Keeping your Lenovo netbook safe & secure.
Page content transcription ( If your browser does not render page correctly, please read the page content below )
Keeping your Lenovo netbook safe & secure. Table of Contents Keeping your Lenovo netbook safe & secure........................................................................1 1. Adding an administrative user.......................................................................................3 2. Changing the account type for the normal user............................................................7 3. Updating the Operating System....................................................................................9 3.1. Windows Update - No Updates................................................................................11 3.2. Windows Update - Applying Updates.......................................................................12 3.3. Windows Update - Automatic Updates.....................................................................15 4. Installing anti-virus software........................................................................................17 4.1. Downloading Microsoft Security Essentials..............................................................18 4.2. Installing Microsoft Security Essentials....................................................................21 4.3. Using Microsoft Security Essentials.........................................................................25 4.3.1. Microsoft Security Essentials - Home....................................................................26 4.3.2. Microsoft Security Essentials - Update..................................................................28 4.3.3. Microsoft Security Essentials - History..................................................................29 4.3.4. Microsoft Security Essentials - Settings................................................................30 4.4. Testing Microsoft Security Essentials.......................................................................36 4.4.1. Testing Microsoft Security Essentials - Real-time Protection................................37 4.4.2. Testing Microsoft Security Essentials - On-demand Protection............................39 5. Other security measures..............................................................................................43 6. Alternative applications for web-browsing, e-mail and more.......................................45 7. Use an alternative to Windows....................................................................................46
When you first turn on your laptop it should look something like : Lenovo Startup Screen The user name displayed will be that entered during installation of the Operating System, which in this case is Windows XP Home Edition. Clicking on the large icon next to the user will start Windows, and a screen similar to the following will be shown. The Lenovo Desktop We're going to take the following steps to ensure that your Lenovo netbook is as secure as possible : 1. Adding an administrative user 2. Changing the account type for the normal user 3. Updating the Operating System 4. Installing anti-virus software 5. Other security measures 6. Alternative applications for web-browsing, e-mail and more 7. Use an alternative to Windows
1. Adding an administrative user One of the first steps we can take to ensure the security of our computer is to add an administrative user account. This account will be used whenever we need to make changes to the installed software or add/remove programs or hardware. For everyday use we will limit the power of our user account. This will prevent us from doing too much damage should we make a mistake and it will limit the damage a program that we run can do. From the Start Menu select Control Panel Start Menu In the Control Panel, select User Accounts Control Panel
In the User Accounts dialog, click Create a new account (the second option under "Pick a task ...") User Accounts We now need to enter a name for this administrative user. We cannot use the name "Administrator", as that is a reserved name for the system administrator account which was set up during installation. I use the name "Admin", although you can use any name you like. Once you've entered the name in the box provided, click Next User Account Name
We now have to set the account type. In Windows XP there are two user account types. There are administrator accounts and normal user accounts. This will be an administrator account, so select "Computer administrator" before clicking Create Account User Account Type We now have an administrative account that we can use for day-to-day administration of our system. It is vitally important to set a password on this account to prevent its misuse. From the Control Panel click on the Admin icon under "or pick an account to change" User Accounts
In the dialog that's presented next click on Create a password User Accounts Change Enter the password for the Admin user in the box labelled "Type a new password:", then type it again in the box labelled "Type the new password again to confirm:". If you wish you can enter a hint which may be used to give you a clue to the password should you forget it. Once this information has been entered click Create Password. User Accounts Password You now have an administrative user with a password protected account, the first step to securing your computer is complete. You should log off and then log on to this account, entering your password when prompted.
