How to protect your personal computer. How to protect your computer from hacking. Disable User Account Control Features

Nowadays, hacking of user computers is gaining more and more distribution. Hackers try to gain access to other people's devices for various purposes - from banal spamming from your email address to using personal information for personal gain, and your task is to protect your PC by all means. Let's see how to protect your computer from hackers.

How do hackers infiltrate?

First you need to understand how hackers can penetrate the device and by what means they get access to your files and information located directly on the hard drive. Only then will it be possible to protect the device.

In most cases, the role of a cracker is played by a specific program that gets on your PC in one of the possible ways. Simply put, malicious software is most commonly referred to as viruses. You can protect your computer from unauthorized access and penetration into your personal space using an anti-virus program. In this case, the system will warn you that you are trying to download malicious or suspicious software. All programs can be divided into several types according to the level of harm:

What to do if your computer is hacked?

First of all, copy all important information to a third-party storage device that does not belong to this PC. If you fail to protect it on one device, then on external media it will be safe. However, before that, you need to check the files with an antivirus for possible infections. If the hackers have not reached the files, then feel free to copy them to a USB flash drive or external hard drive, and delete them from the PC.

After that, you need to scan the system for viruses and suspicious software. After scanning, disconnect the system from the Internet and reboot. If during a second scan the antivirus did not start sounding the alarm, then the danger has passed. For greater reliability, use only licensed antivirus programs and update databases in a timely manner. This will help protect your system reliably. Now you know how to protect your PC.

Disable remote access to the computer

• We go to the "Start" menu and go to the explorer;
  
• Right-click on the "My Computer" icon and select "Properties";
  
• On the left, select the item - "Setting up remote access";
  
• "Remote access" tab, click "Advanced";
  
• Uncheck "Allow remote control of this computer";

Yesterday I wanted to write an article for Windows 7 about security, then I decided to conduct antivirus reviews, but I came across something interesting and decided to adjust it a little. In this article I will write how you can protect yourself using free, manual methods, give recommendations on choosing an antivirus and what you need to do to be protected.

There are many jokes about this, for example, "The most protected computer is the one that has not yet been released (or is turned off)" or "the main virus is sitting on a chair in front of the monitor." Of course, there is some truth in this. But what if you follow these examples, then do not turn on the computer at all and do not surf the Internet and not work? Let's figure it out ...

This article will not be an overview of antiviruses or a test of them with pros and cons. There are billions of requests and responses about this on the Internet. This is such an urgent problem that it simply cannot be touched upon. And you shouldn't believe all the tests and ratings, because in some of them something is true, somewhere there is an advertisement (for a deny) antivirus, somewhere positions are jumping. And unequivocally answers to questions like How to protect yourself online or What is the best antivirus You won't find. Especially on forums, even popular ones. As the saying goes - "How many people, so many opinions", and on the same forums, even on one product, you will see many conflicting opinions - someone writes the truth, someone advertises, someone succeeded, someone did not succeed. Depends on many factors, including the curvature of the arms

How can you protect yourself?
The main problem from which they are protected is computer viruses (there are still crooked hands, the same and all sorts of physical factors - such as a power surge or a drop in a flowerpot, but this is another topic, less common), and they enter the computer in three ways - via the Internet , through software, through devices (flash drives, memory cards, portable, local network, etc.).
If antiviruses help to get rid of the infected software (I think everyone knows what it is), then various firewalls will help you from various types of network attacks and Internet threats from sites (you can read about them at).

Get to the point.

I will give you some tips for free effective computer protection from the use of which you will somewhat protect yourself, and if you do everything, then at least 80-90 percent will be protected. Nobody will give a 100% guarantee, I wrote about such protection above.

1) Disable autorun flash drive or portable drive.
On the one hand, it is convenient - I connected the USB flash drive to the computer and the operating system turns on autorun, you just have to choose how to open it. And some sit and wait for it to open. However, this widespread and most unprotected method is used by viruses and safely "move" to a new place of residence - that is, to our, not yet infected, computer. If you connect another flash drive to a computer infected with viruses - malicious programs will overwrite themselves again - this is one of the most common ways for malware to penetrate a computer.
Therefore, I disabled this function for myself and open everything that is connected through the file manager (not a standard explorer!) Total Commander. It does not allow viruses to "autostart" and shows everything that is hidden and is generally very convenient. When opening in this way, you need to immediately pay attention to hidden files and folders (usually they are with an exclamation mark and the names are strange to you). A normal clean flash drive or portable hard drive will never have such files and folders (except for), only if the owner has not done so himself (usually they hide files ala XXX).
If you find such suspicious files on your USB flash drive, immediately check it with an antivirus (you may not even have one).

Disable autorun flash drive in two ways:
1 - through the Control Panel.
Start - Control Panel - Autorun and uncheck the "Use autorun for all media and devices" item or fine-tune for each media type.

Save your settings and restart your computer.

2 - using the Group Policy Editor (If you have Windows 7 version from Home Premium and higher).
- Click the "Start" button, enter Gpedit.msc in the search field and press the Enter key. If you are prompted to enter the administrator password, enter. If you are asked to start the program, confirm it.
- In the "Local Group Policy Editor" window that opens, under "Computer Configuration", expand in turn the nodes "Administrative Templates", "Windows Components" and "Autorun Policies".
- In the right pane, double-click on the "Disable Autoplay" item.
- In the window that opens, select the option "Enabled" and just below "All devices".

