TMHome

Auctions

Automotive

Business

Camping

Computer & Internet

Coupons, Freebies, Sweepstakes, etc

EBooks

Food

Gardening & Outdoor Tips

Household

Investments

Job Search

Legal

Money & Financial

Miscellaneous

Personal

Public Speaking

Pets

Safety

Scripophily

Shopping

Sports

Storage

Taxes

Travel

Articles

Books

Conversion Tables

Quotes

Message Board

Tales of Thrift

 

5 Steps to Make Your PC Secure

Cool Computer Stuff

 

 

 

 

Spyware, Adware &

Malware Protection

Thrift Meister's tips on how to protect your PC from the darkside of the cyber world. Being thrifty, of course, these are solutions that for the most part are free; however, money spend that effectively does its job protecting your PC is money well spent.

Malware continue to evolve and so must your PC's defenses. These days the biggest threat comes not just from old fashion spyware and adware though it is till around and to be dealt with--today you have to stop keyloggers and rootkits before they get on your system.

Here are a few great new tools to protect yourself while surfing the web. The first is called DropMyRights (see number 11.b. below for detailed instructions on setting it up). This program lets you run your web browser through it and strip out the admin rights which malware can use to load programs, start Active-X, and otherwise infiltrate your PC through the web browser. Start using this today!

Also consider Bufferzone which creates a virtual shell for your browser to search the net so that your hard drive never goes up against the net. Malware gets halted at the virtual layer and doesn't get in your PC. There is a free version for individual users.

Snoopfree Privacy Shield is designed to stop keyloggers from getting on your PC. Its free and works well. Also along these lines use KeyScrambler to encrypt your key strokes when you are typing in passwords.

And the ultimate safe way, and still free, to surf the web for those with the resources to run it is VMWare's Browser Application which creates a virtual window to run a Ubuntu Linux Firefox browser. Hence you are surfing in a virtual Linux machine totally separate from your Windows PC underneath. See number 14 below for the info and links!

Are you getting Pop-ups on your screen all the time apparently for no reason, does your PC run slower for no apparent reason, when you right click on the start button and click Explore does it take what seems like forever to get your folder view to come up? Has your home page changed? Have new tool bars shown up on your browser? Are you experiencing unexplained, frequent, modem traffic? You have a spyware infection.

This means that ne'r-do-wells have been putting little pieces of computer code on your PC's hard drive (there will be a law one day) without your knowing it and they track your browsing and spy on your web searches to see what your interests might be and based on that send you a popup screen advertising something they hope you will buy--and those are the nice ones. The ugly ones change your homepage--known as homepage hijacking, change your favorites list, and block you from going to sites that provide the applications to remove the spyware. The really nasty ones can steal your identity, credit card numbers, or bank account ID and password then steal your money.

Therefore it is imperative that you take steps to protect yourself from spyware.

The Thrift Meister uses a multi-dimensional or what some people call a layered approach to PC security. With a combination of these tools you can tie your PC down pretty good and tight--unfortunately nothing free or paid is going to be 100% secure. To do the job right you need a combination of firewalls, virus protection software (although that won't help you stop spyware), pop-up protection, an application or two to clean your system of spywear, a little tinkering with you browser settings, and making sure you keep everything up to date and that starts with the Microsoft security protection updates if you are running a Microsoft operating system.

Note: All unwanted visitors to your hard drive whether they be spyware, adware, or something else are collectively called Malware--from the words "malicious software."

Layer 1.a In your defense is to configure your PC settings to prevent malware from gaining easy entry to your system. Since much of the malware out there today is designed specifically to attack Microsoft applications--their web browser (Internet Explorer) and email (Outlook)--a good start is to use something different. There are a number of email programs you can use instead of Outlook. One choice is Netscapes. An up and coming browser to use is Mozilla's FireFox browser which doesn't rely on Active X controls so isn't vulnerable to compromise via the Active X controls.

