My Recommendations for Protecting Your Computer, with a particular emphasis on XP

Here is my research for protecting WindowsXP from spies, Trojans and all manner of invaders. Unfortunately it is now necessary to protect your PC from various threats, coming from many different directions. The older strategy of just having anti-virus is no longer enough. A lot of research went into this. Whew! Everything here is tried and true. I'll put this up on web page when I get a chance, which will make updating this a little easier.

First of course is your Anti-virus software. I recommend several: NOD32 Anti-virus, Panda Software - Anti-virus, anti virus software - Linux Windows anti virus software - Kaspersky (they also have an excellent firewall), PC-cillin, F-Secure : Managed Security Products,  and of course: Norton AntiVirus. The best seems to be Kaspersky according to many experts. There are also some free ones. AVG , AVAST32. You might want to have 2, 1 for main resident watching and another for scanning, which adds a backup to the other in case virus bypasses 1st one or it  infects virus scanner itself. Check the forums (under troubleshooting on bottom) for opinions on which you should use for which functions.

Also be sure to read: Securing Your PC from the folks at Wilder's Security. Carefully read their recommendations on configuring your PC. This covers in depth information on browser settings.

Second is your Firewall. If you have any connection other than dial-up, you need a firewall. There are several different types available. See "Beginners Guides: Firewalls and Internet Security" below for a good description on the different types of Firewalls. My recommendations so far appear below. A new Internet application put out by the good people at Trend Mico have now combined their Antivirus software into a total Internet Protection package called: PC-cillin Internet Security This includes: Comprehensive Virus Detection and Removal, Enhanced Network Virus Protection, Integrated PDA Virus Protection, Anti-Spam Filtering URL Filtering and Parental Control, Advanced Privacy and Spyware Protection, Multiple Security Profiles.

For an introduction to spyware and protecting your computer I recommend: Beginners Guides: Firewalls and Internet Security and: Beginners Guides: Spyware Protection and Removal

Highly recommended downloader with no spyware, it even sends your downloaded files to your Virus Scanner after download. (you need to set this in options, it will automatically find your VS application): http://www.yanew.com/ DLExpert.

Note: Please make sure the address and name of software match what I have here, as a popup might try to steer you to another different piece of software, which might be spyware itself. As a precaution, install the popup stopper first and make sure it's the right one. Just because something says it’s a blocker, spyware scanner, etc, doesn't mean that you can trust it. Know whom you are dealing with. If in doubt enter the name on: http://www.spywareinfo.com/ where it says Spyware Database of any new software. To check the authenticity of site, install SpoofStick from http://www.corestreet.com/spoofstick/  which tells you exactly what domain you’re on. This practice know as Phishing is becoming more and more popular by identity thieves. Firetrust, makers of MailwasherPro (which I also recommend) is working on another Anti-Phishing tool: SiteHound Unfortunately I was unable to test it, but Product from them usually work well.

Here are some small stand-alone applications (DCOMbob.exe, HTAstop.exe, IDServe.exe, leaktest.exe, shootthemessenger.exe, socketlock.exe, sockittome.exe, unpnp.exe, WMPscriptfix.exe, XCavate.exe, xcleaner_free.exe, XPdite.exe, dsostop2.exe) that fix some problems in Windows and some holes through which applications phone home. (Send information out). Included is a quick spyware application scanner you can get these and updates on sites below. When updating Xcleaner overwrite Xcleaner_free with new file. Use this first. This is also the first choice when traveling as file fits on a floppy and can quickly detect keyboard loggers installed on public computers. Also, if you've been having problems go to their website: http://www.spywareinfo.com/xscan.php and run their online scanner.  Check out the benefits of upgrading to the pro version, which will also give you additional resources while on the road, including secure ways to communicate. I've done this already. (Most of these files mentioned above come from Gibson Research Corporation: http://grc.com or http://www.wilders.org or http://www.nsclean.com/freebies.html, except for Xcavate, which you can get from http://www.cognitronix.com/.) Also included is ID Serve, which can help you identify location of spies. Please also avail yourself of the excellent ShieldsUP tests available on the GRC site, which can test your vulnerability to attack from the Internet. (Site also contains excellent advice) Except for active Xcavator, which is more complex as it, shows every ActiveX installed, but a lot of them can be viewed with more information than what is on Spybot. If they have startup files, spybot will list them. But this is sometimes more handy when trying to locate a specific file that's causing problems. And you can see if file is registered to a particular application. It's also handy to spot files in windows system directory that other applications may have put there. (And left there, even after you've removed the application. Be very careful with this. (Backup file to a different directory, before deleting anything here.) Unlike Spybot, there are no undos. Spybot will also enable you to disable any startup files without deleting them to see if you don't need them.