- To restart a computer

2) Install antivirus.
You can install any paid antivirus or even a combine (2 in 1. and antivirus and firewall). But now I will focus on free solutions.
As I already wrote above, you should not immediately believe any test or rating and put what is recommended there. In fact, any antivirus will not detect 100% of all viruses, Trojans, spyware and other evil spirits. Something will be detected by one antivirus, something by another, something by a third ...
For this occasion, I had such a problem in my life:

Kaspersky Anti-Virus was installed, always new (I reset the key every month), always updated and found something. But one fine, not a good day, I could not enter the site (and at that moment I had a site with downloads for phones) and all mail was deleted. At first I did not understand, I thought it was a failure (I didn’t want to believe in the sad), I changed passwords everywhere, but it did not help. I never returned the site. Then I received a letter sent to myself in which there was a text like "if you don't want your computer to be used further, remove the virus." I did it radically - I just copied the necessary data, formatted the hard drive and installed Linux, which I used for about six months or more. After that, my trust in Kaspersky disappeared and I began to do the things that I describe in this article.

But all the same from free antiviruses, I would advise you to put the top three, which at the moment has the largest number of reviews. Of course, both positive and negative (how many people have so many opinions) are, and. But the fact that I recommend them does not mean that they are the best. These companies perform well enough on almost all tests and do not take the last places.
I would like to suggest you, which I used until yesterday, but after I found out that on the last independent testing from Dennis Technology Labs (AMTSO member) on February 8 of this year, he showed the most recent results (and in one he was completely in the minuses) , then I ran through several dozen sites and saw a similar picture - he played many times. Although ... I have already written about ratings and testing and what will be your main one - it's up to you to decide.
Here are some other free products to look out for:,.

3) Check with other antiviruses.
All the same, for a greater degree of protection, I advise you to check your computer at least once a week with free "scanners" from well-known paid antiviruses, such as (5 in 1), or send an infected file, in your opinion, to an online scanner that will check it for more than 40 antivirus software. This and.
As I already wrote - if one does not find, then others can.

4) Install a firewall (firewall).
This is more suitable when you have a powerful enough computer. And some antiviruses come with their own firewall. This is a fairly good solution and conflict-free, but some crafty nerds still install different antiviruses and firewalls. For example, Comodo has solutions like just an antivirus, just a firewall, and there are both together, but the antivirus in this case still leaves much to be desired. I recommend that you bet. Of the other free ones, I advise you to pay attention to and. There are others, but they are trial.

5) Lower user rights.
In Windows, by default, any user is granted administrative rights - the maximum possible in the system. At the same time, all malicious programs, such as viruses that have entered the system, also receive administrator rights and the damage from their functioning is maximal.
In the Control Panel, go to "User Accounts".
For WindowsХР: → "Create an account", enter a name → select "Limited account" and at the bottom click "Create an account" (or "Finish"). In the next window → "Change account", select the created account → "Create password" and enter it, at the bottom → "Create password".
For Vista and Windows7: in "Manage another account" select "Create a new account", enter the account name → “Basic access” → “Create account”. In the next window, select the created account → "Create password" and enter the password.

If you want to use the old familiar name for an account with limited rights, then create a new account, but with administrator rights. Log in with this account and go to "User Accounts". In your previous account, click on "Change account type", select "Regular access" (for XP, select "Limited access").
Well, I think you know how to switch between users.

6) Use free anti-rootkits and anti-spyware.
One of the most popular utilities in this case is. A wonderful program, mainly anti-spyware. Doesn't require installation. Check periodically.

7) Use proactive defense programs.
Although some antiviruses have this feature, I don’t know what antivirus you have. The purpose of such programs is to monitor the state of the computer and notify immediately of any changes that may occur without your attention. One of the best programs in this area is.

8) Use programs to protect USB ports and USB drives.
These programs block "authoring" (I will write an article about them soon) on USB drives. Installing the product is a great solution in this case. It protects both the computer (prevents the launch of any AutoRun file, regardless of whether the device is infected or not) and the USB drive itself (disables the AutoRun file so that it cannot be read, modified or moved by malicious code).

9) Use Prevx Threat Prevention.
This, of course, is more suitable for paranoid people of even greater protection, but it is up to you to decide whether to accept it or not.
The meaning of this utility is that when installing new software or detecting a process, this program sends data via an Internet to its database and looks at what is new in the system, then sends a response. This is usually either a virus, a normal program, or an unknown program. Also a kind of protection. True, it is paid (like $ 35), but not a trial one, but simply the functionality is cut. In this case, it will simply show that this file is a virus, and you need to delete it with pens. You can download it as always on.

10) Install updates promptly.
Both the operating system itself and antiviruses, firewalls, browsers and other programs. True, most often they themselves are installed both without our attention, and with a request.

11) Secure yourself in mail, skype, ICQ, etc..
It is important to remember here that you should not open and watch what the unknown Masha Milasiskaya wrote to you and what file was attached in the letter and where the link leads in the text of the ICQ chat. Such letters and messages should not be opened at all. It is good if it turns out to be spam, or maybe they are trying to foist on the virus.

12) Ignore website suggestions.
Nowadays it is often found that on sites there are all kinds of banners or messages that your Operating System or browser or something else is just as fuckin need of updating. Or there is a message from VK, mail, classmates and other social networks (moreover, very similar to the original) with a request to add or to get acquainted or tell how to make money. Or a page appears that your VK account, Facebook, etc. social networks have been hacked and you need to urgently send an SMS otherwise it is kaput.
In any of these cases, you can immediately understand that this is all a scam, fraud, etc. Well, they will try to take more money from you, but they can also "give" a virus. Be careful! Pay attention to the address bar of the browser, do not click on messages from social. networks (better go to the tab or social. network this and check), do not click on ANY update. Think several times before poking at this kind of pictures in a panic.
In general, sometimes I grin at such messages, sometimes it's funny to see that my Opera requires an update when I'm sitting with Iron. Or when my VK account is blocked, and there is all sorts of nonsense in the address bar, and my VK is open in a separate window. But the sites that set a message about a virus to pop up on the right and at the same time the sound of a slaughtered pig - I immediately close it.
Website owners do not care, they make money on such advertising, but they are not to blame for the fact that they have banners on their website. This is a completely different topic.

