Keeping XP Safe

[ChibiDusk]

So I've installed XP, turned on it's updates and firewall, and made sure everything - EVERYTHING - has the latest hotifxes and whatnot. I've installed Spybot and Ad-aware, and I am running both of their background processes continually.

What else is reccomended to keep XP safe? Virus software... but which? I don't mind the price, I just want the best performance. I can't afford getting infected.

PS. Is spybot and ad-aware needed together? Or can I simply uninstall one. I've heard that the two work amazing together so opted for that.

[shiro83]

I have been using AVG as my antivirus for a few years.
Works great and it is free.

You can have multiple antispyware programs but you cannot have multiple antivirus programs. They will conflict with each other.

[grey_moon]

Quote:

Originally Posted by shiroitenshi83

You can have multiple antispyware programs but you cannot have multiple antivirus programs. They will conflict with each other.

I'd like to expand on that a little....

What shiroitenshi83 says about not having multiple antivirus programs is very true, but in the case of "on-access" scanners. These are AV programs which are constantly running and will scan a file when you access them.

You most probably can install more then one, but you will either slow down your system via conflicts and leave your PC mostly unprotected as the two programs fight each other.

Now I would say the same thing for on-access anti-spyware programs unless they have been designed to work with others.

One example is the rock solid Ewido which is a anti-trojan program which has been brought and re-badged to be AVG anti-spyware. This program is designed to hunt and remove trojans (and now spyware), but it is specifically designed to compliment other programs.

http://www.ewido.net/en/compatibility/

Basically if a program says it is compatible with others then I would feel safe to use it. If not and it is an on-access type, then I would only run one type of them.

Keeping my XP safe.

Firewall

Always have a firewall on. The basic XP firewall is adequate if you are behind a router, but if you are directly plugged into the internet (the modem is plugged into your PC) then I would suggest upgrading your firewall. Even though software firewalls in XP never going to be safe as a router they have features that can stealth you by dropping packets, or immediately warn you of an attack.

My current favourite is Outpost Pro (FW only edition)

Viruses

Anti-virus programs in XP are a must, even if you practice safe browsing you may get compromised by a 0day attack where the malware exploits a bug that bypasses your safe practices.

My choices

On-access scanner - Nod32
Backup on-demand scanners - ClamAV + McAfee Stinger

I've used AVG Free for several years quite happily.

Spy-ware
Lots of applications have some form of anti-spyware (eg. Outpost Pro), and you are running some yourself. The most important thing is to not get compromised in the first place. Use Spybot's immunise features. Use preventative programs such as:

Spyware blaster

http://www.javacoolsoftware.com/spywareblaster.html

Consider changing your browser to one that is less exploited such as Firefox with plugins or opera (check out cat's excellent thread on optimising it)

http://forums.animesuki.com/showthread.php?t=53164

Practice safe browsing (AKA good user habits)

By patching you already are following one of the main rules , but make sure you keep it patched

By changing browsers you are also doing this as IE by its very nature is a unsafe program. You can theoretically categorise applications into two main camps. Dirty applications which access sources outside of your control (eg web browser and the internet) and clean applications that only access resources that you are sure about. Sure there are some that mix this such as Word access html links . Anyway a dirty application should always be run with as little rights as possible, so IE being heavily integrated into the core system is a no no. Anyway even by using FF or Opera it is not much better as most XP users run with admin rights. I know I do as it is hell otherwise.

Make sure you scan stuff you download even if it is from a friend.

Consider using a sandboxing technology to minimise any impact if you are compromised.

The free version of sandboxie is adequate and light enough for testing unsure small files (make sure you don't rely on it by scanning the file first). I wouldn't test full blown applications with it, but in that scenario I would use a virtual machine such as VMware.

http://www.sandboxie.com/

If possible run with as little rights as possible. You may notice that if you install eMule it creates its own user that runs as a user. This means that if it is compromised it should only affect areas that it has rights to. In real life its a little more complicated then that and certain attacks can give full rights to an attacker

That is all from the top of my head. Safe computing

[Calawain]

Quote:

Originally Posted by ChibiDusk

So I've installed XP, turned on it's updates and firewall, and made sure everything - EVERYTHING - has the latest hotifxes and whatnot. I've installed Spybot and Ad-aware, and I am running both of their background processes continually.

What else is reccomended to keep XP safe? Virus software... but which? I don't mind the price, I just want the best performance. I can't afford getting infected.

PS. Is spybot and ad-aware needed together? Or can I simply uninstall one. I've heard that the two work amazing together so opted for that.

