PC Buyer Beware! - Don't get ripped off - Forewarned is forearmed

Scroll down the 30+ pages on the A-to-Z menu:

To support this site:

Home Page

AGP - Video/Graphics Cards

BIOS

Build a PC

Desktop PCs

Diagnostics

Disk Drives

FireWire & USB

Gaming

Great Sites

Laptop/Notebook PCs

Links to Other Sites

Linux

Media Center PCs

Modems - Dial-up

Motherboards, PC Cases and Power Supplies

Monitors

Networking

Newsgroups

Other PC Information

Problems & Solutions

Processors

Processor Sockets

Purchase Check List

RAM

Software

Sound

Support - Technical

Technical Stuff

Tips & Tricks

Upgrade Checklists

USB & FireWire

Video/Graphics Cards

Warranties

Windows Support

Windows Vista

 

Forewarned is forearmed...

PC Security: How to Make Computers Secure from Hackers, Viruses, Trojans, Spyware, Adware, and Phishing Scams - Page 1

Last updated on 11 November 2009

Google
SEARCH THIS SITE:
 
Web www.pcbuyerbeware.co.uk

This article consists of two pages. Click here! to go to Page 2.

INDEX

Click the relevant link to go to that information on This Page or Page 2:

The latest security news

An introduction to computer security

Additional ways of improving your PC's security [ELSEWHERE ON THIS SITE]

The tricks used by phishing sites, hackers, and web tricksters

Microsoft Knowledge Base: Security articles

Security and Internet products: Reviews

"Rootkits" are posing a new security threat to Windows systems

Computer Gripes: Software security issues

Using the HijackThis and CWShredder removal tools

Security Q&A problems dealt with on this site

Computer security: Relevant links to other sites

Security warnings!

Always bear this in mind with regard to PC security. Security-research company Trend Micro that provides the free online malware scan HouseCall has reported that of the top 100 computer infections in the U.S. in 2008, a huge 63% were caused by downloading and running programs. E-mail infections accounted for only 3% and the exploitation of security flaws in software products was responsible for a negligible 1.7% of the PC systems that were compromised. Free games, utilities, toolbars and almost any other software can entice a user into downloading malware from a malicious website. Pirated software and pornography offered on the web are particularly dangerous in this regard. The hackers know that many people look for pornographic sites using certain keywords, so they fill their malicious sites with those keywords. The dangerous downloads are usually disguised as pornographic videos, or the website might ask the visitor to install software in order to view pornographic videos.

You should therefore only download software from reputable sources, such as well-known downloads sites (Filehippo.com, Download.com, Softpedia.com, MajorGeeks.com), or the websites of reputable software developers and hardware manufacturers (Microsoft, Adobe, Google, Intel, HP, and Dell), or open-source (free) software provided from Sourceforge.net, Mozilla.org, Ubuntu Linux, OpenOffice.org, etc.

You should also not use keywords such as free spyware programs, etc., in search engines or adverts on reputable websites to find security software, because the major search engines and the advertisers such as Google and Yahoo! allow malware products to be listed in search results and/or advertised. You should only obtain security software directly from websites that have received good reviews for their products from other reputable websites. For example, all of the links provided on the pages of this website are valid products. For more information, read this story on this subject:

Sponsored search results lead to malware -

"The ads served by Bing and Google along with your search results are linking more and more often to sites trying to infect your machine." -

http://windowssecrets.com/2009/10/08/01-Sponsored-search-results-lead-to-malware

Downloads called "torrents" from websites that provide them can be particularly dangerous. The downloads use a web protocol called BitTorrent, hence the name torrents. If you only use torrents to download legitimate software, the torrent file should be made available from the program's own website - for example, the torrents page for Slackware Linux.

GData reports massive increase in malicious torrents -

"The number of infected torrents tripled over the course of last week, according to German security software firm GData. G Data Security Labs' analysis reports that a lot of malware is circulating in software warez (cracked versions of commercial software), maps for navigation devices, ringer tones, videos, and music recordings." -

http://www.expertreviews.co.uk/news/267892/...

BitTorrent (protocol) -

http://en.wikipedia.org/wiki/BitTorrent_(protocol)

Another great danger are phishing websites, which are copies of real websites, such as PayPal.com, that are linked to from within emails. The domain name is not PayPal, but another name. The link's text shows http://www.paypal.com, but it is linked to another domain, which is usually temporary; it will be abandoned as soon as the security software exposes it for what it is. If you place the mouse pointer over a link to a phishing website, you will see its real domain name in the bottom left corner of web browsers such as Internet Explorer and Firefox. A message in phishing emails tries to entice the reader of the email into visiting the website by saying, for instance, that their PayPal account has been illegally accessed and that they should log on to it immediately by clicking the link that brings up the phishing website, not PayPal's website. Every bank or financial organisation capable of transferring money has phishing emails sent out in its name.

Your name is never provided because it is a general message sent to many thousands of email addresses. It will only be addressed to you if the sender knows your name. That is why you should not use your name in an email address that you are going to use on websites. For example, use an email address like earthsventriloquist@gmail.com instead of yourname@gmail.com.

A simple rule of thumb is this: no reputable bank or financial service will ever ask you to provide login details to your account via an email. If you receive such an email informing you of a problem with your account or proposing to offer some kind of prize incentive or similar, just remember the old saying, "If it looks to good to be true then it no doubt is."

If you want to install software from a developer that you don't recognise, you can perform a Google search on it and the developer in order to find out if it is from a reputable source. You will not be able to find articles, computer-forum threads and reviews of software created by criminals unless thay are providing warnings about it. You should never use a free 'cracked' copy of a piece of software that doesn't require product activation, etc., because it is likely to be doctored software.

Note well that dangerous malware that infects PCs by disguising itself as a legitimate antivirus program is being used by criminals to gain access to computers. It goes by several different names, such as Antivirus XP 2008 and Antivirus 2009, and succeeds by looking like a legitimate Windows program. The programs are delivered through spam messages that link to an automatic download of a malware installer, or can even be delivered by clicking on the adverts of valid websites that have been compromised by hackers. The spam containing attachments usually entices the user into opening them by saying that they contain naked images of celebrities. It is also possible just to visit an infected website for your system to pick up a trojan virus. Read this article:

Trojan virus steals bank info - http://news.bbc.co.uk/1/hi/technology/7701227.stm

Therefore, you should never consider installing any security software unless it is reviewed on a reputable site such as http://internet-security-suite-review.toptenreviews.com/.

You used to have to get virus and spyware scanners and a firewall (free or paid-for) for adequate protection. However, the major Internet security companies have change the way in which their software works. They are addressing all of the different kinds of threats from the web at the same time. Instead of using separate programs, Internet security suites combine all of their scanners into one application, which is more efficient than having three or more separate scanners scanning the system. Here are the top security suites reviewed on three reputable US websites:

PC World (US) - Top Internet Security Suites for 2009 -

http://www.pcworld.com/article/158178/top_internet_security_suites.html

PCMag.com (US) - The Best Security Suites for 2009 -

http://www.pcmag.com/article2/0,2817,2333448,00.asp

MaximumPC.com (US) -

http://www.maximumpc.com/article/features/protect_your_pc_from_guys_like_this

However, note well that when polled by newsletters and PC websites, the majority of computer users always say that they prefer using individual anti-virus, anti-spyware, firewall, and other security tools, which they say are preferable to all-in-one security suites, such as Symantec's Norton Internet Security. This is no doubt because they know from experience that the individual-tool approach is less problematic. Moreover, if you were to ask highly experienced PC repair technicians, they will almost certainly all say that standalone products outperform security suites.

In my opinion, the reason that relatively poor security suites, such as Norton Internet Security and McAfee Internet Security Suite, are regularly reviewed as being the best security products has more to do with commerce than with real-world experiences of users. PC publications and websites will almost all run the adverts of the major security companies and it is therefore in their interests to promote not criticise them. For example, only the Windows Secrets newsletter ran articles exposing how unreliable the McAfee SiteAdvisor website-rating service can be. None of the major PC magazines and websites did likewise when I asked them to do their own take on the Windows Secrets' exposé. I put that down to their not wanting to damage their advertising relationship with McAfee, which is major computer-security company.

I personally would not use the Norton (Symantec) and McAfee products regardless of the good reviews because of bad experiences I have had with them. I find that using the free Comodo firewall, the free AVG antivirus/antispyware scanner and the Web of Trust browser plugin provide very adequate protection. I have yet to fall foul of any security threat. Web of Trust (WOT) warns you before you interact with a risky website, both from within the browser (Internet Explorer, Firefox, etc.) and from within search-engine results by placing green or yellow or red marks beside each link to indicate its security rating.

I also use the free version of Malwarebytes' Anti-Malware. Apparently most of the calls to Microsoft's support lines involve spyware infections and Microsoft recomments using the free version of this program. It allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real time. You pay just $24.90 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating. Just remember that you should not have two programs of the same type monitoring the system. Only one software firewall, etc. The free version of AVG Anti-Virus combines virus scanning and adware/spyware scanning in real time, so if you use AVG Anti-Virus and you install another scanner that scans for viruses and/or spyware, you should disable AVG's real-time monitoring and only use it for manual scans. Scanners that monitor your system in real time will install an icon in the System Tray/Notification Area in the bottom left corner of the screen in Windows computers.

Download the free version from http://www.malwarebytes.org/mbam.php.

SUPERAntiSpyware is another powerful and free malware scanner that you might like to try. The free version installs an icon in the Notification Area, but real-time scanning has to be enabled; it is not enabled by default because the user will probably already have a real-time spyware scanner installed. You should only enable it if it is the only spyware scanner operating in real time on your computer. AVG Anti-Virus is a virus and spyware scanner, so, if you are using it, you should not enable real-time scanning for SUPERAntiSpyware; you should use it for manual scans. The options can be accessed by right-clicking with the mouse pointer over the icon.