13) Download programs and their updates only from the links on the website of the direct developer.
Therefore, I try to post links on the site only to official sites. I already wrote in some article about this, but I will repeat once again - this is not due to lack of space on the server, but for your own safety. And new versions are always the first to appear on the developer's website. And if you download something from third-party sites, then make sure that the site is known to you and there is trust in it.

14) Create backups.
It would be nice to have an external hard drive for such purposes and periodically (for example, once a month) make a full backup of the entire system and write it there. You can do this on a local disk or on a USB flash drive or on disks. Only you yourself understand what a perversion it will take for a long time, especially if it is on a USB flash drive or disks. And a local virus can also get.

Well, that's basically all. In principle, the first 2-5 points are sufficient for protection, but for greater awareness and safety, more points can be completed.
What is not clear or what questions - write in the comments.

How to improve the security of your PC?

Very often a person is faced with the fact that he cannot find a good complex, preferably free, and scammers for his personal computer. As a rule, there are a huge number of such programs on the Internet, but this does not mean that they are reliable “guardians” of PC security. If your computer contains important data, or you simply do not want it to be affected by viruses, spyware, or Trojans, there are several measures you must take to protect it. To help each user secure their computer, this article provides some tips for keeping your computer and your files safe.

Let's figure out how it is possible

Protect personal computer

Information encryption

On a personal computer, as everyone knows, the main component of the system is where most of the information is contained. The loss of such media can be considered the most common method of data loss. You can avoid the risk by using disk encryption. A person will not be able to access the information if he does not enter the correct code. The solution to the problem can also be the purchase of media with built-in encryption, up to scanning the owner's prints.

Updating software

One of the easiest ways to protect your PC information is to keep your software up to date. The conversation is not only about the operating system as a whole, but also about other software. The developers of this or that software always release new versions. This must be done in order not only to improve protection, but also to correct some shortcomings in the previous program. Because of such "holes", information "leaks" most often and open access for other users appears.
Most security software is equipped with an automatic update function. Agree, it is much better when a message appears in front of you and the "update" button than the user himself will spend time tracking and searching for updates.

Timely update

This is a very important point to follow if you wish. Since new viruses appear quite quickly and frequently, the developers of antivirus programs are trying to add the signatures of these new "at once" to the update files as soon as possible. An antivirus program that is rarely updated can miss a new virus it does not know, even if it uses a heuristic analysis method. Therefore, it is important to update your own as often as possible, or even better, enable the automatic update function so that it is always ready for any virus attack.

Wi-Fi protection

If you use a Wi-Fi network to access the Internet, then you need to protect your home network with a password. This action is necessary to prevent unauthorized users from introducing a "harmful" infection into yours. In addition, in the absence of a secure password, anyone gains access to your computer's personal data.

Purchases

When you shop online, you must be using your bank card. However, in the modern world of advanced information technologies, this is not safe, since fraudsters can easily "hack" your computer in order to use your card details and use it for their own purposes. When shopping, the safest option is to use a virtual card.

HTTPS protocol

When using the World Wide Web, use the HTTPS protocol, which creates a certain amount of protection between your personal computer and the website. A striking example of this is the fact that many sites that have high security requirements often automatically use this protocol.

Hyperlink checking

Even the most secure sites are attacked by hackers and spammers. They usually pose a threat to your computer by placing malicious links on pages. Therefore, any site, even the most secure in your opinion, can be hacked. If you have some concerns about this, it is best not to risk it and check the link you are going to follow.

Safety

The easiest way to lose access to information is to lose access directly to your computer. If you leave your PC unattended, you risk not seeing it again. This method of losing information is the most "offensive", since it is impossible to restore access to files. In any case, if you often use your computer in public places where there is a possibility of access to it by unauthorized persons, then secure it with a password.

Strong passwords

The security of your data directly depends on the complexity of the password. Therefore, if you are thinking about which letter combination to use, consider some details:

• it is not recommended to use standard words, names, nicknames, because burglars very often act by a simple selection method;
• do not use memorable dates, for example, a birthday, because now a lot of information can be fished out of social networks (Vkontakte, Odnoklassniki, My World);
• also, you should not replace letters with similar symbols, since this method is familiar to "pests";
• in addition to using letters, use a combination of numbers, symbols, signs, and also change the case of letters. Moreover, the greater the number of characters and signs in your password, the more reliable it will be. For example password 5y; G! GF9 # $ H-4 ^ 8% Is will be quite complex and, of course, very reliable.

Public networks

Try, if possible, to refrain from important work when using public access networks, as anyone will have access to your computer, and, therefore, to your data.

Any child at a very early age begins to be actively interested in toys that his parents play - that is, computers, laptops, tablets, etc. Often, the passion for such, up to a certain limit, forbidden toys only increases over the years. Of course, a computer opens up many useful opportunities for development and can give your child a good start in life, but for parents from the moment your child takes his first steps and will already be able to get to the magic screen, squealing when you press keys and a mysterious mouse , life will turn into a uniform nightmare. Young "researchers" are quite capable of almost instantly ditching not only the operating system and important working documents, but at the same time the computer as a whole (here and the wires, for which you always want to pull, and easily failing connectors, and the system unit, coupled with the monitor , which will not be difficult to drop in the heat of the game). However, the physical spectrum of problems that can occur due to the fault of your children is already a separate topic, and in this article we will limit ourselves to considering options for protecting the system and software filling of a home PC.

