Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Is this enough (setting up a new computer)

Dec 9, 2003 8:39PM PST

My friend dropped off his new computer at my house so I can 'set it up'.

I am planning to:
Activate ICF
Update Windows (activate automatic updates)
Install AVG, Mailwasher, CWShredder, TheCleaner, AdAware, Spybot, Spyware Blaster and Spyware Guard
Add a host file and eDexter, Google Toolbar (popup blocker)
Turn off messaging services
Turn off unneeded services (blkviper)
Install Mozilla
Turn off install on demand (IE and others)
Uninstall MVM and install Sun Java (can someone remind me how to do that?)
Load Kazaa (that was a joke!)
Merge IE-SPYAD and Spyware Block List file into his registry
Taping the CD's inside the computer box (thanks Bob, great idea!)


Here is my question, I noticed at another site, there are many (many) other security programs out there. For example, I noticed a lot of updates for a program called BOClean. Are these other programs similar to the protections that I am planning or are there 'gaps' in my programs? If so, which of the others would fill in the gap?

Thanks!

Discussion is locked

- Collapse -
In addition
Dec 9, 2003 8:48PM PST

I will review msconfig start up and get rid of extra stuff

- Collapse -
Re:In addition
Dec 9, 2003 9:34PM PST
- Collapse -
I figured out how to uninstall MVM (thanks Bob!)
Dec 9, 2003 10:11PM PST
- Collapse -
Re:In addition
Dec 10, 2003 8:22PM PST

Larry, you shouldn't need to mess with msconfig if you follow Black Viper's procedure.

- Collapse -
A link to Black Viper's XP services configuration page
Dec 13, 2003 10:57AM PST
- Collapse -
Re:Is this enough (setting up a new computer)
Dec 10, 2003 1:13AM PST
I am planning to:
Activate ICF

ICF will only monitor incoming communication.

Load Kazaa (that was a joke!)
I prefer Share_something_aza - can't remember the name Sad (that was a joke too!)

Install AVG, Mailwasher, CWShredder, TheCleaner, AdAware, Spybot, Spyware Blaster and Spyware Guard

If you'll install Mailwasher, add some List of All Known DNS-based Spam Databases

Don't forget to verify that his/her OE is using Restricted zone

Additional protection, install any of the Anti-scripts.

HTH

--
Donna
Security Software Reference
- Collapse -
And the most important thing...
Dec 10, 2003 1:35AM PST

Don't forget to tell the user what to do if any alert window (warning about a harmful or safe script, after you install Anti script etc.) poping up.

Tell the user what and why you do it, so the user will not be surprise nor confused if something doesn't work etc.

Tell the user what to suspect on the internet and email, also the Do's and Don't in internet browsing and email.

Remind the user:
To update the Spybot SD, spywareblaster, spywareguard etc.
To check for new windows and/or office update etc.
To update the host file etc.
To update mailwasher database.
To ask you if anything goes wrong
To ask you if anything need update

Tell the user how to find information or better yet, ask your friend to join Cnet forum.

Just a thought...

- Collapse -
Is this enough or maybe too much..
Dec 10, 2003 2:20AM PST

Will your friend keep all these progs updated?

You might but will your friend?

If all the updates become a PITA then you end up with an AV prog or such with 6 month old ref files. NG.

If I had my choice I'd go with a KISS system that's updated over a complex system that's not.

- Collapse -
I visit once every two or three weeks and spend a few seconds
Dec 10, 2003 3:29AM PST

pressing buttons. I also set to update AVG automatically. I set up a few of the others through task schedulere. I visit Donna's site to stay up to date so it literally takes 3 minutes to update all his programs. (I've been doing this on his old computer for a year or so).

He had a KISS system before I came over to fix it, and, thanks to his kid's *downloading* his machine was really messed up.

- Collapse -
Re:I visit once every two or three weeks and spend a few seconds
Dec 10, 2003 6:25AM PST

you can feed somebody for a day or you can teach them to fish and they can eat for life.

sounds like you roped yourself into feeding them for life instead of teaching.