Spybot and Ad-aware can and should be used together. Occasionally I find that one picks up something that the other does not. As the previous poster said definitely take advantage of Spybot's immunize feature and keep it updated, prevention is the best way to avoid problems.

I will also second the recommendations for AVG, I personally enjoy using it because I don't like how Norton is a resource hog and heavy kernel violator. Also, it being free helps a lot. However, if you have money to blow the Norton suites are very good at protection, I'll give them that. But they do tend to lower overall performance because of the resources they take up.

And I will also second the fact that if you don't use a router that you really want a firewall. ZoneAlarm is good, the Norton one is decent. With a router though, windows firewall is enough.

[ShadowVlican]

AVGFree has a lot of false positives (clean with NOD32, but infected with AVGFree)

but what would keep you most safe is what grey_moon mentioned: Practice safe browsing (AKA good user habits)

quit opening unknown emails, browsing unknown sites, dealing with warez or P2P... and even a fresh install of windows without all the extra security crap would be adequate



or you can use ubuntu linux.

[Dkong1026]

Browsers:
Use Firefox. My dad and sister used to be avid IE users until my sister ran into a bunch of spyware that ultimately led to having to wipe the harddrive on our computer and do a fresh install of Windows. Since I've forced them to use Firefox only, we've had absolutely no problems.
Hell, you don't even need to use Firefox. Just don't use IE.

Anti Spyware
I've been using spybot search and destroy and ad aware and it's been fine for me. All in all, using spybot on its own is probably good enough unless you suspect you have spyware.

Antivirus
I've been using Antivir free edition ever since I reinstalled windows. It's working great.

[hobbes_fan]

A useful tool to have is Hijack This! in conjunction with Spybot and Adaware. It's not a tool for the novice though but it comes in useful when things go bad. I also clean my cache/registry/temporary internet files using CCleaner, I also use this for secure deletion of items using NSA (7pass) standard deletion as I handle some sensitive docs.

Personally I use he following (all free some require online activation)
Comodo Firewall
Avast Anti Virus
Lavasoft Adaware
Spybot
CCleaner
Hijack this!

Also I'm fortunate enough to have 3 pc's. I use my laptop for p2p/work and my HTPC for playback. These never come into contact with the 3rd pc, which is where I do my ebaying/banking/secure transactions.

I tend not to mess around with trojans. tracking cookies etc not an issue, but trojans/keyloggers etc, I've always done a complete reinstall of the o/s (happened twice since 2000). I just don't feel comfortable using a PC hat's been compromised.

[SeijiSensei]

Let me second grey_moon's suggestion about running as a user with limited rights.

By default, users on Windows versions though XP are automatically granted administrator rights when created. This is an enormous violation of good security policies that reflects Windows roots in single-user DOS systems and a general Microsoft preference for convenience over security.

Go to Control Panel > User Accounts (I think that's what it's called) and turn off administrative rights for any accounts other than the Administrator account (and give that account a password if others besides you might be using the computer). This simple step prohibits malware from writing to system areas on your drive.

You may find that a few badly-written programs won't run without admin rights. You can use the Run As feature to run these programs as Administrator if you need them. You'll also need to run as Admin to install software. Most of the time you shouldn't notice any difference in your Windows experience running as an ordinary user.

[grey_moon]

Quote:

Originally Posted by SeijiSensei

You may find that a few badly-written programs won't run without admin rights. You can use the Run As feature to run these programs as Administrator if you need them. You'll also need to run as Admin to install software. Most of the time you shouldn't notice any difference in your Windows experience running as an ordinary user.

One of those is Office 2k3, but if you hunt around you can find which areas you need to grant rights to your user, but I believe it is one of the main windows directories , not too sure if its fixed in 2k7

[SeijiSensei]

Quote:

Originally Posted by grey_moon

One of those is Office 2k3

Yet another good reason to use OpenOffice!

[ChibiDusk]

Wow, really excellent replies! A special thanks to grey_moon; easy to follow and well expliained!

I am behind a router, running the XP firewall, immunize with spybot frequently, scan with ad-aware frequently, and will be looking into AVG and NOD32. I also upgraded to Firefox.

Thanks for all the help.

[Calawain]

Sounds like you will be just fine then. Just have to make sure you scan every 2 weeks or so and practice good browsing and downloading habits.

[monster]

As far as just security is concerned, is there any difference between non-administrative and guest accounts?

[TakutoKun]

Here is an article by Microsoft on the types of accounts:

Types of user accounts

There are two types of user accounts available on your computer: computer administrator and limited. The guest account is available by default for users with no assigned account on the computer.

