|
| ||||||||||||||||||||||||||||||||
|
Scroll down the 30+ pages on the A-to-Z menu: To support this site: |
Forewarned is forearmed... | |||||||||||||||||||||||||||||||
|
PC Security: How to Make Computers Secure from Hackers, Viruses, Trojans, Spyware, Adware, and Phishing Scams - Page 2Last updated on 14 February 2008
INDEX
Click the relevant link to go to that information on this page: The tricks used by hackers and web tricksters Data encryption and compression Microsoft Knowledge Base: Security articles Security and Internet products: Reviews "Rootkits" are posing a new security threat to Windows systems Computer Gripes: Software security issues Using the HijackThis and CWShredder removal tools Security Q&A problems dealt with on this site Computer security: Relevant links to other sites
The tricks used by phising sites, hackers, and web tricksters1. - Take care if you receive e-mail messages suggesting that you search your system for certain named files and then delete them immediately because they're virus files. The chances are that they're crucial system files that will render your system unusable if removed. - Always only use an antivirus application that is updated regularly to find and deal with viruses. 2. - E-mail is the easiest way to sneak a malicious (virus) or invasive program (Trojan or spyware) into your computer. According to the Kaspersky Lab, the creator of Kaspersky antivirus software, over 90% of viruses are delivered via e-mail. So, if you haven't got your e-mail program (usually Outlook Express), your browser (usually Internet Explorer), Windows, and a software firewall (usually ZoneAlarm), set up not to open e-mail attachments, or run ActiveX and JavaScript components, etc., and you receive an unexpected or strange e-mail message, just delete it. Or use a program, such as MailWasher, which shows you what the e-mail messages headers are before you download them, and allows you to delete them before they're downloaded, blacklist, or bounce them. Especially don't install Windows updates that appear to have been sent by Microsoft, because MICROSOFT DOES NOT E-MAIL UPDATES! If you installed the patch that came as an attachment to an e-mail or that takes you to a phoney site, such as the following example, you will be installing a virus or Trojan backdoor program that allows a hacker to gain remote access to your computer. "Microsoft Customer, This is the latest version of security update, the "April 2006, Cumulative Patch" update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches." But the best action you can take is to switch to using Mozilla's alternative programs - Firefox (browser) and Thunderbird (e-mail client/ program). There are some very authentic-looking e-mail messages purporting to come from Microsoft Update, which attempt to seduce an unwary user into installing the latest "security patch" that is attached to the message. Of course, the attachment contains a virus or worm. These e-mail messages look as if they could be the real thing and even contain valid links to Microsoft's site. But they can never be the real thing because Microsoft never sends security updates with e-mail messages! You have to obtain them from official sources such as Microsoft Update. Learn How to Tell If a Security Bulletin is Really from Microsoft: http://www.microsoft.com/security/incident/authenticate_mail.mspx There are other less convincing trick messages that apologise for not sending you an attached "free program", or which return an undelivered message to you as an attachment. There is also a scam involving e-mails supposedly from eBay that look genuine and require confirmation of your eBay account details, saying that your ability to trade using eBay will be impaired if you don't confirm them. No business or bank, including eBay, requires its customers to confirm their account details by e-mail. 3. - Even the configuration changes to Internet Explorer in Windows XP SP2 don’t protect an unsuspecting user from a new phishing technique demonstrated by a British Web developer and detailed here: "New Phishing Technique Works on Multiple Browsers"Unfortunately, the technique also works when using other browsers. Using Mozilla Firefox, a programmer has shown that he can fake a site’s appearance so that visitors believe that they're using a safe site. Phishing is the term applied to tricking users into providing personal information such as account numbers and passwords via a phoney site that looks like the real one, the surfing victim is totally unaware that they are not at the site they intended. Malicious hackers frequently lure victims to convincing replicas of e-commerce sites such as eBay, where they're tricked into handing over financial and other private information. The method is said to be a key tool in credit card and identity theft. Miscreants have been hard at work sending out fake "click to confirm your account info" e-mails, supposedly from AOL, eBay, and PayPal, which lure the unwary to faked sites where they're asked to provide their account details for one phoney reason or another. It has now come to light that a bug in Internet Explorer allows the web addresses of faked sites to appear as if they're the real ones. The bug allows hackers to use a technique to display a false web address for a faked site. Therefore, never link to a site via a "friendly" third-party link, always enter the site's Home Page address yourself in the Address bar, and then access the site's other pages from it.