FireFox is a solid, open source browser with all the usual features and nice extras like tabbed browsing and RSS. FireFox has been well received and its creators have been pretty quick to respond to any discovered vulnerabilities in its coding with a patch or upgrade to secure the integrity of the browser. FireFox is rapidly increasingly in popularity and makers of other applications such as spyware removers are designing their applications to be compatible with it. Also get the adblocker add in for FireFox. Mozilla also designined another email application called Thunderbird which is a full featured email application and appears a solid alternative to Outlook.

Avoiding some problems is as simple as switching to another browser or email application; however, while a solid first step and one you should strongly consider this alone won't solve all your malware vulnerabilities.

If you do decide to continue to use IE as your primary browser consider using a different one when doing such actions as online banking or other places where you are working with personal financial data. If you continue to use IE in any capacity then adjust your settings to minimize your vulnerabilities.

Layer 1.b Firefox doesn't use Active X so this is not a problem there, but for times when you do need to use Microsoft IE then to disable the Active X controls for the internet go to Tools, internet options, security, click internet, custom level then put the radio button by disable. Most of the time you won't know the difference, there are a few sites that you need Active X for the site to function properly. In those case you can change your settings while you visit that site then disable them again.

Clicking on a Pop-up is a high-risk proposition--a real good way to get malware installed on your PC. If you see a Pop-up always close it by clicking on the x in the upper right hand corner-never click inside main body of the Pop-up. Better yet stop Pop-ups with Firefox. Use the build in Pop-up blocker, use the adblocker extension and for those little pesk who still get through by using javascript techniques click on tools-options-web features-advanced and uncheck everything except change images. If you do these three things you will pretty much eliminate all your external Pop-up problems.

Layer 1.c  Is to make sure you have your Microsoft security patches up to date. They issue new ones every week or so and it is imperative to stay current. When they announce a patch it seems to sound an alarm for malware writers where the weaknesses are and a few weeks later someone releases a malware designed to take advantage of that weakness. Those who haven't updated their security patches are asking for a malware.

Test your browser for vulnerabilities at http://bcheck.scanit.be/bcheck/ This is a dandy site which will run a scan against your browser for various security vulnerabilities. Free and quick. Do it! You can also do antivirus, spyware, privacy and other various scans on your PC at PC Pit Stop.

Layer 2 If you have a cable modem or DSL connection then you have a constant connection to the internet which means you are vulnerable all the time you have the PC on, not just when you are surfing the net. This means you need a router (Linksys make good routers for this purpose, but other brands work too) between your PC and the cable modem to serve as a firewall. These days you can buy routers with firewalls build in to them.

Layer 3 The next layer of defense is to run a personal firewall on your PC. Two of the best are Sunbelt-Kerio-Persnnal-Firewall and Zone Alarm. When you install a personal firewall go to your web browser and type in something like "firewall test" and you will find several sites where you can test your firewall to see if your system is secure. You also need to test it to make sure there are no "leaks" that is make sure that not only do you need to make sure no one on the outside can get in--but you also have to make sure that no applications running on your PC can contact the outside world without your permission. You can see a test of the leading firewalls at Sysopt..

Layer 4.a The next step is to run a virus protection program. There are the better known paid for programs and a few that are free. Avast is a free anti-virus program which gets excellent reviews in CNET and other user review forums. It doesn't use as much memory as some of the better known programs and most important of all they provide updates to the pattern file several times a week. It can even do the updates automatically for you.

Avast is a free anti-virus program which gets some of the better reviews for a free anti-spware program at CNET and other user review forums. It doesn't use as much memory as some of the better known programs and most important of all they provide updates to the pattern file several times a week.

You also need to consider specific protection designed to protect against Trojans--which all anti-virus software won't detect or clean. Trojans are executable programs which usually run silently, can be aggressive and can be very troublesome--doing such things as recording keystrokes. A-squared free has a free anti-trojan program (and a paid for version which does more) which checks for thousands of malwares and they keep adding to the list of the little trouble makers they can identify. They are a good compliment to your anti-malware arsenal.