2. Changing the account type for the normal user Following completion of the first step you will have two user accounts on your computer: • The first is the named account which was set up at installation time, this account will have administrative rights and not be password protected. • The second is the Admin account just set up, with administrative rights and password protection. Ensure that you have logged off and are logged on as the Admin user. It is this user account which we will be using for all computer maintenance from now on. The first task is to "demote" the initial user account to that of a "Limited Account". As long as we remember that it is this limited user account that we shall use for the majority of tasks on the computer we will have gone a long way to limiting the damage that can be caused either unwittingly or by accidentally running some malware which may have been downloaded. From the Control Panel click on User Accounts, as done previously. Then click on the non-Admin account name. User Accounts
Click on Change the account type User Account Change Now click Limited. Make sure you read the information about the restrictions imposed by a limited account. You will almost certainly require Administrator privileges to install and uninstall software, and some programs (particularly older ones) require Administrator privileges just to run. Note: You don't always have to log off and back in as an Administrator to perform all administrative tasks. If required, whilst running with a Limited account, you may be prompted for an Administrator password. When finished, press Change Account Type User Accounts Limited At this time you could also set a password, following the same procedure as previously, for the normal user. For everyday use you should now log in using the Limted account, only entering the Administrator password when requested. If you're performing a task such as installing a number of software packages - as we will when we install our anti-virus packages - it may be worth logging in using the Administrator account. If you do log in using the Administrator account to install software make sure that you select "Install software for all users" if prompted, otherwise the software may only be available to your Administrator account. We're now ready to start updating the Operating System.
3. Updating the Operating System We'll be using Windows Update to keep our installation up-to-date. Whenever bugs are found in Microsoft programs (including the Operating System) then fixes are made available to all users through the Windows Update mechanism. Windows Update connects to a server at Microsoft to determine if any software requires updating, if necessary updates are automatically downloaded and installed. Launch Windows Update from the Start Menu. Windows Update uses a special plugin (known as an ActiveX component) to Internet Explorer to communicate with the servers at Microsoft. You may receive a warning and a request for permission to run the ActiveX control - which will appear as a yellow box at the top of the page (just above the large Microsoft logo). You will have to allow this ActiveX control permission to run. Windows Update Welcome Screen You must now decide whether to just check for High-Priority updates or for all updates. Clicking on Express will check just for updates which fix bugs that are determined to present a high-risk. By clicking on Custom Windows Update will also check for a number of optional updates which will include new versions of driver software and other updates which are available but which are not required to maintain the security of your system.
Whether you selected Express or Custom you'll see the following window, with a scrolling green progress indicator, as Windows checks to see if there are any updates available which are applicable to your computer. Windows Update Checking
3.1. Windows Update - No Updates If you selected Express and there are no updates available you'll see the following : Windows Update No Express Updates If you selected Custom and there are no updates available you'll see the following : Windows Update No Custom Updates If your search returned available updates these should be installed. It may be necessary to reboot after some updates have been applied. Keep running Windows Update and installing updates that are available until there is nothing more to install.
3.2. Windows Update - Applying Updates If there are updates available then you'll see one of the following Windows, depending upon whether you chose to do Express or Custom updates. If you chose to check for Express updates then you'll see a window like that shown below: Windows Update Express Updates The main pane of the window shows each of the applicable updates. The update often has a reference in brackets following it, such as KB072270, this is a reference used by Microsoft for the update to which it applies and is know as the KnowledgeBase reference. You can visit the Microsoft website (http://www.microsoft.com) and search for this reference to get more information about the update to which it refers. If you selected Custom you'll see the following : Windows Update Custom Updates As with the Express updates the main pane of the windows shows each applicable update (note that there may be more updates than with the Express update results because of updates which may be available but not considered as required for maintaining the security of your system and are therefore only included when performing a Custom update. The updates are also categorized in the left pane of the main window, displayed both by Type and by Product.
Windows Update Custom Updates Clicking on [+] icon next to each update will expand the entry somewhat, giving a little more information about what the update is required for. There's also a details details link which you can click to get more information in a pop-up window from the microsoft web-site. Windows Update Details Select, from the main pane, the updates you wish to apply (note that after a Custom search only the High- Priority updates will be automatically selected. Then click the Install Updates link.
The updates will now be downloaded and installed, progress during this operation will be displayed in a window like this : Windows Update Working After all the updates are applied you may be prompted to reboot, if this is the case you should do so. Windows Update Restart The first time you run Windows Update, or if you have run the Custom scan and installed non-critical updates, you should run Windows Update from the Start Menu again. There may be more critical updates to apply before your computer is completely updated. As a rough guideline, a computer with a clean Windows install which includes the service pack 2 (a service pack is a special update of Windows which includes all previous security updates and is shipped to computer manufacturers so that all new installations are more nearly up-to-date) may require Windows Update to be run five or more times, with a reboot after each set of updates.
