To support this site:

Forewarned is forearmed...

PC Security: How to Make Computers Secure from Hackers, Viruses, Trojans, Spyware, Adware, and Phishing Scams - Page 1

Last updated on 11 November 2009

	SEARCH THIS SITE:
	Web www.pcbuyerbeware.co.uk

INDEX

Click the relevant link to go to that information on This Page or Page 2:

The latest security news

An introduction to computer security

Additional ways of improving your PC's security [ELSEWHERE ON THIS SITE]

The tricks used by phishing sites, hackers, and web tricksters

Microsoft Knowledge Base: Security articles

Security and Internet products: Reviews

"Rootkits" are posing a new security threat to Windows systems

Computer Gripes: Software security issues

Using the HijackThis and CWShredder removal tools

Security Q&A problems dealt with on this site

Computer security: Relevant links to other sites

Security warnings!

Always bear this in mind with regard to PC security. Security-research company Trend Micro that provides the free online malware scan HouseCall has reported that of the top 100 computer infections in the U.S. in 2008, a huge 63% were caused by downloading and running programs. E-mail infections accounted for only 3% and the exploitation of security flaws in software products was responsible for a negligible 1.7% of the PC systems that were compromised. Free games, utilities, toolbars and almost any other software can entice a user into downloading malware from a malicious website. Pirated software and pornography offered on the web are particularly dangerous in this regard. The hackers know that many people look for pornographic sites using certain keywords, so they fill their malicious sites with those keywords. The dangerous downloads are usually disguised as pornographic videos, or the website might ask the visitor to install software in order to view pornographic videos.

You should therefore only download software from reputable sources, such as well-known downloads sites (Filehippo.com, Download.com, Softpedia.com, MajorGeeks.com), or the websites of reputable software developers and hardware manufacturers (Microsoft, Adobe, Google, Intel, HP, and Dell), or open-source (free) software provided from Sourceforge.net, Mozilla.org, Ubuntu Linux, OpenOffice.org, etc.

You should also not use keywords such as free spyware programs, etc., in search engines or adverts on reputable websites to find security software, because the major search engines and the advertisers such as Google and Yahoo! allow malware products to be listed in search results and/or advertised. You should only obtain security software directly from websites that have received good reviews for their products from other reputable websites. For example, all of the links provided on the pages of this website are valid products. For more information, read this story on this subject:

Sponsored search results lead to malware -

"The ads served by Bing and Google along with your search results are linking more and more often to sites trying to infect your machine." -

http://windowssecrets.com/2009/10/08/01-Sponsored-search-results-lead-to-malware

Downloads called "torrents" from websites that provide them can be particularly dangerous. The downloads use a web protocol called BitTorrent, hence the name torrents. If you only use torrents to download legitimate software, the torrent file should be made available from the program's own website - for example, the torrents page for Slackware Linux.

GData reports massive increase in malicious torrents -

"The number of infected torrents tripled over the course of last week, according to German security software firm GData. G Data Security Labs' analysis reports that a lot of malware is circulating in software warez (cracked versions of commercial software), maps for navigation devices, ringer tones, videos, and music recordings." -

http://www.expertreviews.co.uk/news/267892/...

BitTorrent (protocol) -

http://en.wikipedia.org/wiki/BitTorrent_(protocol)

Another great danger are phishing websites, which are copies of real websites, such as PayPal.com, that are linked to from within emails. The domain name is not PayPal, but another name. The link's text shows http://www.paypal.com, but it is linked to another domain, which is usually temporary; it will be abandoned as soon as the security software exposes it for what it is. If you place the mouse pointer over a link to a phishing website, you will see its real domain name in the bottom left corner of web browsers such as Internet Explorer and Firefox. A message in phishing emails tries to entice the reader of the email into visiting the website by saying, for instance, that their PayPal account has been illegally accessed and that they should log on to it immediately by clicking the link that brings up the phishing website, not PayPal's website. Every bank or financial organisation capable of transferring money has phishing emails sent out in its name.

Your name is never provided because it is a general message sent to many thousands of email addresses. It will only be addressed to you if the sender knows your name. That is why you should not use your name in an email address that you are going to use on websites. For example, use an email address like earthsventriloquist@gmail.com instead of yourname@gmail.com.

A simple rule of thumb is this: no reputable bank or financial service will ever ask you to provide login details to your account via an email. If you receive such an email informing you of a problem with your account or proposing to offer some kind of prize incentive or similar, just remember the old saying, "If it looks to good to be true then it no doubt is."

If you want to install software from a developer that you don't recognise, you can perform a Google search on it and the developer in order to find out if it is from a reputable source. You will not be able to find articles, computer-forum threads and reviews of software created by criminals unless thay are providing warnings about it. You should never use a free 'cracked' copy of a piece of software that doesn't require product activation, etc., because it is likely to be doctored software.

Note well that dangerous malware that infects PCs by disguising itself as a legitimate antivirus program is being used by criminals to gain access to computers. It goes by several different names, such as Antivirus XP 2008 and Antivirus 2009, and succeeds by looking like a legitimate Windows program. The programs are delivered through spam messages that link to an automatic download of a malware installer, or can even be delivered by clicking on the adverts of valid websites that have been compromised by hackers. The spam containing attachments usually entices the user into opening them by saying that they contain naked images of celebrities. It is also possible just to visit an infected website for your system to pick up a trojan virus. Read this article:

Trojan virus steals bank info - http://news.bbc.co.uk/1/hi/technology/7701227.stm

Therefore, you should never consider installing any security software unless it is reviewed on a reputable site such as http://internet-security-suite-review.toptenreviews.com/.

