how-to block ads
Table of Contents:
Why Security Is Important.
- Costs To You.
- Costs To Others.
What To Do About It.
- System Log Notebook.
- BEFORE Connecting To The Internet.
- - Power Protection.
- - Secure Passwords.
- - Boot Disk.
- - Backup Regime.
- - Worms, Infections and You.
- - NAT Router.
- - Windows XP ICF.
- - Anti-Virus.
- - Modem Stand-by.
- Basic Security/Integrity (Continued) - Now Ready to Connect to the Internet.
- - Software Firewall.
- - "Windows Update".
- - Analyzer Tests and Tools.
- - Tighten Internet Explorer (IE).
- - Browser Alternatives.
- - Browser Filtering.
- - Email and Email Program Alternatives.
- - For AOL Users Only.
The Next Level.
- Free Software For Your Layered Security Arsenal.
- - Script Sentry.
- - RegistryProt.
- - Trust Setter.
- - Startup Control Panel.
- - SpyBot S & D.
- - MicroSoft Windows Defender.
- - AdAware.
- - SpywareBlaster.
- - Spyware Guard.
- Secure Your Operating System.
Security should be a risk assessment: balancing the overall risk magnitude, (the full "cost" both to you, and to others, if the event occurs, and the probability of the event occurring), with the full "cost" of eliminating the possibility of the event occurring. In most cases, it is only the reduction of the probability of the occurrence that can be accomplished. Fortunately, that is usually good enough.
COSTS TO YOU:
Computers (even the "home computer") have become enmeshed in almost every aspect of our daily lives. The amount and depth of detail of information directly related to a user's life that they contain, and that passes through them, is often large, and is increasing.
Identity Theft is a very real primary concern, and there are others, that vary from mere potential annoyances to financial, property, and even mental and physical health and safety. (Note: For possible Identity Theft, immediately follow »Security »How to report ID theft, fraud, drive-by installs, hijacking and malware? .)
Some examples of private, personal areas that a computer commonly is involved in, either directly through transactions, through communications (like "chat", Instant Messaging, email, or IRC), and/or the storage of the records/logs of these "conversations" (and of other documents and other data related to these areas), are:
•Personal Identifying Information (dates of birth, Social Security numbers, addresses, phone numbers, photographs)
•Financial information- Banking, Investments
•Health and Medical Information
•Home and personal security routines (when home, when not home, vacations, protection systems)
•Private, personal matters
•Business information (if used for this purpose)
It is possible for others to gain access to a machine and be able to "see", and even to "do", most everything that you can.
Anything, and everything that you, your family, and other users do with the machine, could be discovered, disseminated, altered, stolen and/or destroyed. This does not mean that any of these bad things will occur, only that the potential exists, and that it does happen.
COSTS TO OTHERS:
You may have information concerning other people on your machine that could cause damage to them, if it was to be compromised. You may be legally responsible for such damages in some situations.
Even if you keep absolutely no information of any private or personal nature on an Internet connected machine, the machine could still be used by others for their own purposes. This could range from harmless pranks, to facilitating spam (theft of services, and often of fraudulent nature) and file sharing (perhaps illegal, perhaps child pornography), attacks, and other illegal actives, thus imposing harm ("costs") onto other people. While it may not matter to you if someone else gains access and control of your machine, this may aid in causing injury to others, for which you may be legally liable.
"Computer security risks to home users" , How Computer Viruses Work and Understanding Spyware, Browser Hijackers, and Dialers are three sources of more detailed information. See also the Security FAQ: »Security »What questions should I ask when doing a security assessment?.
In sum, while it's not a pretty thought, it is very important to take relatively simple steps to "secure" your machine, and to practice "Safe Computing" (Safe-Hex).
** It is well worth the small effort to greatly reduce your exposure to exploitation and abuse, which in turn reduces the exposure of others as well.**
The following are suggestions that serve as a starting point for basic security, presented in approximately the order in which they should be implemented. All items listed in "Before Connecting To The Internet" are to be implemented prior to establishing any Internet connection. It is a walk down a path that begins with the simplest essentials, and adds additional areas and layers.
