Keeping your Lenovo netbook safe & secure.

 
 
Keeping your Lenovo netbook safe & secure.
Keeping your Lenovo netbook safe & secure.

Table of Contents
Keeping your Lenovo netbook safe & secure........................................................................1
  1. Adding an administrative user.......................................................................................3
  2. Changing the account type for the normal user............................................................7
  3. Updating the Operating System....................................................................................9
  3.1. Windows Update - No Updates................................................................................11
  3.2. Windows Update - Applying Updates.......................................................................12
  3.3. Windows Update - Automatic Updates.....................................................................15
  4. Installing anti-virus software........................................................................................17
  4.1. Downloading Microsoft Security Essentials..............................................................18
  4.2. Installing Microsoft Security Essentials....................................................................21
  4.3. Using Microsoft Security Essentials.........................................................................25
  4.3.1. Microsoft Security Essentials - Home....................................................................26
  4.3.2. Microsoft Security Essentials - Update..................................................................28
  4.3.3. Microsoft Security Essentials - History..................................................................29
  4.3.4. Microsoft Security Essentials - Settings................................................................30
  4.4. Testing Microsoft Security Essentials.......................................................................36
  4.4.1. Testing Microsoft Security Essentials - Real-time Protection................................37
  4.4.2. Testing Microsoft Security Essentials - On-demand Protection............................39
  5. Other security measures..............................................................................................43
  6. Alternative applications for web-browsing, e-mail and more.......................................45
  7. Use an alternative to Windows....................................................................................46
Keeping your Lenovo netbook safe & secure.
When you first turn on your laptop it should look something like :




              Lenovo Startup Screen


The user name displayed will be that entered during installation of the Operating System, which in this case
is Windows XP Home Edition.
Clicking on the large icon next to the user will start Windows, and a screen similar to the following will be
shown.




              The Lenovo Desktop

We're going to take the following steps to ensure that your Lenovo netbook is as secure as possible :
    1. Adding an administrative user
    2. Changing the account type for the normal user
    3. Updating the Operating System
    4. Installing anti-virus software
    5. Other security measures
    6. Alternative applications for web-browsing, e-mail and more
    7. Use an alternative to Windows
Keeping your Lenovo netbook safe & secure.
1. Adding an administrative user

One of the first steps we can take to ensure the security of our computer is to add an administrative user
account.
This account will be used whenever we need to make changes to the installed software or add/remove
programs or hardware. For everyday use we will limit the power of our user account. This will prevent us
from doing too much damage should we make a mistake and it will limit the damage a program that we run
can do.
From the Start Menu select Control Panel




             Start Menu


In the Control Panel, select User Accounts




             Control Panel
Keeping your Lenovo netbook safe & secure.
In the User Accounts dialog, click Create a new account (the second option under "Pick a task ...")




             User Accounts


We now need to enter a name for this administrative user. We cannot use the name "Administrator", as that
is a reserved name for the system administrator account which was set up during installation. I use the name
"Admin", although you can use any name you like.
Once you've entered the name in the box provided, click Next




             User Account Name
Keeping your Lenovo netbook safe & secure.
We now have to set the account type. In Windows XP there are two user account types. There are
administrator accounts and normal user accounts. This will be an administrator account, so select "Computer
administrator" before clicking Create Account




              User Account Type


We now have an administrative account that we can use for day-to-day administration of our system.
It is vitally important to set a password on this account to prevent its misuse. From the Control Panel click on
the Admin icon under "or pick an account to change"




              User Accounts
Keeping your Lenovo netbook safe & secure.
In the dialog that's presented next click on Create a password




             User Accounts ­ Change


Enter the password for the Admin user in the box labelled "Type a new password:", then type it again in the
box labelled "Type the new password again to confirm:".
If you wish you can enter a hint which may be used to give you a clue to the password should you forget it.
Once this information has been entered click Create Password.




             User Accounts ­ Password


You now have an administrative user with a password protected account, the first step to securing your
computer is complete. You should log off and then log on to this account, entering your password when
prompted.
Keeping your Lenovo netbook safe & secure.
2. Changing the account type for the normal user

Following completion of the first step you will have two user accounts on your computer:
    •   The first is the named account which was set up at installation time, this account will have
        administrative rights and not be password protected.
    •   The second is the Admin account just set up, with administrative rights and password protection.
Ensure that you have logged off and are logged on as the Admin user. It is this user account which we will be
using for all computer maintenance from now on.
The first task is to "demote" the initial user account to that of a "Limited Account". As long as we remember
that it is this limited user account that we shall use for the majority of tasks on the computer we will have
gone a long way to limiting the damage that can be caused either unwittingly or by accidentally running some
malware which may have been downloaded.
From the Control Panel click on User Accounts, as done previously. Then click on the non-Admin account
name.