You used to have to get virus and spyware scanners and a firewall (free or paid-for) for adequate protection. However, the major Internet security companies have change the way in which their software works. They are addressing all of the different kinds of threats from the web at the same time. Instead of using separate programs, Internet security suites combine all of their scanners into one application, which is more efficient than having three or more separate scanners scanning the system. Here are the top security suites reviewed on three reputable US websites:

PC World (US) - Top Internet Security Suites for 2009 -

http://www.pcworld.com/article/158178/top_internet_security_suites.html

PCMag.com (US) - The Best Security Suites for 2009 -

http://www.pcmag.com/article2/0,2817,2333448,00.asp

MaximumPC.com (US) -

http://www.maximumpc.com/article/features/protect_your_pc_from_guys_like_this

However, note well that when polled by newsletters and PC websites, the majority of computer users always say that they prefer using individual anti-virus, anti-spyware, firewall, and other security tools, which they say are preferable to all-in-one security suites, such as Symantec's Norton Internet Security. This is no doubt because they know from experience that the individual-tool approach is less problematic. Moreover, if you were to ask highly experienced PC repair technicians, they will almost certainly all say that standalone products outperform security suites.

In my opinion, the reason that relatively poor security suites, such as Norton Internet Security and McAfee Internet Security Suite, are regularly reviewed as being the best security products has more to do with commerce than with real-world experiences of users. PC publications and websites will almost all run the adverts of the major security companies and it is therefore in their interests to promote not criticise them. For example, only the Windows Secrets newsletter ran articles exposing how unreliable the McAfee SiteAdvisor website-rating service can be. None of the major PC magazines and websites did likewise when I asked them to do their own take on the Windows Secrets' exposé. I put that down to their not wanting to damage their advertising relationship with McAfee, which is major computer-security company.

I personally would not use the Norton (Symantec) and McAfee products regardless of the good reviews because of bad experiences I have had with them. I find that using the free Comodo firewall, the free AVG antivirus/antispyware scanner and the Web of Trust browser plugin provide very adequate protection. I have yet to fall foul of any security threat. Web of Trust (WOT) warns you before you interact with a risky website, both from within the browser (Internet Explorer, Firefox, etc.) and from within search-engine results by placing green or yellow or red marks beside each link to indicate its security rating.

I also use the free version of Malwarebytes' Anti-Malware. Apparently most of the calls to Microsoft's support lines involve spyware infections and Microsoft recomments using the free version of this program. It allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real time. You pay just $24.90 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating. Just remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real time, so if you use AVG Anti-Virus and you install another scanner that scans for viruses and/or spyware, you should disable AVG's real-time monitoring and only use it for manual scans. Scanners that monitor your system in real time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers.

Download the free version from http://www.malwarebytes.org/mbam.php.

SUPERAntiSpyware is another powerful and free malware scanner that you might like to try. The free version installs an icon in the Notification Area, but real-time scanning has to be enabled; it is not enabled by default because the user will probably already have a real-time spyware scanner installed. You should only enable it if it is the only spyware scanner operating in real time on your computer. AVG Anti-Virus is a virus and spyware scanner, so, if you are using it, you should not enable real-time scanning for SUPERAntiSpyware; you should use it for manual scans. The options can be accessed by right-clicking with the mouse pointer over the icon.

SUPERAntiSpyware - "SUPERAntiSpyware is the most thorough scanner on the market. Our Multi-Dimensional Scanning and Process Interrogation Technology will detect spyware that other products miss! SUPERAntiSpyware will remove ALL the Spyware, NOT just the easy ones!" - http://www.superantispyware.com/

September 30, 2009. - Microsoft has provided a free malware scanner called Security Essentials that scans for viruses, spyware and other malware that you can use in real time or as an additional scanner. Real-time scanning is enabled by default, but you can turn it off, which you should do if you keep another malware scanner operating in real time.

Microsoft Security Essentials - http://www.microsoft.com/security_essentials/

Note well that if you are visiting a website that produces a message saying that malware has been detected on your PC, offering a free security scan if you click a button to give the OK, don't click the button, press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab.

It can be very difficult to remove such malware once it has compromised a system, because it can shut down antivirus programs and forbid the user from accessing websites that provide online virus scanning, such as the free scanner provided from kaspersky.com.

When they have infected a system some of these phony antivirus programs can produce messages asking you to buy them and then scan the system. Of course, they can't scan for anything because they are malware themselves. Some of them ask for you to enter your credit card number in order to make a purchase of the scanning software. If that happens you should first try using the antivirus software that you should be running in real time monitoring your computer to remove it by running a system scan. Note that you should be using an antivirus program that is updated regularly online. The free version of AVG Anti-Virus from http://free.avg.com/ updates itself daily.

If you visit a website that requires downloading and installing a video player or picture viewer in order to view videos/pictures, switch nthe PC off and rebbot or press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab, because the download is almost certainly malware that can compromise the security of your system in order to make you buy phony software, steal passwords, etc. Users who are searching for porn using popular keywords at some time or other are sure to click on links to sites that require the user to install a program in order to view the porn. If they download and install that software, their systems will be compromised any number of ways from installing keyloggers that return the keystrokes made by the user to the hackers to allowing full remote access to the system.

Note that if you can't get rid of a malware infection, it is advisable to start the system up in Safe Mode by constantly pressing the F8 key just before Windows shows its first graphics screen and starts to install itself at startup. Pressing that key brings up the boot manager that has Safe Mode as one of the options. You can run virus and spyware scanners in that mode more effectively, because a very basic version of Windows is running and the malware won't have installed itself, but its files will still be detectable.

You can also try using System Restore to backdate the system files to a date prior to the infection. It is found under Start => All programs => Accessories => System Tools in Windows XP and Windows Vista. However, the virus can often disable System Restore, or the changes that the virus makes to the system prevent it from working.

