dslreports logo
site
spacer

spacer
 
    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»
spc

spacer




how-to block ads



This Section
Get the free tool Microsoft Baseline Security Analyzer (MBSA) to analyze your PC security for prevention purposes. MBSA Version 2.2 supports Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows XP, Windows Server 2003, Windows Vista, but MBSA 2.2 is not supported on Windows 8 or Server 2012.

MBSA will scan for missing security updates, rollups and service packs using Microsoft Update technologies. MBSA will also scan for common security misconfigurations (also called Vulnerability Assessment checks) using a known list of less secure settings and configurations for all versions of Windows, Internet Information Server (IIS) 5.0, 6.0 and 6.1, SQL Server 2000 and 2005, Internet Explorer (IE) 5.01 and later, and Office 2000, 2002 and 2003 only.

Get the download here: Microsoft Baseline Security Analyzer.

For Windows users, there is a free tool that does some of the same things called Belarc Advisor. Get the download here: Belarc Advisor.
Belarc Advisor runs on Windows 8, 2012, 7, 2008 R2, Vista, 2008, 2003, XP, 2000, NT 4, Me, 98, and 95. Both 32-bit and 64-bit Windows are supported.

Scan and follow the directions to make the necessary corrections.


The following topic was written by AntiSpyware Expert Tony Klein and has been posted in numerous Security Forums.

Hopefully, these tips and tools will help you understand how to stay safe and prevent any future infections. I have added some additional information at the end.


said by TonyKlein:


SO, HOW DID I GET INFECTED IN THE FIRST PLACE?

You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

1) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.

Pre-Scan downloaded files for viruses and malware at one of these multi-engine single file scan sites for free! Each one uses a dozen or more well-known AntiMalware scanners in one quick easy scan with a report of results from all.

Virus Total (10mb limit)
»www.virustotal.com/xhtml/index_en.html

Jotti's Malware Scan (15mb limit)
»virusscan.jotti.org/

2) Go to IE > Tools > Windows Update > Product Updates, and install ALL Security Updates listed.
It's important to always keep current with the latest security fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.

Windows Update:
http://v4.windowsupdate.microsoft.com/en/default.asp

3) Adjust your security settings for ActiveX

Go to Internet Options/Security/Internet, press 'default level', then OK.

Now press "Custom Level."

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.

So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It's no different from doubleclicking an exe file on your hard drive.
Would you run just any random file downloaded off a web site without knowing what it is and what it does?

And some more advice:

4) Install Javacool's SpywareBlaster.

SpywareBlaster
»www.javacoolsoftware.com/spywareblaster.html

SpywareBlaster will protect you from all spy/foistware in it's database by blocking installation of their ActiveX objects. Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press "select all", then "kill all checked", and you're done.
The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer.
Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.
Don't forget to check for updates every week or so. Let's also not forget that SpyBot Search and Destroy has the Immunize feature which works roughly the same way.
It can't hurt to use both.

5) Another brilliant program by Javacool we recommend is SpywareGuard.
It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

SpywareGuard
»www.javacoolsoftware.com/sgdownload.html

An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard.
It now also features Download Protection and Browser Hijacking Protection!

6) You can use a customized HOSTS file to block known bad sites. This is accomplished by blocking these sites through the hosts file. For more information and recommended sources see here:
»Security »What is a Hosts file and where can I get it?

said by CalamityJane:
To add to Tony's excellent advice above, you many find the additional programs and Security Sites helpful in malware prevention and removal:

7. These free programs are available to remove spyware from your system:

Windows users (English versions only):
Download, Update and Scan with Windows Defender (free)

Download here:
»www.microsoft.com/athome/securit···ult.mspx

Complete instructions on using Windows Defender can be found here:
Using Windows Defender
»www.microsoft.com/athome/securit···ult.mspx
*Validation of genuine Microsoft Windows Required*

8. Scan for Viruses and common trojans online and free

»Security »What are some web based virus scanners and encyclopedias?

9. If you still have problems and think you are infected after following the various scans and help above...... See: »Security Cleanup FAQ »Mandatory Steps Before Requesting Assistance before posting in our »Security Cleanup forum for assistance:

10. Some Security Sites worth reading and bookmarking for reference and to help you get started in your PC Security.

Security At Home:protect your computer
Spyware


Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

Protecting Your Home Network
http://www.microsoft.com/windowsxp/pro/usi...tecthomenet.asp

Home Network Security
http://www.cert.org/tech_tips/home_networks.html

Malicious Code Propagation and Antivirus Software Updates
http://www.cert.org/incident_notes/IN-2003-01.html

National Institue of Standards and Technology
Computer Security Resource Center
http://csrc.nist.gov/

Stay Safe Online
http://www.staysafeonline.info/

Protecting Your Privacy & Security on a Home PC
»www.spywarewarrior.com/uiuc/

IE-SPYAD: Restricted Sites List for Internet Explorer
»www.spywarewarrior.com/uiuc/reso···#IESPYAD

»Microsoft Application Tips and Tweaks »Concerning Internet Options Security, what do some of the settings mean

Internet Explorer 9 for Windows is available now
»www.microsoft.com/windows/ie/default.mspx
Internet Explorer works with Windows Defender to help prevent spyware from sneaking onto your computer in common ways, such as part of a larger software download

Expand got feedback?

by CalamityJane See Profile edited by TheJoker See Profile
last modified: 2013-02-02 09:43:11