If you have about an hour, you can batten down your machine’s hatches against Net threats new and old. Here’s how.Each new wave of computer viruses, spies, and spam may have you ready to dust off your typewriter, but PC security can be effective without being a chore. To keep your computing safe from current and future threats, we’ve distilled our security advice down to the basics. These ten quick and easy tips will help protect your hardware, software, and data.
1. Patch automatically: Ensure Windows is set to update itself. In XP, click Start, Control Panel, Security Settings (if you’re in Category view), Automatic Updates. In 2000, choose Start, Settings, Control Panel, Automatic Updates. In both versions, verify that ‘Automatic (recommended)’ is selected. You can also have Windows notify you before it downloads an update, or you can install the update manually. (The steps and options are only slightly different in Windows 98 and Me.)
2. Don’t wait for Windows: If your PC has been off for more than a few days, don’t wait for Windows’ automatic update to kick in. Make the Windows Update site your first Internet stop. Also, there may be a lag between when a patch is available and when Windows Update pushes it to you. Microsoft releases Windows patches on the second Tuesday of each month, so to be safe check for updates manually every couple of weeks. And don’t forget to set your antivirus and anti-spyware tools to update automatically (or check weekly for updates yourself).
3. Use XP’s security monitor: Windows XP Service Pack 2′s most welcome addition is the Windows Security Center, which alerts you when your PC’s firewall and antivirus protection are disabled or out of date. Still, XP’s own firewall protects you only from inbound pests; it doesn’t alert you to suspicious outbound traffic (see “Tweak Windows XP SP2 Security to Your Advantage” for more). We recommend that you disable the XP firewall and instead use Zone Labs’ (ZoneAlarm) or another third-party firewall program that protects both ways.
4. Make your file extensions visible: Some viruses masquerade as harmless file types by adding a bogus extension near the end of their name, as in “funnycartoon.jpg.exe,” in hopes your system is set to hide such extensions (the default in Windows XP and 2000)–you see ‘.jpg’ but not ‘.exe’. To make these troublemakers easier to spot, open Windows Explorer or any folder window and click Tools, Folder Options, View. Ensure that the option ‘Hide file extensions for known file types’ is unchecked.
Bonus Tip 1: To get the most complete picture of your Windows setup, check Show hidden files and folders and uncheck Hide protected operating system files (Recommended).
Bonus Tip 2: Click here to play Microsoft’s video guide to Windows XP security settings.
Unfortunately, setting IE to the High security setting can lead to the browser’s unleashing a fusillade of warnings and permission pop-ups every time you visit a site. The solution is to add the sites that you access often to IE’s Trusted Sites list: Choose Tools, Internet Options, Security, click the Trusted Sites icon, and then click the Sites button. Enter the Web address, click Add, and repeat as necessary (see the Trusted Sites screen below). Be sure to uncheck Require server verification (https:) for all sites in this zone. When you’re finished, click OK twice.
7. Handle e-mail links with care: If a virus infects your PC, chances are good it arrived piggybacked on e-mail. To reduce your risk of an e-mail-borne infection, don’t click links in suspicious messages (the text in the message may mask the actual Web address). Instead, enter the URL in your browser’s address bar manually, or go to the site’s home page and then navigate to the page in question.
8. Scan attachments for viruses: Run each of the e-mail attachments you receive through your antivirus software before you open them. Rather than double-clicking the attachment to open it instantly, save the file to a drive on your PC, open Windows Explorer, right-click the file, and choose the option to scan it for viruses. (Better yet, set your antivirus software to scan incoming and outgoing e-mail automatically.)
9. Close the preview pane: Some maleficent messages need only be opened in your e-mail program’s preview window to do their dirty work. That’s why we recommend that you close the preview pane in all of your inboxes. In Microsoft Outlook 2003, click View, Reading pane, Off. In Outlook Express 6, click View, Layout and verify that ‘Show Preview Pane’ is unchecked. In Mozilla Thunderbird, click View, Layout and confirm that ‘Message pane’ is unchecked (or press <F8> to toggle the preview pane on and off).
10. Read your mail in plain text: Since many e-mail pests rely on HTML code to achieve their nefarious goals, you can stop them in their tracks by viewing your messages as plain text. In Outlook 2003, click Tools, Options, Preferences, E-mail Options and check Read all standard mail in plain text. In Outlook Express 6, choose Tools, Options, Read and click Read all messages in plain text. In Mozilla Thunderbird, select View, Message Body As, Plain Text.
A well-stocked PC security toolbox goes beyond the basics of firewall and antivirus software to include protection from phishers and snoops as well. Bolster your system’s defenses with these security utilities.
