Introduction

You've had a few viruses over the years, ran a few different anti-virus programs now and then, but nothing really bad (like losing everything) has happened yet, so why should you strive to be virus free? 

First, something really bad will happen eventually and it would be nice to have those kind of things happen very rarely.  Second, when you run a computer that has viruses your computer is most likely under the control of someone else who wants to use your hardware and internet connection to damage other peoples reputation/internet connection/business/etc. and spread more viruses and send spam email.  Third, you harm the Internet's infrastructure (as well as your LAN's infrastructure) by wasting bandwidth and infecting servers running internet services.

I believe that people have as much of a moral obligation to keep their systems clean as countries have to root out terrorists: even if they don't harm you that much they can devastate other people.  If I've convinced you, read on.

There are several things you can do to stay virus free on your computer, and all the solutions mentioned here are free as in free beer.  One final note: do NOT use any extra antivirus tools not mentioned here or that you were not referred to by a knowledgeable person.  This includes AVG or any other free or not free antivirus programs.  They will only give you a false sense of security.  Many antivirus programs available on the internet are actually viruses (they are tricky, aren't they?).

Browsing the Smart Way

The main vector for receiving viruses is using a web browser to browse an infected website (for proof see here).

1. Use Firefox instead of Internet Explorer (proof that Internet Explorer is a major vector).  Watch some videos and read the following articles:
1. Firefox browsing basics
2. For Internet Explorer Users
3. Importing favorites and other data from Internet Explorer 
2. Use several add-ons with Firefox (in order of most to least important):
1. Adblock Plus (after you restart Firefox, use the "Easy List" that the pop-up presents)  Watch an intro video. 
2. Use OpenDNS (see the Program Management section for details)
3. Web of Trust ("WOT") - Watch an intro video.  You will need to register for an account.  Don't forget to record your credentials the smart way.
4. NoScript - Watch the CNet intro video. 
3. Keep your Firefox plugins up-to-date

Note: if you install WOT (as mentioned above), you will be warned not to click on bad links (note the red circle telling you that this is a bad link):

Program Management

Malicious code seems to end up on everyone's computer after a while, sometimes in the form of an executable file that is just waiting for you to double click it.  Follow these steps to avoid running bad code:

1. Password protect your computer and require password after screensaver.  Use a strong password and use password management.
2. Disable Autorun (the easy way or the hard way).
3. Use Microsoft Security Essentials (free with Windows).
4. Use ClamWin Antivirus to scan through your memory and file systems once a month (it also scans email).  Watch an intro video.
5. Use VirusTotal or the VirusTotal Uploader to scan anything you are of which you are suspicious, and you should be suspicious of any email attachment even if it "came from a friend" because spoofing a sender address is as easy as putting the president's return address on an envelope.  You should also be suspicious of anything you download Watch an intro video.
6. Run as a limited user and use the "Run As" command to run anything you trust that requires more power, or if you can't bear that, run as an administrator and use the "Run As" command to run suspicious things as a limited user.
7. Do not accept physical media (USB sticks, hard drives, CDs and DVDs) from anyone.  Simply plugging a USB stick or inserting a CD into your computer can infect it and create a back door for some evil dude to control your computer remotely.
8. Use OpenDNS (208.67.222.222 and 208.67.220.220).  Sign up for a basic free account and use their web content filtering and phishing protection.  All this filtering happens before IPs are returned via DNS, so this covers all applications, not just web browsers.  It requires no plugins (just DNS re-configuration).  If you control your Internet gateway router, you should set it to use these DNS servers also (then all the machines on your network will be using OpenDNS and you won't have to configure them).  Instructions here.
9. Use PeerBlock (during setup choose the "Ads" and "Spyware" lists).  This is similar to OpenDNS, but works even if IPs are received some other way than DNS.
10. Run Drop My Rights.
11. Make sure your Windows installation is up-to-date.
12. Run CCleaner.
13. Run Microsoft's Malicious Software Removal Tool.
14. Run Malwarebytes.
15. Run Sandboxie.
16. Run the DNS Nameserver Spoofability Test by GRC.
17. Run ShieldsUP! by GRC.

File Management

In order to keep your installation of Windows "nimble" (i.e., the installation can be overwritten with very little damage), follow these steps (they will make the "Re-install Windows often" section much easier):

1. Keep your documents off your C:\ drive (only use the C:\ drive for Windows, programs, and temporary files)
2. Redirect your home directory (think "My Documents") (how-to within an Active Directory domain) to somewhere off your C:\ drive (I recommend a network drive).
3. Move your Firefox profile off your C:\ drive.
4. Show file extensions.

Re-Install Your Operating System Often

Re-installing Windows often is an excellent preventative measure against a buildup of malware.  Today, malware like to simply hide from their hosts' users, and it is very easy to be running malware (especially rootkits) and not even know it.  Anyone who has installed a program should be able to follow these instructions.  Do this at least once a year.  See the "The Re-install Method" section on How to get rid of computer viruses.

Home  |  Up  |  Copyleft  |  Contact