Workers' Edge

Our family PC gets quite a workout. It's a five-year-old machine that runs Windows XP and is used primarily by my daughter and teenage grandson for instant messaging, e-mail, social networking, and downloading audio and video files. Since I rarely use the system, I didn't notice that its antivirus subscription had expired.

Which explains why I was a bit surprised when my grandson called when I was out of town to tell me that the PC was acting strangely. Ads appeared on the desktop as soon as Windows started and Firefox and other programs would occasionally close without warning or fail to open at all.

I immediately suspected a virus and instructed my grandson to perform a virus scan. Unfortunately, the machine's antivirus app had gone AWOL. I talked him through the process of using System Restore to revert the PC to an earlier time. This improved matters somewhat, but the system continued to act flaky.

When I returned from the trip, I started the troublesome machine and attempted to open the Microsoft Update site to make sure its copy of XP was up-to-date. But the malware had managed to disable several Windows services intermittently, including Services.msc, so Internet Explorer would shut down repeatedly.

At this point, I was seriously considering a hard-disk reformat and XP reinstall. I even had the XP installation CD in the drive and was ready to begin the process. But even though my daughter and grandson assured me that they had backup copies of all their personal files, I decided to try one more time to salvage the existing setup.

I'm very glad I did, because it turns out there were lots of vacation and holiday images and videos on the machine that hadn't been backed up. First, I installed a free copy of Malwarebytes' Anti-Malware antivirus program on the infected PC, updated the app's virus definitions, and ran a complete scan.

The initial Malwarebytes Anti-Malware scan detected 104 separate infected files and folders.

(Credit: Malwarebytes)

That first scan turned up a mere 104 infected files and folders. Here's a list of the nasties the machine had picked up:

• Trojan.Vundo
• Troja.Vundo.H
• Trojan.FakeAlert
• Rogue.Installer
• Trojan.Downloader
• Trojan. Dropper
• Trojan.Agent
• Worm.KoobFace
• Rogue.AdvancedVirusRemover
• Rogue.SystemSecurity
• Adware.BHO
• Rootkit.Agent
• Spyware.Agent
• Trojan.BHO
• Hijack.LSP
• Rogue.Multiple
• Disabled.Security

After viewing the report, I rebooted the PC and ran another malware scan. This time, Malwarebytes' app found only nine infected files.

The second Malwarebytes Anti-Malware scan detected only nine infected items.

(Credit: Malwarebytes)

I rebooted once more and ran yet another scan, which indicated that the PC came up clean.

The third Malwarebytes Anti-Malware scan indicated that all viruses and other malware had been removed from the infected PC.

(Credit: Malwarebytes)

Once I was assured that the PC was malware-free, I revisited the Microsoft Update site to download and install all the XP security patches the machine required. Then I sprang for the $25 version of Anti-Malware to get the program's real-time virus scanning and automatic updates.

I knew all attempts to alter the user behavior that led to the infections would be futile, so instead, I instructed my daughter and grandson to run Malwarebyte's scanner each time they start the system and just before each shutdown. That was a little over two weeks ago, and so far, the PC remains free of infection. Still, you can bet I'll be paying much closer attention to that machine from now on.

The list of PC security products never ends. For every name that drops off, two more jump on. In fact, determining the best security hardware and software is a full-time job. Sometimes, you just want to throw up your hands and take your chances.

Maybe I'm just a cockeyed optimist, but I think you can stay safe without spending all your spare time doing research, installing updates, and generally becoming a PC-security expert. Here are five relatively easy ways to improve your security.

Use the firewall that's closest at hand
In the computer industry, the reputation of a product, service, or Web site is just about worthless. Yesterday's best firewall, ad blocker, spam buster, virus spotter, or spyware cleaner is today's bust.

Maybe the product got bought and the new owners aren't as conscientious about updates as the previous ones. Or the service's management team decides to go for profits and skimp on support, updates, and enhancements. There are lots of reasons why a good product goes sour, and the computer industry has seen nearly all of them.

So if you can't go by reputation, how do you choose a security product? One way is to go with the tools you've already got. Windows' security is roundly criticized, but the fact is, it's better than it used to be, and third-party security products have their own shortcomings.

Last February, I recommended that you use a third-party firewall rather than the one built into Windows. Six months earlier, I suggested that you pass on the third-party tools and stick with the Windows Firewall despite its shortcomings.

So which side of the fence am I on now? The simple side. The fact is, any third-party security tool complicates your setup. It's not difficult to find weaknesses in the Windows Firewall, but it's safe enough for most PC users, and it's much better than using no software firewall at all.