If that is the case, there are ways to restoring the system manually, but they are so involved, involving editing the Registry, etc., that it is easier to perform a repair install of Windows, which retains your folders, files and settings. Click here! to go to information on this website on how to do that. Note that you must have a Windows XP/Windows Vista installation CD/DVD in order to do that, and you will have to add any missing service packs and security updates if you haven't created a customised CD that contains the contents of the installation CD that you have plus the missing service packs. Note that XP's SP2 contains SP1, so you only have to add SP2 to the contents of the original version of Windows. Windows Vista currently only has Service Pack 1 (SP1).

Read the following Q&A on this site on how to slipsteam Windows XP and Windows Vista with service packs: How to slipstream Windows XP and create a customised boot CD.

Note that you should consider using the OpenDNS service from http://www.opendns.com/ as your computer or network's DNS server, which translates web addresses into the IP addresses. For example, 209.86.14.54 is the IP address of this website. Entering http://209.68.14.54 into a browser brings up http://www.pcbuyerbeware.co.uk/. It is the DNS server that does the translation.

After your computer or network has been set up to use OpenDNS, it can prevent it from accessing many bad websites, and, among many other options, it can be configured to prevent children from gaining access to adult websites. Here is how to get the best out of this free service:

Use OpenDNS to surf safely with these tricks -

http://windowssecrets.com/2009/07/09/02-Use-OpenDNS...

Alternatively, if you install the latest version of the Comodo Firewall and/or Comodo AntiVirus, the installation process allows you to set your computer up to use secure DNS servers of the developers of Comodo security software. You can download the 76MB file that allows you to: "Install the AntiVirus as a standalone. Install the Firewall as a standalone. Install both Firewall and AntiVirus." You should read which options can be installed as the setup process runs, because there are some provided by third parties that you might not want. Note that you should uninstall any existing anti-virus software if you install Comodo AntiVirus, because you should not have more than one type of security software monitoring the system in real time at the same time - only one firewall, one anti-virus scanner, etc.

Download Comodo Firewall -

http://www.comodo.com/home/download/download.php?prod=firewall

Some malware can cripple spyware and anti-virus scanners. If this happens to you and you can still go online, there are many free online scanners, ten of the best of which are listed on this page:

http://www.makeuseof.com/tag/10-free-online-malware-and-virus-scanners/

Here is a link to brief video introduction on phishing, which is an online method used to trick people into sending their logon user names and passwords to online stores, banking sites and payment sites such as Paypal.

Gone Phishing - http://news.bbc.co.uk/1/hi/business/7715787.stm

Visit The tricks used by phishing sites, hackers, and web tricksters on Page 2 of this article for more detailed information on this subject.

This article provides insight into the world of the computer hacker:

Gaining access to a hacker's world -

"For a short time in February, I had complete control over 21,696 personal computers around the world. These were machines whose owners had not taken the basic security precautions necessary to stay safe online." -

http://news.bbc.co.uk/1/hi/programmes/click_online/7938201.stm

An introduction to computer security

Folder and whole hard-disk-drive encryption

If you have read the numerous accounts of the loss of DVD data discs and USB flash drives (memory sticks) by government departments and laptops that have gone missing, you will have heard of a protective measure called encryption that was not used in most of the losses. If encryption had been used, the data would have been unrecoverable by thieves. Third-party software has been providing full hard-disk encryption for many years. Windows XP provides folder encryption - the Encrypting File System (EFS), which is not suitable for use on laptops - and Windows Vista provides full disc encryption called BitLocker Drive Encryption.

Here are the articles on Microsoft's site that provide the information on how to use it:

How to encrypt a folder in Windows XP -

http://support.microsoft.com/kb/308989

BitLocker Drive Encryption in Windows Vista -

http://certcities.com/editorial/columns/story.asp?EditorialsID=213

Coming soon: Full-disk encryption for all computer drives: Drive makers settle on a single encryption standard -

http://www.computerworld.com/action/article.do?...

The great dangers presented by identity theft

Since identity theft is a tremendous growth industry, it is imperative that you should know how to protect yourself from having your identity stolen, because if someone steals your identity, the thief can sign up to Internet Service Providers (ISPs) in your name and get you into trouble with the law for online theft or for accessing illegal websites.

The following article is written by Frank Abagnake, one of the most notorious forgers and impersonators in history. The movie Catch Me If You Can, starring Leonardo Di Caprio as Abagnake, is based on his notorious life of crime as a teenager. He is now a world-renowned consultant on security matters.

14 tips to avoid identity theft -

http://www.bankrate.com/brm/news/advice/20030124b.asp

The information on that page is aimed at US citizens, but provides some good advice to anyone. Apparently, in the US, if someone knows a person's social-security number, he or she can gain access to all of that person's account numbers. Note well that gaining access to that kind of personal information is not possible in the UK if someone knows a person's National Insurance number.

In 2002, Abagnale wrote a general, all-purpose book called The Art of the Steal. In the book, he lists and explains common confidence tricks and ways of preventing oneself from being defrauded. Identity theft and Internet scams are also covered. In 2004, he released a book called, Real U Identity Theft, in which he provides information on how to prevent identity theft in the first place. Both books are widely available.

Here is a useful quote from an interview with him: ..." you have to alert consumers today, you have to be a very smart consumer. The police can’t protect you, the government can’t protect you, your bank can’t protect you, only you can protect yourself. So you have to ask yourself when you go on something like the Internet, what information am I putting out there, and how could someone use that information? The crime of the future will be identity theft, and we’re already starting to see where people assume other people’s identity because they’re able to get bits and pieces of information about that individual, their bank account, their social security or health card number, and then assume that person’s identity. And that’s an awful crime, because in that crime, the criminal who’s committing the crime is innocent until they’re proven guilty, but the person who’s the victim is guilty until they prove themselves innocent. So they’re the ones that have to go out and convince the bank, the credit bureau, that they’re not the person who made those charges or got that mortgage."