The Phishing Filter in Internet Explorer 7 (IE7) I used to have an example here of a site's link that had a visible address but was linked to a different site, but Internet Explorer 7 (IE7), due for official release some time in the second half of 2006, has a Phishing Filter that will mark this page as a suspicious page if I were to leave it in, so I removed it. If the filter detects a suspicious site, it makes the address bar go yellow, and a message saying Suspicious Website appears in a box beside it. The Phishing Filter issues warnings about sites or webpages that show legitimate website addresses that link to sites that are illegitimate and designed to defraud the user or obtain bank account passwords, etc. To find out more about the filter, open Internet Explorer 7, click Help => Contents and Index and enter phishing in the search box. You can download IE7 from http://support.microsoft.com/. Another very convincing phishing scamScams that make users give away their passwords and other log-in details are becoming so sophisticated and difficult to spot as being con tricks that it is now imperative that people make sure that they never respond to e-mail messages from financial companies and banks unless they contact the business named in them first for authentication. I have just received an e-mail with this heading: PayPal account suspended. When I opened it, the message said that there was a problem with my PayPal account and that I had to click what looked like a genuine PayPal link. But when I held the cursor of my mouse over the link, the real link that had nothing to do with PayPal was revealed in the bottom left-hand corner of the taskbar. Clicking on it led to a page that looked like the real PayPal log-in page on which clients enter an e-mail address and password. The page had all of the usual PayPal site menus, and even went to the real pages when I clicked on any of them. But the log-in page itself was a fake page that would deliver the login entries to the low-life con artists instead of to the PayPal site. PayPal would never send such an e-mail in the first place, but if it did, the link to a log-in page would bring up a page that indicates that it is a secure page - on the page itself, and by showing the padlock icon in the browser's taskbar. The con artists can create a fake padlock icon on the page itself that is described as a "Secure log in", etc., but they cannot create secure pages that display a padlock icon that appears on the taskbar in the bottom right-hand side of the screen. Therefore, always look for it when you log on to a site that provides banking and financial services. The low-life authors of these e-mail messages don't know that you have an account with any particular financial business; they merely send the e-mails to millions of known e-mail addresses and then just let the ignorance of some members of the public reap ill-gotten rewards for them. If I had entered a fake password and e-mail address in the faked PayPal page, it would have accepted it, because it is designed to harvest the information no matter what it is. The real PayPal site would reject unrecognised log-in information. Therefore, you can test if a log-in page is genuine by using fake log-in information, but, if you do, you are telling the fake site that the e-mail address used in the scam is valid, and you are likely to receive increased levels of spam. The blended phishing scamAn email arrives from your bank informing you of a new feature or offer. The site looks authentic, which it is, but a popup window appears asking you to sign-in to view the details of the bank's new feature or offer. You enter your password and another popup window appears with details of the offer. At the bottom of the window you are asked to log off to protect your security, which, of course, you do. It all looks very normal, however your login name and password are now on a computer hacker's computer almost anywhere in the world. These phishing tricks have become so sophisticated that it's becoming too difficult to tell them apart from the real thing, therefore, it's high time that users started deleting all e-mail from financial institutions. If you think that you can't be fooled, try seeing through the scams on this page: http://www.netriplex.com/phishfraud/phishing_test.aspx. The simplest phishing trick to dateMalicious websites can change the contents of pop-up windows created by trusted websites such as online banks by making use of features built into browsers such as Internet Explorer 6.0, Mozilla 1.7.3, Mozilla Firefox 1.0, Netscape 7.2, Apple's Safari 1.2.4, Opera 7.54, and KDE's Konqueror 3.2.2-6. Other versions of these browsers might also be affected. Users would not be aware that alien content has been introduced into a pop-up window. Secunia’s chief technology officer, Thomas Kristensen, has described the problem as perhaps the simplest phishing trick that has emerged to date. Secunia has given this vulnerability a "moderately critical" rating. It advises users not to browse untrusted sites while browsing trusted sites. In other words, if you're going to use a trusted site, such as an online bank, visit it first, conduct your business, and log out before you visit any untrusted sites. Secure https:// sitesNote well that if you click on a link that is asking you to provide confidential data, make sure that it goes to a secure webpage. A secure site has https:// in the web address instead of just http://. The s in the address stands for secure. A small padlock icon must appear on the status bar on the bottom right-hand side of the browser's window. Clicking on the padlock reveals the details of the security certificate - an SSL secure certificate that has been issued to the website, and it should reveal a particular secure website's real address. SSL stands for Secure Sockets Layer, which allows information between a website (the network server computer within which the website resides) and a web browser, such Internet Explorer, to be encrypted (encoded), thereby securing the information being sent online. However, if an e-commerce (electronic commerce) website doesn't have an SSL secure certificate, then visitors who make a payment receive a "certification not valid" error message from their browser. An SSL secure certificate provides the customers of an e-commerce website with the comfortable feeling that they're dealing with verified traders and businesses, not thieves. The owners of an e-commerce website have to purchase the right to use SSL before they can use an SSL secure certificate. Fly-by-night thieves can't do that because doing so will identify them and lead the police straight to them should they use it to steal money from consumers. A site devoted to phishing scams: http://www.netriplex.com/phishfraud/ Put your anti-phishing-scams skill to the test on the site here: Test your Phishing Skills: http://www.netriplex.com/phishfraud/phishing_test.aspx Zonelabs.com: - Protect Yourself from Phishing Scams [The link is too long to show] Anti-Phishing Working Group: http://www.antiphishing.org/ Read the article called, How to surf the Internet more safely with Internet Explorer here: http://www.infinisource.com/techfiles/surf-safe.html.
