(from my article “secure your system completely” browsethrough this space : )
How to avoid your PC from being getting affected withmalware ,viruses , trojans,keyloggers and other nasties taking control ofyour PC ?
Prevention is better than medication , in other means prevention isbetter than detecting and removing the infections .
The traditional way ofadding additional protection
Securing your PC through multiple secuirty layers based onanti-virus,anti-spyware,anti-trojans,HIPs anti-mallware and other securitysoftware costs too high , one hundred full proof solution will be getting notguaranteed .
Here cost means financial as well as by adding more secuirtylayers in the PC , hampering performance on your PC .
So how do you prevent infection?
1.Download latest fixes of windows and ms office from microsoftupdate service
2.Stay away from sites offering commercial software serial numbers,keygens and other hacked material. Avoid accidentally wandering to hostilesites by installing McAfee Site Adviser.
3.Make sure your other software products are also fully updated,particularly popular products like anti virus, anti spyware, and other securityproducts and browsers like Firefox, Opera, the Adobe Reader, Sun Java, Flashplug-ins and media players. The easiest way to do this is to use the free Secunia Software Inspector.
4.only download files from trusted sources and never installprograms that friends give you on removable media(cd/dvd/pen drive/floppy)unless you have verified that are clean by either submitting them to free webbased testing services such as Jotti () and Virus Total(), or through scan through in built security software on your PC beforeinstalling and running on it .
5.Install a robust firewall to ensure worms can’t secretly enteryour PC via the internet. My current favorites are the free Comodo firewall Pro () andZoneAlarm Pro but there are several other excellent choices including Jeticoand Netveda to name but two.
6.Stop Using Internet Explorer, instead use Firefox or Opera,It’s nosecret that Internet Explorer is filled with security holes. While InternetExplorer 7 is a huge improvement over it’s predecessor but it still is no wherenear as secure as Firefox.When it comes to patching vulnerabilities found,According to the Washington Post ,Microsoft has been notorious for notreleasing patches in a timely fashion. According to the Washington Post, Internet Explorer was knownto have exploit code for unpatched critical flaws for 284 days of 2006. Thearticle goes on to compare this with 9 days for Mozilla Firefox. For saferinternet browsing is,For safer browsing, do not use Internet Explorer.
7.No Toolbars Allowed, ALL Toolbars. Starting from Microsoft,Google, Symantec or whoever. No toolbar till this day which is a absolutenecessity . They open another gateway into your PC to allow ugly thingsinto your PC.For each toolbar added, you are opening a window of opportunitiesfor bad things to enter into your PC.
8. Don’t Use File Sharing Programs such as Limewire, Kazaa,Shareaza, Edonkey, Bearshare etc. I would say 1 out of every 10 files containsa virus/worm/spyware. it is nice to be able to download that new song you heardon the radio or download the latest software, all for free. But realize that bydoing this, you are playing with a loaded gun, when it comes to the security ofyour computer.
9.PrivBaris a free Internet Explorer add-on written by Aaron Margosis that displaysin a toolbar the privilege level under which the current instance of InternetExplorer is running.
10.If you are a Firefox user check out the free IsAdminextension that provides similar functionality to PrivBar .
11. Software products to be fully updated , and these should be usedfrom very reliable sources .
12. Use commodo firewall which also provides services of HIPS (ostIntrusion Prevention System)
13.Never install programs unless you are fully confident they areclean.
14.Don’t open file attachments unless you are absolutely sure of thesource. Email file attachments are one of the most common vectors forsystem viruses. Modern antivirus software will scan incoming email as amatter of course, but you still have the possibility of a new virus that hasyet to be added to to the list of scanned-for viruses.
15.Install the Backup Utility in XP Home/Pro or Vista.And constantly back-ups registery and important files.
16.Scan your computer for vulnerabilities with Microsoft’sfree security scanner (MICROSOFT BASELINE SECUIRTY ADVISER ), Download andrun the device to test your local computer (you will need access to anadministrative account you wish to scan). The MBSA creates a securitylog which contains easy to read info on any vulnerabilities that mayexist and how to correct them.
