Security guide A-Z (Check this out lads and lasses!)

Hello,
I'm going to post a document I have been compiling in the last few weeks.
The document is all about safely formating your computer after a big mess and starting properly over, including installation, hardening and tweaking. I've noticed thousands of posts, here and there, each one dealing with aspects of this and that, but never the entirety of the issue. All in one, my motto was.

I've written the document, bearing several things in mind:

1) As simple and orderly as possible, so most people can use it.
2) Disclaimer, because I felt pompous.
3) I'm looking forward for other users (and more knowledgable than me) to add their suggesstions, so this guide can help people use their computers with greater ease and confidence.
4) There are NO divine discoveries in my document. It's all been seen and read and commented in some way or another. However, I hope it's comprehensive and simple enough, so it can in fact yield good results.

That said, here I go. BEWARE, it's long!

Have fun

Mrk

*** Beginning of document ***

Computer Resurrection


Disclaimer

************************************************************************

This document is a recommendation only. I give no warranty for your actions. You will not hold me responsible for any inconvenience, incompatibility, damage, or lack of satisfaction that you experience by undertaking any or all of the steps mentioned in this document. Although I have a positive personal experience with everything I’ve written here, I cannot guarantee the same results for you, whether due to inadvertent actions, hardware or software issues.

The entire contents here are written in my own words. This document is based on my own knowledge and experience. Of course, it is built on the knowledge and experience I have gained from other people.

This document does not breach the copyrights of, or advertise any vendor or website mentioned here. No parts of text have been copied off other sites or from other documents. I do not have and will not have any profit from writing this document.

I believe this documents holds no false data or misconceptions. However I am only human and mistakkes are possible. You are welcome to add suggestions and corrections.

All web links I post here are, in the best of my knowledge and belief, linked to reputable software. However, I hold no responsibility whatsoever for any download you make on the net.


************************************************************************

End of disclaimer

A. Introduction

This document is intended to help an average user reformat his PC and reinstall a Windows XP operating system properly, with emphasis on layered security.

In case your computer is reacting sluggishly or you have spyware installed, sometimes the best solution is to start anew – format. Computers are a blessing in that no matter how serious the software disease is, it can be remedied by the formatting of the hard drive and a clean installation of the operating system.

This document covers the format and installation of the English version of the Windows XP operating system only. If you are a user of Linux, Mac or older versions of the Windows, some or all of the issues here may not apply to you.

1. All software mentioned in this document is free for download and use.
2. Hundreds of alternatives are available to the recipes I suggest here; this is by no means the ‘Ten Commandments’ for doing it right. This document is, in my opinion, a relatively simple yet effective way of setting up your home PC.
3. If you decide to use this document, please follow ALL of the steps; do not skip or omit certain details. You might get different results from what I write here.
4. I will recommend usage of certain programs here, but I will not go into detail about using any of them. Each one requires special attention in separate documents. I will only concisely introduce different programs and tools here, leaving the task of thorough reading and learning to the user.
5. Enjoy.

B. Preparations

Before you start the format, make sure you have the following items by your side:
1. Your legal Windows XP installation disk (SP1 or SP2).
2. Your legal Windows license.
3. ALL drivers for your computers.
4. Your personal data backed up on CD(s) or similar external storage devices.
5. A variety of important programs backed up on a CD (see below).

C. Back up your data

Save your personal files. To burn CDs or DVDs, you will need a burner and appropriate software. You can use the Windows internal burner, if you lack third-party software.

I suggest you save your data once a month. Create a core backup and then add small updates to it every once in a while. For instance, every first week of a month I create a new folder called update + name of the month and save all my new files in the same format like the core data, then at the end of the month, burn this data onto a CD. This will reduce the risk of loss of data due to whatever malady and speed the process of possible format.

D. Download programs you will need later on

Download the programs I will mention in the rest of the document, save the installation or setup files in individual folders, then burn the entire collection onto a CD. I will call this disk THE TOOLS. You will use the tools once you have formatted your PC and reinstalled the Windows. This will reduce the hassle of frequenting websites for software and updates while your computer is still unprotected immediately after the installation of the Windows. It will also help you keep the security and utility software in one package, allowing easier retrieval and use later on.

