9 September 2009

Protect your Windows 7 or Vista without Anti Virus

A wise doctor said “Prevention is better than cure”. It’s better to try to keep virus away than it’s to fix your windows once the virus executed. This way will help to keep your windows platform stable for three months or more. Personally, I follow only two steps to protect my windows and none of them using any package of anti-virus. My windows platform stays stable and there is no need to un-install windows until I want to make a significant change to my windows platform.

In large scale distributed computing environment like banks and hospitals, they need their systems to be highly secured in-order to achieve stability. However single home user can achieve stability for his simple environment by following one or two steps and with no need of costly third-party tools (anti-virus).

Applying security for both operating systems windows 7 and vista is now an easy doing job and you’ll see how and how to use your common sense to prevent viruses from your windows. But first, we need to know in a simple way how the computer virus attacks your computer? A computer virus is just a program and we can say that the computer virus needs two phases. The first is very common for most of them which is to make a successful attack to your windows. The second phase is the virus response which will be unknown to you because it is maybe written to just collect information from you or to damage certain files or whatever. All we need is to stop the first phase and we’re done :) . The virus needs a medium in-order to make a successful attack for example:

- Portable devices (flash memory disk, cell phone, external hard drive). You can prevent it by just right clicking on the icon and choose open.

Removable Disk

- Installing un-trusted applications. Don’t try to use applications that are not popular or unknown. Popularity = trustworthy. For instance, don’t try to install an application called AVI to FLV or something like that. Most of these applications are not trusted and they include malware. Because these are supposed to be tools from a complicated application like Adobe Creative Suite or the free open source one VirtualDub.

- Installing a trusted application but it is pirated. For instance, you may download a pirated version of Microsoft Office 2007 and yeah it is trusted and well known for many people but the provider is not trusted. Instead use OpenOffice by Sun Microsystems or Lotus Symphony by IBM.

- Running an application with unsecure plug-ins. For example, using Internet Explorer 8 with Adobe Flash plugin installed in-order to view YouTube. All IE8, Adobe Flash plugin and YouTube are useful. But Adobe Flash may have a security whole that provide a nice route for un-trusted websites to compromise your windows and people go blame IE8. If you need to visit un-trusted website use Internet Explorer (No Add-ons).

Start Menu

Now we need to understand two important techniques to protect our windows. The first is to apply least administrative privileges and enabling User Account Control (UAC).

1-Applying least administrative privileges:

In Windows environment, you can create more than one account. Those accounts can be grouped to one of the following groups:

mmc.exe in Windows 7

All we need to do is to create two accounts One to be a type of Administrator and the other to be a type of User. You should always login using the User account for all your daily activity and never login to the Administrator account except if you need to install certain trusted application or sometimes burn a CD because certain programs need elevated privileges. You can just try to right click and click on “run as” administrator. Some old programs don’t even run that way so you need to login as administrator. In this way this will prevent any virus from damaging the whole system settings even if even if the virus tries to compromise your windows.

2-Enabling User Account Control:

Both operating systems Windows 7 and Vista come with a new cool technology called User Account Control (UAC). UAC aims to improve and to enhance the security of Windows platform. It limits the application privileges even if this application is run by an administrator account, UAC will notify you if a program you click to run need administrative privileges and asks you if you to grant that application the permission or not. Some people feels it annoying feature but it is really very good to protect your windows.

UAC in Vista is enabled by default. it is highly recommended not stop it:

Control Panel in Vista UAC settings in Vista

UAC in Windows 7 is also by default but it contains a little more options. I highly recommend to switch settings to “Always Notify”:

006 007

For more information:

-http://support.microsoft.com/kb/922708

-http://msdn.microsoft.com/en-us/library/aa511445.aspx

-http://www.wellesley.edu/Computing/WinXP/wxpgroups.html

-http://windowshelp.microsoft.com/Windows/en-US/help/9ec3db7b-862d-4e24-82a9-99c9a74c75421033.mspx

-http://support.microsoft.com/kb/307882

1 comment:

  1. Been using AVG protection for a number of years, I'd recommend this solution to all of you.

    ReplyDelete