3.3. Windows Update - Automatic Updates You can configure Windows to automatically apply updates as they become available. Windows will check at regular intervals whether or not updates are available, and can be configured to automatically download applicable updates and even install them if required. To set this option, select Start Menu → Control Panel Control Panel Security Center Click on Security Center to open the Windows Security Center. Security Center Automatic Updates Here there are three sections, titled Firewall, Automatic Updates and Virus Protection. If there are any problems the appropriate section will display the relevant information. In our case we have automatic updates disabled. Windows displays a Turn on Automatic Updates button which you can click to automatically enable the automatic update functionality of Windows Update.
Alternatively you can click Automatic Updates at the bottom of this window to open an Automatic Updates window with more options. Automatic Updates You can select from the following options for Microsoft Update • Automatic Update checks for updates and automatically downloads and installs them at a given time. If necessary the computer will be rebooted by this process. Note that you will have to ensure that the computer will be switched on and have internet connectivity at the specified time. • Automatic Update checks for updates and downloads them but does not install them, you will be notified when the updates can be installed. • Automatic Update checks for updates but does not download them, you will be notified when the updates can be downloaded and installed. • Automatic Update is disabled and does not check for available updates. Once Automatic Update is switched on, click Ok to return to Security Center where you should see that all is switched on. Security Center All Ok Exit from the Security Center by closing the window.
4. Installing anti-virus software It is important that anti-virus software be installed on any Windows computer, there are a great many threats which are specifically targeted towards the Windows user. The choice of anti-virus software is firstly a choice between free and subscription-based services. Many computers come with anti-virus software pre-installed, this is generally a subscription-based service which is free for the first few months, after which the user is expected to begin paying. Some ISPs bundle anti-virus software as part of their broadband packages. Just because you pay for anti-virus software does not necessarily mean that your product will be better than a free anti-virus product. Anti-virus product efficacy varies from release to release, the product with the highest detection rate today may not have the highest detection rate tomorrow. Some solutions may also include e-mail scanning, anti-phishing/anti-spyware detection or other general anti- malware detection included. Two excellent sources of information are AV-Comparatives.org and Virus Bulletin. For the purposes of this article we'll look at Microsoft Security Essentials, a free anti-virus solution from Microsoft. For anti-virus solutions from other vendors consult the documentation that came with the package or check the vendors web-site.
4.1. Downloading Microsoft Security Essentials Open Internet Explorer and enter http://www.microsoft.com/security_essentials/default.aspx?mkt=en-gb in the address bar. Click on the large Download Now button. Microsoft Security Essentials – Home Page A window appears asking what we want to do with this file, click Save. Microsoft Security Essentials Download 1
In the dialog that appears, click Desktop in the left hand pane. This will save the file to our Desktop where it can be easily located for installation. Click on Save Microsoft Security Essentials Download 2 The installation file for Microsoft Security Essentials will now be downloaded and saved to the Desktop. Depending upon your internet connection speed this may take a few seconds or a few minutes. If Close this dialog box when download completes is selected then the dialog will automatically close when the installation file is downloaded, otherwise close the dialog box upon completion. Microsoft Security Essentials Download 3
The Internet Explorer window can now be closed. Microsoft Security Essentials Download 4 We're ready to move on to the next step of installing Microsoft Security Essentials.