Locking your computer

The presence of a small child in a family (and a rather big one too) is a problem, and together with a computer it is a double problem. To believe that your child, even if he is only taking his first steps, will not be interested in a bright screen and tempting keyboard buttons is at least naive, and the results from accidentally pressing buttons and performing some spontaneous actions will not keep you waiting. Therefore, at the first danger from the younger generation, parents should immediately block the computer.

In principle, the built-in Windows blocking function, activated by pressing the Win + L keyboard shortcut, is quite enough for this - then to unblock you just need to select your account and enter the password. You can also lock the computer by selecting the appropriate command - in Windows Vista / 7, the command Block from the list of button commands Completion of work (fig. 1). If you want, if neither of these two methods suits you, you can create a shortcut on the desktop that is responsible for the same operation. The label is created in the usual way, only in the field Specify the location of the object the command is entered rundll32.exe user32.dll,LockWorkStation(fig. 2). When finished, it doesn't hurt to replace the default shortcut icon with a brighter one that would immediately catch your eye.

Figure: 1. Locking the computer with built-in Windows tools

Figure: 2. Create a shortcut to lock your computer

It is worth noting that the keyboard and mouse are not blocked by the built-in Windows tools. If this does not suit you, you will have to use third-party utilities that are either developed by enthusiasts specifically to protect against naughty children's pens and are free (including Blok), or are professional solutions for locking your computer and are offered on a commercial basis (for example, Lock My PC).

Blok is interesting for those parents who briefly allow small children to view cartoons (you can turn on a cartoon for a child, and then activate the lock without closing the player - Fig. 3) or, conversely, leave the computer unattended for a while. ... Not a single most interesting cartoon will prevent a child from using minutes of viewing in parallel to "put things in order in their own way", since the keyboard and mouse will be within reach. As for situations when parents leave a turned on computer unattended at all, then there are even more opportunities, and the consequences can be most dire.

Figure: 3. Locking the computer without turning off the monitor
using Blok

A more reliable blocking option is provided by professional tools (such as Lock My PC), but for a home computer this may only make sense if you want to completely lock your computer from an older child who, due to their excessive passion for information technology, no longer is content and looks longingly at your more powerful car. With the help of solutions of such a plan, it is possible to block the computer in such a way that it will be completely impossible to access any of its elements, including the keyboard, mouse and desktop. It will be impossible to view any information on it, launch applications, access files and folders (including currently open ones), and even restart the computer by pressing the keyboard shortcut Ctrl + Alt + Del. A simple restart, even in safe mode, or a power failure will not remove protection - you can unlock your computer only if you know the password.

Figure: 4. Configuring the settings for locking the computer in Lock My PC

Lock My PC 4.9

Developer: FSPro Labs

Distribution size: 1.6 MB

Work under control:Windows 2000 / XP / Vista / 7/8

Distribution method: http://fspro.net/downloads.html)

Price: personal license - $ 19.95; business license - $ 29.95

Lock My PC is a tool for locking the computer when the user is away. To lock it, just double-click on the corresponding icon in the system tray or press a special keyboard combination. Automatic blocking is possible after a specified period of user inactivity. When locked, the mouse and CD / DVD drives are turned off (this will prevent you from removing CDs from them) and it becomes impossible to use the main keyboard combinations: Ctrl + Alt + Del, Alt + Tab, etc. On the locked computer, any screensavers can be displayed as screensavers. including self-created images in GIF, JPEG, BMP and animated GIF formats. You can unlock your computer only if you know the user password or the administrator password.

Blok 4.5

Developer: Sergey Tsumarev

Distribution size:1.33 MB

Work under control: Windows XP / 7/8

Distribution method: freeware (http://remontnik-it.ucoz.com/load/0-0-0-1-20)

Price:is free

Blok is a utility for blocking the keyboard and mouse from small children with or without the function of turning off the monitor. The first option is designed to provide a safe PC opportunity for a child to watch cartoons or exciting animated screensavers; the second is designed for situations when the computer is turned on for a while without supervision. Blocking is not performed instantly, but with a delay of 6 seconds, which in case of blocking without turning off the monitor allows the parent to switch to the player window or turn on the screensaver. The lock is released by pressing the Ctrl + Alt + Del key combination.

"Freezing" the system

If the child is still young enough, but has already received his own computer (for example, an old laptop), then the safest way is to “freeze” the operating system using a “freezer” program - for example, such a recognized commercial solution as Shadow Defender, or a free utility ToolWiz Time Freeze.

Programs of this kind take a "snapshot" of almost the entire hard disk with the system partition, including the system registry, and when the computer is restarted, the operating system returns to its original state. This automatically means that any fatal changes made on a PC by a young experimenter (changing system settings, deleting system files, dragging system folders in an unknown direction, etc.) will not be scary to the computer. In this way, you can roll back not only unwanted changes that occurred as a result of accidental actions or user errors, but also changes in the system made by malware. At the same time, one should not perceive such software products as tools to protect against malicious code, since the rollback technology used in freezing programs does not help in practice in all cases, in particular, it does not provide protection against rootkits. Therefore, the presence of an antivirus solution on the computer is strictly required.