             User Accounts
Keeping your Lenovo netbook safe & secure.
Click on Change the account type




              User Account ­ Change


Now click Limited. Make sure you read the information about the restrictions imposed by a limited account.
You will almost certainly require Administrator privileges to install and uninstall software, and some programs
(particularly older ones) require Administrator privileges just to run.
Note: You don't always have to log off and back in as an Administrator to perform all administrative tasks. If
required, whilst running with a Limited account, you may be prompted for an Administrator password.
When finished, press Change Account Type




              User Accounts ­ Limited


At this time you could also set a password, following the same procedure as previously, for the normal user.
For everyday use you should now log in using the Limted account, only entering the Administrator password
when requested. If you're performing a task such as installing a number of software packages - as we will
when we install our anti-virus packages - it may be worth logging in using the Administrator account.
If you do log in using the Administrator account to install software make sure that you select "Install software
for all users" if prompted, otherwise the software may only be available to your Administrator account.
We're now ready to start updating the Operating System.
Keeping your Lenovo netbook safe & secure.
3. Updating the Operating System
We'll be using Windows Update to keep our installation up-to-date.
Whenever bugs are found in Microsoft programs (including the Operating System) then fixes are made
available to all users through the Windows Update mechanism. Windows Update connects to a server at
Microsoft to determine if any software requires updating, if necessary updates are automatically downloaded
and installed.
Launch Windows Update from the Start Menu. Windows Update uses a special plugin (known as an ActiveX
component) to Internet Explorer to communicate with the servers at Microsoft.
You may receive a warning and a request for permission to run the ActiveX control - which will appear as a
yellow box at the top of the page (just above the large Microsoft logo). You will have to allow this ActiveX
control permission to run.




             Windows Update ­ Welcome Screen
You must now decide whether to just check for High-Priority updates or for all updates. Clicking on Express
will check just for updates which fix bugs that are determined to present a high-risk.
By clicking on Custom Windows Update will also check for a number of optional updates which will include
new versions of driver software and other updates which are available but which are not required to maintain
the security of your system.
Keeping your Lenovo netbook safe & secure.
Whether you selected Express or Custom you'll see the following window, with a scrolling green progress
indicator, as Windows checks to see if there are any updates available which are applicable to your
computer.




             Windows Update ­ Checking
3.1. Windows Update - No Updates
If you selected Express and there are no updates available you'll see the following :




             Windows Update ­ No Express Updates


If you selected Custom and there are no updates available you'll see the following :




             Windows Update ­ No Custom Updates


If your search returned available updates these should be installed. It may be necessary to reboot after some
updates have been applied. Keep running Windows Update and installing updates that are available until
there is nothing more to install.
3.2. Windows Update - Applying Updates
If there are updates available then you'll see one of the following Windows, depending upon whether you
chose to do Express or Custom updates.
If you chose to check for Express updates then you'll see a window like that shown below:




              Windows Update ­ Express Updates


The main pane of the window shows each of the applicable updates. The update often has a reference in
brackets following it, such as KB072270, this is a reference used by Microsoft for the update to which it
applies and is know as the KnowledgeBase reference. You can visit the Microsoft website
(http://www.microsoft.com) and search for this reference to get more information about the update to which it
refers.
If you selected Custom you'll see the following :




              Windows Update ­ Custom Updates
As with the Express updates the main pane of the windows shows each applicable update (note that there
may be more updates than with the Express update results because of updates which may be available but
not considered as required for maintaining the security of your system and are therefore only included when
performing a Custom update.
The updates are also categorized in the left pane of the main window, displayed both by Type and by
Product.
Windows Update ­ Custom Updates


Clicking on [+] icon next to each update will expand the entry somewhat, giving a little more information
about what the update is required for. There's also a details details link which you can click to get more
information in a pop-up window from the microsoft web-site.




              Windows Update ­ Details


Select, from the main pane, the updates you wish to apply (note that after a Custom search only the High-
Priority updates will be automatically selected. Then click the Install Updates link.
The updates will now be downloaded and installed, progress during this operation will be displayed in a
window like this :




             Windows Update ­ Working


After all the updates are applied you may be prompted to reboot, if this is the case you should do so.