The safest way to upgrade RAM: Use the UK and US Crucial Memory AdvisorsPaul Mullen, the highly-respected computer guru of the Helpfile at ComputerShopper.co.uk - "I have recently been buying my memory only from Crucial Technology. I would rather pay the extra cost than waste time trying to track down the obscure program faults that bad memory can cause." The memory requirements of the versions of Windows VistaMost of the versions of Windows Vista require more RAM memory to run optimally on a computer that doesn't use memory-hungry applications than Windows XP. A video-editing application is an example of memory-intensive software. Only Windows Vista Home Basic has a recommended minimum amount of memory of 512MB, which is the same amount recommended for Windows XP. Windows Vista Home Premium, the most popular version, and Windows Vista Ultimate require a recommended minimum of 1GB (1024MB) of memory, which is twice the amount of minimum memory recommended to run Windows XP. For more information on computer memory, read the RAM pages of this site.
For example, if your computer has an Asus motherboard, open the menu, scroll down to ASUS, and click GO. If, say, you have a Dell computer, scroll down to DELL, and do likewise. You will be taken to the relevant information on Crucial's website. If you don't know the make and model of the motherboard installed in your computer, here is a good free utility - Belarc Advisor - that creates an analysis of the hardware and software on a personal computer. Look under FREE DOWNLOAD - http://www.belarc.com/. Another utility that also provides detailed information on the memory itself is CPU-Z. Data encryption and compressionClick here! to go to the information on data encryption and compression on this website. Microsoft Knowledge Base: Security-related articlesClick an article's six-digit number to go to that article. For the links to other security-related Knowledge-Base articles (on firewalls, passwords, etc.) go to the Diagnostics page on this site.
Security and Internet products: ReviewsComputer Shopper (UK) Security page: http://www.pcpro.co.uk/shopper/security/ Security products - http://www.pcpro.co.uk/shopper/archiveproductsearch/32/Security Internet products - http://www.pcpro.co.uk/shopper/archiveproductsearch/23/Internet PC Magazine - Security Suites 2008 - http://www.pcmag.com/article2/0,2704,2231625,00.asp Top All-in-One Security Suites - http://www.pcworld.com/article/id,140127/article.html Computer Shopper (USA) - CyberCops: Six Security Software Suite Reviews - http://computershopper.com/feature/... An Intrusion Detection Software (IDS) guide - http://www.techsupportalert.com/intrusion-detection.htm ewido free spyware scanner reviewed - http://tinyurl.com/7sk6y Scot Finnie has written about the Comodo, Jetico, Kerio, and Look 'n' Stop firewalls, which he recommends, in this April 2007 newsletter: http://www.scotsnewsletter.com/90.htm. Note that ewido has merged with Grisoft, the developers of the AVG spyware and virus scanners. ewido anti-spyware 4.0 has been replaced by AVG Anti-Spyware 7.5 and is no longer available for sale and download from ewido's site. Antivirus Specialist GRISOFT Acquires Anti-malware Expert Ewido Networks - http://www.ewido.net/en/press/20060419a/ "Rootkits" are posing a new security threat to Windows systems"Rootkits" - powerful collections of programs working in unision that can be used to monitor a system or network secretly - are becoming an ever-increasing security risk to computer and network administrators. Computer security expert Mark Russinovich, the man who discovered the infamous Sony CD Rootkits defines a Rootkit as: "Software that hides itself or other objects, such as files, processes, and Registry keys, from view of standard diagnostic, administrative, and security software." The name Rootkit originated long ago in relation to the UNIX operating system. A Rootkit on the UNIX platform generally describes a collection of tools that can obtain and maintain root access to a system by using stealth programming techniques. On the Windows platform, the tools that can gain root file access to the system exploit known system vulnerabilities. Maintaining access is accomplished by installing a backdoor Trojan program on the system. In Windows, a separate tool hides the other Rootkit tools that have infected the system. It can hide files, folders, user accounts, system processes, registry entries, and even network connections. The system has to be compromised in order for the Rootkit tools to be installed, something that can be achieved by the latest spyware and adware. Once a computer has been infected, the collection of Rootkit programs is used to control the system, or locate sensitive information on the system and upload it to its manipulator. The Rootkit programs are invisible to most of the current detection tools such as antivirus, network intrusion and detection, and antispyware products. How to protect a computer against Rootkit programsAs explained, the Rootkits that can infect Windows systems need to compromise it