How to avoid your PC from being getting affected with malware ,viruses , trojans,keyloggers and other nasties taking control of your PC ?
Prevention is better than medication , in other means prevention is better than detecting and removing the infections .
The traditional way of adding additional protection
Securing your PC through multiple secuirty layers based on anti-virus,anti-spyware,anti-trojans,HIPs and other secuirty software costs too high , one hundred full proof solution will be getting not guaranteed .
Here cost means financial as well as by adding more secuirty layers in the PC , hampering performance on your PC .
So how do you prevent infection?
Make Certain of your PC
The basics:
1.Download latest fixes of windows and ms office from microsoft update service
(http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en)
2.Stay away from sites offering commercial software serial numbers, keygens and other hacked material. Avoid accidentally wandering to hostile sites by installing McAfee Site Adviser (http://www.siteadvisor.com/)
3.Make sure your other software products are also fully updated, particularly popular products like anti virus, anti spyware, and other security products and browsers like Firefox, Opera, the Adobe Reader, Sun Java, Flash plug-ins and media players. The easiest way to do this is to use the free Secunia Software Inspector (http://secunia.com/software_inspector/)
4.only download files from trusted sources and never install programs that friends give you on removable media(cd/dvd/pen drive/floppy) unless you have verified that are clean by either submitting them to free web based testing services such as Jotti (http://virusscan.jotti.org/) and Virus Total (http://www.virustotal.com/flash/index_en.html), or through scan through in built security software on your PC.
5.Install a robust firewall to ensure worms can’t secretly enter your PC via the internet. My current favorites are the free Comodo firewall Pro (http://personalfirewall.comodo.com/) and ZoneAlarm Pro but there are several other excellent choices including Jetico and Netveda to name but two.
6.Stop Using Internet Explorer, instead use Firefox or Opera,It’s no secret that Internet Explorer is filled with security holes. While Internet Explorer 7 is a huge improvement over it’s predecessor but it still is no where near as secure as Firefox.When it comes to patching vulnerabilities found, According to the Washington Post ,Microsoft has been notorious for not releasing patches in a timely fashion. According to the Washington Post, Internet Explorer was known to have exploit code for unpatched critical flaws for 284 days of 2006. The article goes on to compare this with 9 days for Mozilla Firefox. For safer internet browsing is,For safer browsing, do not use Internet Explorer
7.No Toolbars Allowed, ALL Toolbars. Starting from Microsoft, Google, Symantec or whoever. No toolbar till this day which is a absolute necessity . They open another gateway into your PC to allow ugly things into your PC.For each toolbar added, you are opening a window of opportunities for bad things to enter into your PC.
- Don’t Use File Sharing Programs such as Limewire, Kazaa, Shareaza, Edonkey, Bearshare etc. I would say 1 out of every 10 files contains a virus/worm/spyware. it is nice to be able to download that new song you heard on the radio or download the latest software, all for free. But realize that by doing this, you are playing with a loaded gun, when it comes to the security of your computer.
9.PrivBar is a free Internet Explorer add-on written by Aaron Margosis that displays in a toolbar the privilege level under which the current instance of Internet Explorer is running.
http://www.speakeasy.org/~aaronmar/NonAdmin/PrivBar.zip
10.If you are a Firefox user check out the free IsAdmin extension that provides similar functionality to PrivBar .
https://addons.mozilla.org/en-US/firefox/addon/4259 - Software products to be fully updated , and these should be used from very reliable sources .
- Use commodo firewall which also provides services of HIPS (ost Intrusion Prevention System)
13.Never install programs unless you are fully confident they are clean.
14.Don’t open file attachments unless you are absolutely sure of the source. Email file attachments are one of the most common vectors for system viruses. Modern antivirus software will scan incoming email as a matter of course, but you still have the possibility of a new virus that has yet to be added to t
the list of scanned-for viruses.
15.Install the Backup Utility in XP Home/Pro or Vista.
16.Scan your computer for vulnerabilities with Microsoft’s free security scanner (MICROSOFT BASELINE SECUIRTY ADVISER ), Download and run the device to test your local computer (you will need access to an administrative account you wish to scan). The MBSA creates a security log which contains easy to read info on any vulnerabilities that may exist and how to correct them.
The software is available here.