Tightening up your Operating System (OS) and Internet Explorer (IE) really should be accomplished much earlier than their position below suggests. The reason they are listed as later steps, is to allow people to become increasingly familiar with how their machine, its OS and programs operate, and familiar with making changes to less critical configurations. If you are already comfortable with this, then there is no reason not to carefully proceed.
Knowledge, abilities, and habits should also be considered. The most experienced user may feel, and be, quite secure with less layers of software protections, as they will have taken the steps to secure their o/s, be far less prone to click on malware, and have the proper back-up available to quickly recover even if they do (in theory, at least).
The user who keeps data of a very important, valuable, private nature to them, and/or their business, or relies heavily on this information, or is exposed to greater threats by their particular usage (surfing, email and/or file-sharing habits), is a prime candidate for additional protection, no matter what their level of expertise.
Before proceeding, please read two excellent posts in recent (2/2007) Security Forum discussion threads concerning the correct approach to basic Security: ( Wildcatboy 's »Re: Beginner in Security (understand how infections occur!) and EGeezer 's »Security implementation - a process, not a product ).
If a computer is to be "usable", no amount of programs, or hardware, will provide complete protection from all possible risks, especially from it's user's own dangerous actions.
System Log Notebook (Good Practices Side Note) -
Computers are a complex amalgamation of numerous complex applications and pieces of hardware. You may save much time and trouble by starting a hardcopy "System Logbook" now, and make a habit of noting down the date, time and effects of changes you make to your machine (and router), including software updates, upgrades, and new software installations. A three-ring notebook, or binder works well for this. (Consider security implications of noting passwords in such a log). The level of detail is user dependant.
Use this as a trail-map, hopefully to arrive at, what is for you, a secure destination.
•Above all, as the operator of a powerful machine, in the end, it is up to YOU TO ALWAYS PRACTICE SAFE CYBER - It's the most crucial layer.
POWER PROTECTION - Before connecting to anything, a UPS (Uninterruptible Power Supply; which usually have surge protection built in) for your CPU/Monitor/Modem/Router will provide protection for your investment in many ways, including Security (See EGeezer 's summary: »UPS Good For Security? ). This is probably the most expensive item in this FAQ, most of which are free. While the UPS can be postponed, the sooner it is in place, the better.
If you do not live in a Severe Weather region, and do not have your machine on that much, and are lucky enough to have reliable, stable, clean a/c power (very rare), and the economic choice is between a UPS (basic models run from $30-$200 US) and a NAT router, postpone the UPS and get the NAT router now.
At a minimum, properly ground and Surge Protect your system before you plug it in.
SECURE PASSWORDS -Utilize strong Passwords at all sensitive points (i.e. Administrative Accounts, email, password protection applications, financial accounts, Router) and keep them secure (Password Safe, which is free). For a more automated program, check out KeePass: "a free/open-source password manager or safe which helps you to manage your passwords in a secure way". RoboForm "is a free password manager and one-click web form filler with some serious Artificial Intelligence". Try the Password Security Test.
BOOT DISK -In case of serious problems, having a boot disk on a floppy disk may enable you to get going again.
BACKUP REGIME -Establish and follow a backup regime of critical data, which includes physical security of the backups, and is appropriate to your usage.
What would the total "cost" (time, effort, money) be to you personally (financial, contact and other information, family pictures...), or to your business, if you lost all of the data on a machine? What would all of these costs be at the end of a few days, or a week, or even longer? What would the cost be in hours and time to recreate what was lost, if it was even possible?
While these questions apply to security in general, here it should be most obvious. Establish and follow back-up regime of critical data and other important items. This includes physical security of the backups. Tailor it so it is appropriate to what you are protecting. Do this right, and potential disasters can be efficiently mitigated. Do it poorly, and the financial and/or personal costs could be extremely severe. (See keith2468 's FAQ »Security »What should I do about backups? / How do I back up my hard drive? for more information, and links.)