"Freezing" the system is a rather radical tool, since after restarting the computer, all changes made while working in the "freeze" mode will be canceled. This is optimal when it is assumed that the younger generation, due to their young age, does not yet need to save documents, images and other data. If you still need to save data on your computer, you will have to worry about it in advance and include the folder for saving it among the exceptions.

It is not difficult to use the freezer programs in practice - in the simplest version, it is enough to specify the protected disk to the utility (Fig. 5) and configure the program so that the freeze mode is automatically turned on when the system boots. However, it should be borne in mind that to work in this mode on the "frozen" disk must have a lot of free space, because a certain area of \u200b\u200bthe disk is temporarily (until reboot) reserved for the virtual area - if there is not enough free space on the protected partition, the program may not work correctly ... Another nuance is that when you exit the "freeze" mode (this may be required if you need to install or change something), the computer restarts - this is not very convenient, but bearable if such manipulations are performed infrequently. Also, do not forget about the possibility of excluding folders (Fig. 6 and 7).

Figure: 5. Enabling protected mode for a disk in Shadow Defender

Figure: 6. Define the folders excluded when working in the "freeze" mode in Shadow Defender

Figure: 7. Adding a folder to the list of exceptions in Toolwiz Time Freeze

Shadow Defender 1.3

Developer:Shadowdefender.com

Distribution size: 2.68 MB

Work under control: Windows 2000 / XP / Vista / 7/8

Distribution method: shareware (30 days demo - http://www.shadowdefender.com/download.html)

Price:35 USD

Shadow Defender is a simple and effective solution to protect your computer from unwanted changes for small businesses, educational institutions and home users. The application allows you to control the "freezing" of any of the disks, while the disk can remain in a "frozen" state after a system restart. In protected mode, the system runs in a virtual environment called Shadow Mode (a shadow copy that emulates the original files), and any changes made are not saved on the original partition. It is possible to exclude individual files and folders of the "frozen" disk - in such folders and files changes will be automatically saved; in addition, it is allowed to exclude certain sections of the system registry from "freezing". If you need to save some files or folders not included in the list of exclusions, while working with a "frozen" disk, just use the tools from the tab Save... For security reasons, the user is notified of the lack of free space on the "frozen" disk and access to the program is password protected.

Toolwiz Time Freeze 2.2

Developer: ToolWiz Software

Distribution size: 2.63 MB

Work under control:Windows XP / Vista / 7/8

Distribution method:freeware (http://www.toolwiz.com/downloads/)

Price: is free

Toolwiz Time Freeze is a simple program to freeze your system. The utility can be launched at Windows startup immediately in the “freeze” mode; it is also possible to enable the "freeze" mode by activating the corresponding command from the menu in the system tray or from the launcher on the desktop. Only data on the system disk is protected from changes, some folders and / or files can be added to the list of exclusions to save changes in them in the "freeze" mode. Access to application settings can be password protected.

Restricting access to system resources

When using a computer together with a child, the "freezing" systems are difficult to use. Why? For normal operation, you will have to turn off the "freeze" mode every time, and therefore, restart the computer, and at the end of your own work, do not forget to turn on the protection, which is very tedious. Another option is also possible: configure the PC so that parents can normally work with the frozen system disk. The latter, in practice, involves painstaking configuration of the list of exclusions folders in which information should be saved. At the same time, some of the folders will still have to be protected in one way or another so that your child, in impulses of enthusiasm, does not create anything. In our opinion, it would be most correct not to "freeze" the system, but to restrict access to system resources, important folders and files, if possible.

The very first thing in this case is to set up a separate account for the child, under which he will log in, and set the preferred system settings, as well as determine the desired set of applications. Of course, the guest profile on the computer must be disabled, and a password must be set for the administrator profile - otherwise, it will not be difficult to bypass such a lock if desired.

At the same time, it will be useful to take advantage of the parental control features built into Windows 7/8 and mark which programs the child is allowed to use (Fig. 8). It should be borne in mind that after restricting the list of available applications with built-in tools, restrict access to important system operations, such as changing settings in the control panel components (in particular, in the folders "System and Security", "User Accounts and Family Safety", " Programs "," Network and Internet ", etc.), launching the system registry, etc. may not be required, since all such actions will automatically be prohibited.

Figure: 8. Configuring parental control settings for a child profile in Windows 7

You can go the other way and through the group policy editor gpedit. ms block access to those operating system components, changes in which are most critical and may even lead to fatal consequences. In particular, it does not hurt to close access to the control panel (or hide the folders "System and Security", "User Accounts and Family Safety", "Programs", "Network and Internet", etc.), deny access to tools for editing the system registry and using the command line, set a ban on the launch of a number of applications, etc. To change the settings, you must log in to Windows under an account with administrator rights and start the Group Policy Editor by pressing the Windows + R key combination and entering the command gpedit.msc... Then open the branch User config ® Administrative Templates and adjust the settings of interest - for example, completely deny access to the control panel (Fig. 9). Of course, “prohibiting everything and everyone” is not always the most reasonable decision. It is much better to manually adjust the list of prohibited / allowed elements of the control panel, removing the most dangerous from it, but this is longer and more difficult, since you will need to know the so-called canonical names of control panel elements (you can familiarize yourself with them in the MSDN Library - http: // msdn .microsoft.com /).

Figure: 9. Setting the prohibition to start the Control Panel in Windows

There are other ways to configure restrictions on changing system data, but with the connection of third-party applications to the case. These can be specialized tools aimed at system administrators (for example, the affordable and relatively easy-to-use WinLock program), or utilities for setting up parental controls (Child Control, TimeBoss, etc.).

