Windows Security Guides

Antivirus and other security software help, but the real protection comes from your ability to assess your risk and take action accordingly.

If attackers compromise a company with which you do business, your own personal information may be at risk. Here's why you should be concerned and how to protect yourself.

These are the four broad categories of Web attacks with which Web surfers must contend. Understanding the basics of how these attacks work is perhaps one of your best defenses against today's Web malware threat.

Windows Remote Desktop is designed for support services, but can be used maliciously. Disable Windows Remote Desktop unless or until you need it. Here's how.

The Windows autorun feature enables CDs to play automatically when inserted in the drive. Removable and thumb drives use the same autorun feature to load files when the drives are plugged into the USB port. Malware relies on this autorun feature to spread from thumb drive to PC. Here's how to disable the autorun feature to prevent malware from...

If there were any such thing as a ‘door’ to the Web, it would be the search engine. Google, Yahoo, Bing, and other search engine "spiders" constantly crawl the Web, cataloging the results in order to provide a ranked list of sites matching the particular query (keywords) you've provided. Search engine poisoning exploits that technology, such...

Think you shouldn't write down your password? You may need to think again. Here are some common myths - and valid tricks - about storing and remembering passwords.

The vast majority of content on the Web seems free, but it's actually supported through advertising. The largest syndicated ad providers are owned by the search engine vendors. For example, DoubleClick is actually owned by Google. While ads may appear in search engine results pages, the ads are also syndicated out to participating websites for...

The old advice was that in order to avoid Web malware, stick to only known, reputable websites. But thanks to website compromises, the notion of known trusted website has fallen to the wayside.

ulnerabilities in Adobe Reader and Adobe Acrobat are the number one most common infection vector, bar none. Making sure you stay up-to-date with the latest version of Adobe products is imperative, but not foolproof. To use Adobe Reader (and Acrobat) safely, you need to make a few tweaks to its settings. Following are the must-make security changes you need to make in Adobe Reader and/or A…

Adobe Flash exploits can be easily rendered in Adobe Reader and Adobe Acrobat. Fortunately, you can safely delete authplay.dll (or rename it if you prefer). Here's how to delete authplay.dll in Windows, Mac OS X, and Unix.

Is the Google Android really at greater risk of malware? Or is it simply a bigger target for FUD (Fear, Uncertainty, and Doubt)?

Firefox users that use the Firefox search bar will default to the regular, non-encrypted version of Google search. Here's how to add the encrypted Google search to the Firefox search bar.

Microsoft provides an automatic update feature for Windows - but unfortunately malware often disables it. Make sure Windows automatic updates are configured properly by following these steps.

Search for "AVG crash" and you'll find over 2 million hits on Google. The systemic problem of AVG crashing Windows computers is almost an annual occurrence. Here's how to recover from an AVG crash.

A lot of today's malware goes to great lengths to avoid notice. But some viruses exhibit symptoms that might as well be a banner advertising the infection. Here are a few of the most common tell-tale symptoms of a virus infection.

Removing a Windows virus can be tricky. Here's an A to Z walkthrough of what you'll need to know and do in order to remove malware from your computer.

The Windows Task Manager is a built-in utility that lets you view the running processes, applications, services, and users on your computer. There are a few different ways to launch the Windows Task Manager. Here are the two simplest methods.

Just using Firefox doesn't offer any security benefits, but using the NoScript addon with Firefox does offer an important safety upgrade.

Do you suspect your email account has been hacked? Can't login to your email account? Are you getting undeliverable and bounce messages for email you never sent? Are friends and family complaining of receiving email you never sent? Is it malware? A hacker? Here's how to tell.

Cybercriminals can hijack your online accounts to order items at your expense, gain access to your email, or use your good name to send spam, malware and scams to people you know. Here's one way they do that and how to prevent it.

False positives can be an annoying problem and unfortunately false positives in antivirus scanners are being increasingly more common. Here's how to exclude a file or folder from scanning by Norton AntiVirus and Norton Internet Security.

Cyberwar is being waged, malware is the attack tool, and Internet users are on the front-lines of the battlefield. Criminals are attacking via the Web, using social engineering tricks and compromised websites to foist malware onto victims computers. The goal: to steal financial and intellectual property from individuals and companies across the globe. Here's how to prepare your defenses to avoid …

There's an old acronym in the computing industry - WYSIWYG. Pronounced "wizzy-wig", it stands for "What You See Is What You Get". While that used to be true with computers, today nothing could be further from the truth. Today, many of the websites we trust and visit routinely are being compromised and hidden code references are being inserted. While you can't see any visible signs of the compromi…

When malware gets onto the system, one of the first things it may do is disable your antivirus scanner. It may also modify the HOSTS file to block access to antivirus update servers. Here's how to check for both.

