Two New Ways to Boot into Safe Mode in Windows 8

Sometimes, things just don’t work right and you need to boot into Safe Mode, where only a minimum of drivers and Windows components are loaded. A previous tip explained how to boot into safe mode for Windows XP/Vista/7 but Windows 8 has two new procedures. Here they are:

1. Use the Troubleshooting and Repair Feature to Boot into Safe Mode

You can access the boot menu with an option to open in Safe Mode this way:

Open the troubleshooting and repair feature that is described in this previous tip.  You can also see screenshots there of the  windows referred to below.

In the window titled “Choose an Option”, click “Troubleshoot”

Next click “Advanced Options”

In the Advanced Options window, click “Startup Settings”

In the “Startup Settings” window that opens, click the button “Restart”

The boot menu shown in the figure below will open.

Use the down arrow key to highlight “Safe Mode” and press the Enter key.

Windows will open in Safe Mode.

2. Bring Back the F8 Way to Boot into Safe Mode in Windows 8

If you try to use the old keyboard method of pressing F8 to boot into safe mode in Windows 8, you will find that it doesn’t work. Windows 8 has a new boot process designed for the BIOS replacement called UEFI.

 However, most current PCs are still using the old BIOS and if you want to restore the familiar way of booting to a black-and-white options menu that includes safe mode, you need to change a system setting.

The procedure is straightforward and is done by opening the command prompt with elevated privileges and then entering a single command.

Use the keyboard shortcut Winkey+X to open the Quick Access menu (shown in this previous tip)

In the Quick Access menu, select “Command Prompt (Admin)”

Say “Yes” to the UAC challenge

A command window will open

Enter this command:  bcdedit /set {default} bootmenupolicy legacy

Note that there are curly brackets around the parameter “default”, not the usual parentheses.

A message will appear “The operation completed successfully”. Now the method using the F8 key is supposed to work again.The figure below illustrates the command and the completion message.  To undo the change, enter the command:

        bcdedit /set {default} bootmenupolicy standard

As is true for other versions of Windows, getting into Safe Mode with the F8 key can be tricky. You have to hit the key at just the right time. Try tapping the F8 key as soon as you see the blue Windows flag appear on the screen. Some recommend holding the key down. I include this procedure because you see it a lot on the web but, personally, I have pretty mixed results trying to get into Safe Mode with the F8 key. If you know a way to do it reliably, let us know in the comments.

How to Customize the Windows 7 Notification Area (System Tray)

If you have been annoyed by the clutter of icons that always seems to be in the Windows notification area (system tray), there is relief in Windows 7. Microsoft added a way to remove some system icons or to hide icons that are not in regular use. If you’d like to tidy up your notification area, here is the procedure:

In the notification area of the taskbar, find the small upward-pointing triangle and click it. Alternatively use this two-step keyboard shortcut: Windows key+B, Enter

A small window (shown on the right) will open. Click “Customize”.

A dialog box with a list of notification area entries will open. An example is shown in the figure below.

Each entry has a drop-down menu on its right where you can select from three choices:  “Show icon and notifications” or “Hide icon and notifications” or “Only show notifications”.

After making your selections, click “OK”.

For those who don’t mind a little typing, there is an alternate route that leads directly to step 3 above. Type “notification” (without quotes) in the Start search bar and click “Notification area icons” in the list that appears. This will open the dialog box below and you can proceed to step 4 above.

If you want to be entirely rid of some of the system icons, click “Turn system icons on or off” in the dialog box. The new dialog shown below will open. Make your selection of “on” or “off” and click “OK”.

If you make changes and then wish you hadn’t, you can click “Restore default icon behaviors” and then click “OK”.

How to Remove Old Windows 7 Notification Area  Icons

Are you having trouble removing a program icon from the notification area of the taskbar even after the program has been uninstalled? Old program icons can be deleted by editing the Windows Registry or with software.

If you are familiar with editing the Registry (see this article), here is the procedure for clearing the tray icon cache where the program icons are stored:

Back up the Registry before you do anything else

Open the Registry Editor

Navigate to this Registry key: HKCU \Software \Classes \LocalSettings \Software \Microsoft \Windows \CurrentVersion \TrayNotify

In the right side pane of Regedit, delete the value IconStreams

Also in the right side pane, delete the  value PastIconsStream

Log off and back on for the Registry edit to take effect. Alternatively stop and restart Explorer.exe if you are familiar with that process.