             Windows Update ­ Restart


The first time you run Windows Update, or if you have run the Custom scan and installed non-critical
updates, you should run Windows Update from the Start Menu again. There may be more critical updates to
apply before your computer is completely updated.
As a rough guideline, a computer with a clean Windows install which includes the service pack 2 (a service
pack is a special update of Windows which includes all previous security updates and is shipped to computer
manufacturers so that all new installations are more nearly up-to-date) may require Windows Update to be
run five or more times, with a reboot after each set of updates.
3.3. Windows Update - Automatic Updates
You can configure Windows to automatically apply updates as they become available. Windows will check at
regular intervals whether or not updates are available, and can be configured to automatically download
applicable updates and even install them if required.
To set this option, select Start Menu → Control Panel




             Control Panel ­ Security Center


Click on Security Center to open the Windows Security Center.




             Security Center ­ Automatic Updates


Here there are three sections, titled Firewall, Automatic Updates and Virus Protection. If there are any
problems the appropriate section will display the relevant information. In our case we have automatic
updates disabled. Windows displays a Turn on Automatic Updates button which you can click to
automatically enable the automatic update functionality of Windows Update.
Alternatively you can click Automatic Updates at the bottom of this window to open an Automatic Updates
window with more options.




             Automatic Updates


You can select from the following options for Microsoft Update
    •   Automatic Update checks for updates and automatically downloads and installs them at a given time.
        If necessary the computer will be rebooted by this process. Note that you will have to ensure that the
        computer will be switched on and have internet connectivity at the specified time.
    •   Automatic Update checks for updates and downloads them but does not install them, you will be
        notified when the updates can be installed.
    •   Automatic Update checks for updates but does not download them, you will be notified when the
        updates can be downloaded and installed.
    •   Automatic Update is disabled and does not check for available updates.
Once Automatic Update is switched on, click Ok to return to Security Center where you should see that all is
switched on.




             Security Center ­ All Ok


Exit from the Security Center by closing the window.
4. Installing anti-virus software
It is important that anti-virus software be installed on any Windows computer, there are a great many threats
which are specifically targeted towards the Windows user.
The choice of anti-virus software is firstly a choice between free and subscription-based services.
Many computers come with anti-virus software pre-installed, this is generally a subscription-based service
which is free for the first few months, after which the user is expected to begin paying.
Some ISPs bundle anti-virus software as part of their broadband packages.
Just because you pay for anti-virus software does not necessarily mean that your product will be better than
a free anti-virus product.
Anti-virus product efficacy varies from release to release, the product with the highest detection rate today
may not have the highest detection rate tomorrow.
Some solutions may also include e-mail scanning, anti-phishing/anti-spyware detection or other general anti-
malware detection included.
Two excellent sources of information are AV-Comparatives.org and Virus Bulletin.
For the purposes of this article we'll look at Microsoft Security Essentials, a free anti-virus solution from
Microsoft.
For anti-virus solutions from other vendors consult the documentation that came with the package or check
the vendors web-site.
4.1. Downloading Microsoft Security Essentials
Open Internet Explorer and enter http://www.microsoft.com/security_essentials/default.aspx?mkt=en-gb in
the address bar.
Click on the large Download Now button.




             Microsoft Security Essentials – Home Page


A window appears asking what we want to do with this file, click Save.




             Microsoft Security Essentials ­ Download 1
In the dialog that appears, click Desktop in the left hand pane. This will save the file to our Desktop where it
can be easily located for installation.
Click on Save




              Microsoft Security Essentials ­ Download 2


The installation file for Microsoft Security Essentials will now be downloaded and saved to the Desktop.
Depending upon your internet connection speed this may take a few seconds or a few minutes.
If Close this dialog box when download completes is selected then the dialog will automatically close when
the installation file is downloaded, otherwise close the dialog box upon completion.




              Microsoft Security Essentials ­ Download 3
The Internet Explorer window can now be closed.




             Microsoft Security Essentials ­ Download 4


We're ready to move on to the next step of installing Microsoft Security Essentials.
4.2. Installing Microsoft Security Essentials
After closing the Internet Explorer window we can see the newly downloaded installation file on the Desktop.
Double-click on the icon.




             Microsoft Security Essentials ­ Install 1


We're prompted for confirmation that the file should be run, click Run.




