How to Keep Your PC Virus-Free

Written by

A few weeks ago, a good friend of mine emailed me this photo with the following message:

Subject: OMG I hate PCs

This is my new computer at home. I barely use it. WTF. Help.

Despite running Windows 7, which is far less prone to malware and viruses than Windows XP, and using Firefox instead of Internet Explorer, he got hit with this nasty bit of malware which pops up a fake “file recovery” scanner, floods the screen with system errors, marks all files as hidden, and moves other important files to the temp folder, among other fun tricks.

It’s technically possible to remove malware like this but it can be a very time-consuming process. And even if you get rid of the symptoms, in some cases the software buries itself so deep in the system that it never really goes away The path of least resistance, in this case, is to back up your files (if you haven’t been using an automatic backup system), format your hard drive, and start from scratch. Either way, it’s a pain and a terrible waste of time.

Fortunately, there are ways to drastically reduce the possibility of viruses or other malware infecting your PC. Most of these tips don’t cost any money, but I’ve also listed a paid option at the end that provide an extra level of protection, should you feel you need it. This guide is geared towards Windows 7, though these solutions will work in Windows XP and Vista as well.

The Real Problem: Plug-Ins

With Windows 7 and Internet Explorer 9, Microsoft has done a commendable job of shoring up its two biggest security liabilities: the world’s most popular operating system and the world’s most popular web browser.

The big problem isn’t security holes in Windows and IE anymore, although you should always be in the habit of installing Windows updates when prompted. According to a recent report by IT security firm Kaspersky, the vast majority of malware is now delivered through outdated versions of software installed on almost every PC: Adobe Reader, Adobe Flash, Java, and iTunes/QuickTime.

While each of these does serve some purpose on your PC – Flash is needed to watch videos on YouTube, for instance – there are other options that will allow you completely uninstall them without losing any of their features, thereby eliminating any potential security risks when hackers discover flaws in their code.

Uninstall Flash, Reader, and Java

To get started, go ahead and uninstall all three of these programs. In Windows 7, click the Start menu, open the Control Panel, and choose Programs and Features. Browse through the list of applications and look for any instances of Adobe Flash, Adobe Reader, and Java (there may be multiple versions of each). Uninstall any of these that you come across, and restart your computer if prompted.

We’re going to leave QuickTime and iTunes alone for now, since it’s required for iPhone and iPad owners to sync their media and there’s no alternative for it. Just remember to keep it up-to-date when prompted. But if you don’t use iTunes, go ahead and uninstall that as well (doing so will uninstall QuickTime).

With Java, we’re making an assumption that you don’t use it on a regular basis. If you just use the computer to browse the web, check email, and use common software like Microsoft Office, you’ve probably never needed it. Regardless, if something stops working after it’s uninstalled, you can easily re-install it.

Use Google Chrome, Not Internet Explorer

I could spill a lot of ink debating the pros and cons of each of the three most popular web browsers (Internet Explorer, Firefox, and Google Chrome), and depending on your browsing habits and individual needs, any of them could be the best option for you. But for the purposes of this guide, using Google Chrome for your daily web surfing is a no-brainer for a couple of big reasons.

By uninstalling Adobe Flash from your PC, you’ve removed Internet Explorer’s ability to display Flash content, such as YouTube videos. Despite Flash’s footprint on the web getting dramatically reduced by the popularity of iPhones and iPads, which don’t support the plug-in (thankfully), there’s still quite a bit of Flash content out there that hasn’t been updated to modern standards.

With Google Chrome, you don’t need to have a standalone version installed to view this content. Chrome comes with a built-in Flash player that is constantly updated by Google. That also means you can say goodbye to those annoying pop-ups prompting you to update Flash every 20 minutes.

More importantly, Chrome’s version of Flash is “sandboxed” – a fancy geek term meaning it’s completely isolated from the rest of your PC. If a piece of malware penetrates sandboxed software, its reach into the system is restricted to that app and nothing else. With a standalone version of Flash (like the one Internet Explorer uses), a security hole allows access to the entire Windows operating system. That’s how you end up with a screen like my friend’s, above.

Use SumatraPDF instead of Adobe Reader

With Adobe Reader uninstalled, we need a new way to view PDF files. SumatraPDF is a free, fast, and lightweight PDF viewer which we’ll use instead.