4.2. Installing Microsoft Security Essentials After closing the Internet Explorer window we can see the newly downloaded installation file on the Desktop. Double-click on the icon. Microsoft Security Essentials Install 1 We're prompted for confirmation that the file should be run, click Run. Microsoft Security Essentials Install 2
A window will appear with some information about Microsoft Security Essentials, with a link to the Microsoft Privacy Statement for this product. read what it says and be sure that you feel comfortable with all terms and conditions. Then press Next > Microsoft Security Essentials Install 3 Now you're presented with the licensing terms under which Microsoft Security essentials is distributed. Once you've read these terms, and can agree to them, press I accept to move on to the next stage. Microsoft Security Essentials Install 4 One of the terms that Microsoft Security Essentials is released under is that it is only permissible to install it on computers running a properly licensed copy of Windows. The process of determining whether your computer is properly licensed is called Validation and is performed by a Microsoft programme called "Genuine Advantage". When you're ready to have your copy of Windows XP validated click Validate >. Follow any prompts that you may be given to run the Windows Genuine Advantage Validation Tool.
When your copy of Windows has been validated you can click on Install > to continue to the next step. Microsoft Security Essentials Install 5 Prior to installation you'll receive a warning that having multiple anti-virus programs running at the same time can cause conflicts and mean that one or all of the programs fail to work correctly. Click Install > to continue. Microsoft Security Essentials Install 6
Microsoft Security Essentials will now be installed. A progress bar shows that installation is proceeding. Microsoft Security Essentials Install 7 Once the installation has completed you'll see this dialog. It is advised to leave the Scan my computer for potential risks after getting the latest updates selected. Click on Finish Microsoft Security Essentials Install 8 Assuming that the Scan my computer for potential risks after getting the latest updates checkbox was selected, Microsoft Security Essentials will now run for the first time.
4.3. Using Microsoft Security Essentials There are two modes of operation for Microsoft Security Essentials, 1. Real-time (or on-access) mode. In this mode Microsoft Security Essentials will scan every item that is accessed by the computer for threats automatically. If you try to access a file or program that has been determined to offer a threat to your computer then Microsoft Security Essentials will prevent access to the file or program. According to it's configuration you may be asked what to do, or the threat may be automatically quarantined or deleted. 2. On-demand (or manual-scanning) mode. In this mode you give Microsoft Security Essentials a file or folder and each item within that folder will be scanned for threats. As with real-time mode you may be given a choice of options when a threat is detected. So Microsoft Security Essentials refers both to the program running constantly to afford system protection, and to the program used to configure it. In this section Microsoft Security Essentials refers to the configuration program unless otherwise indicated. Microsoft Security Essentials will run immediately after install, or it can be started manually by clicking Start Menu → Microsoft Security Essentials. The Microsoft Security Essentials window looks like this : Microsoft Security Essentials Main There are four tabs which run along the top of the window, from which we can access the four functions of the program. We'll look at each of these in a little more detail.
4.3.1. Microsoft Security Essentials - Home The first (leftmost) tab is the Home tab. This tab show you whether Microsoft Security Essentials real-time protection is switched on, and whether the Virus & spyware definitions are up to date. (The virus & spyware definitions contain information used by the Microsoft Security essentials programs to locate and identify threats contained within files accessed by your computer. They need to be regularly updated to inform the system how to identy new threats as they are discovered.) Microsoft Security Essentials Main From here you can also run an on-demand scan of your computer, by selecting one of the following Scan options and pressing Scan now. • Quick scan checks the areas that malicious software, including viruses, spyware and unwanted software, are most likely to infect. • Full scan checks all the files on your hard-disk and checks all running programs. • Custom scan checks only the locations and files that you select.
When a custom scan is selected a dialog box appears where you can select which files and folders you wish to scan. For example, in the the screenshot below all the folders in C:\Documents and Settings will be scanned, with the exception of those belonging to user Admin. Microsoft Security Essentials Custom Press the Scan now button to initiate the scan. Microsoft Security Essentials Scanning As the scan proceeds information is displayed about scan progress, including how long the scan has taken and the number of items that have been scanned.