SUPERAntiSpyware - "SUPERAntiSpyware is the most thorough scanner on the market. Our Multi-Dimensional Scanning and Process Interrogation Technology will detect spyware that other products miss! SUPERAntiSpyware will remove ALL the Spyware, NOT just the easy ones!" - http://www.superantispyware.com/

September 30, 2009. - Microsoft has provided a free malware scanner called Security Essentials that scans for viruses, spyware and other malware that you can use in real time or as an additional scanner. Real-time scanning is enabled by default, but you can turn it off, which you should do if you keep another malware scanner operating in real time.

Microsoft Security Essentials - http://www.microsoft.com/security_essentials/

Note well that if you are visiting a website that produces a message saying that malware has been detected on your PC, offering a free security scan if you click a button to give the OK, don't click the button, press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab.

It can be very difficult to remove such malware once it has compromised a system, because it can shut down antivirus programs and forbid the user from accessing websites that provide online virus scanning, such as the free scanner provided from kaspersky.com.

When they have infected a system some of these phony antivirus programs can produce messages asking you to buy them and then scan the system. Of course, they can't scan for anything because they are malware themselves. Some of them ask for you to enter your credit card number in order to make a purchase of the scanning software. If that happens you should first try using the antivirus software that you should be running in real time monitoring your computer to remove it by running a system scan. Note that you should be using an antivirus program that is updated regularly online. The free version of AVG Anti-Virus from http://free.avg.com/ updates itself daily.

If you visit a website that requires downloading and installing a video player or picture viewer in order to view videos/pictures, switch nthe PC off and rebbot or press the Ctrl + Alt + Del key combination that brings up the Windows Task Manager and close that website down under its Applications tab, because the download is almost certainly malware that can compromise the security of your system in order to make you buy phony software, steal passwords, etc. Users who are searching for porn using popular keywords at some time or other are sure to click on links to sites that require the user to install a program in order to view the porn. If they download and install that software, their systems will be compromised any number of ways from installing keyloggers that return the keystrokes made by the user to the hackers to allowing full remote access to the system.

Note that if you can't get rid of a malware infection, it is advisable to start the system up in Safe Mode by constantly pressing the F8 key just before Windows shows its first graphics screen and starts to install itself at startup. Pressing that key brings up the boot manager that has Safe Mode as one of the options. You can run virus and spyware scanners in that mode more effectively, because a very basic version of Windows is running and the malware won't have installed itself, but its files will still be detectable.

You can also try using System Restore to backdate the system files to a date prior to the infection. It is found under Start => All programs => Accessories => System Tools in Windows XP and Windows Vista. However, the virus can often disable System Restore, or the changes that the virus makes to the system prevent it from working.

If that is the case, there are ways to restoring the system manually, but they are so involved, involving editing the Registry, etc., that it is easier to perform a repair install of Windows, which retains your folders, files and settings. Click here! to go to information on this website on how to do that. Note that you must have a Windows XP/Windows Vista installation CD/DVD in order to do that, and you will have to add any missing service packs and security updates if you haven't created a customised CD that contains the contents of the installation CD that you have plus the missing service packs. Note that XP's SP2 contains SP1, so you only have to add SP2 to the contents of the original version of Windows. Windows Vista currently only has Service Pack 1 (SP1).

Read the following Q&A on this site on how to slipsteam Windows XP and Windows Vista with service packs: How to slipstream Windows XP and create a customised boot CD.

Note that you should consider using the OpenDNS service from http://www.opendns.com/ as your computer or network's DNS server, which translates web addresses into the IP addresses. For example, 209.86.14.54 is the IP address of this website. Entering http://209.68.14.54 into a browser brings up http://www.pcbuyerbeware.co.uk/. It is the DNS server that does the translation.

After your computer or network has been set up to use OpenDNS, it can prevent it from accessing many bad websites, and, among many other options, it can be configured to prevent children from gaining access to adult websites. Here is how to get the best out of this free service:

Use OpenDNS to surf safely with these tricks -

http://windowssecrets.com/2009/07/09/02-Use-OpenDNS...

Alternatively, if you install the latest version of the Comodo Firewall and/or Comodo AntiVirus, the installation process allows you to set your computer up to use secure DNS servers of the developers of Comodo security software. You can download the 76MB file that allows you to: "Install the AntiVirus as a standalone. Install the Firewall as a standalone. Install both Firewall and AntiVirus." You should read which options can be installed as the setup process runs, because there are some provided by third parties that you might not want. Note that you should uninstall any existing anti-virus software if you install Comodo AntiVirus, because you should not have more than one type of security software monitoring the system in real time at the same time - only one firewall, one anti-virus scanner, etc.

Download Comodo Firewall -

http://www.comodo.com/home/download/download.php?prod=firewall

Some malware can cripple spyware and anti-virus scanners. If this happens to you and you can still go online, there are many free online scanners, ten of the best of which are listed on this page:

http://www.makeuseof.com/tag/10-free-online-malware-and-virus-scanners/

Here is a link to brief video introduction on phishing, which is an online method used to trick people into sending their logon user names and passwords to online stores, banking sites and payment sites such as Paypal.

Gone Phishing - http://news.bbc.co.uk/1/hi/business/7715787.stm

Visit The tricks used by phishing sites, hackers, and web tricksters on Page 2 of this article for more detailed information on this subject.

This article provides insight into the world of the computer hacker:

Gaining access to a hacker's world -

"For a short time in February, I had complete control over 21,696 personal computers around the world. These were machines whose owners had not taken the basic security precautions necessary to stay safe online." -

http://news.bbc.co.uk/1/hi/programmes/click_online/7938201.stm

THE LATEST SECURITY NEWS

Microsoft's Security Bulletin for November 2009

November 10, 2009. - Today is Microsoft's Patch Tuesday. It has been a moderate update month. There are 6 security updates this month - 3 rated Critical and 3 rated Important. A Critical and an Important update often patches code that allows remote-code execution that allows unauthorised access to a computer or network from the Internet. All of the Critical updates this month involve patching vulnerabilities that allow Remote Code Execution.

Microsoft Security Response Center Security Bulletin Severity Rating System (Revised, November 2002) -

http://www.microsoft.com/technet/security/bulletin/rating.mspx

Microsoft Security Bulletin Summary for November 2009 -

http://www.microsoft.com/technet/security/bulletin/ms09-nov.mspx

If you have Automatic Updates (Windows XP), and Windows Update (Windows Vista) enabled in the Control Panel to install the updates, or inform you of their availability so that you can choose when to download and install them, you need take no other action to install them. However, there might be a delay between the announcement today and when they are made available for automatic download. If that is the case and you want to install them immediately, Microsoft Update - http://update.microsoft.com/ - will examine your PC and provide you with a list of missing updates, which you can elect to install selectively or entirely. Choose the Custom install to choose which updates to install. This is useful if, say, you don't want to install a large update such as a service pack or new version of Internet Explorer. Many users cannot install Windows XP Service Pack 3 (SP3) successfully, which is installed automatically along with other updates if the default option is enabled. All they have to do is choose the option to make Microsoft Update forget about installing that particular update.

The technical details of every released security update to date can be found on this page:

Microsoft Security Bulletin Search -

http://www.microsoft.com/technet/security/current.aspx

Visit the following page if an update refuses to install and keeps being announced as being available to install. You can download and install any particular update manually from there. Scroll down the page for the update links.

Windows service packs & updates for Windows 7, Windows Vista, Server 2008 and Windows XP - http://www.softwarepatch.com/windows/index.html

When run, the Belarc Advisor, under FREE DOWNLOAD on http://www.belarc.com/, tells you if your computer has all of the available updates installed. It also provides a System Security Status report that gives your computer a security rating out of 10, created by the benchmark tests of the Center for Internet Security (CIS), which is at http://www.cisecurity.org/ (available for Windows XP Professional, not Windows XP Home).

Mozilla is testing a new security measure in its Firefox web browser that will prevent most website-based attacks launched from legitimate websites

October 13, 2009. - Many legitimate websites have been compromised by hackers who have injected malicious code into them that compromises the security of visitors to those websites.

Mozilla has released a test version of its Firefox web browser that employs a technology called Content Security Policy (CSP) that is able to define which content on a particular website or in an online application is legitimate, thereby enabling it to block any script or malicious code that has been added by hackers, who have compromised the website or application.

However, Firefox currently only has about a quarter of the browser market, so even if this new technology proves to be effective, that still leaves about 75% of users unprotected - yet another good reason to abandon Microsoft's Internet Explorer browser and use Firefox instead.

Click the following link to read more detailed information on this new web technology.

http://people.mozilla.org/~bsterne/content-security-policy/

Microsoft releases free malware software, threatening the business of the computer-security software developers

September 30, 2009. - Microsoft has released its free security software called Security Essentials for users of Windows XP, Windows Vista and Windows 7 (release date, October 22, 2009). The new security software provides protection against viruses, spyware and other malicious software. Real-time protection is an option, which means that accessed files are actively monitored. However, if you have another program that scans for infected files in real time and you want to make use of Microsoft's software, you should only use it (or your existing security software) for manual scans, because you should not have more than one security scanner of the same type actively monitoring the system. Microsoft's other free spyware scanner, Windows Defender, is still available. If you have it installed on your computer and you install Security Essentials as real-time protection, you should uninstall Windows Defender, because they both do the same kind of scanning.

Microsoft's paid-for security suite, Windows Live One Care, now discontinued, performed badly in live virus tests carried out by several publications. The effectiveness of the new free software will be unknown until tests have been published, so it is not advisable to run it as your only real-time protection. Until then, if you need free protection or wish to run an additional scan, the free version of AVG Anti-Virus is the best option.

The availability of free security software from Microsoft is obviously going to pose a threat to the businesses of the security-software developers that charge for their products, so the company is almost certainly going to come under fire from them and from competition watchdogs.

Microsoft Security Essentials - http://www.microsoft.com/security_essentials/

Microsoft: free Security Essentials is a threat to Symantec -

http://www.pcpro.co.uk/news/interviews/352018/...