If you enter "frank abagnale" in the Google search box at the top of this page, with its Web radio button enabled, you will be presented with plenty of useful links to information on him and his books.

The Security Center in Windows XP

You should know that Windows XP has a Security Center that is opened by clicking Start => All Programs => Accessories => System Tools => Security Center.

It informs you of the security status of the system's firewall and virus protection, and allows you to set options for the way in which Automatic Updates (in Windows XP) or Windows Update (in Windows Vista) operates. If you have insufficient firewall and/or virus protection, you will be informed by pop-up messages. Depending on the setting you have enabled, you can also be informed of what Automatic Updates requires of you. A badge-shaped icon appears in the bottom left System Tray (Notification Area). If you position the mouse pointer over the icon, you will be told what to do. For example, if you have chosen the setting that makes Automatic Updates let you know when updates are available, the message will tell you that updates are available and to click the icon to begin the download.

If you need to investigate a security issue, the following guide provides you with a good way to go about it.

Fundamental Computer Investigation Guide for Windows [XP and Vista] -

"This guide discusses processes and tools for use in internal computer investigations. It also presents an applied scenario example of an internal investigation that uses Windows Sysinternals tools (advanced utilities that can be used to examine Windows-based computers) as well as commonly available Windows commands and tools." -

http://go.microsoft.com/?linkid=6500778

The Security Center in Windows Vista

Microsoft is touting Windows Vista as the most secure operating system yet devised. True or not, the devil is always in the detail.

Top Security Features in Windows Vista -

http://technet.microsoft.com/en-us/magazine/cc546565.aspx

The Security Center in Windows Vista is accessed via the Control Panel, which is accessed from the Start (button's) menu. Click on Security to open it.

Windows Security Center -

"Windows Security Center [in Windows Vista] helps make your PC more secure by alerting you when your security software is out of date or when your security settings should be strengthened. The Security Center displays your firewall settings and tells you whether your PC is set up to receive automatic software updates from Microsoft. Other improvements over the version of Windows Security Center that debuted in Microsoft Windows XP SP2 include showing the status of software designed to protect against antispyware, your Internet Explorer 7 security settings, and User Account Control. In addition, Windows Security Center can monitor security products from multiple companies and show you which are enabled and up to date." -

http://www.microsoft.com/windows/products/windowsvista/.../securitycenter.mspx

Windows Vista Security and Data Protection Improvements -

http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx

Windows Vista Security Guide - Interview with the Authors -

"Listen to this half-hour interview with the authors of the Windows Vista Security Guide to find out how to use the guide's recommendations to further harden Windows Vista against real-world security threats like malware and information theft. You'll also hear how to use the guide's automated tools to deploy security configurations in minutes instead of hours."

http://go.microsoft.com/?linkid=6324365

The Devil's Guide to Windows Vista Security -

http://www.computerworld.com/action/...Basic&articleId=9005492

Windows Vista Security Guide [technical guide for IT professionals] -

http://www.microsoft.com/technet/windowsvista/security/guide.mspx

How To Create a Windows Vista Password Reset Disk -

"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..."

http://pcsupport.about.com/od/windowsvista/ht/vistapwdisk.htm

Windows Vista Security Guide 1.2 -

http://www.download.com/Windows-Vista-Security-Guide/...

Windows Vista Step-by-Step Guides for IT Professionals -

"These step-by-step guides provide instructions for deploying or migrating to Windows Vista, and various management tasks, including configuring security, monitoring performance, and managing printers." -

http://www.microsoft.com/downloads/details.aspx?...

Microsoft has extended support for Windows XP Home and Media Center Editions

February 23, 2007. - Microsoft has extended its support for Windows XP Home and Windows XP Media Center Editions to match the support it has always intended to give Windows XP Professional Edition. Support for those two versions was supposed to end five years after their introduction, but Windows XP Home Edition was released in October 2001, and Windows Vista was only officially made available on January 30, 2007, so, although Microsoft had to extend its support for them, it has done so very generously.

Windows XP Home and Windows XP Media Center Editions are to receive free mainstream support until April 2009. Mainstream support includes feature requests, security updates, hotfixes, and support. After mainstream support ends, five years of extended support begins. Extended support provides free security updates and paid-for support. Official support for all three versions of Windows XP (including Windows XP Professional Edition) will end in 2014.

Visit http://support.microsoft.com/lifecycle/ for the latest information on the lifecycles of Microsoft's products.

Microsoft ends support for Windows 98/98 SE/Me

June 24, 2006. - On July 11, 2006, Microsoft ended support for both Windows 98, Windows 98 Second Edition (SE) and Windows Millennium Edition (Me). This means that Microsoft will no longer provide security updates for these operating systems, and will no longer provide (paid) incident support. Only self-help support will be available until at least July 10, 2007. You can still use those versions of Windows, but, unless Microsoft changes its mind, they will not be updated after that date.

The safest way to upgrade RAM: Use the UK and US Crucial Memory Advisors

Paul Mullen, the highly-respected computer guru of the Helpfile at ComputerShopper.co.uk - "I have recently been buying my memory only from Crucial Technology. I would rather pay the extra cost than waste time trying to track down the obscure program faults that bad memory can cause."

The memory requirements of the versions of Windows Vista

Most of the versions of Windows Vista require more RAM memory to run optimally on a computer that doesn't use memory-hungry applications than Windows XP. A video-editing application is an example of memory-intensive software. Only Windows Vista Home Basic has a recommended minimum amount of memory of 512MB, which is the same amount recommended for Windows XP. Windows Vista Home Premium, the most popular version, and Windows Vista Ultimate require a recommended minimum of 1GB (1024MB) of memory, which is twice the amount of minimum memory recommended to run Windows XP. For more information on computer memory, read the RAM pages of this site.

