How make sure that your Windows XP Home is secure against spyware/viruses/etc


I just visited a friend yesteday night. Among other things I helped him to clean up his computer from spyware. And, on the spot I came up with a simple solution to ensure that it won’t get infected anymore. Beyond the standard provisions (antivirus, etc) you also need two separate accounts – one non-adminstrative account for internet browsing/email reading/etc, and an administrative one that must not be used to browse the internet.

Things that you must have:
1) Make sure that you have Windows XP SP2 on your computer. Make sure that your Windows Update is configured to automatically check and install patches. Choose a certain hour at night for this job (by default – 3.00 AM). Make sure that all your patches are applied.
2) Buy a good antivirus product. Make sure that it periodically scans the system at night. Don’t go with the free stuff.
3) The Windows Firewall must be turned on by default (unless you need it off for a very good reason). A hardware firewall would be nice to have.

Things that are nice to have (not 100% necessary, but good to get additional protection):
4) Don’t use your administrative account for internet browsing, except for manual Windows & Office Patch installation. Make sure that this account is logged-on all the time, so background night tasks like virus scanning, patches, etc are running.
5) Also, in this Administrator account, make sure that the Security settings are set to High for the Internet zone in this account – just open IE and double-click the bottom-left icon or text. So, even if you use IE for browsing, you will still be safe for most problems.
6) Create a separate, non-administrative account. Use only this account for Internet browsing. Assuming that you have Windows XP Home edition it is very easy to switch between these two accounts.
7) Install one or several AntiSpyware programs. I would recommend Microsoft AntiSpyware beta 1 (which does the check every night at 2.00 AM), but others are good too – for example AdAware or Spybot Search & Destroy.

Comments (5)

  1. Sound advise (as Spyware nowadays is becoming a bigger pain than ever). However I’d just like to comment on point 7.

    As MSFT AntiSpyware is in Beta, it would be worth mentioning that as yet it does not pick up tracking cookies.

    Currently I use all of the above and find they compliment each other well.

  2. Try hitman pro… it installs adaware, spybot and some others. Only thing missing is MS antispyware.

    You can also install firefox as an extra option and change the "program access and defaults".

    You can also deny execute on temp folders for ev veryone. You cannot do this with home edition though. Some installers also fail because they first unpack in the temp folder and then launch a second installer.

  3. Snoop says:

    Try Adware or Spybot. Those are the 2 best ones i have tried so far, and with good results. oh and another thing, also if you have ICF(Internet Connection Firewall) running by default, try to install another firewall for better security. like Zonelarm or Norton.

  4. Gramma says:

    All sounds good if I just knew HOW to do WHAT to do; e.g., How do I know if I am an Administrator Acct or just the other(?). How do I know if my Firewall is turned on/off? Spybot S&D keeps showing "DSO Exploit" with 5 HKey_Users….listed but does not immune or delete them. When I try to delete scan runs again and comes up with same DSO Exploits (5).

  5. Adi Oltean says:

    Good points…

    >>> How do I know if I am an Administrator Acct or just the other(?).

    By default, with Windows XP Home editions, all accounts are administrators by default.

    >>> How do I know if my Firewall is turned on/off?

    With XP SP2, the firewall should be turned on by default, as far as I know. With older versions of Windows (XP SP1, XP RTM, etc) it is off by default.

    >>> Spybot S&D keeps showing "DSO Exploit" with 5 HKey_Users….listed but does not immune or delete them. When I try to delete scan runs again and comes up with same DSO Exploits

    This might be an issue with Spybot S&D? You might want to go to their site to get more information…