A new Trojan virus designed to obtain bank-account login information

September 22, 2009. - Computer security experts have warned that the malicious code of a new virus called the Clampi Trojan is no longer restricted to being delivered from rogue gambling and pornographic websites; it can be delivered from many seemingly safe websites...

Clampi Trojan virus could steal banking passwords -

"Security experts have warned that Clampi, a new 'Trojan' virus, could enable cyber criminals to hack in to personal bank accounts" -

http://www.telegraph.co.uk/technology/microsoft/6214061/...

Clampi virus: seven ways to secure your computer -

"A new Trojan, Clampi, could give hackers access to your online bank accounts. Follow these steps to ensure your computer is secure." -

http://www.telegraph.co.uk/technology/microsoft/6214173/...

Sky News exposes crooked laptop repair shops

July 23, 2009 - Unscrupulous staff in some of the major laptop PC repair shops in London have been exposed by an investigation conducted by Sky News.

To conduct the investigation a laptop PC had a RAM memory chip loosened so that it would not boot. Key-logging software was installed to monitor what was accessed on the computer and the laptop's built-in camera was activated to show what was going on in the repair shops.

Files were illicitly accessed, an attempt was made to use fake bank details that were placed there on purpose, some shops said that the motherboard needed to be replaced, charged for replacing it, but obviously didn't replace it because it wasn't faulty. However, none of the shops attempted to install spyware, which would be the most serious crime, because it could allow remote access to the computer and therefore compromise its security.

Only one of the investigated shops was honest. Its technician discovered the loose chip, reseated it and said that there was no charge.

If you want to read advice on what to do to avoid being ripped off or having your computer abused by repair shops, read this Q&A on this website: Crooked PC repair companies or technicians: If I have to send my desktop or laptop PC in for repairs or recovery, how can I protect the files, data and hardware from unscrupulous repair companies or technicians.

Exposed: Repair Shops Hack Your Laptops -

http://news.sky.com/skynews/Home/UK-News/...

Recommended anti-malware software: Malwarebytes' Anti-Malware

April 22, 2009. - A telling message from an anonymous Microsoft employee: "I work for Microsoft technical support, and 90% of the calls are due to spyware infections, so we ask customers to download Malwarebytes' Anti-Malware. They have a totally free version. It's the one we use for clients. It's so effective, I feel confident the PC you're using to read this has infections. Are you surprised? Even if it's just minor adware, it's an infection still. If it weren't for Malwarebytes.org, I'd be spending more time per call and asking customers to reload Windows more often, because finding one infection could take forever. The application is painless to install, isn't too bulky, and requires no reboot after install. The application is a winner all around. The Internet is full of scams. It's shocking to see it day in and day out."

The free version of Anti-Malware allows manual scans for spyware, which means that you have to run the program; it does not monitor the system in real time. You pay just $24.90 for the full version, which provides real-time protection against malware, scheduled scanning and scheduled updating.

Download the free version from http://www.malwarebytes.org/mbam.php.

McAfee SiteAdvisor website ratings can be as much as a year out of date

February 16, 2009. - McAfee's free SiteAdvisor web-browser plugin that integrates itself into the browser (Internet Explorer, Firefox, Opera, Chrome, Safari, etc.) claims to protect web surfers by labelling visited websites green, yellow or red - in the browser itself and also in search engine results - to rate them as safe (green), questionable (yellow), or dangerous (red). However, the bad news is that a good or bad SiteAdvisor rating can exist for as long as a year after the website's content has changed, which means that it is impossible for the user to rely on the results, which in turn means that users should not use the service. The web is full of complaints from website owners whose innocent websites have been defamed by SiteAdvisor, which does not rate on a page-by-page basis, but rates an entire site on a extremely questionable basis. Defamed websites experience extreme difficulty in getting their grievances addressed, which is a totally unacceptable state of affairs.

This website itself has fallen foul of SiteAdvisor. In October 2008, I first discovered that every page on it gets a yellow rating for having a single download link on one of its pages to a valid SmitFraud virus removal tool that SiteAdvisor regards as questionable. This website still has that yellow rating now even though I removed the 'offending' link in October 2008 and asked SiteAdvisor to re-evaluate the rating. I also wrote to SiteAdvisor's CEO, about the matter, but did not receive a reply. This website has probably been defamed by SiteAdvisor for several years - ever since I first linked to the 'questionable' download.

The really unacceptable aspect to this situation is that the actual site that provides the questionable download has a green rating, including the actual page from which the download is delivered. This is because my website has only five download links, which SiteAdvisor calculates as a 20% infection rate, while the actual download site offers hundreds of downloads only a few of which are questionable, so it gets a green rating for a low infection rate. An absurd situation, because if a website wants to deliver bad downloads all it has to do is surround them by enough valid download links to make SiteAdvisor ignore the threat, or get itself a green rating, which can last up to a year, and then go bad.

Update: This website's SiteAdvisor rating was changed from yellow to green as soon as my complaint was published in this Windows Secrets newsletter:

Site owners stung by SiteAdvisor rating errors -

http://windowssecrets.com/2009/02/26/03...

A far superior and much more reliable alternative to SiteAdvisor is Web of Trust (WOT), which gives this website a valid green rating. -

http://www.mywot.com/

The following well-researched article provides more information on this scourge:

SiteAdvisor ratings may be 1 year out-of-date -

http://windowssecrets.com/2009/02/12/01...

What personal information about you can be found on the web?

January 31, 2009. - Apparently in the US it is possible to find out what a person's social security number is on the web. In the UK if a person's National Insurance number could be found on the web, that information would be very helpful to ID thieves. I entered my NI number in Google, placed within double quotation marks so that only the entire number would be search for. Fortunately, it was not found anywhere.

If I want to find out information about my Mastercard credit card on the telephone, I just have to call the card provider's number, enter the card number (not the three extra identifying digits), its expiry date, which is shown on every bill printout, and my date of birth. So, if I were to have the card stolen, the thief would just have to know my date of birth to find out what the balance on the card is and how much credit is remaining.

In the following article, Robert L. Mitchell says that he could find out what his date of birth is on the web, which I failed to do for myself, so perhaps more personal information is available on US citizens, which means that unless we take preventative measures it is just a matter of time before the UK provides just as much information.

What the Web knows about you -

http://www.computerworld.com/action/article.do?...

INTERESTING PC-SECURITY-RELATED ARTICLES

How to secure a business notebook -

Several articles are gathered on this page. -

http://www.pcpro.co.uk/html/how-to-secure-a-business-notebook/

Gmail flaw shows value of strong passwords -

"The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings." -

http://windowssecrets.com/2009/08/06/...

NAT Router Security Solutions Tips & Tricks You Haven't Seen Before -

http://www.grc.com/nat/nat.htm

Gaining access to a hacker's world -

"For a short time in February, I had complete control over 21,696 personal computers around the world. These were machines whose owners had not taken the basic security precautions necessary to stay safe online." -

http://news.bbc.co.uk/1/hi/programmes/click_online/7938201.stm

Has your PC become a spammer's botnet zombie? -

"Worldwide spam traffic dramatically dropped after a major spam server was temporarily shut down last fall, raising public awareness of botnets: networks of PCs that have been turned into spam-spewing robots.Most antivirus applications are ill-equipped to stop this kind of malware, but you can reduce the risk of having your PC become zombified." -

http://windowssecrets.com/comp/090115/

Protect Your Data With Encryption : TrueCrypt 6.1--Tried And Tested -

"Security is becoming more and more important for many users, and one of the most solid solutions is an OpenSource solution called TrueCrypt..." -

http://www.tomshardware.co.uk/truecrypt-security-hdd,review-31491.html

Click Tips: Protecting PC data II -

"Rob Freeman, Click's very own Mr Fixit, looks at encryption techniques available to everyone." -

http://news.bbc.co.uk/1/hi/programmes/click_online/7820283.stm

Carry an entire operating system in your pocket -

"Running applications from a USB flash drive on a public computer is convenient but exposes you to malware and other limitations of the host PC. By installing a Windows-like version of Linux on a flash drive, you can take a complete operating system wherever you go and work in a safe, secure environment, even in an Internet café." -

http://windowssecrets.com/2008/03/20/02...

Opinion: How do I tell if my computer is a zombie? -

"There are several blacklist reporting sites to help you discover if you're a zombie." -

http://www.computerworld.com/action/article.do?...

Encrypted Disks At (Some) Risk To Eavesdroppers -

"As reported earlier today by my associate Thomas Claburn, researchers from Princeton University, the Electronic Frontier Foundation, and Wind River Systems have found a way to find disk encryption keys in system RAM.This means, if you leave your system in either "sleep" or "hibernate" mode, it has been proven that the keys used to encrypt and decrypt files or an entire drive can be found -- still resident in memory -- and used to access private data at will." -

http://www.informationweek.com/blog/main/archives/2008/02/encrypted_disks.html

PC World (US) - Top Internet Security Suites for 2009 -

http://www.pcworld.com/article/158178/top_internet_security_suites.html

PCMag.com (US) - The Best Security Suites for 2009 -

http://www.pcmag.com/article2/0,2817,2333448,00.asp

MaximumPC.com (US) -

http://www.maximumpc.com/article/features/protect_your_pc_from_guys_like_this

Computer Shopper (USA) - CyberCops: Six Security Software Suite Reviews -

http://computershopper.com/feature/...

Protecting Your Privacy Online, Anonymously -

http://www.tomsguide.com/us/security-online-privacy,review-1055.html

Are You Secure Online? -

"With some websites, including Gmail, playing fast and loose with security we provide a basic rundown of Internet security, and how it works..." -

http://www.tomshardware.co.uk/protocol-Internet-identity,review-29709.html

 

An introduction to computer security

NETWORKING AND INTERNET PROBLEMS AND SOLUTIONS

Click here! to visit the page on this site devoted to networking and Internet problems and their solutions, which includes security problems.