My previous post included links to information on Microsoft's TechNet site providing technical details of the Windows Firewall, tips for customizing the Windows Firewall, and help troubleshooting the firewall in XP and Vista.

Don't hesitate to try another free antivirus program
Just last week, I switched antivirus programs on my XP test system--for the umpteenth time. Something was slowing the system down, and after defragging the hard drive and doing other standard maintenance tasks, the machine's performance didn't improve as I expected it to.

Rather than go through a bunch of diagnostic tests, I simply uninstalled the system's antivirus tool and downloaded a competing package. The old and new programs were both free, and the switch didn't take much time to complete. The topper? The XP machine's performance perked up immediately.

Two antivirus programs that are free for home use and that are currently highly rated are Avast Home Edition and Avira AntiVir. You'll find a list of dozens of antivirus programs for Windows on this Download.com page.

Change your password...again
I hate those "your password will expire in x days" warnings as much as you do, but one of the simplest ways to protect yourself is by keeping your passwords fresh. Last year, I described the Ten Password Commandments, one of which was to devise a password-creation strategy that's all your own.

Just two months ago, I complained about the shortcomings of passwords as our primary security option, though I concluded that there's nothing better, for now. Lots of people swear by password managers such as RoboForm, but then you have yet another third-party app complicating matters.

For me, it's simpler just to devise a new password based on my unique, inimitable password-creation system, which I share with no one. No need to write it down, enter it in an online form, or encrypt it in a master-password file. Temporary amnesia, well, that's another matter.

For secure e-mail, use encryption
You would think that encrypting e-mail would be a breeze, but doing so is anything but. You and the recipient have to deal with digital certificates, public and private keys, and any number of other time-eating preparations and precautions.

The simplest way I know of to encrypt your e-mail is by using the Mozilla Foundation's Thunderbird with the Enigmail extension. Jason Thomas provides step-by-step instructions in this tutorial on the Lifehacker site.

Gmail users can secure their e-mail communications by enabling the service's built-in encryption. To do so, click the Settings button at the top-right of the main Gmail screen, scroll to the bottom of the General tab, select "Always use https," and click Save Changes.

Select "Always use https" under the General tab in Gmail's Settings to encrypt your messages.

(Credit: Google)

Keep your browser up-to-date
Most people will tell you that the Mozilla Foundation's Firefox browser is the safest way to surf, but a recent report from Google Switzerland and the Swiss Federal Institute of Technology found that "(u)sing the most recent version of a browser will lower the risk associated with drive-by-downloads and other Web-based attacks, which start by targeting the browser."

The report cites Google Chrome's silent updates as the best way to ensure that your browser is protected. The researchers also laud Chrome's lack of a way for users to disable its silent-update feature. Some people will object to software being downloaded to and installed on their system without their knowledge, but the fact is, these behind-the-scenes updates are the best way to keep you safe from the Internet bad guys.

Personally, I'm starting to rethink my choice of default browser. But as I mentioned earlier, you can't put any faith in a computer security product's reputation. And you can't be afraid to switch.

PCs do the darnedest things. When a program crashes, your system slows down, or a file or program refuses to open, it's probably due to a problem with an application or device. But not always. Computer viruses and worms will cause your PC to exhibit many of the same symptoms as a failed or failing component or program.

Here are some of the primary indicators that your system is infected:

• Your system slows to a crawl for no apparent reason.
• The machine crashes, with or without an automatic restart.
• Error messages pop up repeatedly.
• Programs or files open slowly or not at all (especially security apps).
• You can't access drives or other storage media.
• Certain Web sites won't open in your browser, especially those of security software vendors.
• You can't download updates for your antivirus software.
• You can't print.
• A program disappears from your system.
• Strange icons are added to your desktop, or programs appear that you never installed.
• The unused space on your hard drive disappears (which could mean a worm is making copies of itself).
• People in your contacts list receive e-mail from your account, often with a virus attached.
• There's a big jump in the amount of traffic on your network, especially outbound.

How to disinfect a PC
Whenever your system starts acting funky, the simplest remedy is to use Windows' System Restore feature to turn back the clock to a time when the machine worked. (Note that many viruses and worms can outsmart System Restore, so this is far from a cure-all.)

Microsoft's Help and Support site offers step-by-step instructions for using System Restore in XP (which also describes how to undo a restoration). Vista users will find information on System Restore and other system-recovery options for that operating system on the company's Windows Help and How-to site.