WORMS, INFECTIONS AND YOU:
Connect to the internet for less than one minute, even with a dial-up modem account, and infections from worms can, and do, occur. One can no longer safely log-on "just for a quick-patch", without very real exposure to infection.
PLEASE NOTE: Brand new systems, and freshly installed Operating Systems are particularly vulnerable to exploitations, as they most often require "Critical Security Patches" and other updates to eliminate newly "discovered" vulnerabilities.
The simplest, strongest, most reliable and easiest to use solution to this problem is the NAT Router.
NAT ROUTER -If connecting via Cable/DSL, make the very important and relatively small investment in a Router (How Routers Work) with NAT (How NAT or Network Address Translation Works). In today's hostile Internet environment, no system should be without this protection ( »Security »When is an NAT router inadequate protection? ).
One example is the LinkSys Etherfast Cable/DSL BEFSR41. The price has dropped way down (05-2004: $40-$60US), and it will serve well in protecting against the hordes of INBOUND nasties.
It is very easy to set, and operation is, for the most part, "set and forget". Relevant DSL resources are: The DSL Linksys Forum FAQ: Tricks, Tips and Firmware , and the DSL Linksys Forum itself. There are other good routers.
Make sure the Router is properly configured (at a minimum, change its password, block WAN requests, disable "remote management", enable Stateful Packet Inspection or SPI, if applicable).
If you do not have a router or Windows XP, install one of the other software firewalls (see Software Firewalls below) to protect your computer.
Make sure your computer is protected before connection to the Internet even for one second.
**Wireless Set-ups*** Wireless components introduce one more point of vulnerability, and this area is beyond the scope this basic security FAQ. If you must use wireless, first ensure that you are comfortable securing, and keeping your hard-wired system and/or network secure. Please see keith2468 's FAQ »Security »How do I secure a wireless network (wireless router)? , as well as DSLR's »Wireless Security Forum, and its »Wireless Security FAQ , for more information.
WINDOWS XP "ICF" - For a Broadband connection, without a properly configured NAT router, and for a dial-up connection without a properly configured Software Firewall (SWF- see below) providing protection, Microsoft XP's software firewall (ICF), must be enabled.
By turning on ICF, you can temporarily utilize its limited protection against inbound threats to enable you to get MS Updates and patches (see below), update or upgrade your Anti-virus software, and to download a SWF.
To confirm that ICF is enabled, go to Start--> Control Panel ---> Network and Internet Connections--> Network Connections--> Local Area Connection Properties --> Advanced. 'Select "Protect my computer and network by limiting or preventing access to this computer from the Internet". Click OK. (Tutorial.)
ANTI-VIRUS -It's time to get a current version of a reputable Anti-Virus program installed, running, and properly configured. Once behind a NAT Router or SWF, the next step will be to make sure the Anti-Virus program is fully up-to-date with its latest Virus definition file.
When installing a program, upgrade, or update, or installing Windows Updates, if the instructions specify turning off (or disabling) your Anti-Virus before installation, always remember to:
1) download the file to your hard drive, if possible, and scan it with your AV's on-demand scanner.
2) Turn your AV's resident system scanning back on, making sure it fully enabled, as soon as the installation process is complete.
If you AV has "Auto-Restart" when disabled feature, enable it incase you forget to restart it yourself.
For the general user, remember this rule: Always run one, but only one, full time resident Anti-Virus application. Running less, or more, can cause serious problems.
If you are having problems with your AV, see the Security FAQ Why won't my new anti-virus package work right?
Modem Stand-by - If your Broadband modem has a "Standby" switch, consider using it to keep your machine disconnected from the Internet:
1) During Start-up, at least until your SWF and AV are fully loaded and running.
2) When you are not actively using the connection, especially if unattended.
3) During Shut-down.
4) When applying program Updates to the SWF or related Suite.