Folder and whole hard-disk-drive encryption

If you have read the numerous accounts of the loss of DVD data discs and USB flash drives (memory sticks) by government departments and laptops that have gone missing, you will have heard of a protective measure called encryption that was not used in most of the losses. If encryption had been used, the data would have been unrecoverable by thieves. Third-party software has been providing full hard-disk encryption for many years. Windows XP provides folder encryption - the Encrypting File System (EFS), which is not suitable for use on laptops - and Windows Vista provides full disc encryption called BitLocker Drive Encryption.

Here are the articles on Microsoft's site that provide the information on how to use it:

How to encrypt a folder in Windows XP -

http://support.microsoft.com/kb/308989

BitLocker Drive Encryption in Windows Vista -

http://certcities.com/editorial/columns/story.asp?EditorialsID=213

Coming soon: Full-disk encryption for all computer drives: Drive makers settle on a single encryption standard -

http://www.computerworld.com/action/article.do?...

The great dangers presented by identity theft

Since identity theft is a tremendous growth industry, it is imperative that you should know how to protect yourself from having your identity stolen, because if someone steals your identity, the thief can sign up to Internet Service Providers (ISPs) in your name and get you into trouble with the law for online theft or for accessing illegal websites.

The following article is written by Frank Abagnake, one of the most notorious forgers and impersonators in history. The movie Catch Me If You Can, starring Leonardo Di Caprio as Abagnake, is based on his notorious life of crime as a teenager. He is now a world-renowned consultant on security matters.

14 tips to avoid identity theft -

http://www.bankrate.com/brm/news/advice/20030124b.asp

The information on that page is aimed at US citizens, but provides some good advice to anyone. Apparently, in the US, if someone knows a person's social-security number, he or she can gain access to all of that person's account numbers. Note well that gaining access to that kind of personal information is not possible in the UK if someone knows a person's National Insurance number.

In 2002, Abagnale wrote a general, all-purpose book called The Art of the Steal. In the book, he lists and explains common confidence tricks and ways of preventing oneself from being defrauded. Identity theft and Internet scams are also covered. In 2004, he released a book called, Real U Identity Theft, in which he provides information on how to prevent identity theft in the first place. Both books are widely available.

Here is a useful quote from an interview with him: ..." you have to alert consumers today, you have to be a very smart consumer. The police can’t protect you, the government can’t protect you, your bank can’t protect you, only you can protect yourself. So you have to ask yourself when you go on something like the Internet, what information am I putting out there, and how could someone use that information? The crime of the future will be identity theft, and we’re already starting to see where people assume other people’s identity because they’re able to get bits and pieces of information about that individual, their bank account, their social security or health card number, and then assume that person’s identity. And that’s an awful crime, because in that crime, the criminal who’s committing the crime is innocent until they’re proven guilty, but the person who’s the victim is guilty until they prove themselves innocent. So they’re the ones that have to go out and convince the bank, the credit bureau, that they’re not the person who made those charges or got that mortgage."

If you enter "frank abagnale" in the Google search box at the top of this page, with its Web radio button enabled, you will be presented with plenty of useful links to information on him and his books.

Incomplete removal poses of Norton security products poses a risk to users: How to remove Norton products from your system

"Like most Windows software, Norton security products, published by the Symantec Corp., come with an uninstall option to remove the software from your computer. Unfortunately, neither Symantec's bundled uninstaller — nor a little-known, special utility from the company — removes every single thing...." -

http://windowssecrets.com/comp/080207

Of the major security-software developers that automatically renew subscriptions to their services...

Many of the security-software developers automatically renew subscriptions to their services, and it can often be very difficult to cancel a subscription. Read the story here:

Microsoft, McAfee, Symantec charge cards repeatedly -

http://windowssecrets.com/comp/070517

Never respond to offers of a free computer, etc. without reading the terms and conditions of the offer

The following tip had nothing to do with security, but this is a good page on which to put it. If you come across an advert on a reputable website that offers you an expensive piece of equipment, such as an LCD TV or laptop computer free of charge, don't rush into signing up for it! Read the terms and conditions of the offer, because you will probably get the item free, but you will also undoubtedly be committing yourself to making many purchases of goods in exchange for it, which will still make a handsome profit for the business that is making the offer.

The Security Center in Windows XP

You should know that Windows XP has a Security Center that is opened by clicking Start => All Programs => Accessories => System Tools => Security Center.

It informs you of the security status of the system's firewall and virus protection, and allows you to set options for the way in which Automatic Updates (in Windows XP) or Windows Update (in Windows Vista) operates. If you have insufficient firewall and/or virus protection, you will be informed by pop-up messages. Depending on the setting you have enabled, you can also be informed of what Automatic Updates requires of you. A badge-shaped icon appears in the bottom left System Tray (Notification Area). If you position the mouse pointer over the icon, you will be told what to do. For example, if you have chosen the setting that makes Automatic Updates let you know when updates are available, the message will tell you that updates are available and to click the icon to begin the download.

If you need to investigate a security issue, the following guide provides you with a good way to go about it.

Fundamental Computer Investigation Guide for Windows [XP and Vista] -

"This guide discusses processes and tools for use in internal computer investigations. It also presents an applied scenario example of an internal investigation that uses Windows Sysinternals tools (advanced utilities that can be used to examine Windows-based computers) as well as commonly available Windows commands and tools." -

http://go.microsoft.com/?linkid=6500778

The Security Center in Windows Vista

Microsoft is touting Windows Vista as the most secure operating system yet devised. True or not, the devil is always in the detail.

Top Security Features in Windows Vista -

http://technet.microsoft.com/en-us/magazine/cc546565.aspx

The Security Center in Windows Vista is accessed via the Control Panel, which is accessed from the Start (button's) menu. Click on Security to open it.

Windows Security Center -

"Windows Security Center [in Windows Vista] helps make your PC more secure by alerting you when your security software is out of date or when your security settings should be strengthened. The Security Center displays your firewall settings and tells you whether your PC is set up to receive automatic software updates from Microsoft. Other improvements over the version of Windows Security Center that debuted in Microsoft Windows XP SP2 include showing the status of software designed to protect against antispyware, your Internet Explorer 7 security settings, and User Account Control. In addition, Windows Security Center can monitor security products from multiple companies and show you which are enabled and up to date." -

http://www.microsoft.com/windows/products/windowsvista/.../securitycenter.mspx

Windows Vista Security and Data Protection Improvements -

http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx

Windows Vista Security Guide - Interview with the Authors -

"Listen to this half-hour interview with the authors of the Windows Vista Security Guide to find out how to use the guide's recommendations to further harden Windows Vista against real-world security threats like malware and information theft. You'll also hear how to use the guide's automated tools to deploy security configurations in minutes instead of hours."

http://go.microsoft.com/?linkid=6324365

The Devil's Guide to Windows Vista Security -

http://www.computerworld.com/action/...Basic&articleId=9005492

Windows Vista Security Guide [technical guide for IT professionals] -

http://www.microsoft.com/technet/windowsvista/security/guide.mspx

How To Create a Windows Vista Password Reset Disk -

"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..."

http://pcsupport.about.com/od/windowsvista/ht/vistapwdisk.htm

Windows Vista Security Guide 1.2 -

http://www.download.com/Windows-Vista-Security-Guide/...

Windows Vista Step-by-Step Guides for IT Professionals -

"These step-by-step guides provide instructions for deploying or migrating to Windows Vista, and various management tasks, including configuring security, monitoring performance, and managing printers." -

http://www.microsoft.com/downloads/details.aspx?...

Microsoft has extended support for Windows XP Home and Media Center Editions

February 23, 2007. - Microsoft has extended its support for Windows XP Home and Windows XP Media Center Editions to match the support it has always intended to give Windows XP Professional Edition. Support for those two versions was supposed to end five years after their introduction, but Windows XP Home Edition was released in October 2001, and Windows Vista was only officially made available on January 30, 2007, so, although Microsoft had to extend its support for them, it has done so very generously.

Windows XP Home and Windows XP Media Center Editions are to receive free mainstream support until April 2009. Mainstream support includes feature requests, security updates, hotfixes, and support. After mainstream support ends, five years of extended support begins. Extended support provides free security updates and paid-for support. Official support for all three versions of Windows XP (including Windows XP Professional Edition) will end in 2014.

Visit http://support.microsoft.com/lifecycle/ for the latest information on the lifecycles of Microsoft's products.

Microsoft ends support for Windows 98/98 SE/Me

June 24, 2006. - On July 11, 2006, Microsoft ended support for both Windows 98, Windows 98 Second Edition (SE) and Windows Millennium Edition (Me). This means that Microsoft will no longer provide security updates for these operating systems, and will no longer provide (paid) incident support. Only self-help support will be available until at least July 10, 2007. You can still use those versions of Windows, but, unless Microsoft changes its mind, they will not be updated after that date.


The safest way to upgrade RAM: Use the UK and US Crucial Memory Advisors

Paul Mullen, the highly-respected computer guru of the Helpfile at ComputerShopper.co.uk - "I have recently been buying my memory only from Crucial Technology. I would rather pay the extra cost than waste time trying to track down the obscure program faults that bad memory can cause."

The memory requirements of the versions of Windows Vista

Most of the versions of Windows Vista require more RAM memory to run optimally on a computer that doesn't use memory-hungry applications than Windows XP. A video-editing application is an example of memory-intensive software. Only Windows Vista Home Basic has a recommended minimum amount of memory of 512MB, which is the same amount recommended for Windows XP. Windows Vista Home Premium, the most popular version, and Windows Vista Ultimate require a recommended minimum of 1GB (1024MB) of memory, which is twice the amount of minimum memory recommended to run Windows XP. For more information on computer memory, read the RAM pages of this site.

UK - Crucial Memory Advisor - UK


USA - Crucial Memory Advisor - USA

For example, if your computer has an Asus motherboard, open the menu, scroll down to ASUS, and click GO. If, say, you have a Dell computer, scroll down to DELL, and do likewise. You will be taken to the relevant information on Crucial's website.