             Microsoft Security Essentials ­ Install 2
A window will appear with some information about Microsoft Security Essentials, with a link to the Microsoft
Privacy Statement for this product. read what it says and be sure that you feel comfortable with all terms and
conditions.
Then press Next >




              Microsoft Security Essentials ­ Install 3


Now you're presented with the licensing terms under which Microsoft Security essentials is distributed. Once
you've read these terms, and can agree to them, press I accept to move on to the next stage.




              Microsoft Security Essentials ­ Install 4


One of the terms that Microsoft Security Essentials is released under is that it is only permissible to install it
on computers running a properly licensed copy of Windows. The process of determining whether your
computer is properly licensed is called Validation and is performed by a Microsoft programme called
"Genuine Advantage". When you're ready to have your copy of Windows XP validated click Validate >.
Follow any prompts that you may be given to run the Windows Genuine Advantage Validation Tool.
When your copy of Windows has been validated you can click on Install > to continue to the next step.




Microsoft Security Essentials ­ Install 5


Prior to installation you'll receive a warning that having multiple anti-virus programs running at the same time
can cause conflicts and mean that one or all of the programs fail to work correctly.
Click Install > to continue.




              Microsoft Security Essentials ­ Install 6
Microsoft Security Essentials will now be installed. A progress bar shows that installation is proceeding.




              Microsoft Security Essentials ­ Install 7


Once the installation has completed you'll see this dialog. It is advised to leave the Scan my computer for
potential risks after getting the latest updates selected.
Click on Finish




              Microsoft Security Essentials ­ Install 8


Assuming that the Scan my computer for potential risks after getting the latest updates checkbox was
selected, Microsoft Security Essentials will now run for the first time.
4.3. Using Microsoft Security Essentials
There are two modes of operation for Microsoft Security Essentials,
     1. Real-time (or on-access) mode.
        In this mode Microsoft Security Essentials will scan every item that is accessed by the computer for
        threats automatically. If you try to access a file or program that has been determined to offer a threat
        to your computer then Microsoft Security Essentials will prevent access to the file or program.
        According to it's configuration you may be asked what to do, or the threat may be automatically
        quarantined or deleted.
     2. On-demand (or manual-scanning) mode.
        In this mode you give Microsoft Security Essentials a file or folder and each item within that folder will
        be scanned for threats. As with real-time mode you may be given a choice of options when a threat
        is detected.
So Microsoft Security Essentials refers both to the program running constantly to afford system protection,
and to the program used to configure it. In this section Microsoft Security Essentials refers to the
configuration program unless otherwise indicated.
Microsoft Security Essentials will run immediately after install, or it can be started manually by clicking Start
Menu → Microsoft Security Essentials.
The Microsoft Security Essentials window looks like this :




              Microsoft Security Essentials ­ Main


There are four tabs which run along the top of the window, from which we can access the four functions of
the program. We'll look at each of these in a little more detail.
4.3.1. Microsoft Security Essentials - Home
The first (leftmost) tab is the Home tab.
This tab show you whether Microsoft Security Essentials real-time protection is switched on, and whether the
Virus & spyware definitions are up to date. (The virus & spyware definitions contain information used by the
Microsoft Security essentials programs to locate and identify threats contained within files accessed by your
computer. They need to be regularly updated to inform the system how to identy new threats as they are
discovered.)




             Microsoft Security Essentials ­ Main


From here you can also run an on-demand scan of your computer, by selecting one of the following Scan
options and pressing Scan now.
    •   Quick scan checks the areas that malicious software, including viruses, spyware and unwanted
        software, are most likely to infect.
    •   Full scan checks all the files on your hard-disk and checks all running programs.
    •   Custom scan checks only the locations and files that you select.
When a custom scan is selected a dialog box appears where you can select which files and folders you wish
to scan. For example, in the the screenshot below all the folders in C:\Documents and Settings will be
scanned, with the exception of those belonging to user Admin.




             Microsoft Security Essentials ­ Custom


Press the Scan now button to initiate the scan.




             Microsoft Security Essentials ­ Scanning


As the scan proceeds information is displayed about scan progress, including how long the scan has taken
and the number of items that have been scanned.
4.3.2. Microsoft Security Essentials - Update
The Update tab is where you can manually update the virus & spyware definition files used by Microsoft
Security Essentials.
You may need to do this if, for example, your computer has been switched off for some time and been unable
to automatically download updates.
Simply click Update to start downloading updated definition files.




             Microsoft Security Essentials ­ Update


A progress bar proceeds as Microsoft Security Essentials searches for new spyware & definition files,
downloads them as required and installs them.