(http://www.microsoft.com/downloads/details.aspx?FamilyID=b13ebd6b-e258-4625-b0a3-64a4879f7798&displaylang=en)
- Test your PC with online secuirty probe :
Each will investigate your system for security vulnerabilities which could be used by a malicious hacker or virus or for trojan activities to compromise and steal your PC and data. Use these services to ensure that you are well secured .
Some free online security scanners:
https://grc.com/x/ne.dll?bh0bkyd2
http://www.pcflank.com/scanner1s.htm
http://scan.sygatetech.com/
- Relocate My document folder
If you wish to direct the data stored in your ‘my documents’ folder to a different disk location/partition , you can do this very easily without advanced registery alterations. By default, this data is stored in ‘c:\documents and settings(username)\my documents’.
To change the location of My Documents folder right click the ‘my documents’ icon on the desktop or the start menu, and select ‘properties.’
In the ‘target’ tab, enter the path to the folder location you wish to use, or press the ‘find target’ button to browse to the folder. Prior to that open a folder in the new target location and rename it as My Documents and copy its path and paste it in the find target box .You will be asked if you wish to move all existing data to the new location.
- Remove ads from webpage .
If you are Internet Explorer user then use IE7Pro not only provides ad blocking but also tab management, proxy switching, mouse gestures and more including a very valuable crash recovery feature. Download from this link:
http://www.ie7pro.com/ Freeware, Internet Explorer 7, 985KB.
If you are using Firefox then , can effectively remove ads from web pages using the marvelous free free Ad-Block extension .
20.See one of my article on registery How to back up and restore the registry in Windows XP and Windows Vista
from the following location
- If you are internet explorer users then fix this :
Microsoft Patch Fixes Slow Running IE7
http://tinyurl.com/yna8n3
22.Use Instant Messaging Without an IM Client so that , any infections might have intruded , if you use the IM utilities can be averted .
It supports a wide range of systems including Yahoo, Messenger, Jabber, AIM, ICQ, MS and more.
http://www18.meebo.com/
However , sticking to these rules is not a bed of roses ; it requires a level of discipline characters most users may be don’t have. Who hasn’t been tempted to open a funny Word email attachment or install a free flash game?
This means that more protection is a necessity apart from this basic security rules .
Yours First Step To be Protected :
A normal Windows environment is a user account with full administrator rights. It’s probably what you are using right now as it is the default setup in all recent versions of Windows up to but excluding, Windows Vista.
The best way to enhance the level of protection is to make right that if a malware program sneak inside the your PC , that it is disallowed to run on your PC in a normal Windows environment .
There are three filters in which you can keep away malware from normal Windows environments.
1.Run all high risk programs with limited rights
2.Run all high risk programs in a sandbox or virtual machine
3.Use a Windows limited user account for your daily work
1.Run all high risk programs with limited rights
Run as a full administrator user but restrict the rights of all programs such as your browser and email client ,media players or other internet facing programmes that can be sources of malware infection.
Themost familiar of these is DropMyRights. (http://blogs.msdn.com/michael_howard/archive/2004/11/18/266033.aspx)
It allows users to easily create special versions of their that run from a full administrator account but with the restricted rights of a Windows limited user or guest user .
The approach however has some weaknesses perhaps the worst of which is downloaded files. Yes you are safe from infection while using a browser but if you run any files you download then you can easily be infected if those files contain embedded malware.
2.Run all high risk programs in a sandbox or virtual machine
(http://sandboxie.com/)
The important point is that while running in the sandbox, the programs have no get at to your PC.
Any files you download are marooned to the sandbox. Similarly, any programs that are executed only do so within the sandbox and have no access to your normal files,the sand box created a PC environment within the sandbox itself not in the Windows operating system or indeed any other part of your PC.
This means that that if you get infected by malware while using the sandbox your “actual” computer is not touched on. Furthermore you can close the sandbox and all that’s within it is erased including any infections, leaving alone your real PC in a clean and pure state.
. There are also some fantabulous sandboxing programs around including freeware guide the donationware utility “SandBoxie.”
Files in the sandbox are not really permanently on your computer unless you by choice move them from the sandbox to your actual PC. If you close the sandbox without moving them they will be missed eternally.
