Part 2: Keeping Your Computer Safe
Once you’ve ascertained that your system is clean, or removed whatever malware infections were found, you’ll want to keep it that way. Here’s how to do that.
Install a real-time antivirus scanner
Over the years, I’ve used most antivirus programs and suites. I was for a long time a fan of Norton AntiVirus but as time went on NAV became increasingly bloated and resource hungry to the point where it could slow even the speediest system to a turtle’s pace. Recently, I’ve seen ads for the latest version claiming that it now has a smaller footprint and is less resource-intensive. That may be true but I think Norton lost me as a customer a long time ago.
I also used McAfee AntiVirus for a while. My complaint about McAfee was that it produced too many gave me too many false positives (identifying a file as containing a virus when in fact it was clean). It also seemed to become increasingly bloated and slow as time went on.
Most recently, I gave up on my long-time favorite, AVG. This used to be a very nice, compact, efficient, and fast AV program, available in both a free version and a commercial Pro version. A couple of versions ago, however, Grisoft began to emulate Norton and their product became huge and cumbersome, and, worse, less accurate in identifying malware in my experience. Interestingly, at the same time they seemed to have gone to some lengths to make it more difficult to find the download link for the free version, although it continued to be available.
I then went in search of a new replacement which would have the following characteristics:
- It needed to be fast and efficient with a small footprint (i.e., not resource intensive).
- It needed to be effective at identifying and intercepting malware with a minimum of false positives.
- It needed to be a stand-alone antivirus program, rather than an all-in-one security suite (more about that below).
- It needed to offer automatic updates and real time antimalware scanning.
As a result of my research, I narrowed the field down to two or three, including Avast!. I tried Avast first and my experience to date has given me no reason to change (i.e., I never did get to try Avira although it is well rated).
Other antivirus programs that are generally well-rated include NOD32, Kaspersky, and Avira.
As noted, I recommend against one-size-fits-all security suites. In part, this is a longstanding prejudice against jack-of-all-trades technology, going back to my stereophile days. I prefer to get the best individual components that meet my criteria and my general experience has been that the best antivirus program is not necessarily the best firewall, anti-spam, or ant-spyware solution. Also note that it is not a good idea to have more than one antivirus program active at the same time since they may conflict with one another. If you do install a suite, disable or uninstall any stand-alone products previously installed.
Once you have selected and installed an AV program, do an initial total system scan and then and have it set to autoscan any files that are created, all files from your diskette and CD-ROM drives as they are copied or installed, and all incoming email (if you’ve done everything else right, you really don’t need to scan outgoing email but you can usually set your AV program to do to be extra safe if you wish). Then do a full system scan at least once a month as a safety net, or any time you are concerned that you may have visited an unsafe website.
Activate Windows Firewall or Install a Third Party Firewall
From its introduction in Windows XP, the built-in Windows firewall has been the target of a lot of undeserved bad press, primarily because it monitored incoming connections only, not outgoing connections. On the other hand, the primary reason for monitoring outgoing connections is to prevent unauthorized scripts from accessing the net. If you follow the recommendations in the current series and use a bit of common sense, monitoring outgoing connections isn’t essential, and the Windows Firewall will cloak your ports to external probes. (To prove this for yourself, you can test your defenses using try the free utilities at Gibson Research, in particular Shields UP!, with all but the Windows Firewall disabled). If you are using any of the various versions of Windows Vista, the version of Windows Firewall shipping with that operating system also monitors outgoing ports.
I am currently using the Windows Firewall in combination with a router. Note that you should not have two software firewalls active at the same time.
Still, there are some who feel that the Windows Firewall just isn’t enough. If you believe you must install a software firewall, I would recommend the free Comodo Personal Firewall which now comes bundled with Comodo’s antivirus program. Previously, I’ve used Norton Personal Firewall (which no longer appears to be available as a stand-alone but must be purchased as part of a suite) and ZoneAlarm. Again, I found that both of these products became bloated and sluggish over time. You can obtain similar products from McAfee and others, again usually as part of “internet security suites”.
If you use a third party firewall, once it is installed, go through any list of “safe” programs it may have created on setup and delete or disable any entires you know nothing about. If they are legitimate programs, you’ll later get pop-up warnings from the firewall informing you that “program-name.exe” is trying to connect to the internet and asking you if you want to allow that to happen, so if it’s genuine all you have to do is say “yes – it’s safe”.
Activate Windows Defender
Install and run Windows Defender. I’ve found this to be an entirely satisfactory antispyware utility and this runs on startup as my default. If you wish, you can also download and install Ad-Aware and Spybot Search & Destroy. Disable real-time scanning for these so they don’t clash with Windows Defender and run them monthly. Another option is SpywareBlaster.
Monitor Programs That Autostart on Windows Boot
For Windows XP, install Mike Lin’s freeware Startup Control Panel 2.8 to easily see what programs are starting up automatically when you boot. Disable any you’re not sure you want (if they absolutely must run, you’ll find out soon enough and the utility allows you to easily re-enable it). While you’re at Mike Lin’s website, also download and install Startup Monitor: this little program sits in the background of your system and warns you when any program tries to install something to load automatically at system boot, with the option of allowing or disallowing that function.
For Vista, or as an alternative or augmentation to Mike Lin’s utilities, download and periodically run Autoruns for Windows or the more comprehensive but perhaps less user-friendly for novices SysInternals Suite, both from Microsoft. Other useful diagnostic utilities from Microsoft include RootkitRevealer, Process Explorer, and Process Monitor. Another option is WhatInStartup from Nirsoft.
You can also install HiJackThis! from TrendMicro. However, be very cautious about deleting things detected by this utility unless you know what they are. HiJackThis! detects both harmful and useful or needed add-ons.
Download and install ShellExView from Nirsoft, a small utility which displays the details of shell extensions installed on your computer, and allows you to easily disable and enable each shell extension. You’ll find a large number of other useful freeware utilities at the Nirsoft site.
 Spyware Doctor AV |
 PCTools Internet Security |
2 comments ↓
[...] Part 2: Keeping Your Computer Safe [...]
[...] I’ve noted previously (Basic Computer Security 2009 Part 2), I long ago became fed up with big commercial or freeware suites that hog computer resources in [...]
Leave a Comment