Once you’ve downloaded and installed it, we need to set it as the default program for PDF files. Launch SumatraPDF from the Start menu, go to the Settings menu and choose Options, and click the button to make it your default PDF reader.

Stop Paying for an Anti-Virus Subscription

There’s no need to waste money on an expensive anti-virus subscription such as Norton or McAfee. For virtually of our clients, we use Microsoft Security Essentials, which is a free, lightweight, and unobtrusive anti-virus program developed by Microsoft. It does a fine job of protecting a clean PC and it does so without eating up a lot of resources or bugging you with a lot of vague pop-ups.

That said, if you want an extra level of protection, we recommend paying $24.95 (one-time purchase, not a subscription) for a professional version of Malwarebytes Anti-Malware. Every IT guy on the planet uses the free version of Malwarebytes to clean up a computer that’s already infected. The paid version runs silently in the background alongside Microsoft Security Essentials, using its powerful scanning engine in real-time to prevent malware from putting roots down in your PC. It’s not perfect either, but of all the things you could spend money on, it’s the best option.

Bottom line: no anti-virus program is 100% perfect, so why spend a bunch of money on one? I’ve seen as many infected PCs running paid versions of AVG, Norton, and McAfee as I have PCs that had no anti-virus installed at all.

But the infected PCs I’ve dealt with have all had at least a few these things in common: Windows updates were not installed, Internet Explorer was the primary web browser, and Flash, Reader, and Java were not up-to-date. The measures taken in this guide, combined with user awareness and education, are far more effective than spending a bunch of money on heavily-advertised software.

As always, if you have any questions about these tips, please feel free to send us an email or reach out to me on Twitter.

The Paperless Puzzle

Written by

Shawn Blanc has posted an interesting walk-through of his new paperless workflow:

I knew that a scanner, an image-to-PDF converter, an OCR app, and some clever folder hierarchy was all necessary, but it all seemed like more trouble than it was worth. Therefore, the majority of the paper documents that came through my home office still get filed away in my physical filing cabinet.

It wasn’t until recently when a comment from David Sparks got me re-motivated to research a better and more consistent way.

His setup is geared towards a household where a Mac is the primary computer (as Hazel is Mac-only software), but the basic concept could be modified or expanded to suit PC users and small businesses. Substitute a Doxie Go for a Fujitsu ScanSnap 1500, for example, and you’ve got a high-powered solution to deal with the reams of dead trees laying around the office.

The key to making this work well is creating a folder structure that scales over time and using software to automate the tedious task of organizing your incoming scans. On the Mac, Hazel is the way to go. PC users will miss out on some of Hazel’s advanced features, such as sorting files based on their contents, but Belvedere and Hygeia are worth a look.

iPhone 5 Review Roundup

Written by

The early reviews of the iPhone 5 have landed. The consensus: this is the best iPhone to date in just about every way, and it remains the best smartphone on the market.

Our Take

Since we’re typically inundated with the “Which one should I get?” question immediately after an iPhone or iPad launch, here are my suggestions:

Color: The black model has black glass, a black finish on the aluminum, and a black band around the edge. If Batman had a Bat-smartphone, this would be it. The white model has white glass, a raw aluminum finish, and a silver band around the edge. Choose wisely.

Storage: If you take (and keep) tons of photos and videos without downloading them to a computer and clearing them off the phone, get a 32GB or 64GB. If you want to store several movies and TV shows along with your music, get a 32GB or 64GB. Otherwise, just get the 16GB. For the vast majority of people, 16GB is the way to go.

Carrier: I broke my AT&T contract and gave up unlimited data to switch to Verizon this time around (wish they would’ve paid me for the privilege). It made absolutely zero financial sense, but I’m through taking AT&T’s abuse. I had been holding out because of the simultaneous-voice-and-data issue, but AT&T’s coverage seems to have actually gotten worse in the last few months and it’s becoming a serious problem for business. When your commitment to clients is “Call our cell phones, we pick up”, you need your phone to actually ring when someone’s calling, and maintain a connection throughout the call. In other words, it needs to work like a phone.

Verizon’s LTE network is faster than AT&T’s and available in far more cities, and their voice coverage is second-to-none. Plus, I have a Verizon LTE iPad (which is amazing), and will be able to share a data plan between the two devices. So long, AT&T.

