by: Jerry Yu
Recently one of my friends asked me to check out if his computer was infected by virus. He suspected because occasionally the computer was shut down automatically when connected to internet. My first thought was the Sasser worm 60 seconds auto count-down. As he uses Windows 98 second edition with IE5, the virus must be a Sasser variant.
I’m not network security expert but I know some basic things he must do to protect his home PC. It was a shock when he told me that his 4 years old PC had no protection except McAfee anti-virus.
- Bought in 2000 and no Windows service packs had been applied since then.
- McAfee anti-virus software came with the PC when bought and no updates since then.
- No firewall installed.
- No anti spyware installed.
This is what I did to beef up his PC to the best of my knowledge.
Step #1: Patch the operating system.
The first thing I did was update his Windows 98 to the latest available Windows updates for Windows 98.
- Open Microsoft Windows Update page at http://windowsupdate.microsoft.com/
- Scan the PC to find out what critical updates and security fixes are missing.
- Select, download, and install a selection of updates, especially any Critical Updates.
- Restart the PC after finished.
When you open the Microsoft Windows Update page, click the “Scan for updates” link. The page will suggest what updates are needed based on your Windows version. You should install all Critical Updates suggested by Microsoft.
It took me about one and half hour to complete the above steps.
Step #2: Download, install, and run Spybot to get rid of all spyware.
Spybot-S&D is a free anti-spyware software to detect any spyware installed on your PC.
Spyware is any software that is installed on your PC and tracks your online behavior without your knowledge or consent. Spyware generally can
- Track what web pages you are visiting and send these information to advertising companies. This kind of spyware is commonly called adware.
- Track and record your computer activities such as what keys you hit. This is generally called Trojans.
- Change your web browser’s home page.
- And more…
After installed Spybot, I immediately scanned my friend’s computer and found 166 problems. The first run killed nearly all of them except some memory residents that had to be killed after a reboot.
Step #3: Download and install Kerio Personal Firewall (KPF).
Kerio Personal Firewall limited free edition is for home users. After installation, KPF works as the full edition for 30 days, after which it becomes the limited free edition.
You may also try the free ZoneAlarm firewall. Be aware that ZoneAlarm free edition uses a lot of computer memory.
The following is the free ZoneAlarm firewall download link. You hardly can find this download link on ZoneAlarm site because they want you to buy the Pro version which is a much better choice.
Step #4: Download AVG anti-virus software
Because my friend has McAfee antivirus installed but has not been updated for about 4 years. I downloaded AVG Free Edition antivirus software and let him to consider if he wanted to pay and update his McAfee or use the freebie. Running two antivirus software on the same computer can cause conflicts.
Step #5: Install password management software – RoboForm free edition.
RoboForm is a password management software with Artificial Intelligence built in that can automatically fill online forms for you. It has been featured on The Wall Street Journal, CNN, The New York Times, Financial Times, PC Magazine, etc.
Nowadays we all have many usernames and passwords to use on the internet. Some spywares record your keystrokes and send them to the hackers. It has been reported many times that people lost all their money in online bank account or internet payment system account.
One of RoboForm key features is designed to combat this kind of key logger hacking. RoboForm can
- AutoSave passwords in browser.
- AutoFill passwords to login form.
- Click Login button for you.
- Fill personal info into online forms.
- Save offline passwords & notes.
- Generate Secure Random Passwords.
- Encrypt passwords and personal info using 3-DES.
- All personal info is stored on your computer only.
- Put passwords on USB KeyChain for extra security.
- Sync your passwords and safenotes to a Palm.
- Backup & Restore, Print your passwords.
- More features: drill down for more.
RoboForm works best with IE 5.0 and above. IE6 is the recommended browser to use with Artificial Intelligence RoboForm.
Note: free eidition comes with some limitations.
Step #6: Apply additional security measures.
More security measures and resources:
- Read Web Security tutorial from W3Schools, especially the paragraphs for home users. http://www.w3schools.com/site/site_security.asp
- Use Audit My PC to do three Penetration Testing. http://www.auditmypc.com/freescan/prefcan.asp
- Use Gibson Research’s ShiedsUP to do port scan and get useful advice. https://grc.com/x/ne.dll?bh0bkyd2
- Download Gibson Research’s LeakTest and check if personal firewall can be fooled. If the firewall is good, the LeadTest will not be able to reach the internet. http://grc.com/lt/leaktest.htm
- Browse Microsoft security home page to learn more about Windows security. https://www.microsoft.com/en-us/security/default.aspx
Mission completed. It took me nearly 4 hours that night and the result is so far so good.