Though the victim is often blamed for the infection, most malware infestations through no fault of the user. You're cruising along surfing the Web and get sideswiped by a malicious ad or compromised website. Have you ever been the victim of a malicious Web attack?

So-called cloud-based services like Evernote provide a convenient way of remotely storing data accessible from any Web-connected device. But that convenience may come with a price: increased risk of data and identity theft.

As one year comes to an end and a new year begins, many of us take the opportunity to reflect on the things we wish we had done differently. This year, shake things up a bit and adopt some new new year's resolutions that may just prove to be far more manageable and sustainable.

Many online accounts let you enter an email address that will be used if your password is ever forgotten or is changed. But improperly managed, the email recovery option can leave you at greater risk.

Most online accounts include a 'secret' question to assist in password recovery, the correct answer to which is supposed to validate that you really are the legitimate owner of that account. The problem is, the 'secret' question is generally none too secret.

It took 20 years (1986-2006) for malware to reach the one million mark. Since then, the rate of malware has been doubling every year, and is now threatening to double every six months. Being proactive and taking responsibility for your own security will go along ways towards helping you avoid the onslaught and helping all of us ensure the bad guys don't win.

Facebook might seem like a "friends and family" social network, but it can expose your personal information to the whole world if you're not careful. Be smart about what you reveal online. Here's how to tighten settings in Facebook to protect your privacy and prevent unwanted use of your personal information.

Keeping safe online takes more than just installing a few security programs. To protect both you and your computer, here are the top ten bad habits you need to avoid.

Malware may modify or infect a legitimate system file. When that occurs, a comparison to the legitimate original MD5 or SHA1 hash can be a useful diagnostic. FileAlyzer from Spybot Safer Networking is a free easy-to-use tool that quickly captures the md5, SHA1, and other useful file information. Here's how to get and use FileAlyzer.

There may be cases where you've changed the default settings in NoScript and now want to take advantage of blacklisting to compensate for those changes. Follow these steps to add sites to the NoScript blacklist.

Recent opinion blogs and articles push the notion that either the government or Oprah needs to encourage everyone to use antivirus software. The premise seems to be that if Oprah or the government began pushing antivirus, we'd somehow nip the problem of malware in the bud, save everyone some money, and make the world a better place.

Should President Barack Obama use Twitter? Or do the risks outweigh the rewards?

Should President Barack Obama use Twitter? Or do the risks outweigh the rewards?

Sometimes the desire to contextualize content delivery can go too far and can be used for malicious purposes. Here's how to block browser history sniffing, cache timer attacks, and Adobe Flash offsite cookie storing.

Cache timer attacks let unrelated websites know which other sites you've visited online. Here's how you can prevent cache timer attacks in Firefox.

Browser history sniffing lets unrelated websites know which other sites you've visited online. Here's how to prevent browser history sniffing in Firefox.

Browser history sniffing lets unrelated websites know which other sites you've visited online. Here's how to prevent browser history sniffing in Internet Explorer.

AutoComplete not only makes it easier for you to automatically fill in forms and logon to secure sites - it also makes it easier for Trojans and hackers to gain access to your personal data and logon credentials. Here's how to clear the sensitive data stored by AutoComplete and how to disable the feature to protect yourself from compromise.

It seems everyone is recommending Firefox for better online security. But are those hearty recommendations warranted?

Firefox will initiate the download of an executable file specified in the http header. This occurs without active scripting, which means standard security addons such as NoScript will not prevent this from occurring.

Autorun is one of those 'convenience' features in Windows that can cause more harm than good. Essentially, Following are frequently asked questions about the Autorun component, including why Autorun can be dangerous and how it can be disabled.

It doesn't matter what side of the copyright bench you sit on, filesharing is dangerous. Before you roll your eyes and say "Yeah, whatever...", here are the three most common misconceptions about filesharing safety.

If enabled, DEP (Data Execution Prevention) can prevent malicious code execution that occurs as a result of buffer overflows or similar browser attacks. Here's how to enable DEP in Internet Explorer v7.

If enabled, DEP (Data Execution Prevention) can prevent malicious code execution that occurs as a result of buffer overflows or similar browser attacks. Here's how to enable DEP for IE6 in Windows XP SP2.