Computer administrator account

The computer administrator account is intended for someone who can make systemwide changes to the computer, install software, and access all non-private files on the computer. Only a user with a computer administrator account has full access to other user accounts on the computer. A user with a computer administrator account:
•

Can create and delete user accounts on the computer.
•

Can change other users' account names, pictures, passwords, and account types.
•

Cannot change his or her own account type to limited unless there is at least one other user with a computer administrator account. This ensures that there is always at least one user with a computer administrator account on the computer.
•

Can manage his or her network passwords, create a reset password disk, and set up his or her account to use a .NET Passport.

Limited account

The limited account is intended for someone who should be prohibited from changing most computer settings and deleting important files. A user with a limited account:
•

Generally cannot install software or hardware, but can access programs that have already been installed on the computer.
•

Can change his or her account picture and can also create, change, or delete his or her password.
•

Cannot change his or her account name or account type. A user with a computer administrator account must make these kinds of changes.
•

Can manage his or her network passwords, create a reset password disk, and set up his or her account to use a .NET Passport.

Note
•

Some programs might not work properly for users with limited accounts. If so, change the user's account type to computer administrator, either temporarily or permanently.

Guest account

The guest account is intended for use by someone who has no user account on the computer. There is no password for the guest account, so the user can log on quickly to check e-mail or browse the Internet. A user logged on to the guest account:
•

Cannot install software or hardware, but can access applications that have already been installed on the computer.
•

Cannot change the guest account type.
•

Can change the guest account picture.
Top of pageTop of page

Note
•

You might see an account with the name "Owner" when you first log on. The owner account, with computer administrator privileges, is created during installation if no user accounts are set up at that time. You can rename this account with a user's name.

http://www.microsoft.com/resources/d....mspx?mfr=true

[monster]

So practically no, that's good, thanks.

[Hiei-]

- Browser : Opera

- Sypwares Scanners : Spybot - Search & Destroy & Ad-Aware SE Personal (even if there seems to be useless now, because since I switched from Internet Explorer to Opera, never got some bad things like I did before)

- AV Program : Nod32, blocked some things that some others program of my friends didn't (which motivated them to change for Nod32 and the On-Acess scanner of Nod32 don't really slow down the PC much than without it. I have a AMD 1.5 Ghz, 512 MB of RAM, so a crappy computer lol, and it works like a charm with the scanner running everytime.

[Dkong1026]

All in all, regarding browsers, it really doesn't matter what you use, just so long as it isn't IE or Safari for Windows (cause who knows how many security issues arise from using a freaking mac browser on Windows).

[Claies]

AVG Anti-virus would be a good bet.

You should remember that those scanners are for catching things that went past your barriers and had activated, and by that time they would have been living in your computer for a while. Scanners are public police, not customs agents. As everyone here has said already, follow good browsing habits, leave stuff that you aren't sure of untouched.

For Firefox, I recommend that you get the AdBlock-Plus add-on, which can give you a great edge against banner ads and popups. Scan your computer about once a week or two - you don't have to go paranoid about it. Just scan when you have the free time to. If the updating process doesn't take long or isn't too intrusive, try letting your security apps do that automatically. If they are, then just remember to hit update right before your habitual scan. No biggie.

You're good to go.

[Aoie_Emesai]

Quote:

Originally Posted by ChibiDusk

So I've installed XP, turned on it's updates and firewall, and made sure everything - EVERYTHING - has the latest hotifxes and whatnot. I've installed Spybot and Ad-aware, and I am running both of their background processes continually.

What else is reccomended to keep XP safe? Virus software... but which? I don't mind the price, I just want the best performance. I can't afford getting infected.

PS. Is spybot and ad-aware needed together? Or can I simply uninstall one. I've heard that the two work amazing together so opted for that.

I start by keeping as little program as I can on my computer, espically those i've downloaded. Of course If you do what I do, I partition my drives so I have just really 2 kind:

*Programs
*Storage

If I ever have a virus, i'll just format the program drive and reinstall windows again ^_^.

Personally I don't find having serveral virus protecter to work well, so I just keep McAfee.

[KiNA]

Question regarding Spybot SD, is there a way to manually add a process to block list? I have 1 stupid process starting by itself Rule cake program.exe .. Then after a while, there's several other process running. These all showed up on task manager and easily end, but its a hassle every so often. Luckily, this comp is not use for all my official stuff, but seriously pissed me off when I noticed this problem starts to happened.

Barring that, is there other programme to use to clean what adaware and spybot SD missed (preferably free as software price in Malaysia are highly ridiculous) ? I used BitDefender free edition as my AV.