How to protect yourself and tighten security

Why did I get infected in the first place?

You usually get infected because your security settings are too low or you blindly click yes to everything.
    Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

  1. Watch what you download!

    Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.

    There is no such thing as a free lunch and many “free” programs on the net contain adware or spyware. Read carefully the EULA before installing anything and if it says “Supported by Advertising” or similar wording be very wary and expect problems and pops ups etc

    Watch out for sites that insist you need a special codec to watch the video or listen to music on the site. 99% of the time they are trying to install malware. If you already have Windows Media player, Flash, Quick time or Real player installed, there should never be any need to install a special player or codec from the site.

  2. Keep your security up to date.
    • Windows Update and Internet Explorer.

      Go to IE > Tools > Windows Update > or use Start > Programs> Windows Update ( select Custom) and install ALL Critical and Security Updates listed.

      It’s extremely important to always keep current with the latest security fixes from Microsoft. Install ALL those patches

      Internet Explorer 6 is no longer recommended and you are strongly advised to immediately update to IE8  (IE9 for Vista and Windows 7) . It doesn’t matter that you use an alternative browser such as Firefox, Safari or Google chrome. Just having IE6, which is vulnerable to so many exploits, installed on your computer is enough to allow malware & exploits on to your computer with no action on your part. Microsoft now issue security updates on the second Tuesday of every month and non security updates on 4th Tuesday. Make sure you do a windows update as soon as you can after 6pm UK time or 1pm US Eastern time to get the latest updates on those days.

    • Sun Java

      Sun Java gets regularly updated so make sure you update that regularly and Uninstall any previous versions once you have updated.

      NOTE: the Sun updater does not always remove the previous vulnerable versions

      Please follow these steps to remove older version Java components and update.
      Updating Java:
      • Download the latest version of Java Runtime Environment (JRE) 6.
      • Scroll down to where it says “Java Runtime Environment (JRE) allows end-users to run Java applications”.
      • Click the “Download” button to the right.
      • Check the box that says: “Accept License Agreement”.
      • The page will refresh.
      • Click on the link to download Windows Offline Installation and save to your desktop.
      • Close any programs you may have running – especially your web browser.
      • Go to Start >Control Panel double-click on Add/Remove programs and remove all older versions of Java.
      • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
      • Click the Remove or Change/Remove button.
      • Repeat as many times as necessary to remove each Java versions.
      • Reboot your computer once all Java components are removed.
      • Then from your desktop double-click on the download to install the newest version.
      • Or go to www.java.com and press the red get java now button.
    • Adobe Flash, Acrobat Reader etc

      Keep Adobe reader and flash updated. One of the most common avenues of infection is out dated and vulnerable versions of these 2 products.

  3. Always use  a standard or limited user account for day to day computer use, especially for internet use.

    This applies mostly to Windows 7 and Vista, because many programs running on XP don’t work properly unless run on an admin account. but try and see if you can work on a limited user account on XP.

    On W7 and Vista set UAC to highest level and always password the admin account. When a program or person tries to alter settings or add something new, then you get an alert and you cannot continue until you either allow it by typing the admin password or refuse it by pressing NO. This ONE thing will stop 99.9% of malware and unwanted programs installing

  4. Internet Options – ActiveX controls and Plug-ins.

    Go to Internet Options/Security/Internet, press ‘default level’, then OK. Now press “Custom Level.” Set the following options as described here:

    Setting the Internet Zone for Additional Security

    This assumes you are using XP with SP3. Other earlier versions will not have all the options shown

    Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion like online banking and other secure sites only can be moved to the Trusted Zone in Internet Option/security.

    Never put sites like Myspace, MSN or any other similar type social networking site in the trusted sites zone
    So why is ActiveX so dangerous that you have to increase the security for it?
    When your browser runs an activex control, it is running an executable program. It’s no different from double clicking an exe file on your hard drive. Would you run just any random file downloaded off a web site without knowing what it is and what it does?
  5. Scan at http://secunia.com/software_inspector/ for out of date and vulnerable common applications on your computer and follow their advice and links to update them
  6. Install a good Antivirus and firewall. I recommend .Kaspersky or NOD32 for a paid for antivirus and Microsoft Security Essentials for a free one
  7. Install a good Antispyware with realtime protection

    I recommend 2 programs as having good real time protection as well as good cleaning capabilities

    SuperAntispyware or MalwareBytes Anti-malware

  8. If you have been infected then be aware that a lot of the newer malware/spyware is designed to steal your private information. That includes all passwords, log ins to forums & other websites and most of all your Bank, Credit card or Paypal details.

    It is vital that after you have been cleaned up you change all your passwords and in many occasions it is necessary to get in touch with your Bank or other financial body to inform them that your details may ( probably have ) been stolen

    I strongly recommend using ROBOFORM to keep & create safe secure passwords

And make sure your Antivirus and Firewall is switched on and kept updated and do not allow unknown programs or processes to access the net or your computer, always block and ask for advice

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

*