beforehand. Therefore, the main defence against having the system compromised in the first place is to make sure that all of the security updates and patches available for the operating system are installed. For Windows systems, visit the Microsoft Update site. A current virus scanner loaded with the latest virus definitions should also be set to monitor the system. Examining the services and processes that are running on the system on a regular basis is also advisable. On larger networks, host scanning can provide the system administrator with valuable information that indicates a compromised system. A free utility from Sysinternals, such as TCPView, shows which applications have opened web ports on the system. Another tool made available free from Sysinternals is called the Process Explorer. Sysinternals was an independent organisation but it is now owned by Microsoft. Visit http://www.microsoft.com/technet/sysinternals/default.mspx for the great free utilities. It can identify the DLL files and processes that have been opened or loaded by a particular program. Rootkit information is available on Microsoft's site: Strider GhostBuster Rootkit Detection - http://research.microsoft.com/rootkit/ Get AVG Anti-Rootkit Free - "AVG Anti-Rootkit is a powerful tool with state-of-the-art technology for detection and removal of rootkits. Rootkits are used to hide the presence of a malicious object like trojans or keyloggers on your computer. If a threat uses rootkit technology to hide itself it is very hard to find the malware on your PC. AVG Anti-Rootkit gives you the power to find and delete the rootkit and to uncover the threat the rootkit is hiding." - http://free.grisoft.com/doc/avg-anti-rootkit-free/lng/us/tpl/v5 You should be able to find other tools by entering free + rootkit + reveal + detect + utility, in the Google search box at the top of this page (with its Web radio button selected).
Computer Gripes: Software security issuesThe creator of ComputerGripes.com says that the site is "devoted to what stinks about computer products (hardware, software, web sites); specifically to the problems I have experienced in using them. It exists because the errors, bugs, poor documentation, and occasional stupidity in the field drives me nuts." The site is worth visiting with regard to security issues because the information can be related to software security, such as the page devoted to the Adobe Acrobat PDF File Reader: http://www.computergripes.com/AdobeAcrobatReader.html If you have problems with a new version of a program, or it develops a security problem, you should visit OldVersion.com, where the old versions of many free programs that are no longer available are made available as free downloads: http://www.oldversion.com/. How to use the HijackThis and CWShredder spyware removal toolsClick on its title to go to this article for information on the HijackThis and CWShredder spyware removal tools: A website has hijacked Internet Explorer's Home page setting - AND other infection issues. PC security Q&A problems dealt with on this siteClick on its title to be taken to the problem or Q&A on another page of this site. Use your browser's Back button to return to this point on this page. 1. - Spyware and adware: Why a computer can suddenly slow down very markedly 2. - The System Restore feature in Windows XP stops working after cleaning a virus infection 4. - Why can't I schedule Norton AntiVirus in Windows XP? 5. - Problem: a recurring virus that hides in the system's System Volume Information folders 7. - The Blaster worm infects a new installation of Windows XP 8. - What keeps wanting to use my dial-up account to access the Internet? 9. - Half way through running it, the Windows XP SP2 update produces a "Control ID not found" error message [Provides advice on security utilities and removal tools.] **** 10. - Is it a security risk for a PC to have an ADSL connection always on? 12. - Problems posed by the Norton Internet Security suite 13. - A security alert prevents access to sites on the Internet 14. - Worm infection: A "Remote Call Procedure" (RCP) error keeps Windows XP shut down 15. - How can a wireless network be made secure? 16. - Various problems with Outlook Express 18. - How can I remove the Apropos virus/spyware from my PC? Computer security: Relevant links to other sitesANTI-VIRUS SCANNERS & SPYWARE REMOVAL TOOLS(Free if marked as such; otherwise you pay for them) ANTI-VIRUS SCANNERS AND VIRUS INFORMATION SITESProbably the best source of information about particular viruses - from Trend: The "Spyware Warrior" site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites. - http://www.spywarewarrior.com/ Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm In conjunction with an anti-virus application, you should use the free or paid-for version of the ZoneAlarm firewall (or any other good software firewall) that blocks unauthorised intrusions, and Mike Lin's Start-up Monitor that informs you if a program or Trojan wants to make itself a start-up program that loads at boot-up. AVG Anti-Virus Free - http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-free Get AVG Anti-Rootkit Free - "AVG Anti-Rootkit is a powerful tool with state-of-the-art technology for detection and removal of rootkits. Rootkits are used to hide the presence of a malicious object like trojans or keyloggers on your computer. If a threat uses rootkit technology to hide itself it is very hard to find the malware on your PC. AVG Anti-Rootkit gives you the power to find and delete the rootkit and to uncover the threat the rootkit is hiding." - http://free.grisoft.com/doc/avg-anti-rootkit-free/lng/us/tpl/v5 Free Avast Home Edition - http://www.avast.com/ Free Virus Scanner - http://free-av.com/ ClamWin - free antivirus for Windows - http://www.clamwin.com/ Windows Live Safety Center -"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." - http://safety.live.com/site/en-US/default.htm Sophos - Antivirus Alternative - http://www.sophos.com/ (Reviewed as the best Anti-virus program by Lockegnome) Nod32 - An excellent paid-for virus scanner from: http://www.nod32.com/ E-Trust - used to be the free InoculateIT - http://www.my-etrust.com/ Norton AntiVirus - http://www.symantec.com/ F-Secure Anti-Virus 2005 [Five-star reviews] - http://www.f-secure.com/ Steganos AntiVirus 7 - [Five-star reviews] - http://www.steganos.com/ McAfee VirusScan 2005 9 [Five-star reviews, but difficult to remove properly] - Panda Antivirus Platinum - http://www.pandasoftware.com/ Panda Activescan web-based antivirus tool - http://www.pandasoftware.com/activescan/ Download the program from the Internet in 6 minutes via a 56K modem. Install it and you can scan your system for viruses, worms, Trojans, etc. Virus files are updated daily for the best protection. Trend's PC-cillin - virus protection goes mobile. - Trend Micro adds PDA software, personal firewall, and Trojan-horse tools to its antivirus package - http://www.antivirus.com/pc-cillin/ Free online anti-virus screening from Trend - http://housecall.antivirus.com/ and http://housecall.trendmicro.com/ An excellent free online virus scanner from Kaspersky. Requires Internet Explorer 5.0 or higher. Firefox or other browsers won't work. - http://www.kaspersky.com/virusscanner Virus Bulletin - inter alia, lists the the antivirus programs that have passed or failed virus tests. - Billed as "Independent Anti-Virus Advice" - http://www.virusbtn.com/vb100/latest_comparative/index.xml VCatch 3.7 - free - W9x/2k/XP - 300KB - captures ICQ, e-mail, etc., viruses - Note that the VCatch utility downloads virus file updates automatically to your system from the Internet. Anti-Trojan softwareUnless your anti-virus solution deals with Trojan invasions, you should also use an anti-trojan application. Visit the following link for the relevant information. Anti-Trojan Comparison - http://www.hackfix.org/software/antitrojan.html ewido - "Anti-Virus programs offer insufficient protection against urgently growing threats like Trojans, Worms, Dialers, Hijackers, Spyware and Keyloggers. That's where the protection of the ewido security suite starts and supplements existing security applications to a complete security system, because only a complete security system works effectively. Does the ewido security suite work under Windows 95, 98 and Me? Unfortunately the ewido security suite only works with Windows 2000 and XP as it was developed to use many of the features introduced with Windows 2000. Also we currently can't and most likely won't provide a version for older Windows versions in future." - Note that ewido has merged with Grisoft, the developers of the AVG spyware and virus scanners. ewido anti-spyware 4.0 has been replaced by AVG Anti-Spyware 7.5 and is no longer available for sale and download from ewido's site. Antivirus Specialist GRISOFT Acquires Anti-malware Expert Ewido Networks - http://www.ewido.net/en/press/20060419a/ SPYWARE/ADWARE SITES AND REMOVAL TOOLSSpyware Stoppers - "Renegade programs can slip onto your system in an instant- and they can be maddeningly difficult to banish. Our tests reveal the most powerful tools for fighting back." - http://www.pcworld.com/article/id,119572-page,1/article.html The "Spyware Warrior" site - The Spyware Warrior site contains plenty of first-rate research on and insight into spyware threats and anti-spyware tools/utilities. It has a forum section that is well worth visiting. It stands out among all of the many other similar sites. - http://www.spywarewarrior.com/ The Spyware Warrior Guide to Anti-Spyware Programs - Feature Comparison: http://spywarewarrior.com/asw-features.htm Spyware Warrior - http://spywarewarrior.com/ - has been exposing fraudulent and misleading antispyware products for several years. If you see an enticing advertisement for an antispyware, which can be delivered by reputable sites such as Google, Live.com, and Yahoo, you should check its reputation on the Spyware Warrior site before making a purchase, because the advertisements for products that generate false positives in order to fool users into purchasing their 'cure', and/or which use aggressive or misleading