News: Microsoft and Anti Virus

Okay, I am dating myself now but then, my age is no secret at all. I "know" MS Windows since versions 3.1 and 3.11; before 3.1 I much preferred DOS for my purposes.

For all that Windows past as I remember it we needed a third party anti virus program like a fish needs water; before August 2004 when XP Service Pack 2 was released we needed additionally a dependable firewall program. Working without a firewall was playing Russian Roulette with a revolver that had 5 chambers loaded.

Recently Microsoft has released a public beta test of a new free security product "Microsoft Security Essentials" or MSE for short. You can read a fairly comprehensive article about it on ED Bott's ZDNet blog.

What makes me write about it here are two things:

• Comment number 68 by Diane Wilson to Ed Bott's blog because it reflects my philosophy to computer security; quote follows.
  
• Implications on future decisions about security software especially on Windows 7 systems.

Here is the quote from Diane Wilson's comment with some commenting by me in italics:

1. Stay behind a router. NAS is a great filter for many attacks.
NAS seems to be a typo. I am sure she means NAT, the major security feature of any decent router.

2. Use a firewall. Windows firewall works well enough.
YEAH, YEAH, YEAH; that's what I have been preaching since early 2005!

3. Keep your OS up to date, not just in updates, but in versions. I'm already running Win 7 RC as my primary system at home, and I'll be on Win 7 for good as soon as it goes RTM. Remember (or learn) that security must be pro-active, and that Vista and Win7 took huge steps in this direction. Address space randomization. Array and string range-checking to limit buffer overruns. And more.
I totally agree.

4. UAC. Live with it. It's your friend.
In Vista it's a drag, in Win7 it is okay! What do they say? Win7 is Vista done right.

5. 64-bit. Required driver signing is your friend.
But beware the potential pitfalls if you have "older" printers, scanners and so on.
And be aware that the vast majority of applications still is 32-bit software; you get some serious translations permanently going on just for the communication from 32-bit application to the 64-bit OS and vice versa. On some systems that will cause a performance hit!

6. IE protected mode.
Or use Firefox in the first place. MUCH less worry.

7. Data Execution Protection, turned on for everything. No exceptions.

8. Windows Defender.
Likely as of release of MSE a non-issue; MSE seems to be really good.

9. Oh, one more thing. Anti-virus software.
Only time can tell if Microsoft gets it right with MSE. The early signs are promising though and then adios Norton and the likes of it. 

Already now I am running a Windows 7 RC machine; on this machine I will install MSE to replace "my" mix of security programs.

Let's see how I fare.

Added August 30th 2009:

Here are two more links if you are interested:
PCWorld's article First Look: Microsoft Security Essentials and from
PCWorld's BizFeed OPINION: Pigs Fly! Microsoft Leads in Security.

The latter is an article with a more general view on Microsoft and security that I found especially interesting. I see the results clearly in MSE and Windows 7.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

Renewing the avast! license key

Every time they turn on the computer many of my customers are getting now a small alarmingly red window from avast! anti virus in the right bottom corner of the screen. It looks like this:


avast! Home Edition Free has a license key that is valid for one year; 'your' year will be over soon. The problem that some people have is with the screen they get after clicking on "Click here to remedy that situation.

I call the resulting screen The Big Scare; it is nothing but unabashed marketing, sort of understandable that Alwil (the manufacturer of avast!) wants to make another buck. This is the scare screen:


Some people got so scared that they overlooked the tiny link in the bottom right corner that reads "No thanks, just register the free product".

When you click on this link your web browser comes up with the registration page for avast! which has recently changed. You will find the text "My registration key has expired, I need a new one".


Click on "My registration key has expired, I need a new one." You will get to the Registration form. Please fill in all fields correctly and click "Register for free license".

You will receive an email with a new license key; sometimes it takes quite some time until this mail arrives.

Open the registration email, highlight the new license key (ONLY the key please!) and copy it to the clipboard (Ctrl+C).

Double click the avast! AntiVirus icon on your desktop. You will see the avast! splash screen:


Click on "Registration" and you should see:


Place your cursor in the field labeled "Enter your license key" and paste (Ctrl+V) the license key into the field. It should look something like this:


Click OK and avast! will tell you that all is well again (for another 12 months).


As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

My "old" Screen Setup

The upper right hand corner of your desktop looks like this after I have cleaned up your computer. Naturally the lines and numbering are not on your desktop, they help in explaining what the icons are meant for. See the explanations below.
1a The PDF file named "Preventive PC Hygiene"; it describes step by step and click by click what needs to be done to keep your PC "clean and mean".