Again, I suggest you make a core folder with programs and create monthly or bimonthly updates. For instance, a part of your core will be Microsoft Anti-Spyware (see below). However, ‘Update June’ folder may contain a new version of it, and future ‘Update September’ folder a still newer version of it.

Do not wait for trouble. Download the programs as soon as you can. The two steps above can become a problem if your computer ‘suddenly’ becomes virtually non-functional. For instance, spyware can deny access to security sites. Or your CD burner might be damaged.

I have no genius workaround. The best I can offer is to get rid of the existing spyware as much as possible, buy a sufficiently large USB flash device or have a working CD burner available, prepare the copies of your data and needed programs, then start the format and reinstall.

If your computer is working properly and you have some free time, I suggest you make the required copies soon.

Some people will suggest backing up the registry, making ghost images etc. These things are not for the average user or they cost money. I suggest leaving the operating system alone and taking care of your own data. Your own data cannot be replaced; the system can.

Tip: When you visit the explanatory and tutorial pages in my links, I suggest you save the pages offline in a unique folder. This way, you will be able to see the documents and read what they say even when you do not have an internet access. Printing them can also be useful.

E. Formatting & Reinstalling

Make sure once again you have everything ready.

UNPLUG your computer’s phone line, modem or any internet-calling device from the wall. Make sure you have NO connection with the external world.

To format and reinstall, the best way to do is follow the Microsoft’s own advice:

http://support.microsoft.com/?kbid=313348

If you find the document a bit confusing, this is the gist of it:

When you reboot, hit your setup key (usually Del or F2).
Change your boot sequence to boot from CD first.
Insert Windows XP disc into the CD drive.
Reboot.
You will now reach the Windows setup screen.
You will have to accept the EULA before you can proceed.
Do not try to repair your operating system, go for format.
Take a pen and paper and write down the exact types and sizes of your existing partitions.
Delete existing partitions.
Create new partitions and format them. DO NOT CHANGE THE KERNEL PARTITION SIZE. LEAVE IT AS IT IS.

If you have a single hard drive, I suggest you make a single partition. It will make things simpler. Ideally, you will have money for 2 or more hard drivers. One of these drives could be used to store your personal information and possibly third-party programs. Another could be used to store a second operating system (like Linux), for instance. Realistically, though, most people have only a single hard drive. Partitioning it into several drives will not benefit you in terms of reliability and speed. If a hard driver gets damaged, all partitions will be damaged. There will be no increase in speed, since the single hard driver has a single head that can only read from one partition at a given time. Partitioning can be useful for the purposes of backup and solving software issues. Just bear in mind that physical damages will destroy the entire disk.

I suggest you spend a few moments planning carefully how you want to section your hard drive. It is much better creating partitions during the setup then later on, inside Windows.

For advice on an excellent physical hard drive recovery tool, pm me.

For advice on partitioning software, pm me.

Notice: these two cost money, so I will not mention them here.

The formatting will take about 10-40 minutes, on average.

You will now begin the Windows installation. It is a pretty straightforward process and will take about an hour.

F. Setting your Windows

Once you load into the Windows:

Install your video and audio drivers.

You do not have to allow either the video card or the sound card consoles to be added to the system tray. These will hog your resources unnecessarily.

Install your other drivers after you have some security set up on your computer.

Reboot.

G. Properly securing your operating system

If you have SP2, skip the next section; if you have SP1, Grab your THE TOOLS disc.

G1. Install the SP2.

You can order SP2 directly from Microsoft. The service is free of charge. The delivery takes about a month.

http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/default.mspx

Alternatively, you can download it from here:

http://www.microsoft.com/downloads/...BE-3B8E-4F30-8245-9E368D3CDB5A&displaylang=en

Notice: some people might have problems installing SP2 and the installation could get stuck. If this happens, you can either refer to Microsoft’s support or start again with format and reinstall.