Spyware and adware are different critters than traditional computer viruses and are not usually detected by virus protection software.

Layer 4.b The spyware and adware sections of the malware spectrum are where you get pop ups, where people track your web surfing travels to send you ads, and where your homepage gets hijacked, but they can also capture your key strokes and harvest personal financial data such as checking account and credit card numbers and social security numbers. There are a number of tools designed to fight these malwares. No one by itself will be sufficient, but used together they form a pretty good wall of protection at this layer.

The Firefox web browser has a built in popup blocker which is good popup protection and when used in conjunction with the ad block extension for Firefox makes for solid pop-up blocker protection.You can get further protection by making adjustments to your host file (see below) and using pop up blocker programs as are found on cnet.com's web site.

The free anti-virus programs haven't kept up with the times over the last couple of years if you go by the ratings at such places like CNET. You really need to invest $30 or so and get something like Spyware Doctor or Webroot Spy Sweeper. Don't feel you have to use every feature they offer if you have other malware protection in place they can sometimes cause conflicts with their guard features, but at least use their daily spyware scans.

Since no program paid or free is perfect it is a good idea to compliment your paid program with a free one or two. Spybot Search & Destroy and Ad-Aware SE Personal Edition are both designed to find spyware on your PC and clean it off. Neither will find everything by itself, but if you keep their pattern files updated with the current versions, between them they do a good job of looking for what the paid programs might miss. Super AntiSpyware is free and also a good compliment to a paid program.

In addition to the spyware scans which you do with programs you download such as Spybot and Ad-Aware about once a month it is good to use one of the online scanners offered by several venders. Trendo Micro offers Housecall. Go to their site and go through the online scan. Another is Symantec's Security Check. These are the security heavy weights so it is good to scan your system against their databases of malware. Use one then try the other and even try some online scans provided by other vendors..

Along those same lines you can also download McAfee Stinger to your PC which is a quick scanning tool to check your PC for malware. Its drawback is it is designed for one time use--you can actually use it more than one time--but you can't update it. You would have to go back to McAfee's web site and download it again after they have updated it. But it is fast, produced by a major anti-spyware vendor and worth using at times just to get a scan from a different source than where you have been getting them.

Another very powerful and free tool to detect malware on your system is Hijackthis. This tool looks through your PC to find things it considers to be out of the ordinary so along with detecting most malware it usually detects a lot of legitimate processes and files that could hurt your PC if you remove them. In short, if you are not a PC professional you will need help to use Hijackthis. You run Hijackthis and save the output to a text file and post it on one of various web sites (one such site is www.geekstogo.com )where volunteers read the file to decipher what needs to go and what needs to stay. Now there is also a site where you can post the contents and just click analyze and get the results automatically by following this link   Again, caution is the word here, Hijackthis is a powerful tool in the right hands and dangerous to yourself if you just start deleting things without knowing what to fix.

Layer 4.cWhile the above mentioned anti-spyware programs are designed to detect and destroy malware, Spyblaster is designed to guard your PC and not let spyware load itself on it in the first place. Cyber immunization. Javacool also makes Spyguard 2.2 which scans all files as your PC begins to open them and compares them to a data base of known malware. It alerts you if if finds malware, stops it from opening, and gives you the option to open it or not. This is real time protection which is great, but it can cause conflicts with other programs. The only way to know is to test run it and see you have any problems with it.

Layer 5 The next layer should be a series of tactical defenses designed to tweak your system and make it harder for malwae to infect it. A good program to monitor what applications start-up automatically when you start your PC is Winpatrol. Some spyware is set to start automatically upon start-up and Winpatrol will let you keep a handle on what starts up, what is running and when changes are made to your system and can allow you to shut down any pest.

1-2 Combination: Really make these programs compliment one another. When you find a tracking cookie with one of your anti-spyware or anti-adware programs put its name in the nuts section of WinPatrol--that way it will automatically remove it if it gets on your system again.

