Safe Computing / Virus Protection

by Wren McMains
(Updated 11/29/2008)

Every week I hear from friends who can no longer use, or even boot their computer. This week it was four different friends with serious virus problems, in one case the virus had encrypted the disk and they couldn't recover any of their data. Other times it's a software update that went awry or a hard disk failure. Luckily, Rule 1 allows you to recover from all three cases. The rest of this discussion covers some techniques I use to minimize the chance of getting viruses.

The rules for safe computing are a lot like those for safe sex:

Rule 1:  Be Prepared.

You've never going to be 100% protected from getting a virus, so be sure to have two levels of backup. These backups not only protect you should your machine become hopelessly infected by a virus, but also against a hard drive failure or hopelessly messed up software.

  1. Make a complete system backup every couple of months (or more frequently when installing new software, and always before installing a major Windows update). There's a link to step-by-step instructions for using one backup program at the end of my discussion of Complete System Backups.
  2. Backup documents, images, music, and other personal data almost daily using SyncToy. For more information see my discussion of Backup Strategies and Using SyncToy.

Rule 2:  Practice Safe Computing.

  1. Install a virus protection program and keep it up-to-date.
  2. Use Firefox and install key security add-ons (extensions).
  3. Beware of links in e-mails and on web pages.
  4. Block pop-ups.
  5. Use Gmail.
  6. Use Firewalls.
  7. Avoid peer-to-peer connections.
  1. Install a virus protection program and be sure its virus definitions are kept up-to-date. Everyone has their favorite, but there is no longer one I really recommend. They all suffer from program and feature blot which makes them difficult to use, or really slows down your computer (Norton seems the worst, but it's not alone).
    I use AVG, not because it's great, but because it's FREE. But it too has gotten much worse. Prior to version 8 it was easy, even for the inexperienced user, to keep updated. Version 8 is a real pain when used on dial-up line; I keep thinking I've missed something in the setup that would make it work better. And just recently it did some update that caused it to stop working completely. On two different computers ... had to un-install and re-install.
  2. I highly recommend using Firefox as your web browser and installing at least a couple of add-ons (or extensions). One is WoT which stands for Web of Trust (see the examples below). Another I recommend is NoScript ... it's a little more effort to setup, but it will protect you from sites running scripts (programs) which might corrupt your machine. For more on NoScript, see my discussion of setting up and using Firefox.
  3. With Gmail blocking attachments that might contain a virus, most viruses now come via a link we click on, either in an e-mail or on a web page. I highly recommend using Firefox as your web browser and installing the WoT add-on. WoT stands for Web of Trust, users rate sites for Trustworthiness, Vendor Reliability, Privacy and Child Safety, and based on these ratings you see either a green, orange or red lifesaver (arrows below) next to links in Firefox:


    If you hover over a link (the Ditech link in this case) you see a box like this:


    The dark-gray people are a measure of how many people gave a rating in each category. Maybe Ditech is not all bad, not may people have rated the site, but obviously they give it low marks for privacy. If you see a site with ratings like this:


    with all red lifesavers, it is probably someplace you want to avoid.
    The green check marks (arrow below) you see are added to some pages by version 8 of AVG, they show that AVG has verified that the page contains threats. Since they're not added to every link I'm not sure how useful they are. I'm sure new versions of many other anti-virus programs have similar features.


    Firefox supported tabbed browsing and pop-up blocking long before Internet Explorer. It's an Open Source development project; this means the source code of the program is public and people all over the world calibrate on its development. This usually results in newer and better ideas getting incorporated sooner, meaning it's likely to always be ahead of Internet Explorer.
    I recommend against installing extra toolbars in your browser. Everybody (your ISP, Google, your anti-virus program, etc.) all try to install them ... some just do it without giving you a choice. My biggest complaint is the amount of space they permanently take up on your screen. I've visited people with lower resolution screens and literally half the screen was taken up by toolbars. Here's what the toolbars on my browser window look like:

    Firefox Toolbars

    For me three of the most important areas are (A) the address field when I can type a URL, (C) the Google search field, and (B) my bookmark toolbar which I've customized to contain mostly just icons which I recognize.
    Here's a discussion of Firefox I wrote a few years ago on another website (it should open in another tab or window). It's a bit out-of-date, but it should still contain some useful information. Be sure to follow the link there to Tips on Using Firefox.
  4. Pop-ups were not only annoying, but often lead to problems ... to often without knowing it you were installing a virus. The pop-up blocker in Firefox stopped most of these and Internet Explorer (which I no longer use) now has a pop-up blocker too. Be sure these blockers are turned on ... I've seen pop-ups that have no way to close without agreeing to installing something you don't want. Once some of these programs get installed, you get pop-ups all over the place that can't be stopped ... and they either take a lot of effort, or are impossible to remove.
  5. All my mail gets forwarded through Gmail before it reaches me. I've never seen it let a virus through and it filters out over 99% of the spam I get. You can still download your mail to a client program (like Thunderbird or Outlook) but I've now read my mail through it's online interface, even on a dial-up line. Here are some of the reasons I like Gmail:
      Another nice thing about Gmail is how well it interfaces with your client e-mail program (Thunderbird, Outlook, etc.). Even message you read and/or archive in Gmail are later downloaded to your client program when you get home and download all your mail. And if you setup Gmail as your client's SMTP server, any mail you send out will also be archived at Gmail. This means that wherever you are in the world you can get a copy of any e-mail you sent or received from your client program.
  6. Firewalls: I just use a combination of hardware (a firewall built into my router) and the firewall that comes with Windows. The advantage of a better software firewall program is that they monitor outgoing as well as incoming internet traffic. They will catch programs which have gotten past your anti-virus and are now starting to "reach-out" from you machine. The problem is most of us don't have enough knowledge to use them wisely ... they keep asking you if _____ can access the internet, or _____ can access your computer. You either keep saying yes, or if you say no, things don't work right, but you don't even realize it. Pretty soon it's like crying wolf all the time, you just ignore it and keep clicking OK. For most us (myself included) it's not worth the effort.
  7. Never use any peer-to-peer music or software sharing software, they're almost guaranteed give you hundreds, if not thousands of viruses. If you really want to use one, devote an old computer not connected to any other of your computers just to that task.

Suggested next choices: Site Map