There could be dozens of reasons why SP2 could fail to install. I will not go into details. From my personal experience, I have encountered only a single failed SP2 install out of two dozens or so. This probably happened because the registry was protected by a security application, which prevented the SP2 from installing properly. Therefore, I recommend you install SP2 first and foremost, without any background processes running.

If the SP2 fails to install though, here’s a last-resort link though:

http://support.microsoft.com/default.aspx?kbid=875355&product=windowsxpsp2

Still, don’t be discouraged. You have just begun. In the worst case, you will format anew and start again, just losing some time.

After a successful update, reboot.

Grab your THE TOOLS disc.

G2. Install now the firewall and anti-virus.

I recommend AVG anti-virus and ZoneAlarm firewall, for most people. Both applications are basically fire-and-forget and will not require too much intervention in everyday work.

AVG: http://free.grisoft.com/doc/1

ZoneAlarm: http://www.zonelabs.com/store/content/home.jsp

Enable ZoneAlarm as your firewall and disable Windows firewall to avoid conflicts.

Alternatively, you can try avast! And Antivir anti-virii or Sygate Personal Firewall.

avast!

http://www.avast.com/

Antivir

http://www.free-av.com/

Sygate Personal Firewall

http://www.sygate.com/

Now, you can plug in your internet connection. If you have a router, what the better.

Set your dialer (dial-up, ADSL, LAN etc.). Configure your firewall and / or router to allow necessary incoming / outcoming traffic.

G3. Update your Windows

DO NOT surf the internet. Just head to the Windows update using Windows update shortcut in the Start menu. Install ALL, I repeat ALL available critical updates. I also strongly recommend all hardware updates. You can decide whether you want the additional software updates. Most are useful.

G4. Install other security software

Anti-spyware

Ad-Aware SE

http://www.lavasoftusa.com/software/adaware/

http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

Spybot S&D

http://www.safer-networking.org/en/download/

Note: After you fully update Spybot, use the Immunize option to inoculate your computer from known threats. Repeat this procedure after every update, if needed.
Likewise, activate the resident SDHelper BHO.

Spybot also has a TeaTimer resident, which can also be activated. TeaTimer will protect the registry against changes and pit decisions against the user. Using this tool efficiently requires some advanced knowledge about registry. TeaTimer should be disabled during installation of TRUSTED software or Windows updates.

Microsoft Anti-Spyware

http://www.microsoft.com/athome/security/spyware/software/default.mspx

Spyware Doctor free version

http://www.download.com/1200-2018-5139934.html

http://www.pctools.com/downloads/sdinstall.exe

These two versions slightly differ from one another. I have yet to decide which one offers the most benefits to the user.

X-Cleaner

http://www.xblock.com/download-freeware.php

The free version of X-Cleaner is not too highly customizable, but it includes a malware scanner and can perform minor maintenance operations.

The tool also has an online anti-keylogging keyboard function.

Only Microsoft Anti-Spyware has a real-time protection. The other three are useful on-demand scanners. I suggest you try to update the software and make regular scans at least once a week.

Anti-Trojan software

A2

http://www.emsisoft.com/en/software/free/

Note: A2 requires a registration.

Ewido

http://www.ewido.net/en/download/

Both are on-demand scanners. Again, I suggest a weekly routine for best effects.

G5. Prevention & protection software

NOTICE: There are dozens of more programs and utilities that I do not cover here. However, I’m listing here only those I found least difficult, confusing and most transparent for the average user. This goes for both prevention software and hardening tools.

SpywareBlaster

http://www.javacoolsoftware.com/spywareblaster.html

SpywareBlaster will create a blacklist of ActiveX controls and sites and put them in the Restricted Zone of the Internet Explorer. Make sure you Enable Protection for new items after every update.

SpywareGuard

http://www.javacoolsoftware.com/spywareguard.html

SpywareGuard is a registry monitor and will protect against browser hijacks; although quiet, it can be useful.

