XP Maximized: Print This

XP Maximized: Fighting Spyware, Viruses, & Malware

As the old saying goes: "eternal vigilance is the price of liberty" (Wendell Phillips, 1852).

Understanding the threat and putting it into perspective.

BBC reporter, Spencer Kelly met up with a reformed ex-hacker Jacques Erasmus, who gave him a demonstration of just how much damage a worm or virus can do to your home computer.

The hacker wanted to show Mr. Kelly just how risky it is to connect an unprotected PC to the 'net.

They set up a poor Windows XP machine with no firewall or anti-virus software. How long would it be before we were hit by something nasty on the net? Hours, minutes?

As it turned out - eight seconds!

[BBC World Hack Attack Article]

They were hit by Sasser, one of the fastest spreading worms on the 'net, and it wasted no time at all in taking over their PC. Within seconds of infection, their PC started downloading strange programs, or payloads, from mysterious Internet addresses. These payloads are the programs that can take control of your machine and turn it into a remote controlled bot.

Then their machine started scanning random Internet addresses, looking for other vulnerable PCs to infect. Then Internet Explorer started downloading spyware. Within 5 minutes their PC was running so many malicious programs, that the CPU was running flat-out at 100% - and they weren't even touching it.

Is it important to protect your PC? You betcha!!!!!!!!

Reality...

Current level of thinking indicates that if you do not have a spyware, virus, and malware plan, you will be part of someone else's spyware, virus, and malware plan (attack).

Practicing safe computing means keeping up with current threats and vulnerabilities.

In order of priority:

First order of business - Scan your PC.

Scanning Software

Spybot
Ad-Aware
Microsoft Malicious Software Removal Tool
Online version of Micrsoft's tool
Trend Micro Free Online Virus Scan - Housecall

Then - Once you have scanned for spyware, viruses, and malware and you are reasonably sure that you are "clean" it's important to next establish what is normal for your PC. This is called baselining and it provides you with a snapshot of what's normal for your PC.

What's "Normal" for your PC?

Find out by performing Baseline tests.

1. Find out what processes are running and active right after startup.

How to take a process inventory on a Windows XP machine.

- Right-click the task bar and select Task Manager from the pop-up window.
- Click the the Processes tab to see a list of processes running on your PC.
- It's important to get a copy of this and the easiest way to do it is record it to a file. Do this right after startup. Here's how to record this list to a file.

Windows has a built-in tasklist command that makes the job easy.

a. Open a Command Prompt window by choosing Start>Run, typing cmd (or cmd.exe, if you prefer) in the Open text field of the Run dialog box, and then clicking OK to execute those instructions.

b. To see a list of active processes on your system, type tasklist at the command prompt. You can sort the process names alphabetically by typing tasklist /nh | sort (this drops the column headings from the output and then sends the resulting process names and info to a sort utility to sort them in descending alphabetical order by process name).

c. At the command prompt, type tasklist > C:\tasklist-yymmdd.txt, where you substitute two-digit values for year for yy, month for mm, and day for dd. This creates a file for the date you ran your list. This command writes the output to the root of the C:\ drive. If you follow those instructions exactly, you may want to move that file somewhere else so you can find it more easily at another time.

d. Type exit at the command line or click the x-shaped close control in the upper right-hand corner of the command window to close this window.

==============================================

For a more accurate overview of your system process we recommend downloading and using a program called Process Explorer.

Windows Task Manager tells you what applications and processes are running, but some process names aren't very clear to the casual reader. Process Explorer helps you get to the bottom of things by digging down to see which application started a process and which resources that app is currently using. This excavation can be a big help when you're trying to figure out which background processes you dare shut down. It can even help sniff out spyware, too.

[Download Process Explorer]

What's on your list? - Interpreting what you see. (Don't be frighted by this list! It's a list of common process definitions)

So what do all these abbreviations stand for anyway?

You can find out here - Task List Programs

Or here - Tasklist.org

===============================

2. Baseline Timing:

Baseline timing is you sitting there with a time piece that has a second hand. This is a sequence of timing tests to establish baseling processing times for different system functions.

- Normal startup time (cold boot)—Start timing as soon as you turn on the power to your PC and stop when the Windows login prompt appears (if applicable), or when the booting process has completed (if not).

- Normal restart time (warm boot)—Restart Windows XP (Start Menu >Turn Off Computer and then click the Restart button) and start timing simultaneously; stop timing when the Windows login prompt appears (if applicable), or when the booting process has completed (if not).

- Start time for commonly used applications—These might include Office components, Internet Explorer (or whatever Web browser you use), and other applications that take at least a short time to launch (to give you enough time to have something to measure). Launch them from the Start Menu >All Programs menu sequence and start timing as you click the application name on its pop-up menu. Stop timing when the application is ready for your input.

Bottom Line: By comparing your baseline timings with those taken at another time, you'll be able to tell if your machine is running more slowly than usual or not.

Now What?

FREE Antivirus Software...

The best (as far as we're concerned) free antivirus is:

The FREE AVG software http://free.grisoft.com

Another recommended FREE Antivirus product is the Avast Home Edition available at: http://www.avast.com

FREE FireWall...

There is a Firewall capability within Windows XP. However you may want to consider something with a little more punch for your PC. Here are 3 FREE FireWall software programs we recommend:

- Zone Alarm
- Kerio Personal Firewall
- Sygate Personal Firewall

How to test your Firewall

Windows XP Updates

Quick ways to find out about the very latest Internet Security and Windows XP Updates...

When you install Windows XP it IS NOT up to date with the latest security patches and critical updates. use the following information to improve YOUR Internet Security today!

The Windows XP Update service.

As soon as security updates are released by Microsoft, they are available on Windows Update. When you connect to the Internet, Windows Update scans your system and alerts you via Windows Messenger. You can then download and install the updates. Click Here

Automatic XP Updates.

For a quick and easy security solution, you can automate the download and installation of updates from Windows Update. Windows XP install them without interrupting you. How to enable automatic updates
in Windows XP Professional or Windows XP Home Edition.

We CAN NOT emphasize enough the importance of keeping your PC up to date with the latest security releases...

http://www.xpmaximized.com