Firewall: ZoneAlarm, free (for individuals and not-for-profit charities), Zone Labs
Antivirus: AVG Anti-Virus System, free (for noncommercial use), Grisoft
Antiphishing: Anti-Fraud Toolbar, free (currently in beta), Cloudmark
Encryption: PGP Desktop 9, $199 or $70 annual subscription, PGP
Encrypt your Wi-Fi network: When you install a wireless network, it’s tempting to keep the vendor’s default network name and leave the network unencrypted. But doing so is an open invitation to your neighbors and anyone else within range to help themselves to your Internet connection. Open your network’s configuration program to rename your network and apply Wi-Fi Protected Access (WPA) encryption. And check the maker’s Web site regularly for driver and security updates.” http://www.pcworld.com/article/122500/10step_security.html
Downloading and installing any one of the following free tools will assist you in removing most rogue application. The individuals/companies who wrote and developed these free tools, are to be congratualted for giving back so freely to the Internet community.
Rogue Fix at Internet Inspiration
SmitFraudFix available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.
Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.
Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.
To any casual, or inexperienced Internet users, the advice that is critical.
To help protect yourself from rogue security software:
|•||Install a firewall and keep it turned on.|
|•||Use automatic updating to keep your operating system and software up to date.|
|•||Install antivirus and antispyware software, such as Windows Live OneCare, and keep it updated. For links to other antivirus programs that work with Microsoft, see Microsoft Help and Support List of Antivirus Vendors.|
|•||If your antivirus software does not include antispyware software, you should install a separate antispyware program such as Windows Defender and keep it updated. (Windows Defender is available as a free download for Windows XP and is included in Windows Vista.)|
|•||Use caution when you click links in e-mail or on social networking Web sites.|
|•||Familiarize yourself with common phishing scams.|
The freeware Windows Defender detects and removes spyware. Windows Defender is software that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software by detecting and removing known spyware from your computer. Windows Defender features Real-Time Protection, a monitoring system that recommends actions against spyware when it’s detected, minimizes interruptions, and helps you stay productive. http://www.microsoft.com/windows/products/winfamily/defender/default.mspx
How to tell if your PC has been infected by a Rogue Anti-Spyware such as Microsoft Antivirus?
If you think you might have rogue security software on your computer:
Scan your computer. Use your antivirus software or do a free scan with Windows Live OneCare safety scanner. The safety scanner checks for and removes viruses, eliminates junk on your hard drive, and improves your PC’s performance.
When surfing the web – Stop. Think. Click
Don’t open unknown email attachments
Don’t run programs of unknown origin
Disable hidden filename extensions
Keep all applications (including your operating system) patched
Turn off your computer or disconnect from the network when not in use
Disable scripting features in email programs
Make regular backups of critical data
Make a boot disk in case your computer is damaged or compromised
Turn off file and printer sharing on the computer.
Install a personal firewall on the computer.
Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
Ensure the anti-virus software scans all e-mail attachments
How does rogue security software get on my computer?
Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the Web.
The “updates” or “alerts” in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.
Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.
Conficker Gets An UpdateE Canada Now - Toronto (ECN) – BEWARE of a pop-up on your computer for Spyware Protect 2009, which is a fake antivirus program offered to supposedly remove the Conficker C worm.
“Conficker only affects computers running Windows. The main attack vector used by Conficker is a vulnerability that Microsoft (NSDQ: MSFT) patched in October. But because many organizations and individual users do not keep their software up to date, the worm spread, infecting almost 9 million computers by January. Currently, Conficker infections are estimated at about 1 million to 2 million computers worldwide. The creators of Conficker have revised their malware several times, adding new infection vectors and new capabilities. The worm also can spread through weak administrative passwords, which it attempts to guess using a password-guessing attack, and through USB devices. Conficker tries to copy itself to removable media drives in a way that forces code execution whenever the removable drive is inserted into a computer system. It also employs a social-engineering attack, in case the Windows autorun program has been prevented from working automatically: It names the autorun.inf file “Open folder to view files,” which typically tricks users into running the malware by clicking on it as if it were a folder. In February, Microsoft offered a $250,000 reward for information leading to the arrest and conviction of those responsible for Conficker worm. To date, no arrests have been made. “
Meanwhile Microsoft Corp. announced that it had wrapped up work on Windows Vista Service Pack 2 but said it could be months before users get their hands on the upgrade to the problem-plagued operating
Lately supposedly the reason many even Vista personal computers seem to freeze up is that some people have not updated all of their software, especially their Adobe software, that Microsoft explorer also uses such as http://get.adobe.com/flashplayer/ http://get.adobe.com/reader/ http://get.adobe.com/air/