             Microsoft Security Essentials ­ Updating
4.3.3. Microsoft Security Essentials - History
The History tab is where you can study what actions Microsoft Security Essentials has taken as a result of
software running on the computer.
You can get an overview in the following categories :
    •   All detected items - View of all the items that were detected on your computer
    •   Quarantined items - Items that were detected and prevented from running but not removed
    •   Allowed items - Items that you've allowed to run on your computer




             Microsoft Security Essentials ­ History


Which items are in which category will depend upon any configuration changes you've made with respect to
the actions that Microsoft Security Essentials takes upon detection of threatening items. (For example, it may
be that you've decided to prevent access to items rather than delete them if you find yourself in receipt of
infected documents that you can otherwise retrieve the text from - in which case you may have more
quarantined items rather than deleted items).
4.3.4. Microsoft Security Essentials - Settings
In the Settings tab you will find all the configuration options for Microsoft Security Essentials.
It is recommended that you do not change these settings unless you are certain of what you are doing,
otherwise you could leave your computer in a less protected state.
Microsoft Security Essentials will regularly perform a scan of your computer, this ensures that any newly
discovered threats which could have been downloaded before detection of them was added to the definitions
will be detected.
By default a quick scan will be performed at 2:00AM on Sunday morning. If your computer is unlikely to
switched on at this time you can change when this scan is performed to a time when the computer is more
likely to be on. You can also schedule the scan to take place daily rather than weekly if preferred.
You can also change the type of scan performed to a full scan.




              Microsoft Security Essentials ­ Scheduled Scan Settings


Microsoft Security Essentials categorises all threats into one of four categories (as defined by Microsoft):
    •   Severe - These are widespread or exceptionally malicious programs, similar to viruses or worms,
        which negatively affect your privacy and the security of your computer, and can damage your
        computer.
    •   High - These are programs that might collect your personal information and negatively affect your
        privacy or damage your computer. For example, the program collects information or changes
        settings, typically without your knowledge or consent.
    •   Medium - These are programs that might affect your privacy or make changes to your computer that
        could negatively impact your computing experience. For example, the program collects personal
        information or changes settings.
    •   Low - This is potentially unwanted software that might collect information about you or your computer
        or might change how your computer works. However, the software is operating in agreement with
        licensing terms displayed when you installed the software.
For each of these categories you can specify what action is taken against the item or that it be dealt with
according to the Microsoft Security Essentials Recommended Action.
For Severe and High alerts, you can specify that the item be Removed or Quarantined.
For Medium and Low alerts, you can specify that the item be Removed, Quarantined or Allowed.
By default Microsoft Security Essentials will remove items that fall inti the Severe or High alert levels, and
prompt the user what to do for items in the Medium and Low alert levels.




              Microsoft Security Essentials ­ Default Actions Settings


The Real-time protection settings are used to configure how Microsoft Security Essentials monitors the files
and processes running on your computer. You can turn off this real-time protection if required. You can also
specify that real-time protection is used to monitor file and program activity on your computer as it happens
or that downloaded files and attachments be scanned.
It is recommended that you leave these settings switched on.
Occasionally an installation program may warn that anti-virus programs be switched off whilst a program is
installed. This is almost always unnecessary and may put your computer at risk - leave your anti-virus
program switched on at all times.




              Microsoft Security Essentials ­ Real­time Protection Settings
You can exclude certain files or folders from scanning by Microsoft Security Essentials if you know that these
files cannot pose a threat to your computer.
This may speed up the scan, but could also leave your computer less protected.




             Microsoft Security Essentials ­ Excluded Files & Locations Settings


You can exclude certain files types from scanning by Microsoft Security Essentials if you know that these
files cannot pose a threat to your computer.
This may speed up the scan, but could also leave your computer less protected.




             Microsoft Security Essentials ­ Excluded File Types Settings
You can exclude certain processes from scanning by Microsoft Security Essentials if you know that these
processes cannot pose a threat to your computer. It is recommended that you allow scanning of all
processes.
This may speed up the scan, but could also leave your computer less protected.