- Collapse -
Ya gots to know your audience
Dec 10, 2003 6:45AM PST

In this case, it is easier when I am at his house to sit and click. In other cases, I go through the teaching process. That is why Walmart sells both fishing poles, and premade tuna fish sandwiches!

- Collapse -
Re:Ya gots to know your audience
Dec 10, 2003 10:06PM PST

LOL

- Collapse -
My procedure so far... (part I)
Dec 10, 2003 1:21PM PST

I'll have to add a few points from yours. Happy

Securing your WinXP PC
======================


Create Recovery CDs (if required) and a boot disk (http://www.bootdisk.com).


Create a restore point.
Start> All Programs> Accessories> System Tools> System Restore


Install hosts file -> C:\WINDOWS\system32\drivers\etc\hosts
http://www.accs-net.com/hosts/get_hosts.html hosts file
http://www.accs-net.com/hosts/ eDexter program to improve performance for Netscape users
http://accs-net.com/hostess/ hostess program for managing hosts file
http://accs-net.com/hosts/HostsToggle/ Toggle hosts file on or off or use alternate hosts files
Note: A large hosts file can slow down initial connection to internet while it loads into memory. However, it gets rid of a LOT of advertising.


Set up user profiles
Start> Control Panel> User Accounts> Set Up New Account
They will ask you a series of profiling questions and you can choose your user logo, but the main thing is to make them either administrative (no one but you) or non-admin. You should have 2 administrator accounts (in case one of them has a problem, you can fix it using the other) but neither one should be used for day-to-day work if possible.


Create "Prevent a forgotten password" disk for at least each of the administrator accounts.
Start> Control Panel> User Accounts
Click on your account
Click on "prevent a forgotten password" under Related Tasks in the left panel
Insert floppy disk


Enable Internet Connection Firewall (if you have high-speed access or connect to internet for long periods of time like getting the MS patches below).
Procedure is at end of this document.


Display all file extensions (required on each account):
Start -> My Computer -> Tools -> Folder Options -> View
Uncheck "Hide extensions for known file types"


Download/install MS patches (at least the critical ones!)
http://windowsupdate.microsoft.com


Download/install/run antivirus program
http://www.grisoft.com/us/us_dwnl_free.php
http://www.free-av.com/


Download/install software firewall
- Download firewall software (ZoneAlarm is easier, Kerio is more flexible).
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
http://www.kerio.com/us/kpf_home.html
- Disconnect PC from internet.
- Disable Internet Connection Firewall.
- Install firewall software and configure.

To check on default program settings:
http://support.microsoft.com/default.aspx?scid=kb;en-us;332003
Click Start> All Programs> Set Program Access and Defaults
or
Click Start> Control Panel> Add or Remove Programs> Set Program Access and Defaults


Disable uPnP
- Go to http://www.grc.com and download/run UnPlugNPray.

Disable DCOM (shares port 135 - MSBlast)
- Go to http://www.grc.com and download/run DCOMbobulator.

Disable messenger popups.
- Go to http://www.grc.com and download/run Shoot The Messenger.

To doublecheck that the services have been disabled:
Start -> Run: services.msc
In the properties of these services, stop, and disable them. SSDP Discovery Protocol, and Universal Plug n' Pray.

- Collapse -
My procedure so far... (part II)
Dec 10, 2003 1:24PM PST

Disable automatic updates and applications that "phone home"
- Go to http://www.xpantispy.org/ and install/run XP-AntiSpy
....- Windows XP
....- IE
....- Windows media player
....- MSN Messenger (some problems with this one - see below)
- RealOne
- Acrobat Reader
- Winamp
- ??? - only your ZA/Kerio firewall can tell you what is trying to get out.


Download/install/run Adaware and Spybot.
http://www.lavasoft.de
http://security.kolla.de/


To enable or disable Internet Connection Firewall
=================================================
http://support.microsoft.com/default.aspx?scid=kb;en-us;283673
1. Open Network Connections
2. Click the Dial-up, LAN or High-Speed Internet connection that you want to protect, and then, under Network Tasks, click Change settings of this connection.
3. On the Advanced tab, under Internet Connection Firewall, select one of the following:
- To enable Internet Connection Firewall (ICF), select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
- To disable Internet Connection Firewall, clear the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.