Good links: http://security.kolla.de/ for spybot. This is one of the best spyware scanners. Update it periodically. Many features-- Can be set to run automatically. If you are already infected with a lot of spyware, I recommend running Spybot by going to the settings tab and then settings and checking "run once at next system start" Then reboot your computer. This will enable spybot to clean out your computer, without anything else running in the background which can put back the spyware or prevent its removal.

http://www.javacoolsoftware.com/spywareblaster.html for spyware blaster. This prevents Spyware from getting in the first place. Doesn't use up any memory. Update it periodically. Be sure to take a system snapshot (allows restore to earlier time) every so often as well as do a hosts backup (these actions will allow earlier browser application Plugins to be restored to an earlier time)

http://www.wilderssecurity.net/spywareguard.html for spyware guard. This program stays resident on your computer to prevent any spyware from executing and protects from browser hijackers. Update it periodically.

http://www.wilderssecurity.net/idblaster.html for Id Blaster. This is a guild randomizer; basically changes the numbers on programs so spies have a hard time tracking you. 

Also make sure you record orginal numbers for any programs you activate to change and put in safe place

An excellent application with frequent updates is Privacy-Security (UIUC) - contents. Go to IE-Spyad and click. This program is a bit difficult to use but is updated frequently. I suggest you set up a folder with this shortcut in it and then when updating, just update to same folder. Follow the help text files. This app sticks more than 1500 spysites in your restricted sites list, so they can't do anything. Please note that a red Restricted zone will show up at the bottom right of your browser, should you try to access one of these restricted pages. (AOL having been guilty of adware is on this list, so if you're using AOL and have entered all default sites into browser, you will have to remove the AOL one.

Another strategy is using a host file. For managing it download HostToggle and for a great hosts file that is updated frequently go to: http://www.mvps.org/winhelp2002/hosts.htm. If you have installed the hosts file from Spybot, be careful you don’t overwrite that portion of the file. Also recommend downloading and installing E-dexter to prevent your system from hanging up. These actions will add additional filtering capacity to your browsers for blocking unwanted sites.

And last but not least: http://www.wilderssecurity.net/mrublaster.html this erases tracks on your computer of what you've done. (Not necessary, but optional. Must be updated only by re-downloading and reinstalling. Check the dates to see if new version. If you're really paranoid use cookie spy: http://camtech2000.net/Pages/CookieSpy.html to identify the cookies on your system (you can also click on direct link to website here to see where cookie came from), use the MRU Blaster's secure wipe (under settings and then click "go to Plugins") to get rid of any unwanted cookies, using a secure delete method. You can also access the secure delete for IE temp files from here. These files are then overwritten so they cannot be recovered. To delete single files use spybot's secure shredder under tools or install AxCrypt mentioned further down.

And a simple port blocker: http://www.analogx.com/contents/download/network/pblock.htm and if you want to monitor the processes: http://www.ntutility.com/freeware.html "Active Ports". Use a firewall to prevent applications that are questionable from sending info to the Internet, such as Tiny Personal Firewall or ZoneAlarm or Sygate Personal for more comprehensive protection from invading hackers.

And a useful free popup blocker: http://www.kolumbus.fi/eero.muhonen/FS/Download.htm the version you want unless you want to pay for it is: EMS Free Surfer mk II, version 2.1.026 multilanguage this is one of the few freeware popup blocker programs without itself being adware or spyware.  One nifty feature is that you can take a snapshot of all open browser pages and if you suddenly start getting invaded by extremely fast popups, which this program might miss catching, you can hit the panic button. Then just hit the saved snapshot to return to the previous windows you had up, before the attack. Plus a total panic mode for windows that keep opening even after you close all. (It kills the processes). An excellent paid IE cleaner is: http://www.nsclean.com/ieclean.html. Also available there is NSClean which is for Netscape or Mozilla browsers.