             Microsoft Security Essentials ­ Excluded Processes Settings
The Advanced settings allow you to set the following configuration items :
    •   Scan archive files - On by default, this option configures Microsoft Security Essentials to scan inside
        archives such as .ZIP or .CAB files. Many installation programs are also archives. (As an example,
        the MSDN installation program from Microsoft which contains documentation for programmers on the
        Windows platform is a single .EXE file which actually contains over 300,000 individual files).
    •   Scan removable drives - Off by default, this option configures Microsoft Security Essentials to scan
        the contents of removable drives when running a full scan. Items will still be scanned when copied to
        a local hard-disk even when this configuration item is off.
    •   Create a system restore point - On by default, this item configures Microsoft Security Essentials to
        create a system restore point on a daily basis before cleaning your computer. A system restore point
        is a kind of snapshot which allows Windows to be restored to a know configuration.
    •   Allow all users to view the full History results - On by default, allows non-administrator users to view
        all the detected items in the History tab. This may have privacy implications in that users may be able
        to glean information about files and locations accessed by administrator users which they would not
        normally have access to.




             Advanced Settings
The Microsoft SpyNet tab enables you to change your subscription to the online community which helps you
to deal with threats to your computer.
When a threat is detected on your computer certain details are automatically sent to Microsoft SpyNet where
they are analysed to determine what action should be recommended for other instances of this threat. Basic
membership is normally enough for this purpose.




             Microsoft Security Essentials ­ Microsoft SpyNet Settings
4.4. Testing Microsoft Security Essentials
You may want to test whether or not Microsoft Security Essentials is installed and working correctly on your
computer.
There is never any need to download "live" viruses for testing purposes.
A number of years ago the anti-virus community worked together to create a test-file which could be used
precisely for this purpose and created the EICAR anti-virus test file.
(EICAR originally stood for the "European Institute for Computer Anti-virus Research" but the organisation
now has a wider remit of IT security in general.)
The EICAR anti-virus test file is a simple text file of only 68-bytes which is also an executable DOS program
(as such it will run in Windows) which prints the message EICAR-ANTIVIRUS-STANDARD-TEST-FILE!
when executed.
There is much information about the EICAR anti-virus test file at http://eicar.org/anti_virus_test_file.htm, it is
highly recommended that you read the information on this page before proceeding with the tests.
For convenience the files are also available from our website from the following links :
              Download using standard http
eicar.com eicar.com.txt eicar_com.zip eicarcom2.zip
68 bytes 68 bytes             184 bytes       308 bytes
            Download using SSL enabled https
eicar.com eicar.com.txt eicar_com.zip eicarcom2.zip
68 bytes 68 bytes             184 bytes       308 bytes
Links to these files will be given when required, there is no need to try to download these files now.
Depending upon how you're connecting to the internet there may be an anti-virus program which prevents
downloading the programs following the "standard http" links in which case you should use the "SSL enabled
https" links. Using the https links encrypts the data between your browser and the server, thus preventing
scanning while in transit, the file is decrypted, and scannable, when saved to your local hard-disk.
By using the "SSL enabled https" links you may also be warned that the rainydayz.org security certificate is
invalid, it is safe to use this link to download these files.
4.4.1. Testing Microsoft Security Essentials - Real-time Protection
We'll start by testing Microsoft Security Essentials real-time protection.
     1. Check that the Microsoft Security Essentials icon in the system tray (at the bottom right of the
        desktop) is green.
     2. Try to download the EICAR standard anti-virus test file.
     3. At this point you would generally click on Save to save the file to the local hard-disk. A warning will
        probably appear before you get chance to click on Save (Internet Explorer starts to download files
        before you've even decided where to save them, making small downloads like this appear
        instantaneous).




        Microsoft Security Essentials ­ Real­time testing ­ Threat detected

     4. At this point we would generally click on the Clean computer button, but we'll click on the Details link
        which opens a new window.
        This shows us that Microsoft Security Essentials detects the test file as Virus-DOS/EICAR_Test_File
        and treats it as a true virus, with a designated Alert level of Severe.
        At this point we can elect to Quarantine or Remove the threat. Click on the Show details >> button.




        Microsoft Security Essentials ­ Real­time testing ­ Details 1
5. The window now expands to show some more information about this threat, including a description
       of the threat and the actual file that posed the threat (here we can see that it's in the Temporary
       Internet Files folder, which we'd expect for a file being downloaded by Internet Explorer). Click on the
       Clean computer button.




        Microsoft Security Essentials ­ Real­time testing ­ Details 2

    6. After a short delay, while the virus is removed, the window changes to show that the threat has been
       averted. Click Close to close the window.
       You'll now have to to Cancel the download in the original dialog, otherwise a new attempt will be
       made to download the file and the process will start all over again.