4.3.2. Microsoft Security Essentials - Update The Update tab is where you can manually update the virus & spyware definition files used by Microsoft Security Essentials. You may need to do this if, for example, your computer has been switched off for some time and been unable to automatically download updates. Simply click Update to start downloading updated definition files. Microsoft Security Essentials Update A progress bar proceeds as Microsoft Security Essentials searches for new spyware & definition files, downloads them as required and installs them. Microsoft Security Essentials Updating
4.3.3. Microsoft Security Essentials - History The History tab is where you can study what actions Microsoft Security Essentials has taken as a result of software running on the computer. You can get an overview in the following categories : • All detected items - View of all the items that were detected on your computer • Quarantined items - Items that were detected and prevented from running but not removed • Allowed items - Items that you've allowed to run on your computer Microsoft Security Essentials History Which items are in which category will depend upon any configuration changes you've made with respect to the actions that Microsoft Security Essentials takes upon detection of threatening items. (For example, it may be that you've decided to prevent access to items rather than delete them if you find yourself in receipt of infected documents that you can otherwise retrieve the text from - in which case you may have more quarantined items rather than deleted items).
4.3.4. Microsoft Security Essentials - Settings In the Settings tab you will find all the configuration options for Microsoft Security Essentials. It is recommended that you do not change these settings unless you are certain of what you are doing, otherwise you could leave your computer in a less protected state. Microsoft Security Essentials will regularly perform a scan of your computer, this ensures that any newly discovered threats which could have been downloaded before detection of them was added to the definitions will be detected. By default a quick scan will be performed at 2:00AM on Sunday morning. If your computer is unlikely to switched on at this time you can change when this scan is performed to a time when the computer is more likely to be on. You can also schedule the scan to take place daily rather than weekly if preferred. You can also change the type of scan performed to a full scan. Microsoft Security Essentials Scheduled Scan Settings Microsoft Security Essentials categorises all threats into one of four categories (as defined by Microsoft): • Severe - These are widespread or exceptionally malicious programs, similar to viruses or worms, which negatively affect your privacy and the security of your computer, and can damage your computer. • High - These are programs that might collect your personal information and negatively affect your privacy or damage your computer. For example, the program collects information or changes settings, typically without your knowledge or consent. • Medium - These are programs that might affect your privacy or make changes to your computer that could negatively impact your computing experience. For example, the program collects personal information or changes settings. • Low - This is potentially unwanted software that might collect information about you or your computer or might change how your computer works. However, the software is operating in agreement with licensing terms displayed when you installed the software.
For each of these categories you can specify what action is taken against the item or that it be dealt with according to the Microsoft Security Essentials Recommended Action. For Severe and High alerts, you can specify that the item be Removed or Quarantined. For Medium and Low alerts, you can specify that the item be Removed, Quarantined or Allowed. By default Microsoft Security Essentials will remove items that fall inti the Severe or High alert levels, and prompt the user what to do for items in the Medium and Low alert levels. Microsoft Security Essentials Default Actions Settings The Real-time protection settings are used to configure how Microsoft Security Essentials monitors the files and processes running on your computer. You can turn off this real-time protection if required. You can also specify that real-time protection is used to monitor file and program activity on your computer as it happens or that downloaded files and attachments be scanned. It is recommended that you leave these settings switched on. Occasionally an installation program may warn that anti-virus programs be switched off whilst a program is installed. This is almost always unnecessary and may put your computer at risk - leave your anti-virus program switched on at all times. Microsoft Security Essentials Realtime Protection Settings
You can exclude certain files or folders from scanning by Microsoft Security Essentials if you know that these files cannot pose a threat to your computer. This may speed up the scan, but could also leave your computer less protected. Microsoft Security Essentials Excluded Files & Locations Settings You can exclude certain files types from scanning by Microsoft Security Essentials if you know that these files cannot pose a threat to your computer. This may speed up the scan, but could also leave your computer less protected. Microsoft Security Essentials Excluded File Types Settings
You can exclude certain processes from scanning by Microsoft Security Essentials if you know that these processes cannot pose a threat to your computer. It is recommended that you allow scanning of all processes. This may speed up the scan, but could also leave your computer less protected. Microsoft Security Essentials Excluded Processes Settings