If you don't know the make and model of the motherboard installed in your computer, here is a good free utility - Belarc Advisor - that creates an analysis of the hardware and software on a personal computer. Look under FREE DOWNLOAD - http://www.belarc.com/. Another utility that also provides detailed information on the memory itself is CPU-Z.


Windows SteadyState for Windows XP/Vista

Many home users share an Internet connection wirelessly between two or more desktop and laptop PCs. The sharing is done over a wireless network (which could also be a mixture of a wired and a wireless network). If that is the case, you should inverstigate what Windows SteadyState has to offer.

"Windows SteadyState, successor to the Shared Computer Toolkit, is designed to make life easier for people who set up and maintain shared computers."

Using Windows SteadyState at home

"Parents can use Windows SteadyState to help control and enhance their children's computer experience. They can customize the computer to be safer and easier to use. Internet access can be carefully controlled. Different levels of restriction can be applied for different children. In cases where a single machine is used by children and parents, the parents' configurations, programs, and files can be completely isolated from access by the children."

SteadyState Version 2.5 supports Windows Vista. Watch the demonstration here:

http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx


Windows Vista: User Account Control (UAC)

If you are a user of Windows XP, when using Windows Vista you'll soon notice that Vista requires permission to install software, and, if you have a utility such as the free CCleaner installed and set to clean the system at startup, Vista asks your permission to allow it to perform its cleanup during startup. Vista's User Account Control is responsible for those security measures.

User Account Control (UAC) improves the security of the system it is running on by limiting software to standard user privileges until an increase in privilege level is authorised by a user with administrator privileges. In this way, only applications that the user trusts receive higher privileges, and spyware and viruses are prevented from installing themselves. In short, a user account can have administrator privileges assigned to it, but software that the user runs do not also have those privileges unless they are approved beforehand, or the user authorises it to have those higher privileges. Application software that has been installed will run without interference, but if it attempts to make unauthorised changes to the system, Vista asks the user for permission.

If you are logged into a Vista computer as administrator, and you wish to make a configuration change, a message pops up from the UAC asking 'If you started this action, continue'. You must click on that 'Continue' button before Vista completes the configuration.

You can turn UAC off if you find its nagging annoying, but it is advisable to tolerate it and to learn how to distinguish between what is safe and what is potentially dangerous. What you should never do is just click the Continue button without finding out which application brought the UAC into action, because that is how viruses and spyware can be installed.

Here are some webpages that provide additional information on UAC, including how to turn it off:

User Account Control - http://en.wikipedia.org/wiki/User_Account_Control

Understanding Windows Vista's User Account Control -

http://www.windowsdevcenter.com/pub/a/windows/2007/02/06/...

User Account Control Overview -

http://technet.microsoft.com/en-us/windowsvista/aa906021.aspx

You can find many others by entering vista user account control in the Google search box at the top of this page (with its Web radio button enabled).


How to wipe the data on a PC before you get rid of it

Retire that computer more safely -

"If you're ready to replace, sell, or retire your old computer, it's very important to eradicate personal data stored on its hard drive before unplugging it for the last time. You should always remember that even though you manually delete computer files, an identity thief might still be able to recover them, possibly putting you or your family at risk." -

http://www.microsoft.com/athome/security/update/donatecomputer.mspx


The essential protection methods

Software applications and operating systems are continually developing and are just as continually leaving gaping holes that hackers discover and exploit - and software developers are forced to patch. Therefore, it is essential to keep up to date with the latest ways and means of providing your PC or network with the most effective and cost-effective protection.

Free security analysis tools are available that can analyse the contents of a computer and determine security weaknesses. The Microsoft Baseline Security Analyzer (MBSA) is the best free product. It covers a variety of areas of importance in making a PC secure, and provides solutions wherever weaknesses are discovered. It is simple enough for intermediate computer users to use, but is also sophisticated enough for professional use. If you are a novice to computer security, you can download and run it after you have read and understood the contents of this section of this site.

The installation of MBSA requires validation via Windows Genuine Advantage. MBSA can analyse a single computer or the computers on a network. It saves each scan as a report that can be printed or copied to the Windows Clipboard. Brightly colored icons make it a simple matter to see safe (green), questionable (yellow,) or problem (red) areas. Additional information, indicated by a blue icon, is also provided. Each entry in the report links to help text that explains what was scanned and, in many cases, provides details on the results. If a problem is discovered, a "How to correct this" link is made available. The help files often link to additional files online, such as Microsoft Knowledge Base articles.

Microsoft Baseline Security Analyzer -

"Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems." -

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

The ten essential protection methods to employ are:

1. - Install the latest security updates/updates for the operating system, the web browser, and software such as Flash Player, Java, RealPlayer, WMP, etc.

Keep your computer that is running Windows XP/Windows Vista and Internet Explorer updated with the latest updates from Microsoft Update. If you use another operating system (e.g., Linux) or Internet browser (e.g., Mozilla Firefox), visit its site for updates. Microsoft makes security updates available once a month. Amazingly, in September 2005, there were no updates. But this month, (October, 2005) there were nine, three of which are rated as Critical.

You can find out how your Windows XP computer downloads and installs updates by opening Automatic Updates in the Control Panel.

In Windows Vista it is called Windows Update and it can be found under the Security and the System and Maintenance sections of the Control Panel.

Windows Update [in Windows Vista]-

http://www.microsoft.com/windows/.../features/details/windowsupdate.mspx

Click here! to go to the Security updates page on Microsoft's site.

A computer can have several old programs installed on it that require patches or updating in order not to be a security risk. The most common programs are Java, Flash Player, QuickTime, Adobe Reader, WinZip 8.x, RealPlayer, Yahoo! Messenger 8.x, and Winamp 5.x. Sometimes when you install the latest version, the old version can be left installed. If that is the case it doesn't present a security risk, because the latest version is being used. You can check if you have any unpatched software by downloading and using the free Secunia Personal Software Inspector.

Secunia Personal Software Inspector (PSI) -

"The Secunia PSI is available free of charge. Secure your PC. Patch your applications. Be proactive. Scan for Insecure and End-of-Life applications. Track your patch-performance week by week. Direct and easy access to security patches. Detect more than 300,000 unique application versions." - https://psi.secunia.com/

You can also download and run the filehippo Update Checker that finds updates.

filehippo.com Update Checker - "Welcome to the new filehippo.com Update Checker! We're currently beta testing this exciting new addition to our website and have released it as a public beta for everyone to download. What is it? The Update Checker will scan your computer for installed software, check the versions and then send this information to filehippo.com to see if there are any newer releases. These are then neatly displayed in your browser for you to download." - http://www.filehippo.com/updatechecker

The following article provides information on this subject:

Unpatched software abounds on user systems -

http://windowssecrets.com/comp/070906/

2. - Use an alternative browser to Internet Explorer and an alternative e-mail program to Outlook Express

Instead of Internet Explorer use an alternative such as Mozilla's Firefox. Every hacker and malware programmer on earth is constantly trying to find ways of expoiting Internet Explorer. You can keep Internet Explorer installed in case you have to use it for certain sites that won't work without it. As long as you have sufficient system resources, you can have as many browsers as you like installed and running at the same time, so if you can't get a site to work with Firefox, open Internet Explorer and use it instead.

Firefox is highly resistant to malware infection. Every method of installing malware through Firefox requires the user to give permission to install it. The rule of thumb for any browser is if a message suddenly appears for no reason asking for permission to install software, or to run a script, always click No unless you know exactly why your permission is required to install a program or run a script that makes the browser take certain defined actions.

However, if you must use Internet Explorer, then make sure that you are using version 7 (Internet Explorer 7), which has improved security features, such as a Phishing Filter. Read all about that and other features here:

Internet Explorer 7 support -

http://www.microsoft.com/windows/ie/support/default.mspx

You can use Web of Trust (WOT), a browser plugin, for extra protection. It can warn you if you're visiting undesirable sites in your web browser itself, which could Internet Explorer, Firefox, Opera, Chrome or Safari. It shows its website ratings in search engine results as well. - http://www.mywot.com/

Windows Vista: Security

Microsoft is touting Windows Vista as the most secure operating system yet devised. True or not, the devil is always in the detail...

The Devil's Guide to Windows Vista Security -

http://www.computerworld.com/action/...Basic&articleId=9005492

Securing Your Windows Vista Computer -

http://www.cmu.edu/computing/documentation/secure_win/secure_vista.html

Windows Vista Security and Data Protection Improvements -

http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx

Windows Vista Security Guide [technical guide for IT professionals] -

http://www.microsoft.com/technet/windowsvista/security/guide.mspx

How to troubleshoot Windows Defender update issues

Read this MS Knowledge Base article:

How to troubleshoot definition update issues for Windows Defender -

http://support.microsoft.com/?scid=918355

Problem: Windows Defender won't update

If the castle icon for Windows Defender appears in the System Tray (Notification Area) in Windows XP/Windows Vista, it is an unusual occurrence, because it only appears if something is amiss with the program. If you right-click the icon and click Open to run the program, you'll probably see a window that has an Update button on it. When you click on the button, a message comes up saying that Windows Defender is accessing the Internet for an update, but the PC's firewall doesn't ask permission to do so, which means that it is not accessing the Internet. Then another message appears that says that the program is now updated, which is obviously not the case. You can keep doing that every time you start the PC.

Alternatively, you have reinstalled Windows Defender and find that you can't update it.

In both cases, to resolve the problem, follow these steps:

1. - Remove the current spyware-signatures file. To do this, click Start, click Run, copy Msiexec /x {A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} into the box, and then click OK. 2. - Open Windows Defender. To do that, click Start, click All Programs, and then click Windows Defender. 3. - Check for new definitions. To do this, click the Help options arrow next to the Windows Defender Help icon, click About Windows Defender, and then click Check for Updates.

You should have Automatic Updates in the Control Panel set to Automatic, because Windows Defender can get into an update loop in which Automatic Updates repeatedly informs the user in the Notification Area that an update is available. You give permission to install it, but it doesn't install, and the message is there when you next start up.

