TIPS
|
PC Security
Do you have:
- Internet options configured properly
- Firewall
- Anti-Virus Software
- Anti-Spyware Software
If not, I recommend you get organized. If you don't know what I'm talking about, read this:
HOW DID I GET INFECTED IN THE FIRST PLACE
This advice is reposted from the advice given by Tony Klein, the acknowledged spyware & malware expert who supports many forums such as CastleCops on the net. I have slightly modified it
Special thanks also goes to the Southern Lady for giving me the permission to post this.
You usually get infected because your security settings are too low.
Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:
- WATCH WHAT YOU DOWNLOAD
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.
- SECURITY UPDATES
Go to IE > > Windows Update > Product Updates, and install ALL Security Updates listed.
It's important to always keep current with the latest security fixes from Microsoft. Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers
- INTERNET OPTIONS
Go to Internet Options/Security/Internet, press 'default level', then OK.
Now press "Custom Level."
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.
Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.
So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive
Would you run just any random file downloaded off a web site without knowing what it is and what it does?
IE-SPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
The IE HOSTS FILE blocks ads, banners, cookies, web bugs, and even most hijackers. This is accomplished by blocking the Server that supplies these little gems.
Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by the DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. It now includes most major parasites, hijackers and unwanted Search Engines!
In many cases this can speed the loading of web pages by not having to wait for these ads, banners, hit counters, etc. to load.
This also helps to protect your Privacy by blocking servers that track your viewing habits, known as "click-thru tracking".
- ONLINE SAFE BROWSING TOOLS
WOT (Web Of Trust)
MCAFEE SITEADVISOR
- FIREWALL SOFTWARE
COMODO FIREWALL PRO
Also, test your firewall for any vulnerabilities by using these online services:
SHIELDS UP
AUDITMYPC
And test your browser for common exploits by using these online services:
QUALYS BROWSER CHECK
SCANIT BROWSER SECURITY TEST
- ANTI-VIRUS TOOLS
AVAST HOME EDITION
AVIRA ANTIVIR PERSONAL EDITION
ANTI-VIRUS/SPYWARE ONLINE SCANNERS
TREND MICRO HOUSECALL
KASPERSKY ONLINE SCANNER
CA ETRUST ONLINE ANTIVIRUS SCANNER
- ANTI-SPYWARE TOOLS
SPYWAREBLASTER
SPYBOT SEARCH AND DESTROY
For a comprehensive list of known spyware and more go to SPYWARE-GUIDE and search for the suspect
To check for an updated list of unknown or questionable anti-spyware products go to the ROGUE/SUSPECT SPYWARE WARRIOR LIST
Incidentally, another site with an enormous amount of information on computer security, and which is well worth a visit is WILDERS
AUTOPLAY FEATURE
Disabling the AUTOPLAY feature on your PC is very beneficial.
AUTOPLAY allows your USB / DVD / CD objects to begin playing automatically upon insertion into your system. The USB device is the more common infector.
This means that the default autorun.inf file will run from the USB and transfer that information to your computer.
This is how alot of users systems get infected with viruses. You insert your friends USB device into your computer just to copy some files but later on you find out that your PC is now doing weird things.
If you have an antivirus software running, the software will usually inform you that there is a bad file trying to run. Sometimes this can prevent viruses from transferring to your PC.
So, to stop this from happening next time you can disable the AUTOPLAY feature.
XP / VISTA
Copy and paste this text into notepad.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist
Then save it as something.reg. (Make sure you change the "Save File as Type" to "All Files" before saving, or Windows will try and save it as a .txt file even if you typed in .reg).
Once you have done this locate the file and double click it. It should ask you "If you want to merge data into the registry". Click "yes".
Win 7
Go to control Panel, find and click AutoPlay. It's easy to find if you do a a search or change the view to Large icons. Uncheck the box that says "Use AutoPlay for all media and devices" and click the Save button down the bottom of the window.
ROOTKITS INFORMATION
These are often trojans which take control of your PC.
Common examples are:
- Constant error messages
- Fake pop-ups (that look normal) asking you to download a specific program to keep your computer secure
- Disabling of Anti-Virus/Spyware software
- No access to certain features like windows task manager or safe mode
Sadly more are being made each day.
If you like looking at pornography and downloading provocative pictures, then you can expect this, as I have experienced in the past.
Rootkits are not easily removed, if you have one, I would advise you to register at BLEEPINGCOMPUTER SPYWARE AND REMOVAL GUIDES and post your problem.
There are dedicated security analysts there that will surely help you
Lastly, make sure your Antivirus/Spyware software and firewall is switched on and kept updated
|