        Microsoft Security Essentials ­ Real­time testing ­ Cleaned


Congratulations, you've safely shown that your Microsoft Security Essentials prevents virus infection!
4.4.2. Testing Microsoft Security Essentials - On-demand Protection.
We now want to test the on-demand capabilities of Microsoft Security Essentials.
    1. We need to download the EICAR Standard Antivirus test File, so we need to temporarily disable the
       real-time protection.
       Open Microsoft Security Essentials and in the Settings tab select the settings for Real-time
       protection.
       Clear the checkbox labelled Turn on real-time protection (recommended) and click Save changes. At
       this point the Microsoft Security Essentials icon in the system tray will turn red, an icon from Security
       Center will appear with the warning that Your computer might be at risk and the bar at the top of the
       Microsoft Security Essentials will turn red, with the text Computer status - at risk. This is ok for the
       short duration of this test.
       Close the Microsoft Security Essentials window.




       Microsoft Security Essentials ­ On­demand testing ­ Turn MSE off
2. Download the EICAR standard anti-virus test file saving it to the Desktop for ease.
   Close or move any other windows you may have open so that you can see the file just downloaded
   on the Desktop.




   Microsoft Security Essentials ­ On­demand testing ­ Save EICAR
3. On the Desktop, locate the eicar.com file (it may be labelled simply eicar) just downloaded and right-
   click, then select Scan with Microsoft Security Essentials...




   Microsoft Security Essentials ­ On­demand testing ­ Right­click

4. The threat will be detected and the Microsoft Security Essentials window will open with some details.
   Note that this window also contains a warning that Real-time protection is switched off, with the
   admonition that it should be switched on.
   We can get further details on the threat if desired, otherwise click Clean computer




   Microsoft Security Essentials ­ On­demand testing ­ Threat detected
5. After a short delay the threat will be removed by deleting the file, you can see it disappear from the
   Desktop. A window appears to let you know that Your actions were applied successfully. Click on
   Close.




   Microsoft Security Essentials ­ On­demand testing ­ Cleaned

6. We're done testing now, click Turn on in the Microsoft Security Essentials window to re-enable real-
   time protection, in the system tray the Microsoft Security Essentials icon will turn green and the
   Security Center icon and warning will disappear.




   Microsoft Security Essentials ­ On­demand testing ­ Turn MSE on
5. Other security measures
There are a number of other measures you can take to enhance the security of your computer. One of the
most effective is to change the way that Windows displays filenames.
When MS-DOS was first introduced by Microsoft filenames were limited to uppercase characters only and
consisted of a name, of up to 8 characters, followed by a period, followed by a type (or extension) of up to 3
characters. Because of this such filenames are known in the IT industry as 8.3 filenames. The extension was
used to denote what the file was used for, a file containing text would be given the extension .TXT, programs
initially had extensions .COM because they were known as commands and later a different type of program
was given the extension .EXE.
This practice continues to this day, although it's now possible to give files names longer than 8 characters.
(As a matter of interest Microsoft Operating Systems are still case insensitive when ir comes to file names,
which means you cannot have the files "FILE.TXT" and "file.txt" in the same folder, Windows considers both
file name to be the same.)
Nowadays Windows doesn't rely on the file extension, more sophisticated measures are used to determine
what the actual file contents are but by default Windows hides the extension for files with known filetypes. So
the file "XmasList.doc" will be displayed by Windows as simply "XmasList".
It was intended that the icon associated with the filetype to indicate to the user what the file is intended for,
but this can be circumvented for nefarious means.
An attacker could entice you to download a file, or send one by email, and disguise the file in the following
manner.
     •   The file is an executable, say with the name "LetterFromMum.exe", but Windows displays the
         filename simply as "LetterFromMum".
     •   For executable files (such as .EXEs) the icon to display is stored within the executable file itself, and
         the attacker has chosen to use the same icon as used for text files.
     •   So you see "LetterFromMum" displayed with a text icon and double-click it, expecting it to open in
         Notepad. Instead, Windows launches the executable which may contain a virus or other malware.
We want to make sure that Windows displays the full filename for all files, so we'll see "LetterFromMum.exe"
and know that this file is not a text file.
Here's the procedure :
     1. Open Windows Explorer from Start Menu → All Programs → Accessories → Windows Explorer




                   Start Menu ­ Windows Explorer
2. In Windows Explorer select Tools → Folder Options...