All of these layers are free-ware except for the router and a top flight anti-virus program.

That is the strength of the programs they are great compliments to one another and need the support of each other--none by themself would do the job. Together, if you keep them up to date they do a good job of hardening your PC defenses and keeping out malware.

In addition to these layers there are some other tools you can use to fight off the malware of the world. Again, these tools and tweaks are free, but can be quite effective in the on going global struggle against malware. Consider them an extension of layer 5 the tactical defenses which can add a critical element to your defenses. Consider them all and pick and choose among them to find the ones which work best in your situation.

Additional Tools to Fight Malware

1. The Host file Your PC looks in its host file to find the IP address of web sites you go to. The host file reconciles what are known as DNS names to IP address's. For example when you type in www.yahoo.com your PC looks up the IP address and takes you to that sight, if the information is not in your host file it looks in the DNS servers of your ISP for the IP address. Knowing this you can often use the host file to prevent communication between a malware which got on your PC with its home servers to dish up an add or do something else to your PC. If you are using Windows XP you can find the host file in the C:\windows\system32\drivers\etc folder. There is no extension on the file it is just called hosts. Be sure not to put an extension on it if you open it. Open it with notepad. You can control where your PC goes when it looks for a DNS name by putting 127.0.0.1 which is your own PC in front of any DNS name you don't want the PC to communicate with (or in most cases it works, a few malwares direct the lookup to its own servers). A line in the host file would look like

127.0.0.1  malware name here  #you can put comments after the "#" symbol

for example Yahoo would look like

216.109.118.65   www.Yahoo.com

You can go to your DOS prompt by start--run--typing command--click ok

Then type in netstat -a to see all connections to your PC. If your not familiar with reading the response you get you will have to do some research on the net to learn how to use the info to determine which DNS names need to be stopped by referring them to your on PC with the 127.0.0.1 address.

This is free and effective and you can even get pre-build host files from different providers with the known DNS names of malwares redirected for you. One can be got from Spybot (link listed above).

You can also use the hosts file as a last resort to stop popups that get through your popup protection. Check to see where the popup is coming from (right click it and look for the DNS name under properties) then make an entry for it in your hosts file and link the DNS name you find to 127.0.0.1

Protect your host file by making it "read only."  You will have to change it back if you want to make any changes to it, but that is a small price to pay to prevent it from being changed by malware which is designed to alter it.

2. The Messenger Service You can disable Windows Messenger service if you have a stand alone PC. This is a service which is of some value to people on a network that want to send popup messages to one another, but if you are not on a network then you don't lose anything from disabling it and you can keep certain pop ups from getting to you that use this form of attack. An individual PC connected to the internet is a good candidate for disabling this service. All a spammer needs is your IP address and if you are not behind a fire wall and running Windows Messenger service then he can send you popup ads at will. If you have a DSL or cable modem where you are connected to the net all the time even when you aren't surfing the net or don't have a browser open they can still send you pop-ups. To disable it in Windows XP go to Start--control panel (make sure you are using classic view)--administrative tools--services and under the startup column disable the Messenger service.

3. XP-ANTISPY: Is a package of various tools which handle various Windows settings for you to safeguard your PC from assault such as turning off Windows Messenger, automatic updates, Active X, and various other services and settings that can be turned against you. Its a nice selection of security measures you can do from one menu and you can pick and choose the selections you want; however if you aren't sure what you are turning off you should get assistance before disabling a function.

4. Delete Executable Programs This little trick can be used after you have run your spyware removal programs to search for anything they may have missed. Check in your C:\windows folder (that is a good place to check, but not necessarily the only place they can be located to see if you have any executable files (they are the ones with the .exe extension) that have "ad" in the name somewhere. Of course they can be named other things, but surprisingly a lot of the time, do actually have ad in the name and they are some kind of spyware/adware malware designed to track and send ads to you. Delete them. Of course you need to be sure of what you are deleting here or you can mess something up you don't want to mess up. You can go to Google or another search engine and type in the name of a file and check it to see if it is known as any kind of malware, a Windows system file, or any other known info about it. You can get pertinent info about what many malwares do if they have been in the wild any time at all.

