Thursday, December 23, 2004

10 Steps for Securing Your MS Windows PC

On an email list to which I subscribe we're having a disucssion about spyware. I contributed a post with ten things you can do to prevent your PC from getting infected with malicious software. Here's the meat of that post:
  1. Run Windows Update regularly; if your version of Windows support automatic update checking, make sure it's enabled.
  2. 2. Do not use Internet Explorer as your browser, unless you are viewing a site which requires it. Use Mozilla, Firefox, or Opera instead. I use Firefox. By not using IE, you'll prevent most spyware and web-borned viruses from getting onto your system.
  3. Install the Google Toolbar for IE, because it includes an excellent pop-up blocker, for when you must use IE.
  4. Run an antivirus program and keep it updated. I use and recommend the free personal version of AVG Antivirus.
  5. Use a hosts file to prevent your PC from loading spyware sites.
  6. If you are on broadband use a hardware firewall. Routers that sit between your PC and a cable modem or DSL connection can do a lot to protect your machine. I've had good luck with Netgear equipment.
  7. Don't use Outlook Express for email. It's a virus trap. Use something else -- Mozilla Mail, Thunderbird, or Eudora.
  8. Don't open unexpected file attachments which you receive in email.
  9. Install and run Spybot Search & Destroy and Lavasoft Ad-Aware to clean up spyware. Spybot includes an "immunize" feature which can prevent known spyware from getting installed in the first place. Both can be downloaded from
  10. If you are using a PC with Windows NT, 2000, or XP, your regular user account should not be a "computer administrator." Rather, setup a separate account as a "limited user." That way if malicious software does get onto your computer its impact will be minimized.


The Freeholder said...

SpywareBlaster is also a useful tool.

Anonymous said...

I couldn't disagree more. I think those free anti-virus and anti-spy tools are just about worthless.

I use eAcceleration's StopSign!

It's the best, and it's not too expensive.

Anonymous said...

eAcceleration Stop is pretty scammy and the program has been known to crash computers hard core. For instance... it removed the NTLOADR file on one of the builds.

I would know, I used to work there.