Even if System Restore appears to fix your PC, update your antivirus software's definitions and do a full system scan with the program. If you don't use AV software, download and install a copy. You'll find a list of free and low-cost antivirus programs on this Download.com page. Two freebies that get rave reviews from most users are Avira AntiVir Personal and Avast Home Edition.

Another option for virus and worm removal is Microsoft's own Malicious Software Removal Tool, which can disinfect a PC but doesn't prevent infections. Note that if your system is set to receive automatic Windows updates, it probably already has the tool installed. You can read more about MSRT on the Microsoft Help and Support site.

Of course, if the virus or worm has blocked your PC's access to the Internet or is preventing your security software from running, you'll have to use another system to download and install an up-to-date antivirus program on a flash drive, optical disc, or other external storage device. Then plug or insert that device in the infected machine and run the AV program from there. One option is the free ClamWin Portable, though many other free AV programs can be installed and run off external media.

Where did the virus/worm come from?
When you're in the midst of a PC disinfection, the source of the virus may not be your first concern. But once your system is working again, you want to avoid whatever action caused the problem.

In the past, most viruses and worms traveled via e-mail and latched themselves onto your hard drive when you clicked to open an attachment, or sometimes when you merely viewed a message. Now infections are more likely to occur after you browse to an infected Web site or download and open a file.

The recent Conficker worm takes advantage of Windows' Autorun feature that allows programs to open simply by plugging in the USB flash drive, CD, or DVD on which it's stored, sometimes even if you thought you had disabled Autorun and AutoPlay on the machine. Microsoft released a patch that closed this hole late last year, though you still must disable these features manually. You'll find instructions for doing so on this site.

Your best virus/worm-prevention strategy is to keep Windows and your antivirus/antispyware/firewall software up-to-date, don't open e-mail attachments you weren't expecting (even if they appear to be from someone you know), and avoid file-sharing and other dicey Web sites. This is no guarantee of keeping your PC virus-free, but it will keep the odds in your favor.

I wouldn't give you a nickel for all the system tools that come with Windows. That's because I can replace them with programs that do the job better without spending even that much.

Start with the firewall, which most people would consider an indispensable piece of software. Windows Defender's firewall is better than none at all, but not by much. Of the free alternatives, my favorite is the Comodo Firewall Pro. I described why and how I switched from ZoneAlarm to Comodo in a post from last February.

Since that time, I replaced the Comodo firewall and all my other free security apps with a commercial security suite. For me, the convenience of a single security program is worth paying for.

However, I recognize that many people will gladly put up with maintaining several individual apps if they can save a few dollars. For them, Comodo's a good firewall choice. Popular antivirus programs that are free for home use are AVG, Avira AntiVir, Malwarebytes Anti-Malware, ESET NOD32, and Avast.

Top-rated spyware blockers include Ad-Aware, Spybot Search and Destroy, and Spyware Blaster.

Plenty of better browsers
Internet Explorer 7 has been a big improvement over IE 6, and early reports are that IE 8 will be a big step up from the current release. But Internet Explorer isn't even my fifth favorite browser, trailing (in no particular order) Firefox, Opera, SeaMonkey, Chrome, and Safari.

I acknowledge that some people have to use Internet Explorer--maybe their organization requires it--but the rest of us have no excuse for limiting ourselves to a single browser. The NoScript add-on (donationware) that lets you block scripts in Firefox is reason enough to use that browser. IE has nothing to compare with it.

One-step cleanup tool is the multitasking champ
I'm surprised that so many PC users don't know about Piriform's CCleaner (donationware), which does the job of about a half-dozen Windows applets. Along with a disk cleaner, you get a program uninstaller, a start-up manager, and a Registry checker.

CCleaner clears the clutter from your drive and performs other system tasks with aplomb.

(Credit: Piriform)

You have to exercise a little restraint the first few times you run CCleaner, which empties your Recycle Bin, clears your Internet history, and performs other irreversible system chores. Still, I've been using CCleaner for several years and haven't had any problems with the program yet.

A new alternative for shoring up your drive's sectors
In a post from last March, I described the free Disk Defrag utility from Auslogics. My new favorite free disk defragger is another Piriform product, Defraggler (donationware). The program recovered 20GB of lost space on my laptop's 200GB hard drive, though in my unscientific tests it seemed to take longer to complete the defragmentation than it does when using Disk Defrag. This might indicate that Defraggler's doing a more thorough job, but maybe not.

