Recently one of my friends asked me to check out if his computer was infected by virus. He ... because ... the computer was shut down ... when ... to ... My first
Recently one of my friends asked me to check out if his computer was infected by virus. He suspected because occasionally the computer was shut down automatically when connected to internet. My first thought was the Sasser worm 60 seconds auto count-down. As he uses Windows 98 second edition with IE5, the virus must be a Sasser variant.
I'm not network security expert but I know some basic things he must
do to protect his home PC. It was a shock when he told me that his 4
years old PC had no protection except McAfee anti-virus.
- Bought in 2000 and no Windows service packs had been applied since then.
- McAfee anti-virus software came with the PC when bought and no updates
since then.
- No firewall installed.
- No anti spyware installed.
This is what I did to beef up his PC to the best of my knowledge.
Step #1: Patch the operating system.
The first thing I did was update his Windows 98 to the latest available
Windows updates for Windows 98.
- Open Microsoft Windows Update page at http://windowsupdate.microsoft.com/
- Scan the PC to find out what critical updates and security fixes are missing.
- Select, download, and install a selection of updates, especially any Critical Updates.
- Restart the PC after finished.
When you open the Microsoft Windows Update page, click the "Scan for
updates" link. The page will suggest what updates are needed based on
your Windows version. You should install all Critical Updates suggested
by Microsoft.
It took me about one and half hour to complete the above steps.
Step #2: Download, install, and run Spybot to get rid of all spyware.
http://www.safer-networking.org/index.php?page=download
Spybot-S&D is a free anti-spyware software to detect any spyware
installed on your PC.
Spyware is any software that is installed on your PC and tracks your
online behavior without your knowledge or consent. Spyware generally
can
- Track what web pages you are visiting and send these information to
advertising companies. This kind of spyware is commonly called adware.
- Track and record your computer activities such as what keys you hit.
This is generally called Trojans.
- Change your web browser's home page.
- And more...
After installed Spybot, I immediately scanned my friend's computer and
found 166 problems. The first run killed nearly all of them except some
memory residents that had to be killed after a reboot.
Step #3: Download and install Kerio Personal Firewall (KPF).
http://www.kerio.com/us/kpf_download.html
Kerio Personal Firewall limited free edition is for home users. After
installation, KPF works as the full edition for 30 days, after which
it becomes the limited free edition.
You may also try the free ZoneAlarm firewall. Be aware that ZoneAlarm
free edition uses a lot of computer memory.
The following is the free ZoneAlarm firewall download link. You hardly
can find this download link on ZoneAlarm site because they want you
to buy the Pro version which is a much better choice.
http://www.zonealarm.com/store/content/company/products/znalm/freeDownload.jsp
Step #4: Download AVG anti-virus software.
http://www.grisoft.com/us/us_dwnl_free.php
Because my friend has McAfee antivirus installed but has not been updated for about 4 years. I downloaded AVG Free Edition antivirus software and let him to consider if he wanted to pay and update his McAfee or use the freebie. Running two antivirus software on the same computer can cause conflicts.
Step #5: Install password management software - RoboForm free edition.
http://www.roboform.com/?affid=siter
RoboForm is a password management software with Artificial Intelligence
built in that can automatically fill online forms for you. It has been
featured on The Wall Street Journal, CNN, The New York Times, Financial
Times, PC Magazine, etc.
Nowadays we all have many usernames and passwords to use on the internet.
Some spywares record your keystrokes and send them to the hackers. It
has been reported many times that people lost all their money in online
bank account or internet payment system account.
One of RoboForm key features is designed to combat this kind of key
logger hacking. RoboForm can
- AutoSave passwords in browser.
- AutoFill passwords to login form.
- Click Login button for you.
- Fill personal info into online forms.
- Save offline passwords & notes.
- Generate Secure Random Passwords.
- Encrypt passwords and personal info using 3-DES.
- All personal info is stored on your computer only.
- Put passwords on USB KeyChain for extra security.
- Sync your passwords and safenotes to a Palm.
- Backup & Restore, Print your passwords.
- More features: drill down for more.
RoboForm works best with IE 5.0 and above. IE6 is the recommended
browser to use with Artificial Intelligence RoboForm.
Note: free eidition comes with some limitations.
Step #6: Apply additional security measures.
More security measures and resources:
- Read Web Security tutorial from W3Schools, especially the paragraphs
for home users.
http://www.w3schools.com/site/site_security.asp
- Use Audit My PC to do three Penetration Testing.
http://www.auditmypc.com/freescan/prefcan.asp
- Use Gibson Research's ShiedsUP to do port scan and get useful
advice.
https://grc.com/x/ne.dll?bh0bkyd2
- Download Gibson Research's LeakTest and check if personal firewall
can be fooled. If the firewall is good, the LeadTest will not be able
to reach the internet.
http://grc.com/lt/leaktest.htm
- Browse Microsoft security home page to learn more about Windows security.
http://www.microsoft.com/security/default.mspx
Mission completed. It took me nearly 4 hours that night and the result is so far so good.