A bug in Microsoft Vista executes programs in the Autorun.inf file when the Autorun feature has been disabled via the NoDriveTypeAutoRun registry value. If you've set the value NoDriveTypeAutoRun in the Windows Vista registry, delete the value and follow these steps to really disable autorun in Vista.

Protecting against social engineering often requires a degree of savvy that is more instinct than technique. When it comes to social engineering scams, it's often instinct and not technology that can make the difference. An experienced user armed with the right information is generally best equipped to make the right decisions to protect themselves online.

We've all been there - you get an alert from your virus scanner warning that a particular file is infected. Sometimes the alert reappears even after you've told the antivirus scanner to remove the infection. Or maybe you just have reason to believe the virus alert may be a false positive. Here are six things you'll wa…

Why is Internet Safety Important? Today's malware is vastly different from yesteryear's virus. No longer a form of digital graffiti, modern malware is all about money. Your money, that is. This change in intent has also led to a corresponding change in tactics.

Malicious iframes planted on compromised websites pose big problems for Web surfers. Fortunately, Internet Explorer includes a feature that can help protect against malicious iframes. But use with caution - there are many legitimate uses for iframes and IE doesn't distinguish between these.

If you use the Firefox browser in conjunction with the Google search engine, Google will (under various circumstances) prefetch the first page returned in the results. In other words, that page and any cookies associated will be downloaded to your computer even though you never clicked the link. Here's how to disable this Google / Firefox feature.

Host Intrusion Protection Software, or HIPS, provides rule and behavior-based system monitoring to guard against unwanted changes.

Home and SOHO users are particularly vulnerable to web-based malware attacks, since these users often do not have access to sophisticated proxies, intrusion detection, and patch management systems necessary to ward off web-based threats. The following advice is geared specifically to help this segment of the online population.

Whether through social engineering or through web site exploit, the choice of browser will be of little help. All browsers are equally susceptible to web-based malware and this includes Firefox, Opera, and the much maligned Internet Explorer. Disabling Javascript on all but the most trusted sites will go a long ways towards safer web browsing.

Every 3.5 seconds in the United States, someone's identity is stolen. Unfortunately, many view identity theft as an 'online' only problem. It's true that phishing scams, Trojans, and other forms of cybercrime are a factor, but there are also far more low tech means of identity theft - including digging through your garbage or stealing your wallet or purse. You can minimize your risk by following these ten tips.

When Windows is starting, pressing the Shift key can allow you to bypass programs loading during startup. Some malware, such as the UZA O/S worm, disables this feature. Here's how to re-enable the use of a shift override when Windows is loading.

Whether you're going off to college for the first time, or are a returning student, chances are you're on a tight budget. Fortunately, that doesn't mean your computer security has to suffer. While the suggestions below won't free you up from having to write term papers, they will free you up from suffering undue angst due to malware. And speaking of free, most of the solutions recommended below are either low cost or totally free.

Sometimes, despite our best efforts, something happens that causes Internet Explorer to become unstable. Fortunately, Internet Explorer 7 offers an easy-to-use feature that deletes all temporary files, disables add-ons, and resets changed settings back to their defaults. Here's how to reset Internet Explorer v7 settings.

When it comes to IE, it seems everyone wants a piece of it. While legitimate toolbars and other browser helper objects (BHOs) are fine, some aren't so legit or - at least - their presence is questionable. Here's how to disable unwanted Add-ons in Internet Explorer.

You visited a great web site on Thursday, but forgot to bookmark the URL. Now it's Sunday and you can't remember how to get back there. This is where the Internet Explorer History folder comes in handy. But just as it lets you trace back your Internet browsing steps, others can also use it to see where you've been. If the downside seems greater than the upside, here's how you can delete the Internet Explorer History and how you can prevent it from being stored in the future.

Internet Explorer caches web pages you visit and cookies coming from those pages. While designed to speed up browsing, if left unchecked the burgeoning folders can sometimes slow IE to a crawl or cause other unexpected behavior. In general, the less is more principal works well here - keep the Internet Explorer cache small and clear it often. Here's how.

The WildList isn't a perfect measure of antivirus detection. Far from it. But the WildList does offer important benefits that should be acknowledged.

If you need to download a blocked attachment in Outlook, here's how to bypass the executable attachment restrictions.

Unless unique passwords are used for each site, it takes only the compromise of a single site's credentials to have a toppling domino affect on the security of all your online assets.

So you've created a strong password system following the tips outlined in "Passwords: Creating and Maintaining a Strong Password System". Now you need to keep those passwords safe. Here's how.

