This is an outline of what I do when people bring me a computer which isn’t working properly. Aside from undoing mistakes and diagnosing hardware failures, most of it consists of cleaning up the operating system. There are no secrets here, and this has been pretty successful with most of my clients. You can save a lot of money using these ideas.
1. If possible, I convince them to switch from Windows to Linux. I’ve never seen a personal computer running Linux compromised, nor heard of one. I’ve not seen any misconfigured by user mistakes once properly installed, even when the user knows the root password and understands how it works. I am always eager to devote significant amounts of time teaching folks how to get used to the Linux way of doing things. I select the Linux distribution based on how they use it, but my choices are limited to Debian, Ubuntu LTS, and CentOS for the simple reason each of these will be stable and supported for a minimum of three years for each release.
2. Assuming they stick with Windows, drop into safe mode and run virus and malware scans. As soon as the BIOS starts to hand off to the operating system, hit the F8 key, and select “Safe mode with networking” so you can download updates to the scanners which offer it. My favorites are Vipre Rescue for viruses (updated daily) and Malware Bytes free version for spyware. Allow significant time for each scanner to complete, and remove the junk they find. If you can’t even boot the system, you can get a bootable rescue CD with a scanner which might be able to recover the system enough to try booting again. I would never trust McAfee or Norton, but I have used the BitDefender and Kaspersky CDs to good effect. They take a very long time to run.
3. While in safe mode, make sure a good AV and malware package are installed for regular use. You can purchase the full version of VIPRE from Sunbelt/GFI, but I find Avast works better for most people. The free version will do if you can’t afford the regular. After installing Malware Bytes free version, you can leave it on the system, but you have to run it manually, because live protection comes only with the purchased version. I recommend running it weekly, but be sure to update first each time.
4. Still in safe mode, uninstall software you are not using, or which weakens security and privacy. The greatest threat comes from entertainment. Those who produce entertainment know you won’t likely pay much up front — not nearly as much as they want, anyway. So they let advertisers pay for it by saddling you with advertising. Those $10 and even $20 games at the big box stores are some of the worst, eclipsed only by the freebies you can download online: Wild Tangent, Pop Cap, iWin, etc. Each of them insists on installing their gameware server, or browser toolbars, and other associated junk software which slows down the system, allows them to track your every touch on the computer, and frankly opens the door to spyware and viruses. Very few download games are safe, and it takes time to learn those which are. Similar warnings apply to music downloaders and players.
The other kind of software which risks security is social software. Don’t download stuff related to Facebook (like FlipToast) or any other social networking site until you understand what risks are involved. Each of them is basically tracking you all over the Net, and they are loaded with vulnerabilities exploited by criminal elements. Don’t let your instant messengers load automatically unless you are using something like Pidgin, which is considerably safer than most alternatives.
Finally, a major culprit for bundling useless and resource-hogging software is Apple and their Safari-iTunes package. If you don’t desperately need what they do, get rid of them completely. Even QuickTime can be replaced with good, free and secure alternatives, such as the K-Lite package. Get the Mega package, and use the bundled Media Player Classic as your default media player. Another is Adobe. You can get a decent and very secure PDF reader called Sumatra. Not fancy, but adequate. If you need more features, try Foxit or PDF-Xchange. Both are less of a threat to you than Adobe.
5. Check security settings. Turn on updates, at least to the point of being notified when they are available. Turn on the Windows firewall; it may not be the best, but it’s better than nothing. If you can afford it, find out what sort of firewall/router device is appropriate for your Internet connection and buy one. If you don’t understand firewalls, use whatever wizard comes with the package. You must change the default password for accessing the device; choose a good one based on something such as the first letter of a phrase or song lyrics you know you’ll remember. Keep the mixed capitals and lower-case and punctuation, and substitute a numerical digit for at least one of the letters. Make sure it’s not less than 8 characters.
6. Consider changing your Net surfing habits. Especially with Windows, use just about any browser but Internet Explorer, saving it for those few websites which simply will not work otherwise. Install Firefox configure it with security addons. Use this for basic surfing and all the random stuff you do; make it your default browser. But for strictly business, or sites where you have to login often, even if it’s as frivolous as blogging or Facebook, use a different browser. I recommend Opera for Windows, though it will take some time to understand and browse the configuration options. It remains one of the most secure browsers, and it’s built-in email client is excellent for security uses. You can also use Google Chrome, but it’s not as fully developed, yet. It’s challenging to configure some of the settings you might want to change. However, it includes the advantage of built-in Flashplayer and PDF display. Again, it will take some time to dig around the configuration settings, and getting used to a very different set of functions. It has some of the same security addons as for Firefox, called “extensions.”
For some, the safest way to handle email is using one of the webmail providers, instead of downloading email directly to the computer. This will surely compromise privacy, particularly with Gmail, but any viruses will be on their computer, not yours. Yahoo and a few others will scan attachments for threats before you download them. Frankly, I like to use foreign-based webmail providers. A good example is GMX.net, based in Germany. The interface is in German, but there are others like them who accommodate English language users. GMX does have an American-based operation (GMX.com), but their site has been pretty rude about blocking browsers other than IE. You can always try Hush Mail and others.
Finally, stop using Google, Bing or Yahoo as your default search engine. Both will track your searches in such a way they can be traced back to you personally, and sell that information to advertisers. Use StartPage or DuckDuckGo. Either of them will preserve your privacy much better.