            Windows Explorer ­ Tools → Folder Options...
3. in the Folder Options dialog, select the View tab and clear the checkbox next to Hide extensions for
   known file types, then click OK.
   You can now close Windows Explorer and full filenames will be shown. This setting applies to the
   Desktop, to Windows Explorer and to the Windows Open/Save dialogs.




            Windows Explorer ­ Folder Options
6. Alternative applications for web-browsing, e-mail and more
There are many alternatives to the standard Microsoft applications, many of them come from the free
software community and are free to download, install and use.
    •   Web-browser
             • Mozilla Firefox - An award winning alternative to Internet Explorer. There are thousands of
                add-ons available for such things as ad-blocking.
             • SeaMonkey - Web-browser, advanced e-mail, newsgroup and feed client, IRC chat, and
                HTML editing made simple -- all your Internet needs in one application.
             • Opera - A fully featured browser which is free to use, with versions available for Windows,
                Linux, Mac and Mobile devices such as telephones.
    •   E-Mail client
             • Thunderbird - By combining an open architecture, a powerful extensibility and customization
                framework, and a person-centric perspective on communications, Thunderbird is a powerful
                yet enjoyable tool to help individuals manage their online interactions -- whether that’s email,
                instant messaging, social networking messages, or other types of message.
             • SeaMonkey - Web-browser, advanced e-mail, newsgroup and feed client, IRC chat, and
                HTML editing made simple -- all your Internet needs in one application.
    •   Instant Messaging
             • Pidgin - Pidgin is an easy to use and free chat client used by millions. Connect to AIM, MSN,
                Yahoo, and more chat networks all at once.
    •   Microsoft Office
             • OpenOffice.org - OpenOffice.org is both a product and an open-source project. Both have
                been in existence since October 13, 2000. OpenOffice.org 1.0, the product, was released on
                April 30, 2002.
                OpenOffice.org's Mission Statement is...
                      • To create, as a community, the leading international office suite that will run on all
                         major platforms and provide access to all functionality and data through open-
                         component based APIs and an XML-based file format.
    •   Photoshop
             • GIMP - The GNU Image Manipulation Program. Not as full featured as Photoshop, but
                certainly a powerful image editting program in it's own right.
             • Paint.NET - A powerful image editing program, free to download and use.
             • Inkscape - An Open Source vector graphics editor, with capabilities similar to Illustrator,
                CorelDraw, or Xara X, using the W3C standard Scalable Vector Graphics (SVG) file format.
    •   CD burning
             • InfraRecorder - InfraRecorder is a free CD/DVD burning solution for Microsoft Windows. It
                offers a wide range of powerful features; all through an easy to use application interface and
                Windows Explorer integration.
7. Use an alternative to Windows
You may wish to use an alternative to Windows, in which case the Linux operating-system has undergone
remarkable development over the last few years. There are a huge number of distributions to choose from, to
cater for individual tastes.
(A distribution is the Linux operating system package for customers. It includes the Linux kernel, essential
operating system components from the GNU Project, an installation program, various open source utilities
and applications, documentation and may include technical support.)
Many of these distributions are available as "Live CDs" whereby you can download a CD from the internet,
boot your computer from the CD and try Linux without having any impact your current Windows installation.
You can install Linux such that you can "dual-boot", whereby you choose whether to run Linux or Windows
each time you boot your computer. Linux is capable of reading data from your Windows hard-disk.
Best of all, Linux is free!.
Some of the most popular distributions are :
Ubuntu
     Currently the world's most popular distribution, Ubuntu is an operating system built by a worldwide
     team of expert developers. It contains all the applications you need: a web browser, office suite, media
     apps, instant messaging and much more.
     Ubuntu is an open-source alternative to Windows and Office.
Fedora Project
     Fedora is a Linux-based operating system that showcases the latest in free and open source software.
     Fedora is always free for anyone to use, modify, and distribute. It is built by people across the globe
     who work together as a community: the Fedora Project. The Fedora Project is open and anyone is
     welcome to join.
     The Fedora Project is out front for you, leading the advancement of free, open software and content.
openSUSE
     OpenSUSE is a free and Linux-based operating system for your PC, Laptop or Server. You can surf
     the web, manage your e-mails and photos, do office work, play videos or music and have a lot of fun!

If you'd like to see some other alternatives, visit DistroWatch.com a website with information about the
thousands of available distributions and packages.
If you've any questions, or would like a demonstration, please fill in our Contact Form, or contact us via e-
mail.
You can also read
Next part ... Cancel