If you are using the Startup Monitor from http://www.mlin.net/ to warn you when a program, virus, or spyware wants to become a startup program, it will produce a message that Wextract wants to install itself as a startup program to run from a temporary file. This is to update Windows Defender, but that program is not mentioned in the message. If you refuse permission, Windows Defender won't update. The Wextract.exe file is the Windows Extraction utility that extracts files from .cab (cabinet) files, which are similar to .zip files.

How to run Internet Explorer from with Mozilla's Firefox browser

Some webpages don't display in Firefox as they should mainly because Internet Explorer contains bugs that website designers have had to create workarounds for. Firefox doesn't have these bugs, so the pages which contain the workarounds don't display properly in it.

Fortunately, there is a workaround for this in Firefox itself in the form of an extension that you install. It enables you to run Internet Explorer from within Firefox.

To download the extension go to http://www.mozilla.com/ and look for IE View on the Extensions page.

For the same reasons, for an e-mail program, instead of using Microsoft's Outlook Express, use Mozilla's Thunderbird. It won't execute dodgy scripts or launch the malware programs that an unpatched installation of Outlook Express does. Even with all of the latest security updates installed, Outlook Express still draws images into e-mails that it can display in its preview window. The sender of the message can use an image only a screen pixel in size to find out if your e-mail address is active and then sell it so that you get flooded with spam. Thunderbird doesn't do that. It can be a little problematic occassionally, but it makes up for that by having a superb spam filter. All you have to do is configure its Junk Mail Controls under the Tools menu, and then highlight a spam message and hit its Junk button. The spam filter learns what sort of e-mail you would rather not see in your Inbox. After all of the e-mail messages have been downloaded, the spam is transferred to the Junk box from where it can be deleted or set to be deleted after a specific period. If it flags a valid message as spam, you can tell it that it has made a mistake and it shouldn't repeat it.

3. - Use a good software and/or hardware firewall instead of the Windows Firewall provided by Windows XP and Windows Vista

Have a good software firewall installed and properly set up to block illicit incoming and outgoing Internet traffic. There are many good free firewalls listed in the security links section further down this page. My personal preference is for the free Comodo firewall. It is easy to install and configure, and it will provide excelent protection when used it in conjunction with a virus scanner, such as the free version of AVG AntiVirus, and the Windows Defender and Spybot Search & Destroy spyware scanners. Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.

Scot Finnie has written about the Comodo, Jetico, Kerio, and Look 'n' Stop firewalls, which he recommends, in this April 2007 newsletter:

http://www.scotsnewsletter.com/90.htm.

He goes into more detail in this article:

Review roundup: Slim is in for Windows desktop firewalls -

"You don't need a bloated security suite to get the best protection from a firewall -- in fact, many of the biggest names offer less protection than simpler, lesser-known firewalls..." -

http://www.computerworld.com/action/...articleId=9024319&intsrc=hm_ts_head

Also covered in the April 2007 newsletter is "The Vista Firewall Situation", which discusses the current situation regarding the Windows Firewall provided by Windows Vista. Very few of the popular software firewalls currently support Vista. A situation that will definitely be changing rapidly as the software firewall developers rush to get their acts together. In the meantime, Vista users will have to make do with the Windows Firewall. The newsletter has this to say about the situation: "In case you think you don't need a firewall, be advised that while Vista's Windows Firewall is mildly improved, the added outbound protection isn't turned on by default, and you may find it difficult to configure. Windows Firewall still does not offer full firewall support. It's better than nothing if you don't have a third-party software firewall, but that's about it."

Comodo Firewall Pro - "It's Free. Forever. No Catch. No Kidding - The Award-Winning Comodo Firewall Pro - PC Magazine Online's Editor's Choice - Secures against internal and external attacks - Blocks internet access to malicious Trojan programs - Safeguards your Personal data against theft - Delivers total end-point security for Personal Computers and Networks - Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats." -

http://www.personalfirewall.comodo.com/download_firewall.html

Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software.

Windows XP and Windows Vista have the Windows Firewall that can be accessed from the Control Panel. However, even the improved version that comes as part of Windows Vista, which, unlike the version in Windows XP, provides protection against illicit outgoing Internet traffic if configured correctly, is only better than not having any firewall protection.

Under normal circumstances, you should not be using two or more complex security products of the same kind, such as virus scanners and firewalls to monitor a system at the same time, because doing so can cause problems. However, I have been using the free version of ZoneAlarm in conjunction with the Windows Firewall in Windows XP and in Windows Vista without any problems. Just make sure that the following setting in ZoneAlarm is disabled otherwise it disables the Windows Firewall: Firewall => Main tab => Advanced button => Disable Windows Firewall.

Note that other security products, such as Norton AntiVirus, also have a setting that disables the Windows Firewall that is enabled by default. You can check if it is turned on or off under Start => Control Panel => Windows Firewall.

If you use a router to connect several computers to an Internet connection wirelessly, you should know that all routers have a feature called Network Address Translation (NAT). The router accesses the web with its own IP address, hides the IP addresses of the computers in the network, and sends the downloaded information to the internal IP addresses in the network. Many routers also have an inbuilt hardware firewall that can be enabled or disabled. You can run a software firewall on each computer in a network and make use a hardware firewall.

The ABC's of Firewalls:

http://www.zonelabs.com/store/content/catalog/firewallABC.jsp

4. -Use a good virus scanner/anti-virus software

Install a good virus scanner and make sure that it is updated regularly with the latest virus definitions. The latest free version of the AVG Anti-Virus scanner is set to download updates by default as soon as the user goes online. A message come up asking for permission to do so.

Obtain it from this page: http://free.grisoft.com/doc/2/lng/us/tpl/v5.

Steganos AntiVirus 2007 - Anti-virus software - Five stars - Best Buy award by Computer Shopper in February 2007. "In our recent Labs test, it beat every other anti-virus application hands down." - £20 in June 2007

An excellent paid-for virus scanner is Nod32 from: http://www.nod32.com/.

There are many free good virus scanners listed in the Links to security sites section on Page 2 of this article.

Note that you should not have two or more virus scanners actively monitoring the system at the same time (e.g. when you're online), because doing that can cause system lock-ups. You should only have one virus scanner monitoring the system in real time. However, you can have several virus scanners installed as long as only one of them is actively monitoring the system. You can update all of them and use each of them (one at a time) to run virus scans.

5. - Use several spyware/adware removal tools

Download and install at least one reputable spyware and adware removal tool, and make sure that it is also regularly updated, because the creators of spyware and adware are constantly trying their utmost to defeat the removal tools. The three best free removal tools are probably Microsoft's Windows Defender, Spybot Search & Destroy, Ad-Aware. There is more information about them in the Links to security sites section further down this page.

You can pay for some excellent spyware scanners, some of which provide a free trial period in which you can test the scanner's effectiveness.

Note well that there are rogue spyware scanners that are ineffective and charge for 'removing' spyware. Spyware Blaster is a good scanner, but check that it is created by Javacool Software, because there is a rogue program with the same name that is being made available.

Sunbelt CounterSpy is an excellent product that can find spyware and backdoor Trojans that can make an infected computer send information to a remote location on the web, or download and install more software that compromises the computer's security.

"This is a great anti-spyware program..." An excellent spyware detection rate and exceptional value made CounterSpy Computer Shopper Magazine's Best Buy Award winner for fall 2006!" - Download the Free 15-Day Trial -

http://www.sunbelt-software.com/CounterSpy.cfm

Spyware Warrior - http://spywarewarrior.com/ - has been exposing fraudulent and misleading antispyware products for several years. If you see an enticing advertisement for an antispyware, which can be delivered by reputable sites such as Google, Live.com, and Yahoo, you should check its reputation on the Spyware Warrior site before making a purchase, because the advertisements for products that generate false positives in order to fool users into purchasing their 'cure', and/or which use aggressive or misleading advertising can appear before the product is discredited with the advertisers, who then withdraw the advertisements.

XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners.

XoftSpy - http://www.xsoftspy.com/

Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm

The Spyware Warrior site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites.

The Spyware Warrior Guide to Anti-Spyware Programs - Feature Comparison:

http://spywarewarrior.com/asw-features.htm

Spywareinfo.com/ is an excellent spyware/adware information site that has its own security-related forums.

6. - Create secure passwords to websites with which that you have accounts

To access password-protected websites such as online banking sites, PayPal, eBay, etc., make sure that you use passwords that are difficult to guess or crack with the special password-cracking software that hackers use to obtain passwords. That kind of software can be loaded with dictionaries and algorithms so that it can try using words, combinations of words, and the methods people use to create passwords until it succeeds in gaining access to an account. There is plenty of advice on the web on how to create secure passwords. If you enter the search term such as passwords + guide in the Google search box at the top of this page, you'll find links such as these two that I found myself:

Secure Password Guide - http://www.strangecode.com/support/passwords.php

Secure Password Generator -

http://www.andrewscompanies.com/tools/passwords.asp

Gmail flaw shows value of strong passwords -

"The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings." -

http://windowssecrets.com/2009/08/06/...

Note well: most websites that hold sensitive information that can be accessed by logging in by entering a user name or e-mail address and a password don't allow more than a certain number of attempts (usually three) before the attempts are stopped. Any password-cracking software would have to log on, try three attempts, log off, and then log on again and try another three attempts, etc. The only reason password-cracking software can crack passwords is because it can make many millions of guesses in a minute. The cap on the number of logons allowed from a single IP adress is why the thieves have resorted to using e-mail messages made to look as if they came from eBay, banks, and PayPal, etc., in order to trick clients into providing their login information.

Here is the reply I received from PayPal when I asked how secure a user's website account is if a user's e-mail address can be discovered just by running it on the user's website, and then only a password is required to gain access to that account:

"Thank you for contacting PayPal. We apologize for the delay in responding to your service request. I can assure you that PayPal goes above and beyond when it comes to the safety of your account and personal information. PayPal has several barriers for hackers to go through. Even if someone attempted to figure out your password an account will be locked after a certain number of failed attempts just as one example."