PestPatrol is a good solution to plug holes not covered by Spybot and if you don’t have any other anti-Trojan software installed.

Also, recommended is a backup virus and Trojan killer: http://www.trendmicro.com/download/tsc.asp "sysclean.com". Be sure to download the latest signatures at: http://www.trendmicro.com/download/pattern.asp Place in the same directory as sysclean.com. There are some Trojans, which actually attack virus software rendering some scanners unable to recognize their particular Trojan. If you suspect this, try this application to double check. There are also free online scanners, be sure to install the necessary software for these before you have any problems by going up to these site and running an initial scan, because some attacks disable the ability to download. The first scan you do on these sites will ask for permission to install their Plugins. Make sure you say always trust application from... This will ensure you can use them in an emergency. http://housecall.trendmicro.com/ Housecall also has a browser button you can download and install in browser, making it a one click access to online scanner. Another http://www.pandasoftware.com/activescan/com/activescan_principal.htm. Also, if you know which virus or Trojan is attacking look for it here: http://www.pandasoftware.es/library/pqremove_en.htm to get instructions for removal. Also Free online Trojan Scanner - Scan your system for Trojans... to scan your system for Trojans. Doesn't catch everything, but will help.

For more privacy, I highly recommend: Anonymizer.com - Privacy is Your Right. They have software to make your surfing private and secure your Instant Messenger Programs, including ICQ. I will have a more in-depth review of this later. (Be sure to use bitDefender: http://www.bitdefender.com/ for ICQ, a virus protector for ICQ.)

And as a last resort: Download this: http://www.trendmicro.com/en/products/desktop/pc-cillin/use/erd.htm  "Emergency Rescue Disks" which can create emergency disks (floppies) that can be booted from the A:\ drive that will clean out everything. This is a last resort recovery tool. Please realize that this software may corrupt some files and prevent you from opening them, but if nothing else works this is worth trying. If you can't download it on machine needed, download it on another machine and launch to create the floppies, then make sure you move the tab (write-protect) on floppies to prevent them being contaminated and load on computer needed by booting with the boot disk.

I also recommend using a Trojan and Wormguard to prevent invasion by these pests. Currently I am testing some so I can't give my recommendations yet, but some good ones are BOClean at: http://www.nsclean.com/boclean.html TDS3 available at: http://tds.diamondcs.com.au/ and WormGuard available at: http://wormguard.diamondcs.com.au/. And Mischel Internet Security - TrojanHunter™: Finds and removes trojans. TrojanHunter works on rules rather than signatures. These all cost money and there is trial version available for them but not for BOClean, but their guarantee is excellent. Various combinations have been suggested by various people but until I test this myself, use your own judgment. If you really know what you're doing, you can use System Safety Monitor available at: http://maxcomputing.narod.ru/ssme.html?lang=en for more protection.

Troubleshooting: Finally if you run into problems go to http://www.wilderssecurity.com and http://computercops.biz/index.php for any problem with getting rid of spyware and for some other opinions on software go to: http://www.pilliwinks.net/ or http://www.wilders.org and http://grc.com and http://www.staff.uiuc.edu/~ehowes/main.htm.

Finally keep your your files protected with AxCrypt http://axcrypt.sourceforge.net/. Encryption software. I am currently reviewing Programs that hide folders and files and I will have a report on them soon as well as program which I use called JPhide & JPSeek: jphs. Another interesting program is Necro File by The Nth System. This program will erase previously erased data by secure delete method, so even if you have removed files from recycled bin you can now be sure they are permanently gone. I recommend you do a scandisk or diskchk and defrag before and after running. Running program in safe mode would probably be the quickest way.

Another little know application on XP is: Clean manager- Run "cleanmgr /sageset:99" to setup program from the run menu. Then run "cleanmgr /sagerun:99" to execute program. This can clean out some things on XP.

As a final word I would recommend backing up programs and files to another disk. I will cover this a little later in another article.

Future Articles planned are reviews on software including SnagIt, backup programs, YankeeClipper, more utilities and other interesting information that I come across.