advertising can appear before the product is discredited with the advertisers, who then withdraw the advertisements. XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners. XoftSpy - http://www.xsoftspy.com/ Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm XsoftSpy used to be considered a rogue scanner by spyware experts, but the Spyware Warrior site says that its problems have been sorted out, and it is therefore no longer considered a rogue product. It can also find spyware and Trojans not detected by other spyware scanners. XoftSpy - http://www.xsoftspy.com/ Anti-Spyware Testing - http://spywarewarrior.com/asw-test-guide.htm SiteAdvisor - You can use McAfee's SiteAdvisor for extra protection. It can warn you if you're visiting undesirable websites. - "We test the Web to help keep you safe from spyware, spam, viruses and online scams...The basic version of our software is free of charge. SiteAdvisor Plus is a paid version with additional premium features." - http://www.siteadvisor.com/ Windows Defender: Microsoft AntiSpyware has been renamed Windows Defender and been given a new user interface. It is essentially the same spyware monitor and removal tool, but it has been improved and streamlined. A download link and the details can be found here: http://microsoft.com/athome/security/spyware/software/about/overview.mspx The Windows Defender home page also provides a download link: http://microsoft.com/athome/security/spyware/software/default.mspx Windows Live Safety Center -"Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. Check for and remove viruses and spyware. Improve your PC's performance. Get rid of junk on your hard disk. Use the full service scan to check everything, or turn to the scanners and information in the service centers to meet your specific needs." - http://safety.live.com/site/en-US/default.htm Microsoft has provided some details of its plans for Windows Defender and several related products, such as Live Safety Center and One Care Live at http://tinyurl.com/ahfh4. Unfortunately, two of the five listed services look as if they are going to be charged for. However, Windows Defender, Windows Live Safety Center, and the Malicious Software Removal Tool are to remain free. If you're running AntiSpyware (beta 1), and want to use Windows Defender (beta 2), uninstall beta 1 and then install beta 2. Spybot Search & Destroy is probably the leading spyware/adware/malware removal tool. It can remove items that Ad-Aware SE Personal Edition leaves behind, so you are advised to use both utilities. You should run its Immunize feature every time you update the program. This prevents known spyware and malware from being installed in the first place. The Recovery feature allows you to reverse any changes that the program has implemented. Home Page - http://www.safer-networking.org/ Ad-Aware - removes spyware, adware and other malware from your computer. The new free version, called Ad-Aware SE Personal Edition, replaces Ad-Aware 6.0 and is a 2.48MB download. Go to http://www.lavasoftusa.com/ for more information. Here is one download location for the free version: http://www.majorgeeks.com/download506.html The German Home Page - http://www.lavasoft.de/ ewido - a free anti-spyware tool from Grisoft, the company that is responsible for the AVG antivirus scanner. - http://tinyurl.com/qrcox Note that ewido has merged with Grisoft, the developers of the AVG spyware and virus scanners. ewido anti-spyware 4.0 has been replaced by AVG Anti-Spyware 7.5 and is no longer available for sale and download from ewido's site. Antivirus Specialist GRISOFT Acquires Anti-malware Expert Ewido Networks - http://www.ewido.net/en/press/20060419a/ Comodo BOClean : Anti-Malware Version 4.25 - "Protect yourself [free of charge] from online identity theft. The greatest threat on the Internet today is having your personal information hijacked remotely" - http://www.comodo.com/boclean/boclean.html Spywareinfo.com - excellent site for the latest information on spyware: Spywareinfo.com is associated with the HijackThis and CWShredder removal tools. Click on its title to go to this article for information on the HijackThis and CWShredder removal tools: A website has hijacked Internet Explorer's Home page setting - AND other infection issues Free adware/spyware online scanning is available here: http://aumha.org/a/noads.htm, which implements Andrew Clover's marvellous parasite-scanning script. Microsoft® Windows® Malicious Software Removal Tool (KB890830): http://go.microsoft.com/fwlink/?LinkId=40458 CyberHawk - "Consumers spend over a billion dollars a year on security software to keep their PCs safe. Every month they spend countless hours configuring and updating their software. And yet every week millions of users are infected by new threats that their traditional antivirus does not stop. Why? Traditional antivirus solutions cannot protect you until after they've discovered a new threat and produced a signature to counter it. Cyberhawk is different. It does not rely on signatures, but instead constantly analyzes your computer's behavior to detect and block any malicious activity. Cyberhawk protects immediately so you know your PC and your valuable data is always secure..." - http://www.novatix.com/Cyberhawk/ SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html WinPatrol - one of PC World's top downloads of 2004. - "WinPatrol uses a heuristic approach to detecting attacks and violations of your computing environment. Traditional security programs scan your hard drive searching for previously identified threats. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You'll be removing dangerous new programs while others download new reference files." - http://www.winpatrol.com/ WinPatrol Community Forum: http://castlecops.com/forum105.html Note well that you may have to run Spybot and Ad-Aware and WinPatrol in Safe Mode in order to remove some spyware and adware. You can do that by pressing the F8 key just before Windows 98 or Windows XP starts to load at start-up. A boot menu presents itself with several boot options, including Safe Mode. SECURITY SITES, SOFTWARE FIREWALLS, AND OTHER PC SECURITY PRODUCTSNote that you must uninstall any firewall as fully as possible before installing a new one. Most firewall makers (including ZoneLabs, the creators of ZoneAlarm) have detailed instructions for doing so that go beyond using the Windows Add/Remove Programs utility. This is because one firewall program can leave entries in the Windows Registry that can interfere with the functioning of its own updates and other makes of software firewall. If you have been blacklisted by an ISP that has erroneously idenified your IP address as being a source of spam, visit http://www.mail-abuse.org to find out the reason so that you can defend yourself against it. SECURITY SITESMicrosoft Baseline Security Analyzer - "Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems." - http://www.microsoft.com/technet/security/tools/mbsahome.mspx Microsoft Security Center - http://www.microsoft.com/security/default.mspx Google Online Security Blog - "The latest news and insights from Google on security and safety on the Internet" - http://googleonlinesecurity.blogspot.com/ Secunia.com - http://secunia.com/ - monitors vulnerabilities in more than 4000 security products, including the Internet Explorer, Mozilla Firefox, and Opera browsers. A computer can have several old programs installed on it that require patches or updating in order not to be a security risk. The most common programs are Java, Flash Player, QuickTime, Adobe Reader, WinZip 8.x, RealPlayer, Yahoo! Messenger 8.x, and Winamp 5.x. Sometimes when you install the latest version, the old version can be left installed. If that is the case it doesn't present a security risk, because the latest version is being used. You can check if you have any unpatched software by downloading and using the free Secunia Personal Software Inspector. Secunia Personal Software Inspector (PSI) - "The Secunia PSI is available free of charge. Secure your PC. Patch your applications. Be proactive. Scan for Insecure and End-of-Life applications. Track your patch-performance week by week. Direct and easy access to security patches. Detect more than 300,000 unique application versions." - https://psi.secunia.com/ Zonelabs.com: - Protect Yourself from Phishing Scams [The link is too long to show] Anti-Phishing Working Group: http://www.antiphishing.org/ A site devoted to phishing scams: http://www.netriplex.com/phishfraud/ Put your anti-phishing-scams skill to the test on the site here: Test your Phishing Skills - http://www.netriplex.com/phishfraud/phishing_test.aspx ComputerGripes.com - The site is worth visiting with regard to security issues because the information can be related to software security, such as the page devoted to the Adobe Acrobat PDF File Reader: http://www.computergripes.com/AdobeAcrobatReader.html Intrusion Detection Software (IDS) Consider using some Intrusion Detection Software (IDS), which can often catch intrusions that virus and spyware scanners and tools miss, but which all too often uses up plenty of system resources. therefore choosing the right product can be difficult, involving trading off the degree of protection that is provided against the system resources used. An IDS guide is available free from: http://www.techsupportalert.com/intrusion-detection.htm Several of the reviewed IDS products are freeware. SpamPal - http://www.spampal.org - "My preferred method of spam filtering is still to blacklist mail coming from known sources of spam or open relay sites. The free SpamPal service allows you to use several different DNS Blacklist services that I find catches about 98 percent of spam with hardly any false positives." - Paul Mullen, Help guru for Computer Shopper. The Yahoo! Toolbar - installs as a toolbar in Internet Explorer - free download - two versions - the biggest of them offers the standard Search facility, can be set to block pop-up, and protects against spyware. Obtain it from http://www.yahoo.com/. Top 3 free Wi-Fi network security tools: Powerful Wireless Security Tools for