The Advanced settings allow you to set the following configuration items : • Scan archive files - On by default, this option configures Microsoft Security Essentials to scan inside archives such as .ZIP or .CAB files. Many installation programs are also archives. (As an example, the MSDN installation program from Microsoft which contains documentation for programmers on the Windows platform is a single .EXE file which actually contains over 300,000 individual files). • Scan removable drives - Off by default, this option configures Microsoft Security Essentials to scan the contents of removable drives when running a full scan. Items will still be scanned when copied to a local hard-disk even when this configuration item is off. • Create a system restore point - On by default, this item configures Microsoft Security Essentials to create a system restore point on a daily basis before cleaning your computer. A system restore point is a kind of snapshot which allows Windows to be restored to a know configuration. • Allow all users to view the full History results - On by default, allows non-administrator users to view all the detected items in the History tab. This may have privacy implications in that users may be able to glean information about files and locations accessed by administrator users which they would not normally have access to. Advanced Settings
The Microsoft SpyNet tab enables you to change your subscription to the online community which helps you to deal with threats to your computer. When a threat is detected on your computer certain details are automatically sent to Microsoft SpyNet where they are analysed to determine what action should be recommended for other instances of this threat. Basic membership is normally enough for this purpose. Microsoft Security Essentials Microsoft SpyNet Settings
4.4. Testing Microsoft Security Essentials You may want to test whether or not Microsoft Security Essentials is installed and working correctly on your computer. There is never any need to download "live" viruses for testing purposes. A number of years ago the anti-virus community worked together to create a test-file which could be used precisely for this purpose and created the EICAR anti-virus test file. (EICAR originally stood for the "European Institute for Computer Anti-virus Research" but the organisation now has a wider remit of IT security in general.) The EICAR anti-virus test file is a simple text file of only 68-bytes which is also an executable DOS program (as such it will run in Windows) which prints the message EICAR-ANTIVIRUS-STANDARD-TEST-FILE! when executed. There is much information about the EICAR anti-virus test file at http://eicar.org/anti_virus_test_file.htm, it is highly recommended that you read the information on this page before proceeding with the tests. For convenience the files are also available from our website from the following links : Download using standard http eicar.com eicar.com.txt eicar_com.zip eicarcom2.zip 68 bytes 68 bytes 184 bytes 308 bytes Download using SSL enabled https eicar.com eicar.com.txt eicar_com.zip eicarcom2.zip 68 bytes 68 bytes 184 bytes 308 bytes Links to these files will be given when required, there is no need to try to download these files now. Depending upon how you're connecting to the internet there may be an anti-virus program which prevents downloading the programs following the "standard http" links in which case you should use the "SSL enabled https" links. Using the https links encrypts the data between your browser and the server, thus preventing scanning while in transit, the file is decrypted, and scannable, when saved to your local hard-disk. By using the "SSL enabled https" links you may also be warned that the rainydayz.org security certificate is invalid, it is safe to use this link to download these files.
4.4.1. Testing Microsoft Security Essentials - Real-time Protection We'll start by testing Microsoft Security Essentials real-time protection. 1. Check that the Microsoft Security Essentials icon in the system tray (at the bottom right of the desktop) is green. 2. Try to download the EICAR standard anti-virus test file. 3. At this point you would generally click on Save to save the file to the local hard-disk. A warning will probably appear before you get chance to click on Save (Internet Explorer starts to download files before you've even decided where to save them, making small downloads like this appear instantaneous). Microsoft Security Essentials Realtime testing Threat detected 4. At this point we would generally click on the Clean computer button, but we'll click on the Details link which opens a new window. This shows us that Microsoft Security Essentials detects the test file as Virus-DOS/EICAR_Test_File and treats it as a true virus, with a designated Alert level of Severe. At this point we can elect to Quarantine or Remove the threat. Click on the Show details >> button. Microsoft Security Essentials Realtime testing Details 1
5. The window now expands to show some more information about this threat, including a description of the threat and the actual file that posed the threat (here we can see that it's in the Temporary Internet Files folder, which we'd expect for a file being downloaded by Internet Explorer). Click on the Clean computer button. Microsoft Security Essentials Realtime testing Details 2 6. After a short delay, while the virus is removed, the window changes to show that the threat has been averted. Click Close to close the window. You'll now have to to Cancel the download in the original dialog, otherwise a new attempt will be made to download the file and the process will start all over again. Microsoft Security Essentials Realtime testing Cleaned Congratulations, you've safely shown that your Microsoft Security Essentials prevents virus infection!