Answers to frequently asked antivirus questions

A University of Michigan student describes her frustrating experience with a Mytob infection. Here's how to resolve it.

Most hotels today offer amenities geared to the 'Net-hungry traveler: Wireless access (often free) throughout the hotel or in the lobby area, ethernet cables in hotel rooms, and business centers in the hotel lobby equipped with PCs and printers. But how safe are these options?

Plagued by spyware and adware that keeps reinstalling itself everytime you remove it? If you haven't kept your security patches up to date, the resuscitating spyware and adware may be the result of an Internet that reinfects your computer each time you access the Internet.

AutoComplete not only makes it easier for you to automatically fill in forms and logon to secure sites - it also makes it easier for Trojans and hackers to gain access to your personal data and logon credentials. Here's how to clear the sensitive data stored by AutoComplete and how to disable the feature to protect yourself from compromise.

AutoComplete not only makes it easier for you to automatically fill in forms and logon to secure sites - it also makes it easier for Trojans and hackers to gain access to your personal data and logon credentials. Here's how to clear the sensitive data stored by AutoComplete and how to disable the feature to protect yourself from compromise.

AutoComplete not only makes it easier for you to automatically fill in forms and logon to secure sites - it also makes it easier for Trojans and hackers to gain access to your personal data and logon credentials. Here's how to clear the sensitive data stored by AutoComplete and how to disable the feature to protect yourself from compromise.

Reduce susceptibility to viruses and other malicious code and exploits by following these safety tips.

Here's how to beef up your wireless safety by disabling automatic wireless connections.

File and Printer Sharing may be necessary in an office network, but chances are it's not needed at home. And it poses an increased risk on wireless connections. If you must use it, disable it when connecting via hotspots, and re-enable it when you return to your home or office. Here's how to disable file and printer sharing in Windows XP.

FRISK Software, one of the oldest and most venerable antivirus vendors, provides F-Prot for DOS free to home users and dirt cheap for corporates. And though it's designed for DOS, you can run it commandline in Windows XP too.

Getting stubborn adware and spyware off your PC can be frustrating. However, there are steps you can take to make the process easier and more effective.

Some spyware and adware will add miscreant links to your Internet Explorer Trusted Sites Zone. This may allow the sites to run with fewer security restrictions. Make sure you periodically check the Trusted Sites Zone list to ensure only sites you have specifically added are included. Here's how.

Spyware and adware often change your browser Start and Search pages to point to unwanted websites. Even if you've removed the infestation responsible, you may still need to reset the web settings. Here's how to do this in Internet Explorer.

Booting in Safe Mode prevents extraneous services and programs - including most malware - from loading at startup.

Reading email in plain text offers important security benefits that more than offset the loss of pretty colored fonts.

Through the use of rootkits, malicious programs are able to stealth their presence - making themselves virtually invisible to many of today's scanners.

Treat IM as suspiciously as you should be treating email.

Viruses and spyware use the HOSTS file to block access to antivirus and security websites, or redirect attempts to visit other websites. Here's how to thwart these unwanted modifications to the HOSTS file.

Virus removal and free security resources

Windows ME and Windows XP both come with a feature known as System Restore that enables users to revert to specific restore points without impacting data files. However, problems can occur when viruses get trapped in these restore points and antivirus software is unable to remove them.

The Windows Messenger Service can be exploited by spammers and used to dish up unwelcome advertising on unsuspecting users. The service is also victim to a critical exploit that could allow malicious attackers to remotely run code on vulnerable systems. Disabling the service will prevent both the pop-ups and the exploit. Here's how.

Securing Outlook and Outlook Express

Boot sector virus repair

How to prevent email worms and viruses

A simple how-to guide for securing Internet Explorer. With just a little elbow grease, you can prevent spyware and stop pop-up ads for free.

A simple how-to guide for securing Internet Explorer. With just a little elbow grease, you can prevent spyware and stop pop-up ads for free.

A simple how-to guide for securing Internet Explorer. With just a little elbow grease, you can prevent spyware and stop pop-up ads for free.

By default, file extensions cannot be viewed in Windows. Viruses routinely take advantage of this security oversight.

Doing an IP Lookup

SoBig.F spoofs the From address, hiding the identity of the real SoBig.F infected party - but using these tricks, you can still locate the sender.

A few simply steps that will keep you computing more safely.

It may seem that achieving good security can be a daunting task. Fortunately, the few simple steps outlined in this article can provide a good measure of security in very little time.