For example, if your computer has an Asus motherboard, open the menu, scroll down to ASUS, and click GO. If, say, you have a Dell computer, scroll down to DELL, and do likewise. You will be taken to the relevant information on Crucial's website.

If you don't know the make and model of the motherboard installed in your computer, here is a good free utility - Belarc Advisor - that creates an analysis of the hardware and software on a personal computer. Look under FREE DOWNLOAD - http://www.belarc.com/. Another utility that also provides detailed information on the memory itself is CPU-Z.

Windows SteadyState for Windows XP/Vista

Many home users share an Internet connection wirelessly between two or more desktop and laptop PCs. The sharing is done over a wireless network (which could also be a mixture of a wired and a wireless network). If that is the case, you should inverstigate what Windows SteadyState has to offer.

"Windows SteadyState, successor to the Shared Computer Toolkit, is designed to make life easier for people who set up and maintain shared computers."

Using Windows SteadyState at home

"Parents can use Windows SteadyState to help control and enhance their children's computer experience. They can customize the computer to be safer and easier to use. Internet access can be carefully controlled. Different levels of restriction can be applied for different children. In cases where a single machine is used by children and parents, the parents' configurations, programs, and files can be completely isolated from access by the children."

SteadyState Version 2.5 supports Windows Vista. Watch the demonstration here:

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx

Windows Vista: User Account Control (UAC)

If you are a user of Windows XP, when using Windows Vista you'll soon notice that Vista requires permission to install software, and, if you have a utility such as the free CCleaner installed and set to clean the system at startup, Vista asks your permission to allow it to perform its cleanup during startup. Vista's User Account Control is responsible for those security measures.

User Account Control (UAC) improves the security of the system it is running on by limiting software to standard user privileges until an increase in privilege level is authorised by a user with administrator privileges. In this way, only applications that the user trusts receive higher privileges, and spyware and viruses are prevented from installing themselves. In short, a user account can have administrator privileges assigned to it, but software that the user runs do not also have those privileges unless they are approved beforehand, or the user authorises it to have those higher privileges. Application software that has been installed will run without interference, but if it attempts to make unauthorised changes to the system, Vista asks the user for permission.

If you are logged into a Vista computer as administrator, and you wish to make a configuration change, a message pops up from the UAC asking 'If you started this action, continue'. You must click on that 'Continue' button before Vista completes the configuration.

You can turn UAC off if you find its nagging annoying, but it is advisable to tolerate it and to learn how to distinguish between what is safe and what is potentially dangerous. What you should never do is just click the Continue button without finding out which application brought the UAC into action, because that is how viruses and spyware can be installed.

Here are some webpages that provide additional information on UAC, including how to turn it off:

User Account Control - http://en.wikipedia.org/wiki/User_Account_Control

Understanding Windows Vista's User Account Control -

http://www.windowsdevcenter.com/pub/a/windows/2007/02/06/...

User Account Control Overview -

http://technet.microsoft.com/en-us/windowsvista/aa906021.aspx

You can find many others by entering vista user account control in the Google search box at the top of this page (with its Web radio button enabled).

How to wipe the data on a PC before you get rid of it

Retire that computer more safely -

"If you're ready to replace, sell, or retire your old computer, it's very important to eradicate personal data stored on its hard drive before unplugging it for the last time. You should always remember that even though you manually delete computer files, an identity thief might still be able to recover them, possibly putting you or your family at risk." -

http://www.microsoft.com/athome/security/update/donatecomputer.mspx

The essential protection methods

Software applications and operating systems are continually developing and are just as continually leaving gaping holes that hackers discover and exploit - and software developers are forced to patch. Therefore, it is essential to keep up to date with the latest ways and means of providing your PC or network with the most effective and cost-effective protection.

Free security analysis tools are available that can analyse the contents of a computer and determine security weaknesses. The Microsoft Baseline Security Analyzer (MBSA) is the best free product. It covers a variety of areas of importance in making a PC secure, and provides solutions wherever weaknesses are discovered. It is simple enough for intermediate computer users to use, but is also sophisticated enough for professional use. If you are a novice to computer security, you can download and run it after you have read and understood the contents of this section of this site.

The installation of MBSA requires validation via Windows Genuine Advantage. MBSA can analyse a single computer or the computers on a network. It saves each scan as a report that can be printed or copied to the Windows Clipboard. Brightly colored icons make it a simple matter to see safe (green), questionable (yellow,) or problem (red) areas. Additional information, indicated by a blue icon, is also provided. Each entry in the report links to help text that explains what was scanned and, in many cases, provides details on the results. If a problem is discovered, a "How to correct this" link is made available. The help files often link to additional files online, such as Microsoft Knowledge Base articles.

Microsoft Baseline Security Analyzer -

"Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems." -

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

The ten essential protection methods to employ are:

1. - Install the latest security updates/updates for the operating system, the web browser, and software such as Flash Player, Java, RealPlayer, WMP, etc.

Keep your computer that is running Windows XP/Windows Vista and Internet Explorer updated with the latest updates from Microsoft Update. If you use another operating system (e.g., Linux) or Internet browser (e.g., Mozilla Firefox), visit its site for updates. Microsoft makes security updates available once a month. Amazingly, in September 2005, there were no updates. But this month, (October, 2005) there were nine, three of which are rated as Critical.

You can find out how your Windows XP computer downloads and installs updates by opening Automatic Updates in the Control Panel.