4.4.2. Testing Microsoft Security Essentials - On-demand Protection. We now want to test the on-demand capabilities of Microsoft Security Essentials. 1. We need to download the EICAR Standard Antivirus test File, so we need to temporarily disable the real-time protection. Open Microsoft Security Essentials and in the Settings tab select the settings for Real-time protection. Clear the checkbox labelled Turn on real-time protection (recommended) and click Save changes. At this point the Microsoft Security Essentials icon in the system tray will turn red, an icon from Security Center will appear with the warning that Your computer might be at risk and the bar at the top of the Microsoft Security Essentials will turn red, with the text Computer status - at risk. This is ok for the short duration of this test. Close the Microsoft Security Essentials window. Microsoft Security Essentials Ondemand testing Turn MSE off
2. Download the EICAR standard anti-virus test file saving it to the Desktop for ease. Close or move any other windows you may have open so that you can see the file just downloaded on the Desktop. Microsoft Security Essentials Ondemand testing Save EICAR
3. On the Desktop, locate the eicar.com file (it may be labelled simply eicar) just downloaded and right- click, then select Scan with Microsoft Security Essentials... Microsoft Security Essentials Ondemand testing Rightclick 4. The threat will be detected and the Microsoft Security Essentials window will open with some details. Note that this window also contains a warning that Real-time protection is switched off, with the admonition that it should be switched on. We can get further details on the threat if desired, otherwise click Clean computer Microsoft Security Essentials Ondemand testing Threat detected
5. After a short delay the threat will be removed by deleting the file, you can see it disappear from the Desktop. A window appears to let you know that Your actions were applied successfully. Click on Close. Microsoft Security Essentials Ondemand testing Cleaned 6. We're done testing now, click Turn on in the Microsoft Security Essentials window to re-enable real- time protection, in the system tray the Microsoft Security Essentials icon will turn green and the Security Center icon and warning will disappear. Microsoft Security Essentials Ondemand testing Turn MSE on
5. Other security measures There are a number of other measures you can take to enhance the security of your computer. One of the most effective is to change the way that Windows displays filenames. When MS-DOS was first introduced by Microsoft filenames were limited to uppercase characters only and consisted of a name, of up to 8 characters, followed by a period, followed by a type (or extension) of up to 3 characters. Because of this such filenames are known in the IT industry as 8.3 filenames. The extension was used to denote what the file was used for, a file containing text would be given the extension .TXT, programs initially had extensions .COM because they were known as commands and later a different type of program was given the extension .EXE. This practice continues to this day, although it's now possible to give files names longer than 8 characters. (As a matter of interest Microsoft Operating Systems are still case insensitive when ir comes to file names, which means you cannot have the files "FILE.TXT" and "file.txt" in the same folder, Windows considers both file name to be the same.) Nowadays Windows doesn't rely on the file extension, more sophisticated measures are used to determine what the actual file contents are but by default Windows hides the extension for files with known filetypes. So the file "XmasList.doc" will be displayed by Windows as simply "XmasList". It was intended that the icon associated with the filetype to indicate to the user what the file is intended for, but this can be circumvented for nefarious means. An attacker could entice you to download a file, or send one by email, and disguise the file in the following manner. • The file is an executable, say with the name "LetterFromMum.exe", but Windows displays the filename simply as "LetterFromMum". • For executable files (such as .EXEs) the icon to display is stored within the executable file itself, and the attacker has chosen to use the same icon as used for text files. • So you see "LetterFromMum" displayed with a text icon and double-click it, expecting it to open in Notepad. Instead, Windows launches the executable which may contain a virus or other malware. We want to make sure that Windows displays the full filename for all files, so we'll see "LetterFromMum.exe" and know that this file is not a text file. Here's the procedure : 1. Open Windows Explorer from Start Menu → All Programs → Accessories → Windows Explorer Start Menu Windows Explorer