From Sophos, a step by step guide to disabling the often unneeded - and potentially risky - Windows Scripting Host. Instructions for all major Windows platforms are provided.

A list of common executable file extensions that signify files capable of being infected with viruses. Plus a step-by-step guide to enabling file extension viewing in Windows.

Microsoft addresses frequently asked questions about macro viruses, including instructions for using the built-in macro protection in Microsoft Office products.

The Windows operating system recognizes file types and associates them with programs based on their file extension. This association can spell disaster if an extension is removed or renamed.

From DOS through XP, how-to guides for creating boot disks in various Windows platforms.

From the University of Washington, a brief primer on computer viruses and steps you can take to avoid infection.

A technical preventative for experienced users, Denny Lin of La Sierra University describes methods to identify and clean infected boot sectors.

A guide authored by John Jenkins, this covers several avoidance stratgies to prevent infection and what to do if they fail.

From the makers of Sophos Anti-Virus, ten suggestions on beefing up security practices to avoid infection.

Subscribe to Microsoft security bulletins to receive up-to-date information concerning newly discovered Microsoft product vulnerabilities.

Annoyed by pop-ups? Worried about "drive-by downloads"? Has your Internet Explorer start page been taken hostage by an unwelcome site? Relax. Internet Explorer has a built-in mechanism for controlling the Internet nasties that threaten to ruin your browsing experience.

Common sense advice from the Web Guru provides useful tips for a safe computing experience.

Whether you use Outlook, Outlook Express, Eudora, or Pegasus, there are steps you can take to make your email more secure and help prevent malicious mail from hijacking your PC.

Just because that email says it's "From" someone you know, it doesn't mean it is. Find out how to tell who the real sender is and take appropriate action.

Data Execution Prevention, or DEP, raises an exception if it detects code loading from the default heap or stack. Since this behavior is indicative of malicious code (legitimate code does not generally load in this manner), DEP protects the browser against attacks rendered, for example, via buffer overflow and similar type vulnerabilities. Sometimes, however, DEP can cause conflicts with legitima…

Adobe Flash Player 10.0.45.2 and earlier contains a vulnerability that is exploitable via Adobe Reader and Acrobat. Windows, Macintosh, Linux and Solaris operating systems are all vulnerable to the exploit if Adobe Reader or Acrobat is used.

Malware often installs itself as a Windows service in order to load when Windows is started. This allows the malware to run and control designated functions without requiring user interaction. Sometimes, antivirus software removes the malware but leaves the service settings behind. Whether cleaning up after an antivirus removal, or attempting to remove the malware manually, knowing how to delete …

The files sshnas.dll and sshnas21.dll are part of a trojan that redirects search engine results in Google, Yahoo, and Bing searches. Both Firefox and Internet Explorer are affected. Here's how to manually remove the files associated with a sshnas.dll and sshnas21.dll trojan infection.

PDF files are not safe if you are using Adobe Reader or Adobe Acrobat to open them. Malicious PDF files are the most common vector of infection on the Web and, increasingly, in email. These malicious PDF files exploit vulnerabilities in Adobe Reader and Adobe Acrobat. Exploits of vulnerabilities in Adobe Reader / Acrobat were the most common cause of drive-by malware infections in 2009 and remai…

It goes without saying that antivirus software and a firewall are a necessity. But these alone won't protect you against today's malware. Here are four simple and very important changes you can make that will keep you safer online and off.

The scareware just became a brilliant red herring that successfully tricked you into giving up your well known antivirus and lowering your defenses.

When it comes to links, what you see is often not what you will get. Every link is comprised of two parts - the portion that's displayed for you...

Java is fast becoming the most targeted third-party application for malicious exploit via the Web. One easy thing you can do to avoid this method...

Java is fast becoming one of the most targeted third-party applications for malicious exploit via the Web. One easy thing you can do to avoid this...

There is an easy way to prevent Adobe Reader and Acrobat from automatically rendering PDF files in your browser. Make this one small tweak, and...

The road to Hell is paved with good intentions. I was reminded of that today when reading about Firesheep, a Firefox addon that lets anyone who knows how to click a mouse steal the account credentials for anyone on an open Wi-Fi network.

Java is fast becoming one of the most targeted third-party applications for malicious exploit via the Web. One easy thing you can do to avoid this method of attack is simply disable Java. When you do need it for that website game or calculator, just re-enable it (but be sure to turn it back off when you're done).

VTzilla is a free Firefox addon from VirusTotal that lets you easily check the safety of links and downloads - before you click or save the download.