In Windows Vista it is called Windows Update and it can be found under the Security and the System and Maintenance sections of the Control Panel.

Windows Update [in Windows Vista]-

http://www.microsoft.com/windows/.../features/details/windowsupdate.mspx

Click here! to go to the Security updates page on Microsoft's site.

A computer can have several old programs installed on it that require patches or updating in order not to be a security risk. The most common programs are Java, Flash Player, QuickTime, Adobe Reader, WinZip 8.x, RealPlayer, Yahoo! Messenger 8.x, and Winamp 5.x. Sometimes when you install the latest version, the old version can be left installed. If that is the case it doesn't present a security risk, because the latest version is being used. You can check if you have any unpatched software by downloading and using the free Secunia Personal Software Inspector.

Secunia Personal Software Inspector (PSI) -

"The Secunia PSI is available free of charge. Secure your PC. Patch your applications. Be proactive. Scan for Insecure and End-of-Life applications. Track your patch-performance week by week. Direct and easy access to security patches. Detect more than 300,000 unique application versions." - https://psi.secunia.com/

You can also download and run the filehippo Update Checker that finds updates.

filehippo.com Update Checker - "Welcome to the new filehippo.com Update Checker! We're currently beta testing this exciting new addition to our website and have released it as a public beta for everyone to download. What is it? The Update Checker will scan your computer for installed software, check the versions and then send this information to filehippo.com to see if there are any newer releases. These are then neatly displayed in your browser for you to download." - http://www.filehippo.com/updatechecker

The following article provides information on this subject:

Unpatched software abounds on user systems -

http://windowssecrets.com/comp/070906/

2. - Use an alternative browser to Internet Explorer and an alternative e-mail program to Outlook Express

Instead of Internet Explorer use an alternative such as Mozilla's Firefox. Every hacker and malware programmer on earth is constantly trying to find ways of expoiting Internet Explorer. You can keep Internet Explorer installed in case you have to use it for certain sites that won't work without it. As long as you have sufficient system resources, you can have as many browsers as you like installed and running at the same time, so if you can't get a site to work with Firefox, open Internet Explorer and use it instead.

Firefox is highly resistant to malware infection. Every method of installing malware through Firefox requires the user to give permission to install it. The rule of thumb for any browser is if a message suddenly appears for no reason asking for permission to install software, or to run a script, always click No unless you know exactly why your permission is required to install a program or run a script that makes the browser take certain defined actions.

However, if you must use Internet Explorer, then make sure that you are using version 7 (Internet Explorer 7), which has improved security features, such as a Phishing Filter. Read all about that and other features here:

Internet Explorer 7 support -

http://www.microsoft.com/windows/ie/support/default.mspx

You can use Web of Trust (WOT), a browser plugin, for extra protection. It can warn you if you're visiting undesirable sites in your web browser itself, which could Internet Explorer, Firefox, Opera, Chrome or Safari. It shows its website ratings in search engine results as well. - http://www.mywot.com/

For the same reasons, for an e-mail program, instead of using Microsoft's Outlook Express, use Mozilla's Thunderbird. It won't execute dodgy scripts or launch the malware programs that an unpatched installation of Outlook Express does. Even with all of the latest security updates installed, Outlook Express still draws images into e-mails that it can display in its preview window. The sender of the message can use an image only a screen pixel in size to find out if your e-mail address is active and then sell it so that you get flooded with spam. Thunderbird doesn't do that. It can be a little problematic occassionally, but it makes up for that by having a superb spam filter. All you have to do is configure its Junk Mail Controls under the Tools menu, and then highlight a spam message and hit its Junk button. The spam filter learns what sort of e-mail you would rather not see in your Inbox. After all of the e-mail messages have been downloaded, the spam is transferred to the Junk box from where it can be deleted or set to be deleted after a specific period. If it flags a valid message as spam, you can tell it that it has made a mistake and it shouldn't repeat it.

3. - Use a good software and/or hardware firewall instead of the Windows Firewall provided by Windows XP and Windows Vista

Have a good software firewall installed and properly set up to block illicit incoming and outgoing Internet traffic. There are many good free firewalls listed in the security links section further down this page. My personal preference is for the free Comodo firewall. It is easy to install and configure, and it will provide excelent protection when used it in conjunction with a virus scanner, such as the free version of AVG AntiVirus, and the Windows Defender and Spybot Search & Destroy spyware scanners. Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.

Scot Finnie has written about the Comodo, Jetico, Kerio, and Look 'n' Stop firewalls, which he recommends, in this April 2007 newsletter:

http://www.scotsnewsletter.com/90.htm.

He goes into more detail in this article:

Review roundup: Slim is in for Windows desktop firewalls -

"You don't need a bloated security suite to get the best protection from a firewall -- in fact, many of the biggest names offer less protection than simpler, lesser-known firewalls..." -

http://www.computerworld.com/action/...articleId=9024319&intsrc=hm_ts_head

Also covered in the April 2007 newsletter is "The Vista Firewall Situation", which discusses the current situation regarding the Windows Firewall provided by Windows Vista. Very few of the popular software firewalls currently support Vista. A situation that will definitely be changing rapidly as the software firewall developers rush to get their acts together. In the meantime, Vista users will have to make do with the Windows Firewall. The newsletter has this to say about the situation: "In case you think you don't need a firewall, be advised that while Vista's Windows Firewall is mildly improved, the added outbound protection isn't turned on by default, and you may find it difficult to configure. Windows Firewall still does not offer full firewall support. It's better than nothing if you don't have a third-party software firewall, but that's about it."

Comodo Firewall Pro - "It's Free. Forever. No Catch. No Kidding - The Award-Winning Comodo Firewall Pro - PC Magazine Online's Editor's Choice - Secures against internal and external attacks - Blocks internet access to malicious Trojan programs - Safeguards your Personal data against theft - Delivers total end-point security for Personal Computers and Networks - Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats." -

http://www.personalfirewall.comodo.com/download_firewall.html

Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.