7. - Set a password for Windows XP/Windows Vista

If you are using Windows XP Home Edition, make sure that you set a password that you have to enter in order to logon at start-up. When you set a password, you can create a prompt that reminds you what the password is without revealing it. If you happen to forget the password, just click the question mark beside the logon box on the Welcome screen to make the reminder appear.

In Windows Vista, passwords are set for each User Account. To access the User Accounts, click on the Start button, open the Control Panel and click on User Accounts and Family Safety. If you're using the Control Panel 's Classic View, which makes the Control Panel look as it does in Windows XP, you won't see User Accounts and Family Safety, so just double-click on the User Accounts icon. The following article shows you how to set passwords for User Accounts.

Securing Your Windows Vista Computer -

http://www.cmu.edu/computing/documentation/secure_win/secure_vista.html

How To Create a Windows Vista Password Reset Disk -

"Creating a Windows Vista password reset disk can really come in handy if you forget your account password. With it, you can easily reset your password and get right in to Windows Vista. While there are ways to recover lost passwords without a password reset disk, they are often complicated and time consuming..."

http://pcsupport.about.com/od/windowsvista/ht/vistapwdisk.htm

Note that the logon passwords that you can set for Windows 95, Windows 98, and Windows Me are a waste of time, because anyone just has to click the Cancel button to get past them. Only the passwords used by the Windows NT family of operating systems (Windows NT, Windows 2000, and Windows XP) cannot be bypassed.

You, the computer's owner, are the Administrator. You don't have to set a password when The Home Edition of XP is installed as you do have to with the Professional Edition. This means that anyone who can turn the computer on can access the system and make any changes to it that you are able to, including changing the password. If you have a brand-name PC with the Home Edition pre-installed, it probably won't have a password set. Note well that an Administrator account without a password makes it more vulnerable to potential hackers.

In the Home Edition of XP, you use User Accounts in the Control Panel to set a password for the Administrator account.

****

I Forgot My Administrator Password! - Can't Log On to Windows XP?

Visit the Recovering Windows XP page on this site for information on how to recover a forgotten Administrator login password.

How to keep your data private in Windows XP

Neither Windows XP Home Edition, nor XP Professional Edition can protect a specific folder or file with a password. You can only password-protect an Administrator or a Limited User Account. Moreover, Windows XP has to be using its native NTFS file system, not FAT32.

Keep data Private - http://www3.telus.net/dandemar/private.htm

8. - Never respond to e-mail messages that ask for your log-in and account details

Never respond to e-mail messages that seem to come from banks, PayPal, eBay, etc., that ask you to verify your account details, or e-mails saying that you have received an e-card greeting, because they are all methods of obtaining your user names and passwords, or of installing Trojan backdoor software that can send your personal information back to its originator from your computer.

If you receive a message that says you have received an e-card, which doesn't use your name and provides a link to click, if you click it, you'll be taken to what looks like a genuine e-card site. You'll have to enter the code that was provided in the e-mail message in order to gain access to a non-existent e-card, but when you enter the code a message saying something such as, "Your browser doesn't have a Flash player for e-cards". Your browser will then produce a message asking if you want to download and install a file. Refuse permission, because that file isn't a Flash player, it's a Trojan backdoor program that will compromise the security of your computer.

9. - Make restorable backups

Make sure that you use some kind of backup system regularly that enables you to recover from a system failure that makes Windows unable to start up. There are many ways to creat all kinds of backups, with many different programs, tools / utilities. You can create a restoarble master image of the entire system and burn it to recordable CD/DVDs, or, if you have a Windows CD and the CDs/DVDs of your application software, you can just make backups of the data files and settings. In the event of an irrecovable system crash, you can reinstall Windows and all of your applications and then restore your data files and settings.

Visit this page on this site for more information: Software: Data Recovery - Back-ups - Programs and Methods Used to Create Backups.

10. Actions to take if your computer is infected by a virus or spyware

No security precautions are foolproof. The actions to be taken should you computer be infected by a virus or spyware are listed very well on this page:

A step-by-step guide to dancing The Security Tango! -

http://securitytango.com/tango.php

Windows Live Safety Center

"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." -

http://safety.live.com/site/en-US/default.htm

The "Windows XP Security Console" - by Doug Knox, MVP

"When you're outside of a domain environment, XP has some features missing. XP Home leaves you completely without the Group Policy Editor, while XP Pro lacks the ability to use the Group Policy Editor to selectively apply policies to specific users. Well, that's about to change. Doug's Windows XP Security Console allows you to assign various restrictions to specific users, whether you're running XP Pro or XP Home." -

http://www.dougknox.com/xp/utils/xp_securityconsole.htm

Windows XP: Why you should not run your computer as a Computer administrator

From Help and Support in Windows XP: "When you run Microsoft Windows XP Service Pack 2 (SP2) [or any other version of Windows XP] using the Computer administrator account, your computer is more vulnerable to viruses and other security risks than when you use the Limited account. For example, if you are using the Computer administrator account when you visit a Web site that contains a virus, a Trojan horse might be installed on your computer where it could do things like reformat your hard drive, delete all your files, or create a new user account with administrative access. By contrast, if you are using the Limited account when you visit an Internet site that contains a virus, your computer is less likely to be infected by it. The Limited account is the most reliable account type because it does not allow users to download or install programs (activities that make a computer vulnerable if not done correctly). You can perform routine tasks, such as running programs and visiting Internet sites, without exposing your computer to unnecessary risk. The Limited account can restrict you from running certain programs and prohibit you from installing programs or adding printers. If you need to install a program, add a printer, change system settings, or run a specific program that won't work under the Limited account, you can log off and then log back on using the Computer administrator account. If you frequently need to log on as an administrator, you can use the runas command to start programs as an administrator. For more information about using the runas command, click Related Topics."

Note that a Limited account does not provide complete protection against virus infection, because some sophisticated viruses can install themselves in one, such as the Antivirus 2008/Antivirus 2009 virus, which goes by several other names. Moreover, Limited accounts can be the cause of problems such as the PC's antivirus scanner not being able to update from it. If you have children, you will also be constantly asked to install or run a program that requires administrator approval.

There is no need to use a Limited account in Windows Vista because of its User Account Control feature that asks for user permission before any software can be installed.

Understanding Windows Vista's User Account Control -

http://www.windowsdevcenter.com/pub/a/windows/2007/02/06/...

User Account Control Overview -

http://technet.microsoft.com/en-us/windowsvista/aa906021.aspx

You can create a Limited account under User Accounts in the Control Panel. You have to do that yourself because Windows XP only creates the Computer administrator account by default.

****

USEFUL SECURITY TIPS

How to make it necessary to enter a password to use Windows XP when you leave your computer unattended

If your Windows XP PC doesn't require a password to be entered in order to allow Windows to start up past the password entry point, set an Administrator or User Account password under Start => Control Panel => User Accounts. Then, when you leave the computer unattended just press one of the Windows keys that have a Windows flag on them and the L key (in upper or lower case). Windows doesn't shut down, but the password entry screen appears and the password has to be entered in order to be able to use the computer.

How to detect and remove viruses that can hide themselves from virus scanners

There are viruses that are capable of hiding themselves from the virus scanner used to monitor a system while online in real time (you shouldn't use more than one to monitor an online connection), or the virus scanners you use to scan the system offline. If your system is infected with such a virus, you therefore need a way of scanning the system before the virus can load itself during system start-up. You can do this by pressing the F8 key repeatedly after the memory count and before Windows loads. This brings up a boot menu. Choose the option called Safe Mode with Networking. This mode prevents most viruses from running while also allowing you to go online to scan the system with a free online virus scanner such as the one here: http://housecall.trendmicro.com/.

You might also be able to run any virus scanners installed in the system in that mode.

How to get rid of download requests from a website that won't go away

The creators of malware (spyware and adware) often use tricks to get you to install it, such as when a message produced by a website repeatedly asks you to accept a download even after you've clicked No. If this happens, don't ever click Yes. Instead try closing the webpage that required you to accept the download by clicking on the X in the corner of the page's window. Alternatively, close the connection down and log on to the Internet again. If the page won't close, use the Ctrl + Alt + Del key combination and shut the browser itself (Internet Explorer, Firefox, etc.) down. If you visit a site that continually displays pop-up windows of that kind it should be avoided in order to prevent the security of your system from being compromised.

****

Don't have more than one software firewall, virus or spyware scanner monitoring the system at the same time

It is advisable never to have more than one one software firewall, virus scanner, or spyware monitor providing active reat-time protection at the same time. Doing so can usually slow the system down severely, and the different software can conflict and prevent two virus scanners, etc., from providing proper active real-time protection. However, I have been using the free version of ZoneAlarm in conjunction with the Windows Firewall in Windows XP/Windows Vista without any problems, probably because they are both basic firewalls, not the complex paid-for products. Just make sure that the following setting in ZoneAlarm is disabled otherwise it disables the Windows Firewall: Firewall => Main tab => Advanced button => Disable Windows Firewall. (Unfortunately, the free version of ZoneAlarm will not install on Windows Vista Beta 2.) With the complex products, it is all right to use different scanners on the same system as long as you run their scans separately. This is desirable with virus and spyware scanners because none of them provides complete protection. For example, I have discovered that running the free online virus scanner provided by Trend Micro from http://housecall.trendmicro.com/ can identify and remove viruses that other scanners miss.

Note that other security products, such as Norton AntiVirus, also have a setting that disables the Windows Firewall that is enabled by default. You can check if it is turned on or off under Start => Control Panel => Windows Firewall.

Note that it is all right and advisable to make use of a software firewall in conjunction with the a hardware firewall, such as the limited hardware firewall protection that broadband routers can provide. And note that the firewall that is built into Windows XP doesn't detect or warn against traffic that is outward bound from the computer, it can only detect and prevent traffic that is inward bound. For that reason, you should disable it and use a software firewall that protects against outgoing and incoming traffic, such as ZoneAlarm. Viruses and Trojans, etc., once installed, always try to phone home. They create outgoing traffic that the Windows firewall can't detect or stop.