Notice: SpywareGuard can cause problems when installing third-party software. If you want, shut it down when you install TRUSTED software. Some users also have had conflicts using SpywareGuard in conjunction with Microsoft Anti-Spyware.

WinPatrol

http://www.winpatrol.com/

WinPatrol is a registry monitor. It will alert about changes to homepage, neutralize spyware and watch processes.

Attack Shield Worm Suppression

http://www.download.com/Attack-Shield-Worm-Suppression/3000-2239_4-10388578.html

This tool will protect a number of vital Windows processes from being modified or terminated. It requires registration if you’re over 13 years old.

SnoopFree

http://www.snoopfree.com/default.htm

This is an anti-keylogger.

Note: if you get warnings that Ad-Aware or ZoneAlarm are trying to read the screen, allow them.

Using all these tools combined, you will probably be quite protected. However, there are many other useful utilities that can help harden your system even more.

Before you start:
I suggest you make a System Restore point before every install.
I suggest you reboot after every install to see how your system reacts.
I suggest you download all available updates for every newly installed software.
Reboot again.

Once all of the software mentioned is installed, run full scans and reboot your computer.

G6. Hardening your system

G6-1. Disable unnecessary services

MAKE a backup of the services before you tamper. Export the entire services.reg to a unique folder and keep it in case you need to revert the changes.

This is a tricky business. There are many right and wrong ways to do it. There is no golden rule because different configurations fit different needs.

In my opinion, the best online guide for this is BlackViper’s:

http://dhost.info/kyeu/mirror/blackviper/index.html

If you want to establish a home network, some of the services ARE necessary to make it work properly. Bear in mind what you want to do.

For most users, though, you will most probably be able to safely disable the following services: Indexing Service, Messenger, Network DDE, Network DDE DSDM, Remote Desktop Help Session Manager, Remote Registry, Routing and Remote Access, Telnet, and UPnP. Likewise, if you do not use the Windows integral CD-burning service or you do not have a UPS, you can also disable these services.

G6-2. Harden your system

Although WinXP SP2 is patched rather fairly, extra hardening does not hurt. Some functionality can be lost, though. Therefore, make sure that you use these tools wisely.

ShootTheMessenger

http://grc.com/stm/shootthemessenger.htm

This tool will disable the Windows Messenger service.

Unplug n’ Pray

http://grc.com/UnPnP/UnPnP.htm

This tool will disable the Windows UPnP service.

SocketLock

http://grc.com/dos/sockettome1.htm

This tool will prevent all users from accessing the Windows raw sockets.

BugOff

http://www.spywareinfoforum.com/~merijn/downloads.html

This tool will stop a variety of exploits.

Important notice: Windows update will not be available with these patches enabled. Disable them all before running Windows update then re-enable them later on. Other side effects are covered inside the utility.

This tool is created by Merijn. Merijn also has a number of other utilities, including a very powerful HijackThis and CWShredder. These are not prevention tools, though.

HTAStop

http://www.nsclean.com/htastop.html

This utility will prevent HTA from running on your machine. Although it is not intended for XP, it will do its job. This application may have a side effect in that the User Accounts under Control Panel may cease to function fully, since the standard GUI has been replaced with an HTA. If you encounter a problem, you can temporarily disable the utility, make necessary changes to the User Accounts and re-enable it again.

WWDC

http://www.firewallleaktester.com/wwdc.htm

This one will close most popular worms ports.

SecureIt

http://www.sniff-em.com/secureit.shtml

This tool will secure against a variety of exploits.

HardenIt

http://www.sniff-em.com/hardenit.shtml

This tool will protect against DoS-type of attacks.

I do not suggest novices use SecureIt and HardenIt tools, because they can be more of a trouble than help for an inexperienced user. Still, I mention them here because they are extremely useful and powerful tools.

SecureIt does have one very powerful option, which is to add a right-click privileges option to all applications, allowing the user to run them with reduced privileges.

WSH Anti-polymorphism patch

http://www.diamondcs.com.au/index.php?page=patch1

This patch will prevent scripts from rewriting themselves.