Virtual machines such as VMWare (http://vmware.com/)and Microsoft’s Virtual PC(http://www.microsoft.com/windows/products/winfamily/virtualpc/default.mspx) are standardised to sandboxing but take the idea advanced by completely detaching the virtual machine from theactual PC at a abstract level.
Infections that are obtained in the virtual machine cannot affect the actual PC. Similarly shutting down the virtual PC removes all line of infection.
From a users perspective sandboxing is a better bet than fully virtualisation solutions . But the most prime thing is that user’s have to be disciplined at using this .
So,all you need is a good firewall and a good anti-virus program and good anti-spyware programme . Aggregating these with a good sandbox and you will have better security than other users who employ five or more different levels of active security software/freeware protective cover
Your PC will be faster; a counterpoint to machines running multiple security protection products.
3.Use a Windows limited user account for your daily work
Most malware products need full administrator rights to install themselves. In a limited account they just can’t get a footings .
It’s easy to set up a limited user account. Just go the Control Panel, select User Accounts and create a new user account as a limited user. Then sign in to this account for your normal computer work rather than the account you a currently using
How to Easily Run Programs With Reduced Rights
Having full administrator rights gives the user the highest level of privilege possible. It means that Windows will allow a user to pretty well do anything they want on their PC. That includes installing any program they choose, even programs that change the way the operating system works.
Many malware programs including rootkits require administrator privileges to install. If users operated with reduced rights such programs couldn’t as easily infect their PCs.
On other operating systems such as Linux and Mac OS X, users normally run with reduced rights.
The more recent versions of Windows do in fact allow users to be assigned to different user groups with different privileges.
In order of reducing privilege these are: “administrator”, “power user” group, “user” group and “guest”.
Sign on as the reduced rights user for normal PC use and then logout and use the administrator rights user account for program installation, registry editing and other demanding tasks.In this way by having two user accounts on PC: one with full administrator rights and the other with reduced rights.
Constantly switching users or logging in and out of these accounts is a pain in the butt .
Always operate as a reduced privilege user and use the special Windows “run as” function from the command window or context menu when you needed to run a program that requires administrator privileges.
It’s a slightly more workable solution but not exactly convenient as you need to enter your admin account password every time.
An Open Source utility called RunAsAdmin Explorer Shim( RES).
RES is a Windows XP program that allows you to sign-in as an administrator but work within a Windows shell with reduced rights.
It works by placing an icon in the system notification area of your tray. Clicking this icon brings up a menu that allows to run programs with several different level of trust from “administrator” through to “user.”
With this can do day-to-day work in a restricted rights shell but easily run any program that requires elevated privileges without the need to logoff or enter the admin password. You have the advantage of safety and convenience at the same time.
It wasn’t built into Windows XP.
There are also two versions available: a stable V1 release and a V2 beta. I installed the latter is working fine though.
It took a few setting changes and reboots to get everything working perfectly. It’s definitely not a task for the faint hearted or technically challenged but neither is using “run as.”
To un-install RES start up a command window with admin rights and enter the command c:\Windows\Shim\Explorer.exe /r
Logoff as the current user and while re-login, the usual rights for that user account.Then can delete the c:\Windows\Shim\Explorer.exe folder.
Non technical users will have to use Windows Vista to get a satisfactory solution to the user rights problem.
Setting up a limited account may be easy but using it can be a real pain. For example you won’t be able to install most programs. You won’t be able to update others.
Most users though, find using a limited account to be simply too embarassing and inopportune.
That said using a limited account is an excellent solution for advanced users .
Peaceful security products
Peaceful security products like on-demand scanners (manualy initiation)is a necessity .
It may be an anti-spyware scanner,an anti-virus scanner, a rootkit detector or a keylogger scanner.
They don’t impose an on-going command processing overhead time on your computer. The only computer power they consume is while they are actually performing a scan.
In this category comes the free version of AVG Antispyware or free Panda Anti-rootkit detector or Bit Defender Anti-virus or MULTI VIRUS CLEANER (http://www.viruskeeper.com/us/mvc.htm). And because they are not perpetually running they are less chance to cause any problems with other programs.
Run on-demand scans periodically: weekly, monthly whatsoever. They are a good to prevent anything goes wrong to your on-acess security programmes .
