Keep your Computer free from Viruses, Trojans,
Spyware and other Malware
A HelpWithWindows TechFile
By Peter Clark,
Microsoft Most Valuable Professional,
Windows - Internet Explorer
Surfing the Internet these days is a hazardous occupation, but a few simple precautions will keep your computer free from infection in an increasingly hostile environment.
Use the suggestions outlined below to ensure maximum security for your computer at minimum cost! Although this article is written based on Windows XP the basic principles apply to other Windows operating system versions too.
Keep your Windows fully up to date by applying Service Packs and all critical updates issued by Microsoft on the second Tuesday of each month (also known as 'Patch Tuesday'). Set Automatic Updates to Automatic or Notify - do not turn off Automatic Updates!. You can set Automatic Updates from the Windows Control Panel: click the Performance and Maintenance category, and then click System. Select the Automatic Updates tab (Figure).
If you have not installed a Service Pack (SP) to Windows, Service Pack 2 (SP2) is cumulative and does not require Service Pack 1 to be installed first.
Run an effective Firewall and ensure that it loads automatically at boot time. Note: The firewall in Windows XP SP2 is more effective than that in SP1, but neither filters outbound traffic (traffic going out from your computer to the Internet). In SP2 the firewall is ON by default, but in SP1 it is OFF by default. A third party firewall is generally considered to be more effective and more configurable and usually works on both inbound and outbound traffic.
Some recommended free firewalls are:
- there are other firewalls of course: use your favorite.
You can check the effectiveness of your firewall at ShieldsUP - your system should be completely "stealthed".
Install antivirus software, keep it updated and always check that it is running when the computer boots up. Schedule a full system scan at least weekly and ensure that the virus definitions are automatically updated. It is recommended that email scanning is enabled in the antivirus software and disabled in your chosen firewall (if the facility to scan email exists there) to avoid possible conflicts. If you need to turn your antivirus off - often advised when installing software - physically disconnect from the Internet first.
Some recommendations for free antivirus software:
You should have antispyware software installed on your system, and have it scan your system regularly.
What is Spyware you ask? Spyware is a general term used for software that behaves in a certain way, such as showing you advertising, collecting your personal information, or changing the configuration of your computer, usually all without appropriately obtaining your approval to do so.
Warning: Do not buy or download any antispyware software without checking the Rogue/Suspect Anti-Spyware Products & Web Sites from Spyware Warrior. At best, you get a rogue program that is useless; at worst, they install spyware instead of removing it!
Here are some good (and free) AntiSpyware programs. We recommend that you have at least two or more installed; they will detect slightly different spyware programs, and may miss some others.
- Windows Defender - formerly Microsoft Antispyware; this provides real time protection against spyware/malware, autoscans and autoupdates
- SpywareBlaster 3.5 - permanent blocking of nearly 6000 known items of spyware, etc. Update manually once a week - autoupdate is available for a few $$
- Spybot Search and Destroy - an on demand scanner with an immunise facility to provide a degree of permanent blocking. Scan and update manually once a week
- Ad-Aware SE - an on demand scanner. Scan and Update manually once a week
- I'm sure there are other AntiSpyware programs, so use your favorite program.
Configure Internet Explorer for maximum security as outlined in this HelpWithWindows.com Article: How to surf the Internet more safely with Internet Explorer (Windows XP Service Pack 2 version). There's also a version if you are not running Windows XP SP2.
Set the cookie handling (Tools > Internet Options > Privacy) to Medium High (or High if you prefer).
Set Internet Explorer to empty the Temporary Internet Files folder when the browser is closed (Tools > Internet Options > Advanced scroll down to the Security section).
Turn on the popup stopper in IE 6 or use a third party popup stopper - the popup stopper in the Google Toolbar is very effective.
Install IESpyads - a list of Restricted sites which help to minimize 'drive by' infections while surfing.
A further security layer can be added by installing a custom Hosts file, such the MVPS HOSTS File.
Set Firefox to automatically download and install updates.
For maximum security Outlook Express should be configured so that messages do not automatically open in the Preview Pane (View > Layout uncheck Show Preview Pane). Suspicious emails, particularly those from an unknown source may then be deleted without opening them.
By default Outlook Express prevents the opening or saving of attachments which could potentially be a virus - in practice this means all attachments - not a very practical solution. The best advice is enable the opening/saving of attachments ( Tools > Options > Security) but to open only those that originate from a known source or are expected.
More Outlook Express tips in this HelpWithWindows.com TechFile: How to Secure your E-mail against certain viruses.
The general security of your system may be checked by running the Microsoft Baseline Security Analyser which will highlight any areas in which the system security is compromised and offer solutions to any problems found.
Remember that the performance of your antivirus and antispyware software will be compromised if the definitions are not kept up to date.
It is advisable to keep away from peer to peer file sharing sites which are often a source of viruses, etc or at least be aware of the risks involved.
My computer is set up essentially as outlined above and is connected to the Internet 10/15 hours a day. Apart from the odd piece of adware which is not detected by the current definitions of my real time antispyware scanner (Sunbelt Counter Spy), but which is often detected by Spybot or Ad-Aware I have never been infected by a virus or Trojan.