Networked Users Note: Unless your router has the capability to firewall your system from other systems on your LAN, and unless you are utilizing this capability, disconnect at the Ethernet card(s), instead of at the modem, during periods of potential SWF vulnerability.
*** Once all of above have been implemented, then, and only then, are you ready to connect to the Internet!
SOFTWARE FIREWALL -Download and properly configure a software Firewall (How Firewalls Work), like ZoneAlarm-FREE (ZAF), to help protect against OUTBOUND nasties, and to provide a further layer of inbound protection.
Should your Router be bypassed by you, or a guest, by using a dial-up connection or misconfiguration, or it fail or be successfully exploited, the software firewall will be there to protect you, for attempts at both inbound and outbound connections.
Even with the formidable inbound threat protection that a NAT router provides, exploits can still wind up on your machine in a number of ways, primarily by your "letting it in" (by your own, or a guest's, surfing, software installations, file sharing, removable media...). However a "marauder" succeeds in gaining entrance, once in, NAT will afford no protection from the marauder attempting to establish an _outbound_ connect to scurry away with data, or possibly worse, to allow further intrusions and exploitation.
The outbound application protection control that a SWF alone provides is why it so important to your security. The second layer of inbound protection is an added bonus.
The "One and Only One Rule" applies to SWFs:
For the general user, run one, and only one SWF. For the general user, when changing SWFs (other than XP's native ICF), completely uninstall the present SWF before installing its replacement (following safe practices).
If you decide to network multiple boxes, a software firewall on each machine will help keep potential unfortunate infections isolated from the other machines.
ZAF comes with a basic easy to digest tutorial. Reviewing it a few times will get you going. Markus Jansson's Firewalls and ZoneAlarm Guide and Tips is an additional source.
***Once you have downloaded ZoneAlarm, you can disconnect from the Internet. After disconnecting from the Internet, turn off XP's ICF. After turning ICF off, install, and configure ZAF. ***
WINDOWS UPDATE & UPDATE & UPDATE..........
Use Windows Update (Start---> Windows Update) to bring the OS, and other MS programs like Office, current by downloading and installing Service Packs, Critical Updates, Updates and patches that probably will be needed.
NEW MACHINE/FRESH OPERATING SYSTEM INSTALL? Though already mentioned, this can not be overemphasized: If you have a new machine, or a fresh OS installation, unfortunately, it will most probably NOT be up-to-date. Even if the builder tried to ship fully updated machines, patches are sometimes released on a weekly basis as the need arises.
Keeping your OS updated is very important in keeping it secured from exploitation, and so should never be overlooked.
To help make sure your OS is always kept up-to-date, consider setting Windows Update to "Notify" you when Updates are released.
See The Elder Geek on Automatic Update for Windows XP. In win2kp, this is under Start---> Settings---> Control Panel---> Automatic Updates.
Selecting "Notify me before downloading any updates...." is less intrusive and keeps you in control of what happens, when it happens, and what else is occurring while it happens.
No matter what setting you select, it is still a good idea regularly perform manually checks.
Make sure you always keep your other applications up-to-date, especially Anti-Virus, Browser, and Anti-Mal/Spyware. For Anti-Virus, also consider setting it to regularly check (at least once a day!) for updates.
Note on Updates: The DSL/Broadband Reports Security Software Updates Posse works tirelessly and nimbly at close to lightning-speed to keep the DSL Security Software Daily Updates Thread up-to-the-minute, with notification and details of Security Software detection database updates. Their bailiwick currently includes MS, well over a dozen Anti-Virus, and many Anti-Trojan and "Privacy Related" applications. The thread can be found as a "sticky" at the top of the DSL Security Forum. This is just another good reason to stop by the Security Forum every morning.
Note on the installation, upgrading, or updating of any software: It is always strongly recommended to make sure your AV is fully up-to-date, then download or copy from removable media, the file, and then scan the file that is new to your machine with your AV, prior to running such files.
This applies to files from "trusted" Vendors as well as trusted friends and co-workers. Even Microsoft has shipped infected files. While there definitely are varying discernable degrees of what should be "clean" files and "trusted" sources, no file and no source is completely immune to such threats.