Windows XP and Windows Vista have the Windows Firewall that can be accessed from the Control Panel. However, even the improved version that comes as part of Windows Vista, which, unlike the version in Windows XP, provides protection against illicit outgoing Internet traffic if configured correctly, is only better than not having any firewall protection.

Under normal circumstances, you should not be using two or more complex security products of the same kind, such as virus scanners and firewalls to monitor a system at the same time, because doing so can cause problems. However, I have been using the free version of ZoneAlarm in conjunction with the Windows Firewall in Windows XP and in Windows Vista without any problems. Just make sure that the following setting in ZoneAlarm is disabled otherwise it disables the Windows Firewall: Firewall => Main tab => Advanced button => Disable Windows Firewall.

Note that other security products, such as Norton AntiVirus, also have a setting that disables the Windows Firewall that is enabled by default. You can check if it is turned on or off under Start => Control Panel => Windows Firewall.

If you use a router to connect several computers to an Internet connection wirelessly, you should know that all routers have a feature called Network Address Translation (NAT). The router accesses the web with its own IP address, hides the IP addresses of the computers in the network, and sends the downloaded information to the internal IP addresses in the network. Many routers also have an inbuilt hardware firewall that can be enabled or disabled. You can run a software firewall on each computer in a network and make use a hardware firewall.

The ABC's of Firewalls:

http://www.zonelabs.com/store/content/catalog/firewallABC.jsp

4. -Use a good virus scanner/anti-virus software

Install a good virus scanner and make sure that it is updated regularly with the latest virus definitions. The latest free version of the AVG Anti-Virus scanner is set to download updates by default as soon as the user goes online. A message come up asking for permission to do so.

Obtain it from this page: http://free.grisoft.com/doc/2/lng/us/tpl/v5.

Steganos AntiVirus 2007 - Anti-virus software - Five stars - Best Buy award by Computer Shopper in February 2007. "In our recent Labs test, it beat every other anti-virus application hands down." - £20 in June 2007

An excellent paid-for virus scanner is Nod32 from: http://www.nod32.com/.

There are many free good virus scanners listed in the Links to security sites section on Page 2 of this article.

Note that you should not have two or more virus scanners actively monitoring the system at the same time (e.g. when you're online), because doing that can cause system lock-ups. You should only have one virus scanner monitoring the system in real time. However, you can have several virus scanners installed as long as only one of them is actively monitoring the system. You can update all of them and use each of them (one at a time) to run virus scans.

5. - Use several spyware/adware removal tools

Download and install at least one reputable spyware and adware removal tool, and make sure that it is also regularly updated, because the creators of spyware and adware are constantly trying their utmost to defeat the removal tools. The three best free removal tools are probably Microsoft's Windows Defender, Spybot Search & Destroy, Ad-Aware. There is more information about them in the Links to security sites section further down this page.

You can pay for some excellent spyware scanners, some of which provide a free trial period in which you can test the scanner's effectiveness.

Note well that there are rogue spyware scanners that are ineffective and charge for 'removing' spyware. Spyware Blaster is a good scanner, but check that it is created by Javacool Software, because there is a rogue program with the same name that is being made available.

Sunbelt CounterSpy is an excellent product that can find spyware and backdoor Trojans that can make an infected computer send information to a remote location on the web, or download and install more software that compromises the computer's security.

"This is a great anti-spyware program..." An excellent spyware detection rate and exceptional value made CounterSpy Computer Shopper Magazine's Best Buy Award winner for fall 2006!" - Download the Free 15-Day Trial -

http://www.sunbelt-software.com/CounterSpy.cfm

Spyware Warrior - http://spywarewarrior.com/ - has been exposing fraudulent and misleading antispyware products for several years. If you see an enticing advertisement for an antispyware, which can be delivered by reputable sites such as Google, Live.com, and Yahoo, you should check its reputation on the Spyware Warrior site before making a purchase, because the advertisements for products that generate false positives in order to fool users into purchasing their 'cure', and/or which use aggressive or misleading advertising can appear before the product is discredited with the advertisers, who then withdraw the advertisements.

XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners.

XoftSpy - http://www.xsoftspy.com/

Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm

The Spyware Warrior site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites.

The Spyware Warrior Guide to Anti-Spyware Programs - Feature Comparison:

http://spywarewarrior.com/asw-features.htm

Spywareinfo.com/ is an excellent spyware/adware information site that has its own security-related forums.

6. - Create secure passwords to websites with which that you have accounts

To access password-protected websites such as online banking sites, PayPal, eBay, etc., make sure that you use passwords that are difficult to guess or crack with the special password-cracking software that hackers use to obtain passwords. That kind of software can be loaded with dictionaries and algorithms so that it can try using words, combinations of words, and the methods people use to create passwords until it succeeds in gaining access to an account. There is plenty of advice on the web on how to create secure passwords. If you enter the search term such as passwords + guide in the Google search box at the top of this page, you'll find links such as these two that I found myself:

Secure Password Guide - http://www.strangecode.com/support/passwords.php

Secure Password Generator -

http://www.andrewscompanies.com/tools/passwords.asp

Gmail flaw shows value of strong passwords -

"The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings." -

http://windowssecrets.com/2009/08/06/...

Note well: most websites that hold sensitive information that can be accessed by logging in by entering a user name or e-mail address and a password don't allow more than a certain number of attempts (usually three) before the attempts are stopped. Any password-cracking software would have to log on, try three attempts, log off, and then log on again and try another three attempts, etc. The only reason password-cracking software can crack passwords is because it can make many millions of guesses in a minute. The cap on the number of logons allowed from a single IP adress is why the thieves have resorted to using e-mail messages made to look as if they came from eBay, banks, and PayPal, etc., in order to trick clients into providing their login information.