17. Test your PC with online secuirty probe :
Each will investigate your system for security vulnerabilitieswhich could be used by a malicious hacker or virus or for trojanactivities to compromise and steal your PC and data. Use theseservices to ensure that you are well secured . Remember it takes a lot of timein dial-ups.
Some free online security scanners:
18. Relocate My document folder
If you wish to direct the data stored in your ‘my documents’folder to a different disk location/partition , you can do this very easilywithout advanced registery alterations. By default, this data is stored in’c:\documents and settings\(username)\my documents’.
To change the location of My Documents folder right click the ‘mydocuments’ icon on the desktop or the start menu, and select ‘properties.’
In the ‘target’ tab, enter the path to the folder location you wish touse, or press the ‘find target’ button to browse to the folder. Prior to thatopen a folder in the new target location and rename it as My Documentsand copy its path and paste it in the find target box .You will be askedif you wish to move all existing data to the new location.
19. Remove ads from webpage .
If you are Internet Explorer user then use IE7Pro not only provides ad blocking but alsotab management, proxy switching, mouse gestures and more including a veryvaluable crash recovery feature. Download from this link:
Freeware, Internet Explorer 7, 985KB.
If you are using Firefox then , can effectively remove ads fromweb pages using the marvelous free free Ad-Block extension .
20.See one of my article on registery How to back up and restore theregistry in Windows XP and Windows Vista
from the following location
21. If you are internet explorer users then fix this :
22.Use Instant Messaging Without an IM Client so that , any infectionsmight have intruded , if you use the IM utilities can be averted .
It supports a wide range of systems including Yahoo, Messenger,Jabber, AIM, ICQ, MS and more.
However , sticking to these rules is not a bed of roses ; it requires alevel of discipline characters most users may be don’t have. Who hasn’t beentempted to open a funny Word email attachment or install a free flashgame?
This means that more protection is a necessity apart from this basicsecurity rules .
Yours First Step To be Protected :
A normal Windows environment is a user account with full administratorrights. It’s probably what you are using right now as it is the default setupin all recent versions of Windows up to but excluding, Windows Vista.
The best way to enhance the level of protection is to make right thatif a malware program sneak inside the your PC , that it is disallowed torun on your PC in a normal Windows environment .
There are three filters in which you can keep away malware from normalWindows environments.
1.Run all high risk programs with limited rights
2.Run all high risk programs in a sandbox or virtual machine or withwindows steady state.
3.Use a Windows limited user account for your daily work
1.Run all high risk programs with limited rights
Run as a full administrator user but restrict the rights of allprograms such as your browser and email client ,media players or other internetfacing programmes that can be sources of malware infection.
Themost familiar of these is DropMyRights.()
It allows users to easily create special versions of their that runfrom a full administrator account but with the restricted rights of a Windowslimited user or guest user .
The approach however has some weaknesses perhaps the worst of which isdownloaded files. Yes you are safe from infection while using a browser but ifyou run any files you download then you can easily be infected if those filescontain embedded malware.
2.Run all high risk programs in a sandboxor virtual machine
The important point is that while running in the sandbox, theprograms have no get at to your PC.
Any files you download are marooned to the sandbox. Similarly,any programs that are executed only do so within the sandbox and have no accessto your normal files,the sand box created a PC environment within the sandboxitself not in the Windows operating system or indeed any other part ofyour PC.
This means that that if you get infected by malware while usingthe sandbox your “actual” computer is not touched on. Furthermore youcan close the sandbox and all that’s within it is erased including anyinfections, leaving alone your real PC in a clean and pure state.
. There are also some fantabulous sandboxing programs around includingfreeware guide the donationware utility “SandBoxie.”
Files in the sandbox are not really permanently on your computerunless you by choice move them from the sandbox to your actual PC. If you closethe sandbox without moving them they will be missed eternally.
Virtual machines such as VMWare()and
Microsoft’s VirtualPC()are standardised to sandboxing but take the idea advanced by completelydetaching the virtual machine from theactual PC at a abstract level.