SECURITY ANALYZER TESTS and TOOLS (free)
Check to see if MS Updates and patches were successfully applied and more:
The Belarc Advisor
Microsoft Baseline Security Analyzer
SECURITY PORT SCANS -Have your system scanned to determine how well you are protected, at the time of the scan, by the combined "filtering" of your ISP, your Router, your software firewall, and your operating system. One such test is Steve Gibson's Port Authority Edition - Internet Vulnerability Profiling.
TIGHTEN INTERNET EXPLORER - (IE)
IE is highly integrated in the Windows OS. Unfortunately, it is regularly exploited by malicious websites during everyday surfing, and even by "trusted" web-sites, should they become infected. Browser Hijacking, Drive-by downloads of malicious payloads and other malicious exploitations are causing damage to countless systems (and so to users) every minute. (See US-CERT Vulnerability Note VU#713878.)
Fortunately, there are ways to reduce this risk, and it is very important to employ them before venturing out.
As long as Internet Explorer exists on your box (even if you do not use it), follow Archie Bell and The Drells sage advice and "Tighten Up" its settings (click link for Markus Jansson's page on decreasing IE's known vulnerabilities). Eric Howes' Internet Explorer Privacy & Security Settings very thorough, yet easy to follow tutorial provides numerous screen shots of the procedure. See also Bubba 's excellent FAQ: »Microsoft Application Tips and Tweaks »Concerning Internet Options Security, what do some of the settings mean .
By following these recommendations, you will greatly reduce the risk of malware exploitation through IE.
BROWSER ALTERNATIVES - Better yet, also consider an alternative to IE for your primary browser, as one less likely to be targeted for exploitation. See US-CERT Vulnerability Note VU#713878, again.
Firefox (free, from MozillaPrivacy & Security Settings tutorial. For Firefox and Mozilla information, help and links, also see DSLR's »Mozilla Software Forum and »Mozilla and Related Browsers FAQ , along with Cookie Recipes .
Opera is also a free popular alternative. See the Privacy and Security tutorial).
BROWSER FILTERING - No matter which browser you primarily use, consider Browser filtering. WebWasher is free, and cleans away and gives control over megs of surfing scrud (Ads, Popups, Popunders, cookies, scripts, embedded objects/applets, frames, forms, links, backgrounds, animations, webbugs, referrers).
Proxomitron (also free) is far more configurable, possibly faster, but does have a much steeper learning curve. If you can 'get the hang of it', it provides almost limitless ability to filter and control exactly how web pages are downloaded and displayed.
-- Adblock Plus-
The free AdblockPlus extension for FireFox/Mozilla (also at Mozilla Addons, while less powerful than proxies, like WebWasher and Proxomitron, is highly recommended to give you easy control over downloading and viewing ads while surfing. This good filtering also brings an increase in privacy and security.
You must first add Filters to Adblock Plus, in order for it to start it's filtering protection. While designed for the outdated 2ed Generation "Adblock' extension on which the revived 3ed Generation Adblock Plus version is based (as is »Ads BGone - Ad Free Surfing FireBird/AdBlock - ),this excellent beginners Tutorial will, none-the-less, get you started on creating your own filters. Help is available here in DSLR's »Mozilla Software Forum, and at the developer's Adblock Plus Forum.
Once you get the hang of it, you might opt to employ reputable proven 3ed party Filtersets. While you can certainly skip right to using such 3ed party Filtersets, it may be better in the long-run to at least get a basic understanding of Adblock Plus and filtering, so you can deal with any False Positives that may block desired content, as well as any unfiltered ads that slip through, once you employ someone else's Filterset.
DSLR's own rick752 scrupulously maintains Filtersets that can be set to automatically update themselves, with no action required by the user once they are "subscribed". Here are instructions for how to very very quickly install and set to automatically keep up to date Rick752's Filtersets. They are extremely effective, and constantly, automatically updated.