By connecting the WinLock program to the case, you can block access to important components of the operating system in a matter of seconds. So, it is easy to prohibit the use of the Windows registry editor, start the control panel and boot in safe mode, prevent the cmd.exe console from starting, prohibit the installation and removal of programs, deprive the child of the ability to lock the computer, etc. It may be reasonable to prohibit others (not having such fatal consequences, but also causing certain difficulties) operations - for example, hide screen properties, remove the "Folder Options" item from all Explorer menus, prohibit dragging objects to the Start menu, pin the taskbar and prohibit its customization, block renaming shortcuts on the desktop, and etc. (fig. 10).

Figure: 10. Configuring locks and prohibitions in WinLock

As for the tools for setting up parental control, the possibilities of blocking access to the operating system settings in them, of course, are more modest, but these solutions are interesting for those parents who want to simultaneously secure their data and establish control over their work on the computer for the younger generation. For the Russian-speaking audience, in this regard, the TimeBoss program is of greater interest (Fig. 11) - mainly due to the presence of the Russian-language interface. With its help, for example, you can easily turn off the control panel and the task manager, block the launch of the system registry, as well as change the date and time, etc. The Child Control application has more impressive capabilities in terms of controlling access to Windows settings: you can prohibit the use of the command lines, starting the system registry, opening the control panel, changing user accounts, etc. (taking into account the selected security level), and also hide some disks (Fig. 12).

Figure: 11. Restricting access to system operations in TimeBoss

Figure: 12. Setting system limits using Child Control

WinLock 6.11

Developer: Crystal Office Systems

Website programs: http://www.crystaloffice.com/winlock/

Distribution size: 4.96 MB

Work under control:Windows 2000/2003 / XP / Vista / 7/8

Distribution method:shareware (30 days demo - http://www.crystaloffice.com/download.html)

Price: WinLock - $ 23.95 WinLock Professional - $ 31.95 (at Softkey.ru WinLock Professional - 450 rubles)

WinLock is a handy tool to restrict access to important system resources and user data. The program is presented in two versions: basic WinLock and extended WinLock Professional; Basic version features do not allow restricting access to web resources and using encryption.

The main purpose of WinLock is to set up restrictions on user access to important system resources and confidential information. The program loads automatically from the OS and allows you to deny access to the system registry and control panel, disable Windows hotkeys (for example, Alt + Ctrl + Del, Alt + Tab, Ctrl + Esc, etc.), hide the Start menu and block from changes taskbar, etc. The utility can be used to block access to removable media (CD / DVD drives, USB devices, etc.) and hide the display of certain drives in the "My Computer" folder and in Explorer, blocking the launch of specific applications (for example, for security purposes, you can prohibit downloading download-managers), as well as files and folders with important information. It is possible to prevent access to questionable web resources based on black and white lists (the black list is compiled by keywords) and to set restrictions on the duration of the user's work on the computer. All such settings are performed taking into account the user profile and cannot be changed without knowing the password set for the utility.

Child Control 2013

Developer: Salfeld Computer

Website programs: http://salfeld.com/software/parentalcontrol

Distribution size:23.26 MB

Work under control:Windows 2000 / XP / Vista / 7/8

Distribution method: shareware (30 days demo -http: //salfeld.com/download/)

Price: US $ 29.95

Child Control is perhaps one of the best solutions on the market for setting up parental control, which allows you to restrict access to a computer in terms of introducing a time limit and used resources. The program also provides detailed statistics regarding the use of system resources and visits to websites, can send generated reports to parents to the specified e-mail and is equipped with functionality for remote control.

With the help of Child Control, it is easy for each of the children to clearly regulate access in time to the computer in general and the Internet and individual programs in particular; block the use of certain applications and visiting unwanted Internet resources, taking into account the selected security level, preset categories, keywords, official blacklists of sites and whitelists of URLs allowed for visiting. Time setting possible sx limits for website categories such as video and online games. A toolkit is provided to restrict access to the most important system components of Windows - you can block access to the system registry, command line, control panel, the component for changing the date and time, etc. and deny access to personal folders and even individual drives. In order to protect the utility from hacking by the younger generation, it is envisaged to use a password to access the program and work in a hidden ("Stealth") mode.

Time Boss 3.08

Developer: Nicekit Software

Distribution size:1.4 MB

Work under control: Windows XP / Vista / 7/8

Distribution method:shareware (30 days demo - http://nicekit.ru/download/timeboss.zip)

Price: Time Boss - 620 rubles; Time Boss PRO - 820 rubles.

TimeBoss is a simple and convenient program for organizing parental control. The application is offered in two editions: basic Time Boss and extended Time Boss PRO. The Time Boss PRO edition additionally provides functionality for remote control within the local home network (you can remotely change settings, quickly add time, etc.) and is equipped with protection against keyloggers (to exclude the possibility of a child getting a password to access the program).

TimeBoss allows you to restrict the time of your child's computer activities (including in games and the Internet), determine the list of available applications (including games), impose restrictions on a number of system operations, prohibit access to certain folders and disks, and regulate visits to sites when surfing the Internet ... The program provides control for all users registered in the system and therefore, if necessary, can be used to configure different options for restrictions on different profiles. For security purposes, the use of a password for access to the program, work in a hidden ("Stealth") mode, as well as protection against uninstalling an application when loading Windows in Safe mode has been implemented.