The Defraggler disk defragger provides more info than Windows' built-in defragger.

(Credit: Piriform)

You can also defrag from a command prompt. To open a command prompt in Vista, press the Windows key, type cmd, and press enter. In XP, click Start > Run, type cmd, and press Enter. The Vista Forums provide a detailed explanation of the many options you have when you defrag the DOS way.

Some people claim defragging does nothing to speed up your system. Even though my notebook wasn't necessarily low on disk space, I'll take that recovered 20GB any day.

Freebies for inveterate system tweakers only
Sysinternals, which is now part of Microsoft, offers a solid lineup of utilities for digging deep into Windows' darkest corners. Two of my favorites are Process Explorer and its cousin, Process Monitor. Once you get a handle on the information they present, the programs give you as complete a glimpse inside Windows--in real time--as you'll find anywhere.

The malware assault on our PCs escalated in 2008, according to antivirus vendor F-Secure. The company's threat summary for the second half of 2008 reports that F-Secure added 1 million virus definitions to its database this year, a threefold increase from the number of viruses the Finnish security vendor detected in 2007.

Today's malware authors aren't just looking to cause trouble; they're after your money and personal information, which these days are synonymous. Attacks are only going to increase in number and sophistication. If you thought you could avoid an infection by staying away from questionable sites, downloads, and e-mail links, you're mistaken.

The only way to play it safe is to assume the worst. That's why I spent several hours last week disinfecting a notebook computer that probably wasn't infected in the first place.

It all started when I decided to run a free online virus scan on my notebook. I use a top-rated security suite that's set to update its virus definitions and other settings automatically, so I was confident that the scan would come up empty. (I'm not going to name either product because I don't want this post to be construed as a recommendation one way or the other.)

Unfortunately, after a complete system check, the online virus service told me it found two suspicious files on my notebook. The scanner's option to remove the files was grayed out, and the option to "skip" them was recommended.

It appears that the files were flagged as potential problems because they included the word "trojan" in their names. I acknowledge the "hide in plain sight" approach, but I doubt that many malware authors would be so kind as to identify their creation in the file name itself.

Still, the scan had introduced the possibility of an infection, so I immediately closed the notebook's Internet connection, updated the virus definition database of the antivirus software installed on the machine itself, and performed a full system scan using that program.

I wasn't surprised when the scan came up clean--several hours later--but I was relieved that I didn't have to go into full wipe-out mode, doing a complete system scrub and changing all my passwords. (Come to think of it, I should probably sanitize the system and refresh my passwords, anyway.)

Three years ago, I wrote a story called 10-Step Security that promised to lock down your PC in only an hour. The tips in that article are beginning to show their age, so this week, I'll be updating them here to reflect the new reality of computing in dangerous times.

When the free trial of the security software that shipped with my Vista PC expired, I decided to uninstall it and give the free versions of competing antivirus and firewall programs a try. For some reason, this caused my Internet connection to drop intermittently.

When I uninstalled the new programs and ponied up for the full version of the security suite, the network outages ceased. I never did figure out why my system didn't take to the new security apps, but the hassles I avoided by taking the suite approach to security justified the cost of the program.

The experience got me thinking about whether I need any antivirus software at all. I've got a near-real-time backup service that saves my data files regularly, and I don't usually frequent the Internet's dicier locations.

Ultimately, I decided that security software is really PC insurance. Even careful, cautious, tech-savvy people can fall prey to a malware attack. It would take only one thwarted infection for the program to prove its worth. And sticking with a single security vendor whose products are proven effective is the best way I know to reduce the chances of compatibility problems.

In PC World's most recent review of security suites, Symantec's $70 Norton Internet Security finished a couple of notches above the $80 Kaspersky Internet Security and $70 McAfee Internet Security Suite.

Sometimes it's okay to put down your defenses
Most security programs have some components that are always active. This robs your system some processing power and memory. Just how much processing power and memory depends on the program and how it's configured.

When you're running an application that requires all the system resources your PC can muster, you can reclaim a few by temporarily closing your antivirus program. The fastest way to do this may be to right-click its icon in the system tray and choose Exit or Close. It's a good idea to keep your firewall running at all times, but if none of your open apps have an Internet link active, you can do without virus protection.

If your browser fails to open certain sites or your network link starts acting up in some other way, a short-term solution may be to shut down your security program temporarily. (You can also try clearing your browser's cache.) If closing the security app restores the network connection, add the balky sites to the program's white list of safe Web destinations.