How often should full system scans of a computer be run?

The most intensive scan on a computer is the usually a virus scan with an updated virus scanner. But, if the computer has active, always-on, real-time virus and spyware protection running constantly, full scans are mostly unnecessary because they doesn't usually find any viruses or serious spyware. This is the case with me, and I can't recall the last time a virus scan found a virus on any of my computers, so I run a full virus scan and full spyware scans only once a week, just in case a dangerous virus or some spyware somehow managed to slip through undetected.

SpywareBlaster and Spybot Search & Destroy (regularly updated) are set to inoculate the Windows Registry in each of my computers against most e-mail and website infections, the StartupMonitor, Microsoft's Windows Defender, and a software firewall (ZoneAlarm) are running constantly. Consequently, scans with Ad-Aware and Spybot Search & Destroy usually only report tracking cookies that are a very low security risk. Therefore, I run those spyware removal tools only every week or two.

In short, if you have good security tools that are constantly monitoring a system live and in real time, there is little or no need to run regular full system scans.

Beware of phoney laptop hotspots

For those of you who don't know, a hotspot is a place that allows a user equipped with a laptop computer that is itself equipped with a wireless network adapter to log on to the Internet, either as a free or as a paid-for service.

It can be difficult to determine if you have logged on to to genuine hotspot or not. All a con artist has to do is give the wireless connection installed on a laptop a plausible name or SSID (Service Set Identifier), and set it to be connected to on an Ad Hoc basis that connects computers equipped with wireless adapters directly to each other instead of via a wireless access point (a wireless switch). Then, when someone comes along to the bar or pub, etc., who is under the impression that it offers a hotspot to its customers, that person's wireless-equipped laptop will identify all of the open networks in the area. If the person decides to network with the con artist's computer instead of make use of the genuine hotspot, he or she won't be connected to the web. If the genuine hotspot requires users to enter a credit-card number before it allows them to use it, the con artist can create a phoney web page that allows those details to be stolen. If the unsuspecting person is able to make use of websites, such as the sites of banks, etc., they have been cached on the con artist's laptop computer. Any logon or account details that the person enters will also be made known to the thief.

Anyone who makes use of a hotspot is best advised to make use of them to access public websites only, but if you have to access a private account of any kind, you should make sure that the site address starts with https:// instead of just the http:// and that the secure yellow padlock icon appears on the bottom bar of the browser that means that the connection to the site is securely encrypted. You should also make sure that your wireless network settings are set so that you have to connect manually instead of automatically to wireless networks or hotspots.

To disable the ability of Windows XP to connect automatically to any available network or hotspot, double-click the wireless network's icon in the System Tray (Notification Area) in the bottom left corner of the screen. In the window that presents itself, click Change the order of preferred networks, and then click the Advanced button that appears under the Wireless Networks tab. Enable the Access point only option and disable the the Automatically connect option, and click on Close.

How to protect yourself at wireless hot spots -

"They can be an invitation to disaster, says Preston Gralla, who offers a surefire plan to avoid security breaches." -

http://www.computerworld.com/action/...=9007142&intsrc=news_rfavs

How spammers trick you into revealing that your e-mail address is valid

The spammers send you an e-mail of the kind shown below that will outrage you so that you click the link they provide in the message. By clicking it you confirm that your e-mail address is valid and active. They can then sell the address to advertisers, so never click the link, and, for the same reason, never click the unsubscribe link on any other e-mail message, no matter how much you want to stop the messages being sent to you, because a flood of other spam no doubt come your way.

Hello! It has been requested that the following address: dave1234@paye.com should be added to the [an extremist group is named here] mailing list. You have been successfully subscribed to our mail list.

Thank you.

To unsubscribe from our mail list, just click this link:

****

NETWORKING AND NETWORK PROBLEM-SOLVING INFORMATION ON THIS SITE

Click here! to go directly to information on this site on wireless networks, and visit the Networking Problems pages to find out which problems have been covered.

Intrusion Detection Software (IDS)

Consider using some Intrusion Detection Software (IDS), which can often catch intrusions that virus and spyware scanners and tools (IPS - Intrusion Prevention Software) miss, but which all too often uses up plenty of system resources. Therefore choosing the right product can be difficult, involving trading off the degree of protection that is provided against the system resources used.

IDS programs detect malware trying to get into a computer by judging its behaviour instead of matching a signature. It's analogous to a detective catching a thief by looking for his methods of operation instead of finding his fingerprints. Anyone who uses WinPatrol or SpyBot's TeaTimer are using a form of IDS.

Many IPS programs, such as Spybot S&D, also contain an IDS program, such as the Spybot TeaTimer.

Free Intrusion Detection (IDS) and Prevention (IPS) Software -

http://netsecurity.about.com/od/intrusiondetectionid1/a/aafreeids.htm

Mike Lin's Start-up Monitor informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up. This is a valuable line of defence that is well worth installing. You can obtain the program free of charge. If you find it useful you can give Mike a donation from his site - http://www.mlin.net/.

Recommended spyware removal tools

Windows Defender [Beta 2] -

Microsoft AntiSpyware, currently free, has been renamed Windows Defender and been given a new user interface. It is essentially the same spyware monitor and removal tool, but it has been improved and streamlined. A download link and the details can be found here:

http://microsoft.com/athome/security/spyware/software/about/overview.mspx

The Windows Defender home page also provides a download link:

http://microsoft.com/athome/security/spyware/software/default.mspx

Sunbelt CounterSpy is an excellent product that can find spyware and backdoor Trojans that can make an infected computer send information to a remote location on the web, or download and install more software that compromises the computer's security.

"This is a great anti-spyware program..." An excellent spyware detection rate and exceptional value made CounterSpy Computer Shopper Magazine's Best Buy Award winner for fall 2006!" - Download the Free 15-Day Trial -

http://www.sunbelt-software.com/CounterSpy.cfm

Comodo BOClean : Anti-Malware Version 4.25 -

"Protect yourself [free of charge] from online identity theft. The greatest threat on the Internet today is having your personal information hijacked remotely" -

http://www.comodo.com/boclean/boclean.html

Microsoft Windows Malicious Software Removal Tool (KB890830):

"Overview - The Microsoft Windows Malicious Software Removal Tool checks Windows XP, Windows 2000, and Windows Server 2003 computers for and helps remove infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. The tool creates a log file named mrt.log in the %WINDIR%\debug folder. This tool is not a replacement for an anti-virus product. To help protect your computer, you should use an anti-virus product. Microsoft will release an updated version of this tool on the second Tuesday of each month. New versions will be made available through this web page, Windows Update, and the Malicious Software Removal Tool Web site on Microsoft.com. To have the newest versions automatically delivered and installed as soon as they are released, set the Automatic Updates feature (in the Control Panel) to Automatic. The version of this tool delivered by Windows Update runs on your computer once a month, in the background. If an infection is found, the tool will display a status report the next time you start your computer. If you would like to run this tool more than once a month, run the version that is available from this Web page or use the version on the Malicious Software Removal Tool Web site."

SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html

Spybot Search & Destroy: http://www.safer-networking.org/en/download/index.html

Ad-Aware Personal Edition: http://www.lavasoftusa.com/software/adaware/

The ewido security suite

ewido - "Anti-Virus programs offer insufficient protection against urgently growing threats like Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. That's where the protection of the ewido security suite starts and supplements existing security applications to a complete security system, because only a complete security system works effectively. Does the ewido security suite work under Windows 95, 98 and Me? Unfortunately the ewido security suite only works with Windows 2000 and XP as it was developed to use many of the features introduced with Windows 2000. Also we currently can't and most likely won't provide a version for older Windows versions in future." -

http://www.ewido.net/

Note that ewido has merged with Grisoft, the developers of the AVG spyware and virus scanners. ewido anti-spyware 4.0 has been replaced by AVG Anti-Spyware 7.5 and is no longer available for sale and download from ewido's site.

Antivirus Specialist GRISOFT Acquires Anti-malware Expert Ewido Networks -

http://www.ewido.net/en/press/20060419a/

How to make a wireless network secure

There are special security measures that have to be implemented to make a wireless network secure. Read the Q&A on this site called How can a wireless network be made secure?

Security and the Java Virtual Machine (JVM)

Click here! to go to information on the JVM on this site. There can be problems involved with it because the JVM created and updated by it creator, Sun, might differ from Microsoft's version, and some websites can use the Sun version and others can use Microsoft's version.

THE SECURITY OF DATA IN FLASH DRIVES

Crucial no longer provides security software with its flash drives because of having to devote too much time to support issues. There's no need to worry if that is the case with a flash drive you've purchased. If you want to keep the data on a flash drive secure, you can make use of a third-party encryption utility, many of which are free. If the data on the flash drive is scrambled to a high degree it's secure because only expert hackers could crack the encryption, which none of them would bother to do. There are utilities, such as WinZip, that can compress and encrypt files by using up to 256-bit AES encryption so that they take up about half or less of their uncompressed space, making them secure from everyone who isn't an expert hacker. WinZip isn't free, but there are many free standard encryption tools, most of which don't provide compression, that are nevertheless very easy to use.

Click on http://www.google.com/search?q=free+file+folder+encrypt to run a Google search for them, or make use of the Google search box provided at the top of this page to conduct your own search.

Click here! to go directly to information on flash drives on this site.

CCleaner

CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as the index.dat files, one of which contains a history of your browsing that cannot be deleted while Windows is running because it is a system file. If Microsoft can gain access to the file, which seems most likely, it has a history of the sites you visit. It is fast, usually taking less that a second to run, and contains no spyware or adware. - http://www.ccleaner.com/


This article consists of two pages. Click here! to go to Page 2.

To the top of the page
Next page

PC Buyer Beware! Copyright © Eric Legge 2004-2009. All right reserved.