The Reviews

On to the reviews. I’ve pored through dozens of them, and hand-picked the best ones for your perusal. Enjoy:

John Gruber, Daring Fireball:

The iPhone 5 is really nice.

It feels great, looks great, has the best display I’ve seen at any size, runs noticeably faster, networks noticeably faster, is way thinner and lighter than any of its predecessors, takes better photos, and, in my six days of testing, gets totally decent iPhone-4S-level battery life.

But you don’t even have to turn it on to see how nice it is. Just hold it. You really have to.

David Pogue, New York Times:

At 0.3 inch, the phone is thinner than before, startlingly so — the thinnest in the world, Apple says. It’s also lighter, just under four ounces; it disappears completely in your pocket. This iPhone is so light, tall and flat, it’s well on its way to becoming a bookmark.

Jim Dalrymple, The Loop:

That has been my takeaway from the design of the iPhone 5 — small design changes that make for big user experience improvements. It’s important to remember that while the changes on the outside may be small to the naked eye, the changes on the inside are huge. Every major component of the iPhone has been changed in one way or another.

Scott Stein, CNET:

“This seems like a good time to discuss thumbs. As in, your thumb size and the iPhone 5. Going back to the iPhone 4S, I realized that the phone’s design has been perfectly aligned to allow a comfortable bridge between thumbing the Home button and stretching all the way to the top icon on the iPhone’s 3.5-inch display. That’s not entirely the case, now. I could, with some positioning, still thumb the Home button and make my way around the taller screen, but the iPhone 5′s a little more of a two-hander.”

The New Kindles

Written by

In a pre-emptive strike against the expected announcement of a smaller iPad in the new few weeks, Amazon yesterday unveiled a series of new Kindles in both e-reader and tablet form. Must be nice to have a marketing machine so powerful that it forces all of your competitors to show their hands before you even publicly acknowledge the existence of a rumored new product.

Here’s a quick run-down of what’s new:

Kindle Fire HD 8.9″ and Kindle Fire 8.9″ 4G: Slightly smaller and lower-res screens than an iPad. Basically non-existent app selection, but Amazon Prime members get streaming movies and TV shows and Kindle e-books. Then again, so do iPad owners, via Amazon’s iPad apps. The $499 4G model is too expensive for what amounts to a mobile video and reading gadget, but the $299 Wi-Fi model will hit the sweet spot for many folks, especially those who are tired of having their iPads hijacked by the kids for games and movies. Note that all the new Kindle Fire models are ad-supported (blech), which, combined with Amazon’s admission that they’re selling these basically at cost, would explain the low prices.

Kindle Fire and Kindle Fire HD: You can ignore the $159 Fire – if you’re shopping in this category, you might as well pony up for the nicer screen on the $199 Fire HD. The Fire HD will challenge the Nexus 7 for title of best 7″ tablet, at least until a 7″ iPad is released and lays waste to the market.

Kindle Paperwhite: This will be the biggest hit of the bunch this holiday shopping season. An all-new Kindle e-reader with a better screen and a built-in light. The 3G model is $179, but I don’t see the need for most people, since Wi-Fi is commonly available almost anywhere you go these days. The standard Kindle without a light has dropped to $69.

Improve Dropbox and Gmail Security With Two-Step Authentication

Written by

In the wake of Mat Honan’s massive, worst-case scenario hacking a couple weeks ago, a number of cloud services have introduced two-step authentication, a feature that drastically improves the security of your online accounts.

Two-step (also called “two-factor”) authentication refers to two independent ways of verifying your identity when attempting to log into an account: a typical username/password combination plus some other method, usually a temporary code sent to your smartphone via SMS or a special app. This way, a potential hacker would have to physically have possession of your smartphone, in addition to your username/password combo, in order to get into your account.

For many people, especially those who have sensitive emails, documents, or other data in the cloud, enabling two-step verification is a no-brainer. It’s a minor inconvenience, but it pales in comparison to the headache and expense of having your online life compromised. Just ask Mat Honan.

Gmail has had this feature for some time, though most people don’t use it or don’t know it exists. As of today, Dropbox now has a two-step verification option as well.

To get started, follow Macworld’s step-by-step guide (you’ll need your smartphone and the latest preview release of the Dropbox software).