Here is the reply I received from PayPal when I asked how secure a user's website account is if a user's e-mail address can be discovered just by running it on the user's website, and then only a password is required to gain access to that account:

"Thank you for contacting PayPal. We apologize for the delay in responding to your service request. I can assure you that PayPal goes above and beyond when it comes to the safety of your account and personal information. PayPal has several barriers for hackers to go through. Even if someone attempted to figure out your password an account will be locked after a certain number of failed attempts just as one example."

7. - Set a password for Windows XP/Windows Vista

If you are using Windows XP Home Edition, make sure that you set a password that you have to enter in order to logon at start-up. When you set a password, you can create a prompt that reminds you what the password is without revealing it. If you happen to forget the password, just click the question mark beside the logon box on the Welcome screen to make the reminder appear.

In Windows Vista, passwords are set for each User Account. To access the User Accounts, click on the Start button, open the Control Panel and click on User Accounts and Family Safety. If you're using the Control Panel 's Classic View, which makes the Control Panel look as it does in Windows XP, you won't see User Accounts and Family Safety, so just double-click on the User Accounts icon. The following article shows you how to set passwords for User Accounts.

Securing Your Windows Vista Computer -

http://www.cmu.edu/computing/documentation/secure_win/secure_vista.html

How To Create a Windows Vista Password Reset Disk -

"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..."

http://pcsupport.about.com/od/windowsvista/ht/vistapwdisk.htm

Note that the logon passwords that you can set for Windows 95, Windows 98, and Windows Me are a waste of time, because anyone just has to click the Cancel button to get past them. Only the passwords used by the Windows NT family of operating systems (Windows NT, Windows 2000, and Windows XP) cannot be bypassed.

You, the computer's owner, are the Administrator. You don't have to set a password when The Home Edition of XP is installed as you do have to with the Professional Edition. This means that anyone who can turn the computer on can access the system and make any changes to it that you are able to, including changing the password. If you have a brand-name PC with the Home Edition pre-installed, it probably won't have a password set. Note well that an Administrator account without a password makes it more vulnerable to potential hackers.

In the Home Edition of XP, you use User Accounts in the Control Panel to set a password for the Administrator account.

****

I Forgot My Administrator Password! - Can't Log On to Windows XP?

Visit the Recovering Windows XP page on this site for information on how to recover a forgotten Administrator login password.

How to keep your data private in Windows XP

Neither Windows XP Home Edition, nor XP Professional Edition can protect a specific folder or file with a password. You can only password-protect an Administrator or a Limited User Account. Moreover, Windows XP has to be using its native NTFS file system, not FAT32.

Keep data Private - http://www3.telus.net/dandemar/private.htm

8. - Never respond to e-mail messages that ask for your log-in and account details

Never respond to e-mail messages that seem to come from banks, PayPal, eBay, etc., that ask you to verify your account details, or e-mails saying that you have received an e-card greeting, because they are all methods of obtaining your user names and passwords, or of installing Trojan backdoor software that can send your personal information back to its originator from your computer.

If you receive a message that says you have received an e-card, which doesn't use your name and provides a link to click, if you click it, you'll be taken to what looks like a genuine e-card site. You'll have to enter the code that was provided in the e-mail message in order to gain access to a non-existent e-card, but when you enter the code a message saying something such as, "Your browser doesn't have a Flash player for e-cards". Your browser will then produce a message asking if you want to download and install a file. Refuse permission, because that file isn't a Flash player, it's a Trojan backdoor program that will compromise the security of your computer.

9. - Make restorable backups

Make sure that you use some kind of backup system regularly that enables you to recover from a system failure that makes Windows unable to start up. There are many ways to creat all kinds of backups, with many different programs, tools / utilities. You can create a restoarble master image of the entire system and burn it to recordable CD/DVDs, or, if you have a Windows CD and the CDs/DVDs of your application software, you can just make backups of the data files and settings. In the event of an irrecovable system crash, you can reinstall Windows and all of your applications and then restore your data files and settings.

Visit this page on this site for more information: Software: Data Recovery - Back-ups - Programs and Methods Used to Create Backups.

10. Actions to take if your computer is infected by a virus or spyware

No security precautions are foolproof. The actions to be taken should you computer be infected by a virus or spyware are listed very well on this page:

A step-by-step guide to dancing The Security Tango! -

http://securitytango.com/tango.php

Intrusion Detection Software (IDS)

Consider using some Intrusion Detection Software (IDS), which can often catch intrusions that virus and spyware scanners and tools (IPS - Intrusion Prevention Software) miss, but which all too often uses up plenty of system resources. Therefore choosing the right product can be difficult, involving trading off the degree of protection that is provided against the system resources used.

IDS programs detect malware trying to get into a computer by judging its behaviour instead of matching a signature. It's analogous to a detective catching a thief by looking for his methods of operation instead of finding his fingerprints. Anyone who uses WinPatrol or SpyBot's TeaTimer are using a form of IDS.

Many IPS programs, such as Spybot S&D, also contain an IDS program, such as the Spybot TeaTimer.

Free Intrusion Detection (IDS) and Prevention (IPS) Software -

http://netsecurity.about.com/od/intrusiondetectionid1/a/aafreeids.htm

Mike Lin's Start-up Monitor informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up. This is a valuable line of defence that is well worth installing. You can obtain the program free of charge. If you find it useful you can give Mike a donation from his site - http://www.mlin.net/.

PC Buyer Beware! Copyright © Eric Legge 2004-2009. All right reserved.