Wikipedia's antivirus page provides loads of background on the programs. Of particular interest are the page's "Issues of concern" and "Effectiveness" sections (scroll down to find them).

Too often we choose a security program based on the reputation of the vendor. That's why I was happy to learn that the results of recent tests of antivirus software conducted by AV-Test.org found several with near-perfect virus-detection rates, including Avira's free AntiVir Personal.

The tests didn't distinguish between antivirus programs that reside on your PC and virus scanners that run in a browser. I wasn't able to find any test results specifically for online virus-scanning services, though the same handful of names popped up repeatedly: Secunia Software Inspector, Trend Micro HouseCall, Kapersky Online Scanner, F-Secure Online, Microsoft's Windows Live OneCare Safety Scanner, and the Jotti Malware Scanner.

Over the years I have used all of the above services at least once, with the exception of Jotti. While I've never experienced a problem using any of them, neither can I be certain that the services didn't miss a virus that had infected the PC being scanned. Even running multiple virus scanners in succession is no guarantee that one of them will find the bugs the others missed.

PC Flank offers more scanning options
Absent any third-party test results, how do you choose from among the many virus-scanning services available? If you're looking for a service that lets you choose which type of scan to perform, PC Flank offers a battery of tests that you can run individually or together.

If you're looking for a quick check of your PC's defenses, choose PC Flank's Quick Test, which determines your PC's vulnerability to Internet attacks, whether your system is infected with a Trojan horse, and whether your browser is disclosing private information to the sites you visit.

Get an instant check of your PC's vulnerability to Internet threats using PC Flank's Quick Test.

(Credit: PC Flank)

When the test results appear, click the Full Report button to see more information about your system's defenses. The service may recommend that you update your antivirus program's definitions, or install a new firewall (which is what I was instructed to do for my laptop).

PC Flank's security scanner may recommend that you update your antivirus program, or install a new firewall.

(Credit: PC Flank)

For more in-depth probes of your machine, try PC Flank's Stealth Test, which lets you know if the system is visible on the Internet, or the Exploits Test, which mimics a denial-of-service attack on your PC. The service even recommends the best test to run based on your experience level, or whether you're in a hurry. It also provides a list of leaktests and a summary of how well various firewalls did when tested for leaks.

Tomorrow: A different kind of online scanner keeps your PC "pure."

About five years ago I installed the family version of Symantec's Norton Internet Security software on one of my PCs, rendering the machine unusable. Not only couldn't I get any access to the Internet, it was impossible to uninstall the program. I ended up having to reinstall the operating system and all my applications--except Norton Internet Security. At the time I said I would never again install a Symantec security program on any PC, but about a year ago I bought a PC that came with 90 days of Norton 360, and the program won me over. When the free trial period was over I even coughed up $80 for a year's subscription. Apart from the frequent nags about my need to back up (I prefer to use my own manual backup strategy), I'm happy with the Norton 360.

Now the other side of the coin: I've used CheckPoint's ZoneAlarm firewall--both the free and pro versions--for many years, and on many different PCs. The program would occasionally prevent a legitimate program from performing some operation, but on those rare instances I merely shut the firewall down long enough to complete the task, and then turned it back on. No problem.

Until this morning, that is. I spent four hours trying to update a Web site via ftp, only to be told that access to my ISP's ftp server was denied. I tried using the WS_FTP Pro ftp program, Windows Explorer, Firefox, and even a WYSIWYG Web editor, but nothing could get through to the server. I could access the remote system on another PC on my network, but I wanted to avoid having to move the files in question to that PC to complete the transfer. Just last week I had ftp'ed some files without a problem.

After several calls to my blameless ISP, a tech suggested that I uninstall ZoneAlarm. Not just shut it down (which I had already tried), but completely uninstall the app. This struck me as somewhat extreme, but after spending so much time trying to figure out the glitch, I thought it was worth a try. And what do you know: as soon as ZoneAlarm was off the system, I could access the ftp server without a hitch.

Customize your firewall's ftp access using these settings in the free Comodo Firewall Pro.

I suppose I could try to figure out why ZoneAlarm all of a sudden threw a monkey wrench into my server access, but it's quicker and simpler to rely on another free firewall. My ISP's tech guy said he trusted the firewall built into XP, which he claims Microsoft has improved tremendously. But its protection is one way: it doesn't monitor traffic from the PC to the Internet, just stuff inbound. Instead, I loaded the free Comodo Firewall Pro, which also scans your system for viruses, spyware, and other threats. Since I use a remote-access service to log into this PC while on the road, I chose to review requests for incoming connections rather than to block them automatically, which means I'll have to click through a few more pop-ups. But for me this is a small price to pay for the added convenience of remote access.