SafeXP

http://www.theorica.net/safexp.htm

SafeXP is a tweaking tool for privacy and security settings.

Very important: SafeXP contains some features covered by other tools mentioned here. For instance, both ShootTheMessenger and SafeXP can be used to shut down the Messenger service. On the other hand, Windows XP SP2 disables this service, by default. Therefore, it is important that you use these different tools for maximal coverage rather than unnecessary overkill. Simply choose the most convenient method for you to increase your computer security. If you do not like to disable services manually, for example, you can opt for automatic tools to do the job for you.

Extra tools for average + users

Prevx

http://www.prevx.com/

Prevx is a host intrusion prevention program. It will protect against a variety of attacks and exploits. The free version is not very customable, though, and will alert with a large number of messages during installations and usage of other software, and it takes some time getting it set properly.

Antihook

http://www.infoprocess.biz/AntiHook.aspx

Antihook is a intrusion detection and prevention program. It will detect attempts of processes trying to load into memory, dll injections and Windows hooks installations, alerting the user.

This tool requires some knowledge of what processes do, otherwise allowing or disallowing the prompts will have little security efficiency. Therefore, I do not recommend it for the average PC user. But like Prevx, it must be mentioned.

Likewise, it requires registration.

RegProt

http://www.diamondcs.com.au/index.php?page=regprot

RegProt is a registry monitor that will alert the user about any change to registry keys or values. Again, this tool demands some advanced knowledge to be used successfully.

If you decide to use RegProt, disable it before you install TRUSTED software or make any Windows updates.

ScriptSentry

http://www.jasons-toolbox.com/programs.asp?Program=Script Sentry

ScriptSentry can be used to monitor scripts executing on your machine. It will prompt the user to allow / deny the scripts. Again, some advanced knowledge is required when using this tool.

G7. Other things to do

Disable the Guest account.
Password your account with a good solid password (not 12345).
Password the default Administrator account as well.

The last one is important if other (unwanted) people have access to your computer.

Install your other devices, like printer, scanner, web camera etc.

H. Maintenance

Regular maintenance is important for good PC health.

The maintenance covers the registry, files and folders and the general state of the hard disk.

H-1. Cleaning the registry

Software creates lots of unnecessary entries in the registry. Many of these keys are never properly removed when software is uninstalled, leaving useless traces in the registry that affect the performance.

Word of caution: Be careful using registry cleaning software. You may accidentally remove important entries. Make backups before you delete anything. From my experience, RegSeeker will sometimes delete needed Adobe Acrobat entries.

Use CCleaner and RegSeeker to fix registry problems.

CCleaner

http://www.ccleaner.com/

RegSeeker

http://www.hoverdesk.net/freeware.htm

Once you remove the old entries, it is useful to defragment the registry. Use PageDefrag to do this:

http://www.sysinternals.com/Utilities/PageDefrag.html

H-2. Cleaning the unused files

CCleaner is also a very useful utility for removing temporary files, temporary Internet files, log files, MRUs etc.

You can also use the Windows Clean Manager to remove temporary files and old log files.

Another useful utility for cleaning lists of recently opened documents, cookies and temporary files is MRU-Blaster:

http://www.javacoolsoftware.com/mrublaster.html

H-3. Chkdsk & Defragmentation

Check your disk(s) for errors once in a while.

Defragment your hard drive(s) about once a month for increased performance.

Extra tweaking:

I suggest you switch to Classic View and Classic Menus. This will reduce the CPU usage somewhat. If you lack RAM, you can also do without the background desktop image.

I do not recommend memory and Internet optimizing tools unless the user is fully aware of what he / she desires. For instance, many TCP/IP optimizers set the largest MTU to 1500 bytes, however on some home LAN networks, I noticed that, depending on the firewall settings, the largest MTU was only 1460 bytes, in which case the would-be optimization would results in fragmented packets and reduced performance.