Free - http://www.newsfactor.com/perl/story/22124.html Test the security of your system on-line - Steve Gibson's ShieldsUp - tests your systems security - free - https://grc.com/x/ne.dll?bh0bkyd2 PC Flank - Tests: Stealth - Ports - Browser - Trojans - Exploits - http://www.pcflank.com/about.htm CCleaner is a freeware system optimization and privacy tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as the index.dat files, one of which contains a history of your browsing that cannot be deleted while Windows is running because it is a system file. It is fast, usually taking less that a second to run, and contains no spyware or adware. - http://www.ccleaner.com/ A new source of security information and free downloads - http://www.saltmeadow.com/privacy/ Internet Sweeper - 1.7.6 - Win9.x/2000/XP - 88KB - free Clears incriminating Internet trails. Works with all of the main browsers - including AOL. http://www.geocities.com/Internet_Sweeper/ Security Clinic. This free IT security site continues to add new features, and is getting even better all the time. It not only has loads of useful info, but also a free "clinic" allows you to ask advice from more than 100 registered experts. - http://www.itsecurity.com/ VisualICE Web Intrusion Report Utility v4.2 - W9x/2k - 1.6MB - free - http://www.visualizesoftware.com/ PasswordTools.com - password-cracking tools for a wide range of software - Word, Excel, etc. - http://www.passwordtools.com/ The Windows Security Guide - http://security.winguides.com/ Freedom - a free firewall with plenty of extra features - http://www.freedom.net/ Gibson Research Corp - Home page - http://grc.com Shoot the Messenger - http://www.grc.com/stm/shootthemessenger.htm - Helps ensure that the Windows XP Messenger service is disabled so that Messenger-based pop-ups can't get through. Windows Messenger is a system-level network function that is exploited, and is not to be confuse with the MSN Messenger. UnPlug n' Pray - http://www.grc.com/unpnp/unpnp.htm - and the DCOMbobulator - http://www.grc.com/dcom/ - allow a Windows XP user to disable potentially dangerous services that Windows XP loads at start-up, which most users don't require. The utilities allow a user to re-enable them if they're ever needed. StartUp Monitor - informs you if a program wants to set itself up as a start-up program - Jasons Toolbox - downloadable - http://www.jasons-toolbox.com/ Script Sentry prevents unauthorised script code from executing - http://www.jasons-toolbox.com/scriptsentry.asp SOFTWARE FIREWALLSFirewall programs leak-test results - thirteen firewalls tested - http://www.pcflank.com/art21.htm Steve Gibson - on Firewall security software - http://grc.com/su-firewalls.htm
Scot Finnie has written about the Comodo, Jetico, Kerio, and Look 'n' Stop firewalls, which he recommends, in this April 2007 newsletter: http://www.scotsnewsletter.com/90.htm. Comodo Firewall Pro - "It's Free. Forever. No Catch. No Kidding - The Award-Winning Comodo Firewall Pro - PC Magazine Online's Editor's Choice - Secures against internal and external attacks - Blocks internet access to malicious Trojan programs - Safeguards your Personal data against theft - Delivers total end-point security for Personal Computers and Networks - Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats." http://www.personalfirewall.comodo.com/download_firewall.html Comodo now also provide free Anti-Malware, AntiVirus, and Website Authentication software. ZoneAlarm from Zonelabs.com - One of the best firewalls - free but a paid-for Zone Alarm Pro version with more features is also available. You can also buy a ZoneAlarm Internet Security Suite 6.0 that contains, among its numerous features, the ZA firewall, spyware protection, and a virus scanner. The free version isn't easy to locate on Zonelab's site. Click here! to go to its download page. Click the text links to visit the following pages on the Zonelabs.com site: Protect Yourself from Phishing Scams. ZoneAlarm user gripes page - http://www.computergripes.com/ZoneAlarm.html Utility that analyses the ZoneAlarm log - newsletter available - http://zonelog.co.uk/ Lawrence Baldwin's ZoneAlarm log reporting and analysis site - Zonelabs - FREE! Instant Online Pest Scan (Find Spyware on your PC) - http://www.zonelabs.com/store/content/promotions/pestscan/pestscan_01165.jsp The "Anti-Hacker" firewall from Kaspersky Labs - given five stars by Computer Shopper (UK) - http://www.kaspersky.com/buyonline.html?info=967571 Outpost Firewall - Win9.x/2000/XP - Free and Pro paid-for versions - very good reviews - Uninstall any other software firewall before you use this one. Requires no configuration. Install and use. - http://www.agnitum.com/products/outpost/ Tiny's Personal Firewall - free firewall - requires configuration, so stick to ZoneAlarm if you don't understand the terms.Great for advanced users - Free Smoothwall utility - can make an old PC into a hardware firewall -
PC Buyer Beware! Copyright © Eric Legge 2004-2008. All right reserved. | ||||||||||||||||||||||||||||||||
 | | | | |||||||||||||||||||||||||||||