Make sure your Windows settings are set to view file extensions that way you can view files that have two extensions such as letter.doc.vbs--files with double extensions tend to be bad news and you want to see them if you are searching your folders for malware or inspecting email attachments. If you get such a file as an email attachment just don't open it. Delete the entire email.

Set your web browser settings not to accept cookies from third parties and to delete cookies when the browser is closed. This will also keep cookies from building up in your system; however, it may cause you to have to type your user name and password in to some web based accounts you use.

The run32.dll file is a legitimate windows file which you need on your PC. It allows library files to run as applications. It should be located in the windows\system32 folder.

When you see rundll32.exe in task manager under processes it usually though (not always) means you have some kind of malware running on your PC. You definately want to get an anti-spyware program or two and run to check for spyware. It would be a good idea to stop the instances of rundll32.exe from running by clicking on end process in task manager (Ctrl-Alt-Delete then click on Task Manager and Processes) before you check for spyware as well. If the rundll32.exe is any place other than the windows\system32 folder it is some form of malware. It often shows up as malware in the windows folder, but can be other places as well.

When you are looking in processes and you are not sure if a process is malware or something that should be there one good resource to check with is answersthatwork then go to Task List and search for your process. They give a description of many processes you may encounter and a description of what that process is and if its not there then search for it's name on Google.

If a "non-Microsoft" .exe file is located in the C:\Windows or C:\Windows\System32 folder, then there is a high risk for it being some kind of malware. Be suspicious of it!

5. Think Before Clicking Plenty of malware problems and infestations can be avoided if you think before you click. Don't open email from people you don't know. If you do get a strange file from someone you do know, contact them first to make sure they are sending you email before opening it. Never open spam. If email preview is open in Outlook that alone can execute some viruses If you are in a usenet group and see a tempting topic to click on a picture--its a good bet there is a virus lurking there to be unleashed into your PC. It's an easy trick to engineer and it keeps giving old viruses a new lease on life.

Beware of what you download. Lot's of freebies have some sort of malware whether its an addition to your toolbar or a free program or game of some kind.

When you download a screensaver, free music, or smiley's is almost certain they will have some sort of spyware in them.

Be suspicious of any pop-up "error messages" or any pop-up that says "click here to close." Don't do it! Only click on the "X in the upper right hand corner. The click here ploy is the bait to get you do install some nasy malware. Never click anywhere inside the pop-up window itself; only click the red X in the top-right corner of the window to close the window.

6. Back-up Your critical operating system files and personal files in case you do become a victim of malware and need to restore either the operating system or personal files. Windows XP (and other versions) have built-in backup capabilities and there are numerous free and paid for utilities that will do the job as well.

7. Phishing Don't be the victim of a phishing attack. These are increasing in number and sophistication. If you get any emails asking you to update an account (often they say something to the effect that your account is about to be cancelled if you don't update your personal information) assume someone is trying to trick you into supplying personal information to them. Call the company to ask if they are really needing updates or if you feel you must check your account info to see if it is current then connect to their web site directly through your browser--never go to the web site by clicking on the email. There is an excellent chance the email will take you not to their real web site, but to a dummy site designed to look real and your personal info will be stolen when you submit it.

8. Password Security Using good passwords is important if you are doing online banking or using any account such as ebay or Amazon or anywhere else you are using your credit card. A simple password is ok for something such as getting access to the online edition of a newspaper for example, but where you are using important personal or financial data such as banking account numbes, social security numbers, or credit cards.

Today's powerful password cracking tools can crack simple passwords in as little as seconds sometimes and a few minutes is not unsual. You can make the password much harder to crack by using a combination of upper and lower case letters, numbers, and characters such as @, #, $, %, &. A web site called Securitystats.com will let you test out your skills at creating effective passwords and check it on line in a few seconds to tell you if a similar password would be easy or hard to crack.