Infections thatare obtained in the virtual machine cannot affect the actual PC.Similarly shutting down the virtual PC removes all line of infection.
From a users perspective sandboxing is a better bet than fullyvirtualisation solutions . But the most prime thing is that user’s have to bedisciplined at using this .
So,all you need is a good firewall and a good anti-virus program andgood anti-spyware programme . Aggregating these with a good sandbox andyou will have better security than other users who employ five or moredifferent levels of active security software/freeware protective cover
Your PC will be faster; a counterpoint to machines runningmultiple security protection products.
3.Use a Windows limited user account for your daily work
Most malware products need full administrator rights to installthemselves. In a limited account they just can’t get a footings .
It’s easy to set up a limited user account. Just go the Control Panel,select User Accounts and create a new user account as a limited user. Then signin to this account for your normal computer work rather than the account you acurrently using
How to Easily Run Programs With Reduced Rights
Having full administrator rights gives the user the highest level ofprivilege possible. It means that Windows will allow a user to pretty well doanything they want on their PC. That includes installing any program theychoose, even programs that change the way the operating system works.
Many malware programs including rootkits require administratorprivileges to install. If users operated with reduced rights such programscouldn’t as easily infect their PCs.
On other operating systems such as Linux and Mac OS X, users normallyrun with reduced rights.
The more recent versions of Windows do in fact allow users to beassigned to different user groups with different privileges.
In order of reducing privilege these are:”administrator”, “power user” group, “user” groupand “guest”.
Sign on as the reduced rights user for normal PC use and then logoutand use the administrator rights user account for program installation,registry editing and other demanding tasks.In this way by having two useraccounts on PC: one with full administrator rights and the other with reducedrights.
Constantly switching users or logging in and out of these accountsis a pain in the butt .
Always operate as a reduced privilege user and usethe special Windows “run as” function from the command window orcontext menu when you needed to run a program that requires administratorprivileges.
It’s a slightly more workable solution but not exactly convenient asyou need to enter your admin account password every time.
An Open Source utility called RunAsAdmin Explorer Shim( RES).
RES is a Windows XP program that allows you to sign-in as anadministrator but work within a Windows shell with reduced rights.
It works by placing an icon in the system notification area of yourtray. Clicking this icon brings up a menu that allows to run programs withseveral different level of trust from “administrator” through to”user.”
With this can do day-to-day work in arestricted rights shell but easily run any program that requires elevatedprivileges without the need to logoff or enter the admin password. You have theadvantage of safety and convenience at the same time.
It wasn’t built into Windows XP.
There are also two versions available: a stable V1 release and a V2beta. I installed the latter is working fine though.
It took a few settingchanges and reboots to get everything working perfectly. It’s definitely not atask for the faint hearted or technically challenged but neither is using”run as.”
To un-install RES start up a command window with admin rights and enterthe command c:\Windows\Shim\Explorer.exe /r
Logoff as the current user and while re-login, the usual rights forthat user account.Then can delete the c:\Windows\Shim\Explorer.exe folder.
Non technical users will have to use Windows Vistato get a satisfactory solution to the user rights problem.
Setting up a limited account may be easy but using it can be a realpain. For example you won’t be able to install most programs. You won’t be ableto update others.
Most users though, find using a limited account to be simply tooembarassing and inopportune.
That said using a limited account is an excellent solution for advancedusers .
Peaceful security products
Peaceful security products like on-demand scanners (manualy initiation)isa necessity .
It may be an anti-spyware scanner,an anti-virus scanner, arootkit detector or a keylogger scanner.
They don’t impose an on-going command processing overhead time onyour computer. The only computer power they consume is while they are actuallyperforming a scan.
In this category comes the free version of AVG Antispywareor free Panda Anti-rootkit detector or Bit Defender Anti-virus or MULTI VIRUS CLEANER ().And because they are not perpetually running they are less chance tocause any problems with other programs.
Run on-demand scans periodically: weekly, monthly whatsoever. They area good to prevent anything goes wrong to your on-acess security programmes .
This article updated on Dec. 26 2007
Blogged with Flock