Windows Hygiene 101

Windows Hygiene 101: A Small Prescription For Newbies

To Keep Windows (9x/ME/NT/2000/XP) Clean
by William Porquet, 2007

Windows Vista Users:
I don't have sufficient information or research yet to attempt to help you with this version of Windows. Stay tuned!

If your computer is on the Internet, you can safely assume that there are entities out there trying to access your computer's resources whether you like it or not. Humans, and self-replicating programs written by humans, are constantly exploiting the Internet, looking to grab anything that isn't nailed down. Not just your files, but your computer's computing time, network resources, your private information and your Internet usage. Furthermore, in this game, anything that can be pried loose is not nailed down, so you have to do more than just install Windows on your computer and expect a stress-free online experience. It might seen like a lot of steps to secure your home PC running Windows, but I assure you it's worth it.

I have personnally witnessed this scenario: A new installation of Windows is connected to the Internet for the first time (via a dialup connection no less). Before an antivirus program could be downloaded and installed, an Internet worm (a type of network virus) had already installed itself from some other infected host across the Internet!

Protecting your computer from viruses, spyware, malware, and hacking attempts will make your life a lot easier. If you don't think you have anything on your hard drive worth worrying about, ask yourself how many things you purchase online with a credit card. This credit card information could be stored on your hard drive, and if accessed by a hacker could render you the victim of identity fraud. It's no fun having to fax all the credit bureaus to report that someone is currently having a shopping spree at your expense (I write from personal experience here, though I doubt the sensitive information came from my own computer). Or you could have your private emails copied to a hacker's hard drive. Follow this prescription for a clean bill of Windows health, and your online experience will be less stressful. And because this formula relies on freeware and Open Source programs, the only cost to you is your time and effort.

There are 4 main steps to this process. They merely involve getting on the Internet, downloading a few programs, and installing them. Hopefully you'll have a faster broadband connection, but you could do this over with a dialup connection with enough time and patience. You may be surprised to find out that your computer has already been compromised in one or more ways!

1. Protect yourself against existing or incoming computer viruses, email worms, malware, and spyware:

* A free antivirus program with regular virus definition updates (I use this on my home Windows workstation), AntiVir:

http://www.free-av.com/

* Use AntiVir's "Internet Update" feature frequently, sometimes viruses can spread very quickly before anyone (including antivirus companies) know anything about it.

* An online free antivirus scanner (may be useful for an initial scan or if you want a second opinion, but only runs manually):

http://housecall.antivirus.com/

* One more link, for when you're not sure if the "virus warnings" your friends email you is legitimate or bunk:

http://snopes.com/computer/virus/virus.htm

* Microsoft makes patches available for known "holes" in the operating system which can be exploited by hackers or viruses. You can download and install them automatically with the Internet Explorer browser:

http://windowsupdate.microsoft.com/

* While this is not technically a hack attack nor a virus, the Windows messenger service represents an example of how some random amateur hacker can rattle your chain across the Internet from his parents' basement. By taking advantage of an obscure Windows service designed to send public announcement messages across an office network, spammers can remotely create a pop-up window on your computer containing any text they like (usually spam, and often not for polite company). The real annoyance of this is that you don't even need to be running a browser to get it! I recommend disabling Windows Messenger pop-ups (not to be confused with online chatting programs like Windows/MSN Messenger). If you're running Windows XP, you're probably fine, as this service is disabled by default. If you're curious, though, feel free to read along anyway to see how some of the infernal workings of Windows works:

http://www.itc.virginia.edu/desktop/docs/messagepopup/

* Spyware is a sneaky piece of software that can piggyback on another program, keeping track of your online behaviours, collecting data and demographic information, and even redirecting your Web page requests (like Google searches) to someone else's page! Get one or both of the following spyware killing programs and make the spammers mind their own business! I bet you think you don't have any spyware on your computer already. If you haven't heard of spyware before (but you have heard of BonziBuddy or FREE SCREENSAVERS!), there's a good chance your computer already has some.

* Free Spybot Search & Destroy:

http://www.safer-networking.org/index.php?page=download

* Free Lavasoft Adaware:

http://www.lavasoftusa.com/support/download/

* You can use either or both of Spybot or Adaware. Adaware is probably preferable for beginners, just because it's harder to mess up your system accidentally. Spybot Search & Destroy is powerful, but it won't stop you from doing stupid things, because that would also stop you from doing clever things. Keep in mind, some programs (particularly popular file-sharing programs like Kazaa) may stop working after you remove/disable spyware. Them's the breaks.

* Remember that installing antivirus software will not protect your computer in all circumstances. Don't open unknown email attachments.

* Don't open unknown email attachments.

* Don't open unknown email attachments, no matter how appealing the message may be! If you're certain you want to open an email attachment, save the file to your hard drive (don't run it!) and scan the file *manually* with your (recently updated) antivirus software *before* you open it. With many antivirus programs (including AntiVir) you can scan a file quickly by right-clicking on it and choosing something like "scan for viruses" from the pop-up menu.