9. File Encryption If you store important personal or financial data on your PC you can encrypt it with 128-bit Blowfish encryption for up to 25mb of space with a virtual drive created by Cryptainer LE. This version is free and a paid for version will let you store much more. Hopefully if you are doing all the other things correctly no malware will ever get on your PC to steal your personal data, but this serves as a good last line of defense and especially if you have other family members or friends on the PC who might not use all the precaution they should and let malware invade the PC this is good protection to have.

10. To get rid of some really strong malware you may need to boot up under safemode to run your spyware detection programs. Another trick which often works on the really nasty stuff is to check your running processes under task manager and stop any (there maybe several) instances of rundll32.exe which are running before you run your spyware detection programs.

CoolWebSearch is a tough piece of spyware that falls in the classification of very hard to remove from your PC once you get it. If you are protecting your PC with the tools and advice here you probably won't get it, but it is a good idea to keep CWShredder on hand just in case. Its purpose in life is to remove CoolWebSearch.

11. A. If you have kids and you want to create an extra measure of protection against malware while they are surfing the net or even for yourself or other family members create an account to use just when surfing the net. Name it "Internet" or some identifiable name. Only give it limited privileges don't give it admin privileges. When you set up a new account in Windows XP in user accounts in Control Panel selected limited privileges. This will prevent it from having the ability to install software on the system. That way if you are surfing and some malware wants to install software on the PC it won't be able to because the privileges of the user don't allow it and any malware attacking your system will only have the same level of privileges that the user has--limited. This alone won't protect you against all kinds of malware attacks, but it will stop software installations.

11. B. Here is a GREAT new tool to help keep you safe from malware while you are surfing and everybody should be using it. It's called DropMyRights (the linked site gives you very detailed instructions on loading the program and setting it up which is very simple). This program allows you to log into your admin account like you are probably use to doing so you can load programs and make whatever changes you want to and here is the great part--opening some programs with limited rights! This means you can open a web browser and surf the web and the browser can't be attacked to use as a means to install malware on your PC.

You install DropMyRights, then move its .exe file to another folder like, "c:\dropmyrights" for example. Then right-click on your desktop to create a new shortcut. In order to create a shortcut that loads the browser Firefox with limited rights,

c:\DropMyRights\DropMyRights.exe "c:\Program Files\Mozilla Firefox\firefox.exe."

When you launch Firefox with that shortcut, the DropMyRights program will give it the same permissions as if you were using a limited user account. You cannot install or run ActiveX if you use it with Microsoft's Internet Explorer. You can use it with any browser. This is a great way to protect yourself from malware attacks on your browser.

DropMyRights can be used with other programs like email applications to protect to you when they are launched through DropMyRights.

Even when you get the prompt to use Active X controls and try to allow it DropMyRights prevents it from working.

12. If you do online financial tranactions which involve bank accounts, buying and selling stocks, or use a credit card online then you need more protection than you can get from just scanning your PC with anti-spyware tools such as Spybot or Ad-aware or any of the others. These are fine if all you want to do is keep your pc safe from popups and keep it from running slow, but if you do financial transactions then you need more than protection which just hunts down known malware.

You need real time protection which means you need to do more work. You need to learn to use the tools at Sysinternals. These tools are free and will enable you to monitor your system for real-time protection and not wait till the spyware signature has been identified and put in a definition file you which you can download. By then it may be too late. At least use these tools: Process Explorer it will show you what processes are running on your PC at the present time. Autoruns: this will show you which programs start when you start-up your PC. TCPView it shows you which ports your PC has open. FileMon which lets you see all the activity on your system in real time (so if a keylogger was recording your keystrokes to the harddisk to it could email them to someone you could see that the interaction of the keylogger with the harddisk. Keyloggers are very tough to find so this program is pure gold from a security stand point). RootkitRevealer: Rootkits operate between the operating system and applications so traditional anti-spyware scans won't detect them. Rootkits are a relatively new and growing threat and you will need protection against them in the future. Again, this program is priceless from a security standpoint. Sysinternals has other applications and info making it one of the best sites on the internet for your online protection. If you do financial transactions online--learn to use these tools!