Notes

- To open Network Connections, click Start, point to Settings, click Control Panel, click Network and Internet Connections, and then click Network Connections.
- You must be logged on as a computer administrator to complete this procedure.


Uninstalling MSN Messenger
==========================

Advanced INF Install Error Message

MSKB:
http://support.microsoft.com/default.aspx?scid=kb;en-us;326731
http://support.microsoft.com/default.aspx?scid=kb;en-us;302089
Additional:
http://www.jsiinc.com/SUBN/tip6900/rh6971.htm


http://support.microsoft.com/default.aspx?scid=kb;en-us;302089
Windows Messenger 4.5 or Later on Windows XP Home Edition-Based or Windows XP Professional-Based Computers

1. Start Registry Editor (Regedit.exe).
2. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft
3. On the Edit menu, point to New, click Key, and then type Messenger for the name of the new registry key.
4. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Messenger
5. On the On the Edit menu, point to New, click Key, and then type Client for the name of the new registry key.
6. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Messenger\Client
7. On the Edit menu, point to New, click DWORD Value, and then type PreventRun for the name of the new DWORD value.
8. Right-click the PreventRun value that you created, click Modify, type 1 in the Value data box, and then click OK.
9. Quit Registry Editor.

NOTE: This method also prevents programs that use the Messenger Application Programming Interfaces (APIs) from using Windows Messenger. Outlook 2002, Outlook Express 6, and the Remote Assistance feature in Windows XP are examples of programs that use these APIs and that depend on Windows Messenger.
Last Reviewed: 9/10/2003


http://www.jsiinc.com/SUBN/tip6900/rh6971.htm
6971

- Collapse -
Keith, thanks a ton, tonne, kilogram or whatever [nt]
Dec 10, 2003 7:36PM PST

.

- Collapse -
As for your list of programs...
Dec 10, 2003 1:34PM PST

I wouldn't leave CWShredder on his PC. It gets updated so often and is so specific to a single family of malware that he probably won't need it with all the other stuff already on your list. Should he run into that particular malware, you're probably the one that will have to clean it up.

I think we can assume that you're making Mozilla his default browser. Happy

What is he using for an email client?

Stress the importance of Windows Update for MS critical patches (or do you do that too?). Sounds like you do have to schedule automatic updates - ensure that you run them manually at least once to ensure that they can get through the firewall. His PC/internet connection have to be on for the updates to work... TheCleaner V4 has a builtin scheduler for updates.

If you use ZA/Kerio instead of ICF, you will have to explain how to determine good programs from bad programs. The good news is that you have a list of all programs that are trying to access the internet if he just clicks okay to everything. Happy In this case, ZA will be easier for him.

- Collapse -
We disagree on one critical point
Dec 24, 2003 3:07AM PST

"Sounds like you do have to schedule automatic updates "

I would never advise scheduling automatic MS updates. You and I both know they often put out bad ones which crap out the system. I even have mine blocked at my firewall, because I like to know and control what is going on.

Instead EDUCATE the user to follow a routine of manually checking for them each week. That way the user has complete control over the process, instead of relying on some guy in WA to get it right, when history shows he too often gets it wrong.

- Collapse -
Normally, I would do it your way....
Dec 24, 2003 5:59AM PST

but if the person does not or will not check for updates manually and apply them, then I would use automatic update. This person will have me in their address book. If they don't do updates, they are potential victims of future viruses that might get sent to me. With automatic update, they are protected but might have their PC trashed (which I would end up fixing whether it was virus or bad patch anyway). Given several bad choices, I would opt for the one that protects me (because it's all about me Wink ). Hopefully I would hear about bad patches on the forum and the fix in time to prevent problems on their computer. However, to date, everyone opts to do the patches so I haven't had to make that decision.