Restricting access to personal folders

Using different profiles with your child, coupled with connected Windows parental control, will in no way restrict your child's access to folders and files on the disk with all the ensuing consequences. Therefore, additional protection is indispensable. Options for restricting access to important folders may vary. The most affordable way to prevent children from accessing them is to enable the "Hidden" attribute in the properties of the corresponding objects. Folders and files hidden in this way will not be visible in Explorer to other users of the system, but only if the "Do not show hidden files, folders and drives" checkbox is enabled in the properties of the parent folders containing them (Fig. 13). In principle, at first this may be quite enough to protect your data.

Figure: 13. Hiding a folder with built-in Windows tools

Using the built-in tools of the operating system, you can also configure access restrictions to certain folders - for example, allow only viewing them, which will prevent accidental deletion of important data. To do this, just right-click on a disk, folder or file in Explorer, select the command from the context menu Properties, activate the tab Safety, select the child's account, and then define for him the access rights to the selected object by configuring the required restrictions (Fig. 14). Of course, you need to configure access restrictions under an account with administrator rights.

Figure: 14. Defining access restrictions to a folder using built-in Windows tools

Thus, you can even completely deny access to individual folders, but the folders themselves will remain visible in the system, unless the "Hidden" attribute is set on them, together with setting a ban on displaying hidden folders and files. Unfortunately, folders hidden using the built-in Windows tools will be visible in file managers (FAR, Total Commander, etc.), which do not use the standard dialog to display files and folders. Therefore, this cover-up is not for everyone.

To organize more effective protection of those folders that you would like to keep away from prying eyes of children, you can go the other way - use a specialized solution, such as the Free Hide Folder utility or Protected Folder. Using them to completely hide individual folders from prying eyes is as easy as shelling pears - just drag the corresponding folder from the explorer into the utility window, or add this folder to the list of protected ones right in the utility window (Fig. 15 and 16). Folders hidden with the connection of the free utility Free Hide Folder will not be visible in Windows Explorer even if the option "Show hidden files, folders and drives" is enabled, but if your child is savvy enough and you forget to prohibit the use of file managers in the children's profile (FAR, Total Commander etc.), then it will not be difficult for him to bypass the protection you have established. The commercial program Protected Folder provides a more reliable level of hiding - the folders protected in it will also be invisible in file managers; access to them without knowing the master password is impossible. It is worth noting that you can also protect confidential folders using the above parental control utilities Child Control (Fig. 17) and TimeBoss.

Figure: 15. Hiding a folder in Free Hide Folder

Figure: 16. Setting up protection for a folder in Protected Folder

Figure: 17. Hiding sensitive data in Child Control

Such concealment of data will help protect them from unauthorized access and accidental damage or deletion in many cases, although a young hacker has chances to gain access to folders if you do not take care of blocking the system from booting from an optical drive or flash drive and setting a password in the BIOS. In addition, in theory, you can bypass the protection if you remove the disk and connect it to another computer. True, if the offspring has such qualifications, it hardly makes sense for the parents to fight with software.

Protected Folder 1.2

Developer: IObit

Distribution size:3.4 MB

Work under control:Windows XP / Vista / 7/8

Distribution method:shareware (demo version for 20 launches - http://ru.iobit.com/downloads/pf-setup.exe)

Price:RUB 600

Protected Folder is a handy program for protecting files and folders from unauthorized access by completely hiding them or restricting access to data. In terms of restricting access, it is possible to set a ban on reading (files will remain visible, but they cannot be run, copied and read) or a ban on writing (cannot be moved, deleted or modified). Hidden data is invisible in Windows Explorer and in file managers. Access to the program is protected by a master password. There is functionality for configuring exclusions - by default, a number of system folders and files are included in the exclusion list, since restricting access to them leads to system malfunction.

Free Hide Folder 3.0

Developer: Cleanersoft Software

Distribution size: 875 kB

Work under control: Windows 9x / Me / NT / 2000 / XP / 2003 / Vista / 7/8

Distribution method: freeware (http://www.cleanersoft.com/download/FHFSetup.exe)

Price:is free

Free Hide Folder is a simple and compact utility for hiding personal folders. Protected folders become completely invisible to Windows Explorer even when the option "Show hidden files, folders and drives" is enabled, but will be displayed in other applications such as FAR, Total Commander, etc. Access to the program is closed with a master password.

As everyone knows, there are always enough problems with children, and if you also have a computer at home, then you definitely won't be bored. You will probably more than master a lot of ways to secure wires, hide a system unit with valuable filling from children's eyes, strengthen the monitor, and then move on to studying a variety of software (for example, what was discussed in the article) to restrict the younger generation's access to a computer, operating system, as well as important folders and files. However, if a real computer genius grows in a family, then even after protecting everything and everyone, you are unlikely to be able to rest on your laurels. In this case, all that remains is to admit defeat, which may be for the best, because then it will immediately become clear that computers are your child's true vocation.

I decided to write my own computer security instructions.

1. Choosing a password.

In a word, nemonics only sounds scary. It can be used to create long passwords that are very easy to remember and impossible to guess. They are much more reliable than a set of 8-9 random letters with numbers, and much easier to remember.

It is very easy to create a mnemonic password. Pick a phrase that you will never forget, any chorus of a song or a quaternary that you already remember by heart will do.

For instance:

Why exists in the world
Article one hundred thirty four?
Hinders children to love
With whom you can - decides for them!

If you write down all the first letters of this chorus, but the article number is in numbers, you will have a wonderful 17-digit password: zsvms134dlmskmznr.

Looks complicated? You don't even have to memorize it, just remember that these are all the first letters from the chorus of the song, which you already know.

Zachem Sushetvuet V Mire
Statya134
Detyam Lyubit Meshaet,
S Kem Mojno - Za Nih Reshaet!