13. Its always good to have tools you can use to audit your system with to do your own searches for spyware in addition to the well known anti-spyware programs.

A good tool is free and you already have on your pc in the form of netstat. Go to start, run, type in CMD, ENTER which takes you to a DOS screen. Now. type in netstat -a (there is a space between the t and -a) which shows you which ports on your PC are open, that is what your PC's connections to other devices are. Do, netstat -an, and you also see addresses and port numbers. A detailed discussion of the netstat tool is beyond this web page, but you have 65000 possible ports or connections which can show up as either TCP or UPD ports.

The key for our purposes is to know a little about what these connections mean. For example, after you do netstat -an and see a line which says

TCP 2161    64.233.161.47:80

then you have port 2161 open and it is connecting to Google's IP address of 64.233.161.47 on their server's port 80.

The key to using this tool to detect spyware is the port number.

Ports 0 to 1023 Are well known and often used by legitimate applications and are low risk in terms of being used by malware. Not impossible, but relatively low risk.


Ports 1024 to 49151 Are used by both legitimate applications as well as some malware. Here is where further investigation is really needed.


Ports 49152 to 65535 High risk! Check out anything on these ports.

14. And now drum roll please...the tool which just doesn't give malware a fair chance..TA DA...Its VMWare's Browser Application! And, its totally free!

The many and various tools on this page will make most any PC safe especially if you use DropMyRights to run anything that touches the internet through it such as your web browsers and email application, for those who have the resources such as a 3.0GHz processor and oh maybe say 1 Gig or more of RAM then you can be 99.99% safe just by doing one thing instead of using so many different things to make the internet safe. So if you got the resources and you have highly sensitive data on your PC you need to keep safe or you have children or you want to set up web browsing capabilities for different users when you can't watch everybody all the time then using a virtual portal is the way to go. The virtual machine will interact with the web with Linux Ubuntu and a Linux based Firefox browser that is completely separate from your real underlying PC. This means no spyware can be loaded on your real PC. This virtual Linux setup should be safe from browser attacks, but even if something you don't like happens or just to be sure, discard all changes made between sessions--that's right just turn it off then back on to have a clean start! Now here's a quick and dirty on how to totally smack down the bad guys.

Go to VMWare site and down load VMWare-Player and install it. It runs good on Windows based operating systems (so you are running a virtual Linux window from Windows system--ain't that just cool). You also need to download their BrowserAppliance (these are huge files even though Browser Appliance is zipped hope you have a high speed connection--by dial up it will probably take all night to do it) and unzip it. Then save the unzipped files to a folder and start VMWare-Player and when it opens it will ask for a vmx file and point it to the folder where you saved the unzipped Browser Appliance files and open Browser Application.vmx. It will take a few minutes to start up the first time, but be faster after the first time. If your PC is already connected to the internet then it will automatically to it as well. It will probably slow other apps running down a little bit on your machine--after all you have a real operating system going and a virtual operating system hence you need the horses under to hood to make this work.

A few extra notes: VMWare Player will run on from 32 to 256 MB of RAM. To change the size open the Browser-Appliance.vmx file in notepad or text editor and change the "memsize = " line.

The VMPlayer runs it a separate window and can be minimized to the task bar like any other application, but do expect a little slow down in other applications. You can either power down or suspend the virtual player when shutting down VMWare Player.

Check the info out on VMWare's support page to see how to share files between the virtual PC and the real PC. Perhaps the easiest way is with a jump drive. Small amounts of data can be transferred from virtual to real PC by copying and pasting.