H-4. Microsoft Baseline Security Analyzer

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

This tool can scan a computer for gaps and misconfigurations in security. It will check if any critical Windows or Office updates are missing, if the IE zones are configured properly, if macro levels are safe, and other administrative vulnerabilities. The tool will detail possible problems and links and ways to their solution.

This tool should be run once a week, to make sure you have forgotten nothing in your weekly maintenance.

I. Internet

Now your computer is almost setup to set sail.

Before you start surfing, at all, you should ask yourselves the following questions:

Are you going to be frequenting lots of porn, gambling, wares and cracks sites?
Are you going to be using instant messaging?
Are you going to be using P2P software?

If the answer is ‘yes’ to any of them, then I recommend you create a Limited account and use it everyday.

If the answer is ‘very rarely’, you might not want to lose the comfort of the Administrator privileges. Some programs and games require Administrator privileges to run.

In some cases, this can be solved while running a Limited account by right-clicking an application and selecting ‘Run As …’.

Therefore, in spite of or because of the above, you want to use your Admin account daily, then the best solution is to use Internet browsers and mail clients with limited privileges.

DropMyRights

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure11152004.asp

This program will allow you to create shortcuts for all programs and run them without system privileges. I recommend creating shortcuts for Internet Explorer, Firefox, Outlook Express etc. and using them instead of regular programs, except Windows update.

This way, even if you catch some spyware, you might be able to reduce the volume of the damage.

Do not let applications to run as servers unless absolutely needed. Do a thorough research before you let any application be a server.

There is no need to let Notepad, Calculator, Wordpad, or even Media Player connect to the Internet. They will function perfectly without access to the Internet.

If you desperately want to use P2P, you might want to opt for an application that runs with reduced privileges.

I-1. Internet Explorer

I do not recommend tampering too much with Zones settings. Leave the IE as it is. I suggest you only use it for Windows update or badly coded sites that do not support other browsers (like online banking).

Create a DropMyRights Internet Explorer shortcut.

Run it ONCE and download and install Mozilla Firefox browser.

http://www.mozilla.org/products/firefox/

Firefox is a far more advanced browser. It is faster, has tabs and is more secure.

From this moment on, you will not need Internet Explorer in 99.9% of cases.

I-2. Harden your Firefox

Download anti-spoofing, ad-blocking and JavaScript-blocking extensions for Firefox.

Adblock

https://addons.mozilla.org/extensions/moreinfo.php?id=10

This extension will block ads from your screen. Additional filters can be imported from a variety of sites. In fact, on this issue, I am looking forward to feedback from users with more experience with these custom filters than myself.

NoScript

https://addons.mozilla.org/extensions/moreinfo.php?id=722&application=firefox

This extension will block all JavaScripts except those you allow.

Spoofstick

http://www.corestreet.com/spoofstick/

This extension will let you know what page you are on compared to the URL address shown in the address bar. This extension is also available for IE.

Furthermore, Mozilla Firefox has dozens and dozens of other useful extensions. I warmly recommend trying them. They will greatly customize and improve your Internet privacy and usage.

Download Firefox extensions here:

https://addons.mozilla.org/

I-3. Harden your web surfing

Download Proxomitron web filter.

http://www.proxomitron.info/

This tool can be impregnated with additional filters. The most popular ones are Kye-U, JD5000, Grypen, and Sidki. In my opinion, the average user will find Kye-U or JD5000 filters the most transparent.

To set your Proxomitron successfully:

Install Proxomitron.
Back up old configuration file (simply copy it).
Merge the configuration with a new filter set.
Save it as the default configuration filter.
Set your browser(s) to use Proxomitron as their proxy.

JD5000 and Grypen packs also come with auto-installers. Grypen pack will change the program layout somewhat. Sidki’s pack is a bit trickier to set.

This excellent little application will kill ads and remove countless exploits. Proxomitron with Kye-U filter successfully detected and blocked the recently discovered exploits in Firefox, for instance.

Links to Proxomitron filters:

Kye-U

https://www.wilderssecurity.com/attachment.php?attachmentid=160950

It’s a direct download. After downloading the file, rename the extension to zip. After that, the filters can be extracted.