If you are not used to Registry editing, there are software possibilities. CCleaner has a function to clean the tray icon cache. It is labeled Tray Notification Cache and is in the Windows advanced section. You may have to run CCleaner as administrator.

How To Avoid Spam

Spam is difficult to get rid of once you're on the spammers lists. However, it is relatively easy to avoid in the first place. Below I have explained some simple strategies that, if followed correctly, will render you all but immune to the ravages of spam.



Index

1.  Be Very Careful With Your Email Address

2. Use a Secondary Email Address

3. What To Do With Received Spam

    A) Don't Buy Anything From Spam Advertised Sites

   B) How To Protect Yourself From Received Spam

   C) How To Report Spam

4. Educate Others About How To Avoid Spam



1. Be Very Careful With Your Email Address

First, I think it's important to recognize the tactics spammers use to harvest your email address. If you know how they're going to attack, then you should be able to avoid falling prey. One thing to remember is that spammers have programs that constantly search forums, and other publically available sites, for email addresses that people have posted. Thus it's a good idea to never post your email address anywhere it can be viewed by the general public.

Also, if you decide to set a vacation autoresponder, or an autoresponder of any kind, make sure that you set it to only respond to people who are already in your contacts list. Most major email services provide this option. Also, if your email provider does not provide this option I would strongly advise that you do not autorespond to emails. If you reply to a spam then the spammers know that your email address is active and they will send you even more spam.

Also, it's a good idea to refrain from signing up for any offers that require an email address, unless you trust the website. If you're not confident then you should investigate the site using the methods discussed in How to Tell If A Website Is Dangerous. Also, to automatically provide some sort of protection against these sorts of sites, please read my article about How to Harden Your Browser Against Malware and Privacy Concerns. There are some very useful extensions mentioned in that article.

There are also websites which will intentionally try to impersonate a safe site in order to trick you into giving them information. This information can include passwords, your email address, credit card information, or many other types of sensitive information. These are known as phishing sites. In order to better recognize phishing scams, and thus avoid them, please see the examples on this page.



2. Use a Secondary Email Address

Sometimes you will find yourself in a position where you have to break some of these rules. For those times it's a good idea to have two separate email addresses. Use one only for communicating with friends and people you trust. The other should be reserved for interacting with sites you don't have complete confidence in. The benefit of this is that only your secondary email should get any spam. If the spam becomes unreasonable you can just delete the account and start another.

Of course instead of maintaining a second email address another option is to use disposable email addresses. For ideas for some helpful services which allow you to create disposable email addresses please see the article on this page.

3. What To Do With Received Spam

The sad truth is that even if you open a fresh email address, and follow all the advice provided above, you may still receive some spam periodically. One of the things spammers do is send spam out to a very large number of email addresses which they think may exist. Thus, if this is where the spam in your inbox came from, the spammers may not even know your email address is even active. Below I have explained what steps to follow to both make sure the spam problem does not get worse and to help solve the problem once and for all. Note that these steps are also helpful if you are receiving a large quantity of spam.

A) Don't Buy Anything From Spam Advertised Sites

Although this should be obvious I will quickly mention it. Please do your part to stop spam by refraining from purchasing anything from a site that you were directed to via spam. For one thing, you have no reason to trust the company with your credit card information, or really with any information at all. Also, giving your money to companies that advertise in this way only continues to make it profitable for people to send spam. You will be hurting not just yourself, but everyone else as well. Please don't fund spam.


B) How To Protect Yourself From Received Spam

One of the most potent defenses against spam is your own common sense. Never respond to an email unless you know, and trust, the sender. This includes unsubscribing from emails. If you don't remember doing business with the company then I'd advise against trying to unsubscribe from the email. If you try to unsubscribe from something that turns out to be spam, they will know your email is active. In the same line of reasoning you should never click on any links, or pictures, in spam. Many of these will have code in them that alerts the spammers that the email has been opened. Even clicking on the website URL could have this effect.

Following this same line of reasoning you also want to make sure that your webmail client is not configured to load external images automatically. Luckily, most webmail clients do have this disabled by default. Also make sure that you do not click to load external images yourself. Loading these images may have exactly the same effect as actually clicking on a link, or a picture. It may alert the spammers that the email has arrived and has been opened. Then they will know that your email address is active and will add you to their lists of people to spam. After this happens the amount of spam you receive will likely increase drastically.

