SpamPal - http://www.spampal.org - "My preferred method of spam filtering is still to blacklist mail coming from known sources of spam or open relay sites. The free SpamPal service allows you to use several different DNS Blacklist services that I find catches about 98 percent of spam with hardly any false positives." - Paul Mullen, Help guru for Computer Shopper.
The Yahoo! Toolbar - installs as a toolbar in Internet Explorer - free download - two versions - the biggest of them offers the standard Search facility, can be set to block pop-up, and protects against spyware. Obtain it from http://www.yahoo.com/.
Top 3 free Wi-Fi network security tools: Powerful Wireless Security Tools for Free -
http://www.newsfactor.com/perl/story/22124.html
Test the security of your system on-line -
Steve Gibson's ShieldsUp - tests your systems security - free -
https://grc.com/x/ne.dll?bh0bkyd2
PC Flank - Tests: Stealth - Ports - Browser - Trojans - Exploits -
http://www.pcflank.com/about.htm
CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as the index.dat files, one of which contains a history of your browsing that cannot be deleted while Windows is running because it is a system file. It is fast, usually taking less that a second to run, and contains no spyware or adware. - http://www.ccleaner.com/
A new source of security information and free downloads -
http://www.saltmeadow.com/privacy/
Internet Sweeper - 1.7.6 - Win9.x/2000/XP - 88KB - free
Clears incriminating Internet trails. Works with all of the main browsers - including AOL.
http://www.geocities.com/Internet_Sweeper/
Security Clinic. This free IT security site continues to add new features, and is getting even better all the time. It not only has loads of useful info, but also a free "clinic" allows you to ask advice from more than 100 registered experts. - http://www.itsecurity.com/
VisualICE Web Intrusion Report Utility v4.2 - W9x/2k - 1.6MB - free -
http://www.visualizesoftware.com/
PasswordTools.com - password-cracking tools for a wide range of software - Word, Excel, etc. - http://www.passwordtools.com/
Freedom - a free firewall with plenty of extra features - http://www.freedom.net/
Gibson Research Corp - Home page - http://grc.com
Shoot the Messenger - http://www.grc.com/stm/shootthemessenger.htm -
Helps ensure that the Windows XP Messenger service is disabled so that Messenger-based pop-ups can't get through. Windows Messenger is a system-level network function that is exploited, and is not to be confuse with the MSN Messenger.
UnPlug n' Pray - http://www.grc.com/unpnp/unpnp.htm - and the DCOMbobulator - http://www.grc.com/dcom/ - allow a Windows XP user to disable potentially dangerous services that Windows XP loads at start-up, which most users don't require. The utilities allow a user to re-enable them if they're ever needed.
StartUp Monitor - informs you if a program wants to set itself up as a start-up program -
Jasons Toolbox - downloadable - http://www.jasons-toolbox.com/
Script Sentry prevents unauthorised script code from executing -
http://www.jasons-toolbox.com/scriptsentry.asp
Note that the Windows Firewall provided by Windows Vista and Windows 7, accessed via the Control Panel, is much better than the version provided by Windows XP. Since I use a router to access the Internet and its hardware firewall is enabled, I decided to use only the Windows Firewall for the last year and this year (2012) and did not encounter any issues. I gave up using the free Comodo and ZoneAlarm firewalls because they kept nagging me to upgrade to the paid-for security suites that those companies both provide, not because they were in any way inadequate. You should make sure that the hardware firewall provided by a broadband router is enabled by accessing its configuration page in web browser (Internet Explorer, Firefox, Opera, Safari, etc.). Click here! to go to the information on routers provided on this website.
Firewall programs leak-test results - thirteen firewalls tested -
http://www.pcflank.com/art21.htm
Steve Gibson - on Firewall security software - http://grc.com/su-firewalls.htm
Comodo Firewall -
http://www.comodo.com/home/internet-security/firewall.php
Other free programs from Comodo (including AntiVirus, BackUp, System Scanner) -
http://www.comodo.com/products/free-products.php
Online Armor free and paid-for firewall -
Scot Finnie, the editor in chief of Computerworld, has given the Best Firewall Software of 2008 award to Online Armor in Scot's Newsletter Blog. He recommends the paid-for version for ($39.95), but has had no issues with the free version, the link to which is provided below. Click here! to read the page on the blog that provides a review and reader comments to which Scot himself replies.
http://www.tallemu.com/free-firewall-protection-software.html
ZoneAlarm from Zonelabs.com - One of the best firewalls - free but a paid-for Zone Alarm Pro version with more features is also available. You can also buy a ZoneAlarm Internet Security Suite 6.0 that contains, among its numerous features, the ZA firewall, spyware protection, and a virus scanner. The free version isn't easy to locate on Zonelab's site. Click here! to go to its download page. Click the text links to visit the following pages on the Zonelabs.com site: Protect Yourself from Phishing Scams.
ZoneAlarm user gripes page - http://www.computergripes.com/ZoneAlarm.html
Utility that analyses the ZoneAlarm log - newsletter available - http://zonelog.co.uk/
Lawrence Baldwin's ZoneAlarm log reporting and analysis site -
Zonelabs - FREE! Instant Online Pest Scan (Find Spyware on your PC) -
http://www.zonelabs.com/store/content/promotions/pestscan/pestscan_01165.jsp
The "Anti-Hacker" firewall from Kaspersky Labs - given five stars by Computer Shopper (UK) - http://www.kaspersky.com/buyonline.html?info=967571
Outpost Firewall - Win9.x/2000/XP - Free and Pro paid-for versions - very good reviews -
Uninstall any other software firewall before you use this one. Requires no configuration. Install and use. - http://www.agnitum.com/products/outpost/
Tiny's Personal Firewall - free firewall - requires configuration, so stick to ZoneAlarm if you don't understand the terms.Great for advanced users -
Free Smoothwall utility - can make an old PC into a hardware firewall -
| This article consists of two pages. Click here! to go to Page 1 |
 |