Better yet, write one word in a row as a whole. For example, the word statya: zsvmstatya134dlmskmznr. You have a gigantic 22-letter password that is impossible to guess or peep, but you will never forget it.

From one chorus, you can collect dozens of reliable passwords, for example, by highlighting the first, but the last letter in the words: mtea134mttsmoaht. But it is better for each new password to choose their own quatrain.

Disclaimer: Never use the quads from my example. After this article, it will be punched first. Choose your own, something not too famous.

2. Encrypt the data on the computer.

The police hacked into Navalny's mailbox through a seized computer, they committed malfeasance (who won’t be surprised?), But this is not an excuse for being careless. If Navalny ciphered the data, the investigative committee would have gnawed at the navel in the embrace of the hacker Hell, but nothing would have been extracted.

Remember, the system password does not protect against anything. What you enter when you turn on the computer is a meaningless trick. Only data encryption protects.

Namake is done in a couple of clicks with built-in tools, here is a step-by-step instruction.

On a PC, the best place to download is TrueCrypt, which is also very easy to configure.

Once you encrypt the system completely, you can rest assured that none of your files can be read without a password. To you, it will look just like a regular login. Unlike the system password, these programs securely protect your data.

Disclaimer: When encrypting a disk, do not forget that if you lose your password, you will not have any way to gain access to your files. This is the essence of encryption.

3. Do not link a phone number to your accounts.

I have seen activists with paranoid persistence take out the batteries from their phones before meeting, but without hesitation they enter their cell number in case of "password recovery". Your phones are already tapped, reading SMS is even easier. One request for a password on the phone + interception of SMS and your mail is compromised. An uncomplicated secret of cool hackers from the "E" center.

4. DO NOT USE SECRET QUESTIONS.

Finding out your mother's maiden name is not easy, incredibly easy. It will take me about 3 clicks, center "E" has a single call.

Finding out the name of your pet is also a trivial task. For example, at the mail of Yulia Sazonova there is a question "the name of my dog." I figured it out in 10 minutes. Julia, change the question and the password at the same time.

By the way, her mother's maiden name is London. This question is how easy such things are.

It is best not to enter a secret question at all. If some service insists on it - enter the deliberate rubbish (long!), Which is impossible to pick up.

5. Do not link different accounts to each other (especially Facebook mail).

Thus, by taking one account away from you, everyone will be taken away at once.

6. NEVER use Russian mail providers.

All Russian providers of electronic services are accountable to the power structures and will give your account on demand.

7. Make the most of the incognito mode in your browser.

Cookie interception is one of the most common hijacking methods. In incognito mode, all new cookies are automatically deleted after the window is closed.

It was security101. The very basics of prevention, available to everyone. The next two points are a little more advanced. If you do them too, your online experience will be bulletproof.

8. Get a VPN overseas.

In 2000, the then department "K" obliged all communication operators to install the SORM system. Since then, the special services can monitor all your activities on the Internet with a single keystroke.

A VPN is an encrypted tunnel (signal) to a remote computer. All you really need to know is that with it your activity will become completely opaque for your ISP, and therefore for Russian special services and hackers. Under a VPN, it is safe to use open Wi-Fi, go out of unfamiliar places to the network and not worry that your signal will be intercepted by a sniffer.

Reliable VPNs are paid, but they are worth the money. I strongly advise you not to use free services, they are slow and in most cases are sweet traps.

I use VyprVPN, I got it with an account on giganews. But there are even more reliable providers:

VPN will secure all your equipment. Not only computers, but also iPhones, iPads, and Android phones can work through VPN.

Everything is set up very simply: instruction for iPhone / iPad, instruction for mac, instruction for Windows7, instruction for android

Once everything is set up, you don't need anything else, everything will work as before, you won't notice the difference. Only you will be protected.

An additional bonus is strong protection against the new censorship law. Whatever resources United Russia and Ilya Ponomarev decide to block, you will have access to all sites prohibited in Russia. Wastak will also have several foreign IPs of choice in different parts of the world. You will become impossible to track down on the net directly, as your trail will lead to other countries.

9. Make a secret mailbox that no one will know about.

My public mail This address is 7 years old, all emails come here, all my accounts are registered to it. But this is only a screen, I do not use it. All letters from it are automatically sent to a completely different address, and from this mailbox they are automatically deleted immediately. This kind of auto-forwarding on gmail is very easy to set up.

I also answer letters from a secret address. Let's call it None of my addressees know this, because the body of the letter spoofs (prescribes) a public address. This one is also very easy to configure in the same gmail

So there is no mail for me, this is the technical address that I distribute on the net. I go into it once every six months, change the password and that's it. But for everyone else there is no address to which I write mail, use Google, and so on.

Of course, if someone takes possession of your public address and examines the settings, they will also know your secret address. But in front of him there will be virgin-clean mail, because the entire archive of you is stored in a completely different place. (Unlike the fools who advise never to keep archives, I well understand how important it is to keep everything.) While the cracker frantically breaks your secret mail, you will have time to calmly return the public address and move the archive to a new location.

10. Don't be a fool.

Do not write down the password on a piece of paper or text file. Do not use the same password for different accounts. Do not log into other people's computers. Don't download suspicious files, don't respond to phishing. And so to your wife, forget that a talker is a godsend for a spy.

PS: I deliberately didn't explain how what works, but only how to work with what. My task was to write the most practical guide available. For the same reason, I did not begin to describe other more nerdy remedies. There are many of them, they are reliable, but they seriously affect usability.

Once everything is set up, you will not notice any difference in usability at all. I armed you, if they continue to break you, then you are fools with your heights.