To make sure that your email account is properly configured please go to this page, fill in your email address, and have it send you a test email. Trust me, the site is safe. After it says the email was sent you should open your email account however you normally would. Then open the test email that was sent. However, don't select the option to show images, send return receipt, or any prompts you may receive. Just click on the link in the email that says to view the results page. If everything is configured correctly for your email all of the results boxes should still be grey. If some are red then your email account is not yet configured properly. Note that this test should take less than 20 seconds to complete after you open the email. However, it will continue updating as if it is still running tests. It is not and you can safely close the site after ensuring that everything is configured correctly.

 It's also possible that the spam could contain malware. To protect yourself from this please read my article about How to Stay Safe While Online. This article will help you to protect your computer from all types of malware.

C) How To Report Spam

In general, the best course of action it to report the spam and delete it without opening it. I have explained how to report spam, so that it will have the greatest effect, in my article about How to Report Spam. However, if you aren't absolutely certain that an email is spam you may need to open it to make sure. If that is the case then make sure all of the above advice has been followed before you open any suspect emails.

4. Educate Others About How To Avoid Spam

In addition to helping others avoid spam, which is an admirable goal by itself, educating those you are close to will also help you. Essentially, these people also have access to your email address and thus, regardless of how careful you are about providing it to sites, they can inadvertently give your email address to spammers accidently. One very important thing that those with access to your email address need to know is that if you are going to forward a particular email to a lot of people you should forward it by using BCC. This way everyone else's email addresses are masked. If you forward it to everyone normally, and that email eventually makes it into the hands of spammers, then you have essentially just signed up everyone for spam. Thus educating people about the importance of BCC is very important.

Yet another way others could accidently expose your email address to spam is as innocently as a loving relative who really wants to surprise you by signing you up for that 'free' laptop that a site is giving away. This sort of action, as I hope most of you are already aware, will likely lead to that email address getting spam. Thus for everyone's sake it's really necessary that in addition to making sure you know how to avoid spam, you also help others to know how to stay safe as well.

How to Reduce Spam

As spam recipients go, I'm a class act. I get hundreds every day and on some days, more than 1,000. Yet in my mail box I hardly see any. Here's how I do it.

First, a little history. I used to use a Bayesian spam filter running on my PC. The product I used was an Outlook add-in called JunkOut. Like most Bayesian filters it took a while to train but once trained it worked just fine. The spam detection rate was around 98% and the number of false positives (good mail wrongly classified as spam) was vanishingly small.

But there was a problem. As my spam mail volume grew, the time taken by the spam filter to process my mail was growing to the point of being unacceptable. Some days it was taking 10 minutes or more to process my mail.

I needed a different solution. I tried rule-based spam filters that used less processing than Bayesian filters. I tried setting up my own mail server on a dedicated PC. I tried various commercial spam filtering services and other options as well. None of these gave me what I was looking for. But then I tried Google's GMail and bingo! I found what I had been looking for.

Unlike some other webmail services, Gmail provides spam filtering for free. That's no big deal; Yahoo!, Hotmail and others do that as well. What's different about Gmail is that it also provides free POP3 mail access.

Most of my spam mail is sent to the address editor@techsupportalert.com. That's no surprise; that address appears in every issue of this newsletter and on my website as well.

What I do is to forward all mail from that address to my Gmail account where it is spam filtered automatically.

The GMail spam filter detection rate is good, around 95%, so around 950 of the 1000 spam messages I receive daily never get to my Google Inbox.

I then use POP3 access to download the contents of my Google Inbox to Outlook. The incoming mail is then filtered using the excellent network-based Cloudmark spam filter that is installed on my PC.

Cloudmark's detection rate is around 92%. So of the 50 or so spam emails in my Google Inbox each day, fewer than five make it through to my Outlook Inbox.

Now here's the crunch. Both the Google GMail spam filter and the Cloudmark spam filter have the same characteristic; they virtually never classify my real mail as spam. That means I don't need to regularly check my spam folders to see if they contain genuine correspondence. That's a real plus with large spam folders.

The spam detection rates for GMail and Cloudmark are good, though a long way from the best in their class. But that doesn't matter. By chaining the two systems together I increase my aggregate spam detection rate to 99% plus and that rate IS right up there with the best.

