How to keep your computer clean
Here are some tips for any Internet user to stay out of any malicious software like viruses and spyware.
It's better to be safe then sorry, so try to remember the following advices that kept my computer clean for the last 3 years:
1. Computer viruses spread mainly by e-mail these days.
Do not open any strange e-mails from people you don't know. Do not open any attachments from the list bellow before at least scanning them with an antivirus even though they were sent by a friend:- *.bat (batch files, executes MSDOS scripts)
- *.exe (executable file)
- *.vbs (Visual Basic Scripting)
- *.scr (screen savers)
- *.com (command-line)
- *.js (java scripting)
- *.anything.exe - keep in mind that there are many viruses which rename files like track01.mp3 to track01.mp3.exe. Any version of Windows, by default, hides known file types extensions so it will show only track01.mp3 hiding .exe. Look at the file's icon, it's a good start.
Many viruses take advantage of the trusted contacts in your address book to send them (from your mail address) an infected attachment. This works both ways, so don't open anything suspicious sent by your contacts.
Another good sign is the attachment's size. Viruses usually have just a few KB. If you receive a so called small movie or song which is 20kB or so, something is wrong for sure.
2. Another way computers often get infected is by accessing compromised sites.
Usually this is the result of spam (e-mail, instant messaging). If you open a link in your e-mail that goes to www.hack-blablabla-windows.com/cheap/ for example you will probably end up being a spammer as well. The main idea is to understand what does a 'trusted site' means.
Recently, Google introduced a warning filter if you try to access an untrusted site from their search engine. You can also install in your browser a toolbar (Mcafee Site Advisor for Firefox - for example) that displays a safety ranking of the website. If you are an Internet newbie, this could be pretty useful for you.
Besides e-mail, a new generation of viruses started to infect instant messanging as well. If you are using Yahoo Messenger for example, you could recieve sometime in the future a message (from a trusted contact) like the one in the picture bellow.
Never open these types of links. If you are too courious, ask a confirmation from the contact about the message and the content of the page. Maybe it looks safe by opening a link to a *.jpg (picture), but the webpage also contains a java script that opens and runs a visual basic script (vbs) on your station - this allows writing and full-permition execution of a file, infecting your PC.
3. If your PC is a public area (eg. your office or so), try to lock the session when leaving even for 5 minutes.
This will prevent another user to do anything bad to you computer (like infecting it with a virus without knowing it).4. Try to keep up with the hot fixes. Update your software as soon as a new version is available.
This si appliable to your operating system, office software, antivirus, etc. From time to time (usually when an exploit is found on the software), a patch is released for the users. Installing it can save you of some trouble later. Search for updates on the vendor's site at least monthly.5. Don't use the auto-login option provided by Windows if your computer can be accessed by others.
If you share a computer with others, try creating users for that station. (Go to Control Panel - Administrative Tools - Computer Management - Users). Don't leave any account with no password, since it's an invite for any hacker to easily mess it up.If you are not using any remote administration (like Remote Desktop Connections), disable it by going in the Remote Tab of system's properties (right-click My Computer - Properties).
6. Use an antivirus software.
Don't worry if you don't want to buy one, you can find free versions (for personal usage) as well. (Try AVG or Avira). This will enable the "scanning on demand" of files, which will instantly block any virus before affecting anything your computer. Remember to update it every week at least and to run a full system scan after every update.7. Use spyware and adware search and removal tools.
These can be found in free versions too. You can use for example AVG Spyware removal and Ad-aware. Another good (and free) program is SpyBot Search&Destroy. Besides searching and destroying any spyware as the name implies, it has a system imunization tool which will make your system ignore in the future all the bad software the application knows (currently about 65000 malicious software types as far as i remeber).8. Use a firewall. You can find free versions for personal usage of Sygate, Outpost Firewall and Zone Alarm.
I know maybe it looks this is mostly for preventing attacks on your PC, but today's firewall software also keep a constant tracking of all applications that go online. This means that if you ever get infected with a virus for example, it can not connect to the internet unless you allow this. If this looks useless, think that there are many trojans that connect to remote sites and upload any personal data that can find (passowrds, e-mail account, credit card numbers, etc).
Hope this will be useful to you!
August 12, 2007 at 9:40 AM
Thanks for useful post. All steps are right. A little addition about #6 and #7. You have to not only "use" (i.e. install once) antivirus and antispyware, but to keep them updated constantly too! In this case I prefer to use one security suite - Agnitum Outpost Security Suite. It's easy to install, configure and maintain all the parts of application in one place, doesn't it? ;-)
August 12, 2007 at 10:59 AM
Yes timur, you are right !
Agnitum outpost is the best firewall ever i used..
Thanks for the useful comment :)