JD5000

http://www.jd5000.net/

Grypen

http://castlecops.com/f183-Grypen_Proxomitron.html

Sidki

http://geocities.com/sidki3003/prox.html

There are many other web filters and anonymizers out there. However, I have found Proxo to be the lightest, fastest and easiest to use.

I-4. Mail client

I suggest you use Mozilla Thunderbird.

http://www.mozilla.org/products/thunderbird/

Again, it is safer and faster than Outlook Express. Extensions are available at:

https://addons.mozilla.org/

Note: You should set your anti-virus to scan the mails.

I-5. Media players

You will probably want to watch video clips and listen to music. You might probably need to download some codecs. WORD OF CAUTION: Be careful when you download codecs! Check with people before downloading just anything.

One more thing, there is no need to let any media player access the Internet. If you need codecs, download them manually. No one needs to know what music or video files you are watching.

It’s time to surf.

However . . . Before you actually do anything for fun, there are two important updates. One is the Java update. You can download the latest build here:

http://java.sun.com/j2se/1.5.0/download.jsp

After a successful download and installation, make sure your java is functioning properly. The test is provided on the product’s site.

The other is to make sure have the latest DirectX, although it most likely has been installed with recent Windows updates.

http://www.microsoft.com/windows/directx/default.aspx

Now you can use the Internet.

You might probably want to make sure your firewall is functioning properly. You can undertake a ShieldsUp!! test at Steve Gibson’s site.

http://www.grc.com/default.htm

I-6. Surfing – Rules of Engagement

GOLDEN RULE: USE YOUR BRAINS. COMMON SENSE. THAT’S 99% SECURITY.

If some site offers you a ‘free’ increase in Internet speed, what are you going to do? Click ‘Yes’? Use reason and caution. Things don’t just happen. People happen.

If you want to download cracks for pirated software, do not be surprised if your computers dies on you two weeks later. Your computer will be healthy as long as you let it be that way.

If you download something of an unknown content, scan it first with your anti-virus and anti-Trojan software. Try to find reviews and check for users’ opinions in reputable forums.

Backup your system before installing anything.

I-7. Using the computer

Set at least your anti-virus to run overnight checks.
If you decide to use Microsoft Anti-Spyware, you can also set it to make schedules scans.

Daily

Before you visit any site or check your mail, update all of your security software. It only takes about 3 minutes. It’s worth it.

Weekly

Check for Windows updates.
Clean your registry and erase temporary files.
Run scans with all your security scanners.

Monthly

Check for Java updates.
Defragment your hard drives.
Defragment the registry.
Add backups of security updates to THE TOOLS disc(s).
Backup your personal files.

You should also clean your registry and / or defragment the hard drives after every major install / uninstall.

J. Microsoft Office

If you want to install Microsoft Office on your computer, you should follow some rules:
1. Keep Microsoft Office up to date! It has updates just like the Windows. When you first install the Office, make sure you fully update the product. Likewise, check once in a while for new updates, or use Microsoft Baseline Security Analyzer to check for missing updates (as explained in the Maintenance section).
2. There is no need to allow any of Office products except perhaps Outlook (if you use it) to access the Internet.
3. Remove the Microsoft Assistant from the Startup.

K. Other software

There are tons of free software. However, I will only mention a few that most users will most probably use in their everyday work.

Acrobat Reader

http://www.adobe.com/products/acrobat/readstep2.html

Foxit PDF reader

http://www.foxitsoftware.com/pdf/rd_intro.php

Free PDF writer

http://www.primopdf.com/

If you want a free alternative to Microsoft Office, you might want to look up into Open Office:

http://www.openoffice.org/

IrfanView is an excellent viewing program.

http://www.irfanview.com/

GIMP is a powerful image manipulation program.

http://www.gimp.org/

AxCrypt is an encryption program that allows you to keep your files and folders safe, if you want. Just remember that encrypted data will be lost if you forget your passwords.

http://axcrypt.sourceforge.net/

L. Special removal tools

If you need them, then you have made some serious mistakes along the way.

