Practice Safe Hex - simple steps for secure browsing
Contents
1 Safe Browsing
For a safe browsing environment for things like on-line banking, here's my current recommendation.
1.1 Initial downloads
- Download VMware player (www.vmware.com)
- Download the latest version of Ubuntu (32 bit) as an ISO file
1.2 Install Ubuntu
- Install VMware player
- Start VMware player and create a new virtual machine
- Specify the Ubuntu ISO you downloaded earlier as the installation
- Answer the other VMware questions
- Allow VMware to install it's add on for Ubuntu
- On Windows 7 you need to approve admin rights for the VMware add on, so wait for it to pop up. If it times out, the add on won't install
- Wait for the install to finish
1.3 Finalize Browser
- Log onto Ubuntu
- Start Firefox
- Install NoScript for Firefox (noscript.net)
- Read the instructions on NoScript. It is intrusive and annoying, but it's far safer with NoScript.
- Install Web of Trust for Firefox (www.mywot.com)
- Install Perspectives for Firefox (perspectives-project.org)
1.4 Other Notes
- All software is free
- You need a reasonably powerful machine
- The Firefox plugins are recommended for all browsing environments.
- Using a netbook as an Ubuntu machine for secure browsing is an option, but I had issues with getting Ubuntu drivers for my netbook.
2 Removing Viruses
Some notes on cleaning infected PCs
- Do not connect to network unless cleaned
- MalwareBytes
- Download latest copy on a clean PC - http://www.malwarebytes.org/
- Install onto clean PC
- Run on clean PC and download latest definitions
- Copy the installation file and the rules file from the clean PC to the infected machine
- For Windows XP and 2000 "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref"
- For Windows Vista and Windows 7 "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref"
- Install on the clean PC and then manually update the rules definition
- Run MalwareBytes scanner
- Other scanners to try (download on clean PC and copy over)
- Check for fake antivirus software with http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx
- SUPERAntiSpyware http://www.superantispyware.com/ (available as a portable application)
- Vipre Rescue http://live.sunbeltsoftware.com/
- If desperate (download on clean PC and copy over)
- Try HijackThis, which won't detect infestations, but will tell you all the possible problems. http://sourceforge.net/projects/hjt/
- ComboFix, which will clean some problems, but is intended to produce a report that can be posted on a forum to get help. http://www.bleepingcomputer.com/combofix/how-to-use-combofix
- After cleanup, install Microsoft Security Essentials http://www.microsoft.com/security_essentials/
- to update without connecting to the network, download the updates from
- On Vista/Windows 7 you may have to 'run as administrator'