Start with Microsoft's Security at Home It's got lots of PC and internet security good security tips and info for parents, kids and everyone else . If you're using Internet Explorer/Windows XP (IE), you should have by now downloaded and installed Service Pack 3.

Your Windows updates can and maybe should be set for automatic. But they don't have to be. If you're attentive enough to do so then check the windows update page at least once a week.
Check Now


**Some people don't like setting windows updates to automatic because they feel it gives Microsoft information about your system that it wouldn't ordinarily get with updates set for manual. They may be spying on us but if they are there's not much we can do about it, at least not now. I think maintaining your PC's security by automatically getting Windows updates is of greater benefit to you and more practical in the long run than any concerns, justified or not, about Microsoft's snooping on us. Besides, Microsoft has a reasonable privacy policy which they are quite up front about. I have been using Windows for a couple years now and,as far as I know, have not had a security problem with Microsoft. I trust Microsoft with info about me and my computer more than I trust the thousands of proven internet bad guys. I would much rather spend my time securing my PC against them. And if it turns out Microsoft is taking advantage of us (which I don't think they are) so be it. I'll deal with that if and when I must.** (end of op-ed )

Microsoft Office updates can now be set for automatic and can also now be gotten at the Microsoft Windows update web page but if you're used to the original Office updates page then you can check once a month or so. Office updates not only improve stability and functionality but PC security since they usually include updates for the Office spam filter which I think is getting to be a really solid spam filter. Check once or twice a month and/or subscribe to the Office Newsletter which will keep you informed regarding the latest updates and downloads for Office.
In fact, I recommend to all windows users that they sign up for the Microsoft Security NewsLetter to keep up to date with all the latest Microsoft security issues, strategies and alerts. The Microsoft Security NewsLetter is geared toward Business mangers and IT Professionals but it also contains some useful info for average PC users.

You should have IE security settings to at least the Default level(s). Be careful if you go higher than the default level, you may well run into problems surfing the net.

If you don't use a third party firewall, you should turn on the Windows firewall.

Next is an antivirus (AV). Make sure it is running and fully updated. Set your AV's updates for automatic. Check for updates manually every so often. Download and install Spybot 1.4. Make sure to Immunize your system after you finish the Spybot updates. Do the same with Ad-Aware SE Personal Build 1.06r1 minus the Immunize. (Immunize is not available in the free version of Ad-Aware.)Update and run them once or twice a week. **Note: You have to get the updates manually for Spybot and Ad-Aware. They can not be set for automatic.**
I recommend Microsoft's Windows Defender. Not only is it good, but right now it's free. Windows Defender is actually Giant's very well received "AntiSpyware". In fact, Microsoft like Giant so well it literally bought the company as part of its newfound commitment to Windows security. Formerly called Microsoft AntiSpyware, Windows Defender has several good features including an internet tracks eraser, real time protection and outstanding detection rates.

Two more programs worth considering are Spyware Guard and Spyware Blaster . Each work together to prevent malware from getting into your system in the first place, in other words they provide real time protection against spyware. Spyware Blaster protects your browser form hijack attempts and other infestations while SpyWare Guard provides overall real time PC protection against spyware.


Get your self a good firewall and/or a router, or a hardware firewall as they are sometimes called. In fact, get a firewall and a router. Routers are similar to firewalls in that they protect against external threats to your PC. Routers are generally superior to firewall against external threats. They make an excellent first line of defense against internet vandals. The problem with routers is that they protect only against external threats. They don't tell you when a threat already on your PC is "calling home". That's where the firewall comes in. Unlike the router, the firewall (most of them anyway) monitors traffic in and out of your PC. When a process or program is leaving your PC, the firewall lets you know and gives you the option to block internet access to that program/process. These "permission based" firewalls used to be almost more trouble than they were worth. Most people didn't know enough about computers and Windows processes like svc.host.exe, for example, to confidently make a decision as to whether they should allow or block a program leaving their PC. Thankfully, in the last year or so internet security companies have been making smarter and smarter firewalls which have increasingly taken the decision making out of the hands of the PC owner. The only drawback to these smarter firewalls is their strength, the fact that the user has less control over his or her system processes and ports than before. If you are more tech savvy, this lack of control can be frustrating. But even the tech savvy can adjust the settings on most firewalls to achieve the level of control they desire. The other advantage of software firewalls is that they protect against worms spreading through shared shared hard drives, email and through file sharing programs like Kazaa and Gnutella,for example. You absolutely have to have a software firewall for your laptop. Routers are not portable. But software firewalls travel with you.

I find firewalls interesting. Maybe you do too. Or maybe you just want to learn the basics about firewalls. Take a look at this description of firewalls over at How Stuff Works. Firewall Guide is another good place to go for info on firewalls and firewall reviews.

Learn how to surf the net safely. Arm yourself with as much knowledge as you can about internet threats. Develop a working knowledge of current spyware and adware companies and products. Stay abreast of the latest internet threats, especially virusses and worms. Most security software companies issue daily and weekly virus/internet threat reports. I have a few of them on this page.