There is a whole lot more you can do with the virtual window when used in conjunction with VMWare's Virtual Machine Control such as install the beta version of Windows Vista, XP, Linux and on and on, but that is beyond the scope of this page. In fact, there all kinks of preconfigured virtual machines you can dowload and run from their site.

Click here to see specific fixes for various spyware

***IMPORTANT***

Use this precaution if you need to go to a friend or family member's PC and log into your sensitive personal accounts such as your bank account. Key loggers record strokes in sequence as you type them--therefore put in an incorrect character or two in your user name and password info then use the mouse to pick up the curser and position it back where the incorrect characters are and type over with correct characters (remember to disable insert by pressing the insert key one time or you will need to delete the incorrect characters as well). When you get home just as an added precaution change your password to any account you accessed while away. This will give you a measure of protection against key loggers picking up your user name and password and it falling into the wrong hands since they can't discern the mouse repositioning your the curser.

Finally--something to ponder--if you are at a friend's home and need to borrow their PC to do anything involving personal or financial information--ask them (and yourself) how clean is their PC from malware and what protection are they using. Further don't ever go to a public PC in a library, internet cafe, etc and put in personal or financial data you don't want others to know! If there is a key logger on that system it can record your key strokes and capture your personal data and email it to crooks anywhere in the world. There are several known instances of this happening and some unlucky victim having his bank account drained.

 

 

Maleware Definitions

       Virus: A computer program or piece of code that usually travels in other programs such as email, word processing or spreadsheet files that duplicates itself to infect other computers.

       Worm:Similar to a virus in that it replicates itself to infect other computers, but a worm doesn't have to travel in another program--it can send itself to other computers through port scanning such as the MSBlaster worm or by e-mailing copies of itself to people in an infected person's e-mail address book through Microsoft Outlook or Outlook Express. An example of such a worm would be the Melissa and LoveBug worms.

       Trojan: A trojan pretends to be one thing and is actually something different such as pretending to be a game and really being a program that will take control of the PC or record keystrokes to steal personal information. A trojan can't send itself like a virus or a worm it has to be invited in by such things as opening an email attachment, a game, a music file or starting a program of some kind.

      Phishing: Attacker tries to trick the victim into divulging personal information such as account user names, passwords, credit card info, social security numbers, etc. For example, the victim will receive an email requesting personal information be updated at a legitimate account they own and when they click on the email to take them to the site it appears to be the legitimate site, but is really one the attacker has designed to look like a legitimate site and allows the attacker to steal the info typed in by the victim.

 

 

 

Thrift Meister Bonus

  Check here for the latest information on virus alerts.

 

 

 

 

2nd Thrift Meister Bonus

Keeping up with all the Malware and security issues your PC faces everyday is too much for one person to ever keep track of it all. TM recommends you subscribe to a security related newsletter to keep current on security developments and dangers. Two free ones that you can sign up for can be found at the websites below are:

Firewall.com

Securitypipeline

 

 

 

 

TM's Tips to Secure you Wireless Home Network

(You may need to enable popups for the above spyware news tidbits to open for you. There is already so much info on this page TM wants to give you the option of whether to get more--that is the way a popup should be--at your discretion)


Click here for subscriptions as low as $3.99/year!

PC Magazine for only $19.97 a year-22 issues

1500 Magazines New or Renew--Best Prices you can get

(Prices subject to change)

Thrift Meister - Land of the Frugal and Home of the Thrifty

 

 

 

 

 

 

 

 

 

 

  Get Stock Quotes  

Enter city or US Zip

FREE Coupons!

 

 

To share your tips and suggestions with other vistors to this site click the Message Board link on the navigation panel on the left hand side and post your suggestions there. To send mail to the Thrift Meister click MAIL Thank you.

 

Copyright @ 2003 Thrift Meister. All rights reserved.
Thrift Meister not responsible for data, errors, actions, or content of listed companies. Please read full disclosure.
All trademarks or product names mentioned herein are the property of their respective owners.