2. Consider installing a software firewall to help prevent new viruses, spyware, trojans, and hacking attacks:

* Windows XP now comes with a built-in firewall. It's not bad, use it. Keep in mind it's not a bullet-proof vest, but it can definately help protect your computer. If you're running a version of Windows older than XP like Windows 2000, consider installing a third-party firewall such as ZoneAlarm:

http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?dc=12bms&ctry=GB&lang=en

Users of Windows 95/98/98SE/Me take note: you are using an older version of Windows. Microsoft and third-party software vendors have basically started to abandon support for these operating systems versions. I have found a free firewall that still supports your version of Windows, for now, but you might want to move up to Windows 2000/XP soon if your computer can handle it!

http://www.jetico.com/index.htm#/jpfirewall.htm

* The Windows firewall is "trainable" so you can specify which of your programs is allowed to use your Internet connection. You'd be surprised how many programs "ping the mothership" by sending information packets from your computer without your consent or knowledge!

3. Not all programs that access your email and browse the Web are created equal.

* I highly recommend avoiding Internet Explorer and Microsoft Outlook for Web browsing and email. They are both veritable flypaper for viruses, spyware and malware. At the risk of ranting, I'll try to explain simply why I don't like or recommend using Internet Explorer. When you double-click on your "My Computer" desktop icon, you're opening "Windows Explorer" (the file manager that lets you explore your hard drive). But in a sense, you're also opening Internet Explorer too! Surprised? Confused? I was too. If you type in "C:" in the address bar of Windows Explorer and hit the return key, you'll see the contents of your hard drive. And if you type "google.com" into that same address bar and hit return you get to Google via Internet Explorer! In other words, Internet Explorer is intimately connected with your entire operating system. Some viruses, spyware, and malware are spread through the World Wide Web and can take advantage of weaknesses of this intimate integration to install themselves silently on your computer. Mozilla Firefox, on the other hand, is just a program that has no special privileges with the operating system.

Imagine if cars were built like Internet Explorer and Windows. If some vandal ripped off your radio antenna, your transmission could fall out! ;-)

* I recommend and use Mozilla Firefox and Thunderbird, respectively, as a browser and email client. It lets you browse the Web without annoying popups, the email client has sophisticated spam filtering built-in, it's less suceptible to viruses while browsing or reading email. What's more, it's free:

http://www.mozilla.com/

* There will probably be sites that refuse to work properly unless you use Internet Explorer. Use it if you must, but the less the better, and make sure it's the newest version you can install for your version of Windows. I still suggest avoiding Outlook. You can download Internet Explorer 7 here:

http://www.microsoft.com/windows/ie/downloads/default.mspx

Note that version 7 only works on Windows 2000 and XP.

4. Don't forget that Windows needs some attention now and again for system housekeeping. Running a disk check and a defragmentation ("defrag") on your hard drive(s) now and again (at least once a month) is a good idea. And ask yourself - if you woke up one morning and your computer didn't boot, do you have a backup of your important files anywhere? We can easily take for granted that our files are where we left them, but all magnetic media (like your computer's hard drives) are quite delicate and highly susceptible to physical shock. Most of the computer failures I've seen in my years of experience doing systems administration and support were due to hard drive failure!

To put it bluntly, saving to magnetic media like hard drives and floppy disks is like writing in the sand. Even backing up to CD-ROMs or DVDs can be dicey, they can be rendered useless by leaving them label-down by a sunny window for a day. Remember that simple fact before you leave your family genealogy on only one hard drive without a backup copy.

* Disk Check: Click on Windows Start, then move your mouse cursor to "My Computer", when selections appear for your drives right-click (I'm assuming a right-hand mouse here) on Local Disk (C:), then left-click on Properties, then click on Tools. Click on the Tools tab. Under Error-checking, click on the Check Now Button. A new box will appear called "Check disk options". Put a check mark in both of the options. After you click OK, a box will pop up saying you cannot run disk check at this time, and do you want to start it the next time your computer restarts. Click on OK then restart your computer. You computer will boot into a special screen and inform you that it's doing a disk check. Don't panic, it's not the "bad" blue screen. ;-) Be patient, get yourself a coffee and a sandwich. It might take a while.

* Defrag: Click on Windows Start, then move your mouse cursor to "My Computer", when selections appear for your drives, right-click on Local Disk (c:) then left-click on properties then click on tools. Under Defragmentation, click on the Defragment Now button. After you click on OK, the previous display will be shown again - just click on OK again to start the Defrag for your Drive C. This can take a while too, patience is a virtue.

* Backup: Your needs may vary, but consider at least backing up important files on some form of removable storage like a diskette, an external USB hard drive, a USB "pen drive", an iPod, an Iomega ZIP Disk, or recordable CD-ROM/DVD-ROM. Ask yourself, if you had to reinstall Windows from scratch today, and erase everything saved to your hard drive, what would you have lost?

Personally, I use an external USB hard drive to make a full regular backup of all my files. I also burn important documents and projects to CD-ROMs. I even keep a backup of my backup on my iPod! If your data is really important to you, you can't have too many backup copies! Backup soon, and often!

If, after all this, you're still feeling ambitious, check out this link for more information on making Windows less, well, annoying. :-)

http://www.annoyances.org/

Good luck running Windows, goodness knows you'll need it!