1b A folder with various background information in PDF files and a link to my blog.

1c Firefox is the web browser you should be using for all things Internet. Read here about why.

2 If you use web mail (Gmail, Yahoo or Hotmail) please skip to #3.
Thunderbird is the program you should be using to read and write emails unless you prefer web based email. The only drawback in Thunderbird is its Help system; that's why you have the next three icons.

2a Thunderbird help page explaining the basic elements of the main Thunderbird screen.

2b Thunderbird help page explaining attachments and the address book.

2c Thunderbird help page explaining the mechanism to filter Junk mail; this is a MUST READ! Don't look for the windows in Thunderbird itself; you only need to understand the simple and effective mechanisms used.

3 CopilotHost is a program you would use to establish a connection to me for remote support. This is only possible on connections that are faster than dial-up.

4 The seven (for Vista six) steps that comprise the weekly clean-up chores. The icons correspond positionally to the numbered paragraphs in my paper Preventive PC Hygiene; see there for detailed instructions. The top-down sequence of these icons denotes decreasing importance.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

Preventive PC Hygiene

Attention: On Windows 2000, XP and Vista systems all of the following has to be done by a user with administrator privilege. This is mandatory!

Remember: Use Firefox and Thunderbird instead of Internet Explorer and Outlook Express; this is HUGE insurance against most malicious software!

With a working Internet connection do steps 1 trough 6 of this “computer hygiene” routine once every week; do step 7 once every month.

Please keep in mind that despite “Automatic Updates” in Windows the computer will miss an update. My experience shows again and again that especially on dial-up connections this happens way too often.

It is absolutely necessary to download and install all these updates, even if you only have a slow dial-up connection!

1   Run Microsoft Update. Click the Microsoft Update icon. In XP select the Express button, in Vista only install “important updates”; follow the prompts. Important: Do this repeatedly until it says “no more updates available” or “Windows is up to date”.

2   avast! Antivirus does not need to be manually updated, If you want to do it anyway: Right click on the small “a” in a blue circle in the tray area (right bottom), then click on “Program Update” to update the program and the virus definitions (iAVS).

3   Scan your computer for advertisement software with Ad-Aware.
Ad-Aware may run 5 to 30 minutes depending on the speed of your computer and the number of files. Long run times are common, especially on computers with several user accounts and thousands of pictures or other files.

    a First click on Web Update; allow all updates to download and install.

    b Click on Scan System, check Smart Scan and click on Scan Now.

    c If after the scan there are any objects listed click Perform Actions
       Now. The program knows what to delete and what to quarantine.

    d Close the program.

4   Scan your computer for spyware with SpyBot Search & Destroy. SpyBot S&D may run quite some time depending on the speed of your computer and number of files.

    a First click on “Search for Updates”. If you are asked for a download
      place choose any location in the USA. Place checkmarks in all empty
       check boxes and click Download. When downloading is done click Exit.
       In rare cases you may have to restart the program manually.

    b After updating it is good practice to “Immunize”. In the menu column
       on the left click on Immunize. If “Unprotected Items” is greater zero
      (counter in top right of the Immunize screen) click on button
       "+ Immunize". 

    c Click on “Search & Destroy” and “Check for problems” to start scan.

    d If after the scan there are any items listed click on “Fix selected
      problems” and confirm the removal of the listed malicious items.

    e Close the program.

5   Run Spyware Blaster from the shortcut on your desktop.

    a First click on “Download latest protection updates” (bottom-most line
      in the screen), then click on Check for Updates. If there are updates
      they will download and install automatically.

    b Click on “Protection Status” (left, top menu entry in the window).

    c Click on “Enable All Protection” (third line from bottom of the screen).

    d When the progress bar is turned off close the program.

6   Run ATF-Cleaner. Click Select All and Empty Selected. When ATF-Cleaner is done confirm OK and click Exit.

7   For Windows XP: If you have lots of time and a stable 110V power supply run AusLogics Disk Defrag. Click Next and let the program finish! Ignore the sales pitch on the right side of the “… finished” screen.

     For Windows Vista/7: Schedule Disk Defragmenter for your C: drive to run at a time your computer is most likely turned on.

Re. “stable power supply”: For computers which store critical data I highly recommend an Uninterruptible Power Supply [UPS] and an external disk drive for backups.
For all other home computers a good surge suppressor is a MUST HAVE. “Normal” power strips are NOT sufficient!

Please remember: Loss of power while the computer is running is almost always disastrous!

With “good surge suppressor” I mean a unit with a connected equipment warranty of at least $30,000.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.