Help for Rick's Filtersets is also available here in DSLR's »Mozilla Software Forum (Rick's "third home"), and at the developer's own Adblock EasyList/EasyElement Forum, in the unlikely event that you will need it.
With this set-up, thanks to the great work of the developers of Adblock Plus and Rick's Filtersets, most folks can surf with an amazingly high percentage reduction in undesired advertising content, at little to no additional effort on their part. Warning: Surfing on a non Adblock Plus protected computer will soon become painful to endure!
Note: Adblock Plus is being actively, responsibly developed, NOT Adblock. See Developer Wladimir Palant brief and fairly accurate history.
For FireFox, to move closer to having the filtering power of Proxies like WebWasher and Proxomitron, consider the NoScript extension: "Extra protection for your FireFox: NoScript allows Java, Flash, and Plugin execution only for trusted domains of your choice (e.g. your home-banking web site). This whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality..."
NOTE: NoScript (configured for "Global Ban") users have been protected from a series of vulnerabilities discovered in Firefox. To be exploited, a user would have had to 1st Whitelist the evil site(s). These vulnerabilities have been promptly corrected, but NoScript should be installed, and properly used, in Firefox non-the-less.
--Remove It Permanently (R.I.P.)
While not adding much Privacy of Security, RIP complements Adblock Plus and NoScript, by allowing each user to "Permanently hide content from web pages using the Context Menu. Simply, click and "Remove it Permanently". Now includes previewing of items before removal, support for IFrame as well as lots of advanced features to make it easy for anyone to remove annoying content from web pages."
EMAIL and EMAIL PROGRAM ALTERNATIVES -Consider an alternative email program that may be less subject to abuse than Outlook/Outlook Express like EUDORA (free, ads, or paid).
Regardless of which email client you use, tighten up its settings (disable: preview, html, retrieval of remote images, scripting), and always remember to follow safe email practices (see CERT Coordination Center's Use Care When Reading Email with Attachments, How do viruses and worms spread in e-mail? and novaflare 's Security Forum FAQ http://www.dslreports.com/faq/10692 ).
AOL USERS ONLY Check out AOL Privacy & Security Preferences tutorial for steps to tighten-up that service.
CONSIDER THESE EXCELLENT FREE SOFTWARE FOR YOUR LAYERED SECURITY ARSENAL:
You will increase your security by using of one, or more, or all of these programs. They work well together, and consideration should be given to them, depending on each user's circumstances. Add one at a time to allow you to learn each one's effects.
*Since there are significant costs involved in the continued development and provision of these programs, Donations are accepted by many of their authors to help defray their expenses. We all really need these folks to be able to continue this important work!*
Malicious Script Protection - Script Sentry
--- Script Sentry, Jason Levine's very tiny and effective program: "Script Sentry allows safe scripts to run on your system while alerting you if a script might harm your system. In addition, Script Sentry prevents against malicious scripts hidden in ShellScrap (hidden SHS and SHB extensions) files, Word/Excel macro viruses, malicious HTA files, and accidentally run REG files."
Malicious Registry Modification Protection - RegistryProt
--- RegistryProt is a "...compact, low-level real-time registry monitor and protector, that adds another dimension to Windows security and intrusion detection. By monitoring important locations and keys in the Windows system registry, RegistryProt will alert whenever a key is added or changed, and then give the option of accepting the key change, reverting back to the original key setting, or deleting the key.
Malicious Website Protection - Trust Setter
--- Trust Setter, also by Jason Levine: "Allows you to quickly and easily move sites from IE's Trusted and Restricted Zones." If you use IE for more than Windows Updates, consider adding this important feature.
Malicious Program Protection - Startup Control Panel
--- Startup Control Panel by Mike Lin: "Startup Control Panel is a nifty control panel applet that allows you to easily configure which programs run when your computer starts. It's simple to use and, like all my programs, is very small and won't burden your system."