After you install the Comodo firewall it starts to train itself.

After you install the program and reboot, Comodo "learns" your system, running through the standard processes and services. It also learns as you open your browser and other network-connecting applications for the first time. Once its training is complete, you can click the Comodo icon in the system tray to view your blocked and allowed connections, as well as other traffic data. You also get a snapshot of your running applications, and your choice of five security and alert-frequency settings.

Get a snapshot of your system security on the Comodo Firewall Pro's summary page.

So what did my morning in tech-support hell teach me? First, that my ISP's tech support staff is worth their weight in gold (even if I did assume at first that it was all their fault). Second, that I'm glad there's a myriad of free options when it comes to PC security software. Third, that things change quickly in the computer world, and it doesn't pay to be glued to your assumptions. And fourth, if a program encounters a problem accessing the Internet, check for a conflict with your security software before you get on the horn to your ISP's tech support.

Tomorrow: tweak Windows XP for optimum performance.

What am I, nuts?

Removing the antivirus software from your PC goes against conventional wisdom, but a lot of conventional wisdom is bunk, especially when it comes to technology.

Two of the five PCs on my home network have been without AV software for six months, ever since I made the mistake of loading the beta of Windows Live OneCare 2 on my home network. This stellar example of the programming art brought my entire network to its knees in a matter of minutes. After three days of repairs, my network was working again, but I realized that two of the systems no longer had any antivirus software installed. I could've downloaded and installed one of the many free AV programs (Avast is my favorite, although it's free only for home and non-commercial use), but it was late, so I decided to take care of it "tomorrow".

In this case, tomorrow never came. Funny thing, I've been using the PCs as I always did, and they remain virus-free. I know because I just checked them both using Trend Micro's free Housecall online virus scanner.

Yesterday one of my PCs that still has AV software popped up a message that it was time for an update. Of course, I was in the middle of something that needed to get done right away, but like most PC users, I've grown accustomed to these interruptions, so I stopped what I was doing to let the AV program play through.

Wouldn't you know that this was one of those updates that required a restart? "Hey," I wanted to say, "I'm workin' here!" I had to fight the temptation to jump right to Add/Remove Programs (which Vista euphemistically calls "Programs and Features") and bounce the app once and for all. I didn't, but I have a feeling the program's days are numbered.

Be Careful Out There

The first thing you need if you fly AV-free is a bidirectional firewall. You can do better than Microsoft's free Windows Defender. Checkpoint Software's ZoneAlarm gets the lion's share of the press; it's free for individuals and not-for-profit organizations, excluding schools and government agencies. Another option is Sunbelt Personal Firewall, formerly Kerio Personal Firewall. The 30-day free trial of the $10 version reverts to the free release, minus a few features, if you choose not to pay.

Next, mind your downloads. "Free" music and video files available for download from the Internet are often loaded with some nasty viruses. The best advice is to pay for your entertainment, and avoid any site outside the mainstream. An alternative is to convert an old PC into your dicey system, the one you use when you want to visit a site whose content you're not sure about. Make sure that PC has antivirus software, a firewall, an updated copy of Windows (or better yet, a less-vulnerable OS), a bullet-proof case, and a hazmat suit. (Okay, you can skip those last two.)

Mind Your Mail

Another common source of malware is e-mail. One of the best ways to avoid mail-borne infections is to switch from HTML to plain text. In Outlook 2003, click Tools*Options*Preferences*E-mail Options. Under Message handling, check Read all standard mail as plain text. In Outlook 2007, choose Tool*Trust Center*E-mail Security. Click Read all standard mail in plain text under Read as Plain Text in the right pane. If you use Mozilla Thunderbird, simply click View*Message Body As*Plain Text.

Prevent e-mail-borne malware attacks by reading your Outlook 2007 mail as plain text.

Also, don't click links in e-mail messages, even if you know the person who sent it. Some viruses hijack address books and send messages to every entry, so they appear to be from someone you're acquainted with. Instead, either copy the link and paste it into your browser's address bar, or go to the home page of the site (by removing everything in the URL to the right of the ".com", ".org", or other top-level domain), and then search the site for the page in question. If you're the least bit wary of the link, just let it be, or at least reply to the person beforehand to confirm that the link is valid.

Tomorrow: Centralize your e-mail.