I will only list a single tool here, the HijackThis, which can be used to remove Startup items, for instance, but it is not a novice tool and should not be used lightly!

http://spywarewarrior.com/files/HijackThis.exe

M. Security forums

There are thousands of security forums and kajillion sources to read. I will only recommend a few:

http://spywarewarrior.com/index.php

https://www.wilderssecurity.com/

http://castlecops.com

Start reading. Lots and lots! Although these three sources seem a modest start, these forums contain tons of excellent reading material. If you’re reading this while browsing one of the above sites, then you have already made a very important step!

N. Other sites

Just Google!


************************************************************************


Have fun

Mrk


*** End of document ***

 

I would add BOClean to your list of antitrojans. Go to there site and click on support and read why they do not do file scanning. Also you might check out SafeNsec under both Other Antivirus and Other Antitrojan forums on Wilders.
http://www.nsclean.com/boclean.html http://www.star-force.com/computer_security/

 

Hi,
I only posted free software links.
Mrk

 

Nice job- thanks.

 

that's a nice list MrkVonic !!!


that could be very handy indeed

 

Hi Mrkvonic

Very nice post! I am only adding this info, not to criticize you or your list, but because I want to help you make it a little more clear to anyone who may be reading it.

First, I noticed in the part about X-Cleaner. You wrote that the tool has an online anti-keylogging keyboard function. True X-Cleaner pay and free versions have access to a virtual keyboard, that can be used to defeat the keylogging functions of 'some' keyloggers. But what X-Cleaner is doing is simply providing a shortcut to the Microsoft on-screen keyboard in Windows itself, and this MS virtual keyboard can be accessed at any time in any version of Windows (98/Me/2K/Xp) with out any need for X-Cleaner.

I'm not sure whether you were aware of this fact or not, so I decided to try to make it a little clearer for anyone who may have thought that X-Cleaner contained a virtual keyboard of its own, because it doesn't. In Windows XP for example you can access it by going to Start > All Programs > Accessories > Accessibility > On-Screen Keyboard, or simply make your own desktop shortcut directly to the MS on-screen keyboard, if you wanted to.


Second, I noticed you said the patches in Bugoff will not allow you to run Windows Update. But in fact, only one of the fixes in Bugoff actually stops Windows update from working properly. If you click "enable" for the 'Microsoft XMLHTTP object' (which will remove its protection) you can again access Windows update. So far that's the only fix in Bugoff that will prevent access to Windows update. I leave all other protection on (should say 'disabled' next to any flaws that are fixed) in Bugoff and regularly get updates at WU without any problems whatsoever. It just when this one fix is activated that WU will not work.

Also I noticed you spelled mistakes "mistakkes" one extra "k", under the Disclaimer section, paragraph four. Unless that was done intentionally, as a sort of humorous error.

And thanks for your great post about helping us to better secure our PC's.

 

Hello,
Thanks for the feedback. Criticism is good . . . It will make this post a better one.
As I said, I'm no genius and there are many more knowledgable guys around.
I did not know the X-cleaner keyboard was in fact the OS keyboard. I did know how to access that one, though, but I figured that if someone had a keylogger than a non-OS keyboard might do the trick . . . well.
BugOff, I currently have access to 4 computers with XP Pro and 1 with XP Home, all of which suffer my little experiments (I also abuse a single Win2000 and one Suse 9.3 . . .).
I've not succeeded in updating Windows on either of them, without disabling all of the options for the few minutes and then reenabling them. By the way, which update engine are you referring to, v5 or v6?
Mistakkes hapen. I putt thet onne on purrpose as a sort off a badd jokke. Like this one . . .
Anyhow, further suggestion and additions are more than welcome. I hope that we'll be able to pool our knowledge all into one, so that users out there won't have to spend hours browsing for solutions and tips when they find them all neatly arrayed in one thread.
Cheers all,
Mrk