2. In Windows Explorer select Tools → Folder Options... Windows Explorer Tools → Folder Options... 3. in the Folder Options dialog, select the View tab and clear the checkbox next to Hide extensions for known file types, then click OK. You can now close Windows Explorer and full filenames will be shown. This setting applies to the Desktop, to Windows Explorer and to the Windows Open/Save dialogs. Windows Explorer Folder Options
6. Alternative applications for web-browsing, e-mail and more There are many alternatives to the standard Microsoft applications, many of them come from the free software community and are free to download, install and use. • Web-browser • Mozilla Firefox - An award winning alternative to Internet Explorer. There are thousands of add-ons available for such things as ad-blocking. • SeaMonkey - Web-browser, advanced e-mail, newsgroup and feed client, IRC chat, and HTML editing made simple -- all your Internet needs in one application. • Opera - A fully featured browser which is free to use, with versions available for Windows, Linux, Mac and Mobile devices such as telephones. • E-Mail client • Thunderbird - By combining an open architecture, a powerful extensibility and customization framework, and a person-centric perspective on communications, Thunderbird is a powerful yet enjoyable tool to help individuals manage their online interactions -- whether that’s email, instant messaging, social networking messages, or other types of message. • SeaMonkey - Web-browser, advanced e-mail, newsgroup and feed client, IRC chat, and HTML editing made simple -- all your Internet needs in one application. • Instant Messaging • Pidgin - Pidgin is an easy to use and free chat client used by millions. Connect to AIM, MSN, Yahoo, and more chat networks all at once. • Microsoft Office • OpenOffice.org - OpenOffice.org is both a product and an open-source project. Both have been in existence since October 13, 2000. OpenOffice.org 1.0, the product, was released on April 30, 2002. OpenOffice.org's Mission Statement is... • To create, as a community, the leading international office suite that will run on all major platforms and provide access to all functionality and data through open- component based APIs and an XML-based file format. • Photoshop • GIMP - The GNU Image Manipulation Program. Not as full featured as Photoshop, but certainly a powerful image editting program in it's own right. • Paint.NET - A powerful image editing program, free to download and use. • Inkscape - An Open Source vector graphics editor, with capabilities similar to Illustrator, CorelDraw, or Xara X, using the W3C standard Scalable Vector Graphics (SVG) file format. • CD burning • InfraRecorder - InfraRecorder is a free CD/DVD burning solution for Microsoft Windows. It offers a wide range of powerful features; all through an easy to use application interface and Windows Explorer integration.
7. Use an alternative to Windows You may wish to use an alternative to Windows, in which case the Linux operating-system has undergone remarkable development over the last few years. There are a huge number of distributions to choose from, to cater for individual tastes. (A distribution is the Linux operating system package for customers. It includes the Linux kernel, essential operating system components from the GNU Project, an installation program, various open source utilities and applications, documentation and may include technical support.) Many of these distributions are available as "Live CDs" whereby you can download a CD from the internet, boot your computer from the CD and try Linux without having any impact your current Windows installation. You can install Linux such that you can "dual-boot", whereby you choose whether to run Linux or Windows each time you boot your computer. Linux is capable of reading data from your Windows hard-disk. Best of all, Linux is free!. Some of the most popular distributions are : Ubuntu Currently the world's most popular distribution, Ubuntu is an operating system built by a worldwide team of expert developers. It contains all the applications you need: a web browser, office suite, media apps, instant messaging and much more. Ubuntu is an open-source alternative to Windows and Office. Fedora Project Fedora is a Linux-based operating system that showcases the latest in free and open source software. Fedora is always free for anyone to use, modify, and distribute. It is built by people across the globe who work together as a community: the Fedora Project. The Fedora Project is open and anyone is welcome to join. The Fedora Project is out front for you, leading the advancement of free, open software and content. openSUSE OpenSUSE is a free and Linux-based operating system for your PC, Laptop or Server. You can surf the web, manage your e-mails and photos, do office work, play videos or music and have a lot of fun! If you'd like to see some other alternatives, visit DistroWatch.com a website with information about the thousands of available distributions and packages. If you've any questions, or would like a demonstration, please fill in our Contact Form, or contact us via e- mail.
You can also read
Next part ... Cancel