Adware, Spyware and other Malware Detection, Prevention, and Removal - SpyBot S & D
--- SpyBot S & D: "can detect and remove spyware of different kinds from your computer. ... new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected, because more and more spyware is emerging that is silently tracking your surfing behavior to create a marketing profile of you that will be sold to advertisement companies." Other features include "Immunizing" against known nasties. Tutorials: BleepingComputers.com, and the Author's, to get started.
Adware, Spyware and other Malware Detection and Removal - MicroSoft Windows Defender
-- ms's "Windows Defender "detects and removes known spyware from your computer, which helps make your Internet browsing safer." Please see ms's "Getting Started.." for instructions.
Adware, Spyware and other Malware Detection and Removal - AdAware
--- AdAware: "With its ability to comprehensively scan your memory, registry, hard, removable and optical drives for known datamining, aggressive advertising, and tracking components, Ad-aware will provide the user with the confidence to surf the Internet knowing that their privacy will remain intact." See Tutorial at BleepingComputer.com and DSL's own CalamityJane 's Adaware Tutorial Updates & Scanning for excellent guides.
-Spybot, ms Windows Defender (msWD), and AdAware are similar, but not identical. Often one will catch malware that the other does not yet detect. A good routine is to update and run each one, once a week. If you follow good practices, including tightening up IE, employ the "Immunization" of SpywareBlaster (below), and/or use an alternative Browser, you will find that soon SpyBot, msWD and AdAware will have very little, if anything, to clean from your machine when you do run them.
-Unfortunately AdAware's reliability as a standalone malware detection and removal tool has been undermined by a history of questionable definition listing/delisting, prior notice and user/customer communication practices by it's Vendor, LavaSoft, making it even more important to not rely solely on any one malware scanner, especially AdAware.
-Before downloading, let alone installing ANY anti-malware application, it is vital to insure that it is a confirmed as being a safe, effective, and reputable application (for one evaluation, please see Eric Howes' The Spyware Warrior Guide to Anti-Spyware Programs: Recommended Programs. There are literally hundreds of Rogue/Suspect applications that run from merely ineffective (leaving you exposed to already existing threats), to actually being malware threats themselves.
Adware, Spyware and other Malware Prevention (and more) - SpywareBlaster
--- Spyware Blaster: ""SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed." This expands on SpyBot's Immunization feature, and works well in concert with Spybot, and SpywareGuard. See BleepingComputer.com Tutorial.
Adware, Spyware and other Malware Prevention - Spyware Guard
--- SpywareGuard: "SpywareGuard provides a real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method. An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware!" See BleepingComputer.com Tutorial.
--- The DSL Thread: Maximum security WITHOUT any $$$, for even more good suggestions.
FURTHER RECOMMENDATIONS & INFORMATION ON SAFE-CYBER PRACTICES, SETTINGS, & MORE SOFTWARE:
--- DSL Thread: Maximum security with minimal $$$
--- The BBR Security FAQ.
--- Markus Jansson's site for a wealth of security information (including Securing XP).
Securing the Operating System itself should be a priority, as has already been mentioned.
--- Major GEEKS' partial reproduction of "Black Viper's" Operating System Guides for more detailed information on how to "Tighten Up" your Operating System.
In order to efficiently determine what can be left disabled without breaking something you want or need, be sure to: 1) Shut down only one or two Services at a time 2) Immediately after each change, Re-start, and your test your system thoroughly for effects in the potentially impacted areas (including connectivity, application functionality, printing...) 3) Keep a log, noting the date and time of any changes, what you test, and the results.
--- Steve Gibson's Internet Connection Security for Windows Users, is a great tutorial. Don't miss out on the thrills of his "Network Bondage: Discipline Your Network Bindings in the Privacy of Your Own Home". Windows98 users, be sure to check out his "Network Discipline for Windows 9x".
-Consider an Anti-Trojan program. While some Anti-Virus applications are including some level of Trojan detection, many here add the protection of a dedicated AT. The two most popular choices here are: TrojanHunter and BOClean, but there are others.