Take advantage of the many online privacy experts who have made it their business to battle the spyware/adware threat.
One of the premier authorities on spyware is Eric Howes. In fact Eric was awarded the Microsoft MVP Award He and his partner Suzi run an excellent site , blog and forum which provide resources, news, links and knowledge needed to keep your PC free of spy/malware.

Read Those Eulas


Be careful when downloading programs from the internet. Don't blindly click your way through the download process. Make sure to read the Eula End User License Agreement and/or Privacy Policy before you allow the download and installation of any program on the net, especially free ones. Why? Because the Eula is like a contract you sign with the software company before you download their product. It is in the EULA that you will be told whether the program comes with spyware/adware. If you skip the Eula/Privacy Agreement, you may wind up with some of piece of malware on your PC unwittingly. I hate to say it, but some companies pack their programs with third party scumware in order to make more money. That's right. Sometimes they get paid by another company to attach that company's spyware to their products which you in turn download unknowingly. (It's called host software). So read the Eula/Privacy Policy carefully before you allow the download. One additional note here: Verify that an anti-virus program checks the files on the download site. If the site does not proof its downloads with a good AV, then download the file to a floppy and scan it with your own (updated) AV or just get your software somewhere else.
Here's a good thread over at the DSLreports Forum which uses Kazaa's Eula as an example of a EULA of a product that comes with other third party software. For those who don't know, Kazaa is a well known malware distributor. Pay careful attention to section 9 of the Kazaa Eula. The thread also provides links to the EULAs of a number of other known scumware companies.

There's a neat little tool out now that analyzes EULAs for you and highlights any clause or clauses that could be a scam or security threat. It's called EULAlyzer and it's made by the same folks who make Spyware Blaster and Spyware Guard. And, as with Spyware Blaster and Spyware Guard EULAlyzer is free.


Security Advisories

Here are a few security advisories, the ones I mentioned above.

It's a good idea to take a look a security advisories once a week or so. They contain links to some very useful virus and security related info. They tell you about the latest malware outbreaks and attack - where they are occurring and links to tools to remove them etc.

Almost every security software company maintains one of these. Some, if not all of them, can be added to your website as you see here (for free). It's a great way to help out.

User Account Security

User accounts are a great way of sharing the same PC with more than one person without losing your personal touch. Whenever you create a user account you also create a personalized place on the PC's hard drive. Your user account creates your own space on the disk of the computer you are sharing. Not as individual as if you had partitioned the drive mind you. Your account is still part of the same OS you are sharing with others, but it's still your space just the same.
You need to keep each account secure. Passwords are the key.

- Use tough passwords. Don't use names of pets or close relatives/spouses or high schools you attended. Strong passwords contain letters, numbers and special characters (such as *, ~, or %) and do not contain real words. You should also change your password at least every 30 days.

- Rename Administrator . Microsoft really dropped the ball on this one. The default Windows configuration names the Administrator account "Administrator". Go figure. This highly original code name gives hackers half the data they need to access your computer. All they have to do then is crack the password. I recommend renaming this account at least once a month.

- Create a Guest account password. Another security home run for Microsoft. It's not enough to simply disable the Guest account. It still runs in the background. In fact, Microsoft has managed to make it an integral part of the Windows XP OS. The Guest account composes an integral part of network file and folder sharing. If you're not behind a firewall or router you can be seen sharing out a file or folder and people on the net may be able to connect to your share using the Guest account.

The Guest account is installed with a blank password. So I recommend you create a good one and change it once every few weeks.

- Keep Your PC Physically Secure

Especially in an office/corporate environment. Put it in a room that has a lock on the door. Keep the door locked at all times.

Put a lock on the case so nobody but you and the most determined crackers can get into the hard drive where all your data is stored.


Switch from FAT16/FAT32 file systems to NTFS

Not such an important consideration now that more and more of us are on, or are switching to, Windows XP systems which are, for the most part, NTFS. FAT16/FAT32 file systems offer almost no protection for personal data and is much more susceptible to attack than NTFS which allows for greater file security through its permission based file access features. If your using using NTFS on Windows XP Professional,you enjoy the additional security of being able to to encrypt files and folders using the Encrypting File System (EFS).

Most Windows 95/98/ME shipped with FAT16/FAT32 file systems. To find out which system you're on go to Start>My Computer>Right click on Local Disk C and select Properties. If you're on a Windows XP system that is FAT16/FAT32 and want to change to NTFS, you can do so using the convert.exe utility. Consult this Microsoft article for instructions.
Remember, once you switch from FAT16/FAT32 to NTFS you can not refer to your previous FAT16/FAT32 configuration.

If you don't want to use the Microsoft interface and/or the Help and Support article I linked you to, you can use a disk utility that will do it for you. The one I know and recommend is Partition Magic.



On my next page, PC Safe II, I will continue my discussion of security focusing on antivrus programs and firewalls.


*For the latest news relating to antivirus software go to my Antivirus News page. It's worth a look.*


Internet Tech News

PC Safe

PC Safe II

PC Safe III

PC Safe IV

PC Safe V

Banner taken from PC Sympathy

PC 1Stop Site Contents