So the end result is that of 1,000 spam emails per day I see fewer than five. At the same time my real mail is virtually never sent to a spam folder. Problem solved.
Users may not have the facility to redirect mail from their normal mail account to a GMail account. Some mail services provide this feature, others don't; you'll have to check your service to find out.

Even if your account doesn't allow mail forwarding you can do it yourself using a free utility called ERC. This runs on your PC and can be scheduled to automatically log into your mail account and forward the mail to another account. In fact, it can forward mail from up to three different accounts.

A better solution in the long run, though, may be to shift your permanent email address to Gmail.

I use Cloudmark for my secondary spam filter but a good Bayesian filter would perform well in the role provided you have the patience to train it. SpamBayes and K9 are good examples and both are free. The Thunderbird mail client of course has its own built in Bayesian spam filter so there is no need for another.

Whatever product you chose, I do suggest you try this combination of remote and local spam filtering. It could be just what you have been looking for.

How & Why to switch from Yahoo! Mail to GMail

It's a hard fact that All new Yahoo! mail sucks. This may be just personal but Yahoo gave me tough times with server errors on numerous occasions. For me GMail edges out Yahoo! Mail because of its speed and spam blocking. Yahoo! has too much spam, including IM span. Also POP access and disposable addresses require paid account. I'm afraid a day might come in the future when Yahoo won't allow access to your account even if you enter the correct ID and password. Once my Yahoo mail got hacked, I had enough with it. I was about to delete my account but suddenly I noticed that there were many important e-mails in my inbox! Now what?! Before I go into what to do next, let's see why GMail wins against Yahoo Mail.

Why to switch from Yahoo! Mail to GMail?

Faster access to mails and general speed in sending & receiving mails. Powerful search function for e-mail similar to Google. Filtering out e-mails with .exe attachments possible.

Better spam blocking and less spam. Yahoo has too much spam including IM spam. Yahoo! also sucks to differentiate b/w legitimate and spam mails.

Automatic forwarding for GMail.

Supported E-mail client access for GMail:POP3, IMAP, SSL/TLS supported, SMTP restricted. Yahoo supports only POP3 that too for certain regions. (This feature is to be noted as it's useful in the article)

Gmail localization for 52 languages, Yahoo 27 languages

GMail has text ads only in viewing mail box, not in messages. Yahoo has ads in interface and mails.

Domain name customization possible in GMail using Google Apps

Custom From address can be set up in GMail

Address modifiers available in GMail (userid followed by + followed by tag)
IE, Firefox, Chrome, Opera only compatible with new version of Yahoo Mail.
Account expiration on inactivity 9 months in Gmail that too at Google's discretion vs 4 months for Yahoo Mail.

Other special features in GMail: Messages grouped into conversations, Basic HTML view gives faster access for slower net connections, Labels are used in GMail instead of folders in Yahoo.

So here I am, to share with all of you on how to import all your contacts and mails from Yahoo to Gmail at one go. There are many articles around the internet that may describe on how to do this, but most of them don't yield the desired results. So I did some mix 'n math and got it to work perfectly. 

First thing is that, you need to have POP3 access and multiple mail forwarding with Yahoo. This feature is limited to Yahoo Plus users but a tiny workaround can save your day without spending even a single buck. Also you don't need to download and install YPOPs! application for the same.

How to switch from Yahoo! mail to GMail?

Sign into your Yahoo account.

If you are using Yahoo Mail Classic switch to All new Yahoo mail. Click Options to the right of your mail box page and select All new Yahoo mail.

If you check Options(at top)->Mail Options->Forwarding, you can see that this feature is only available in Yahoo Mail Plus and you have to upgrade for $20. Oh come on, don't be sad. Read the rest.

Now go to your Yahoo inbox and select the display name on top left. It's your name written as Hi, "your name". Go to Account Info that appears in the subsequent drop down box under your display name. You may have to sign-in again to verify. 

In the Account Info page, scroll down and click on 'Set language, site, and time zone' under Account settings and set your Regional Site and language to Yahoo!United Kingdom and time zone as GMT UK. Now, save your settings.

Sign out of your account, close all browser windows and then sign back in. Click on "I accept the Terms and Service" pop up if it appears. If not, don't bother. 

Next go back to your main mail box page select Options from the top, go to Mail Options and select Forwarding from the left side bar. Surprise! You don't see the Upgrade to get this feature anymore! 

Click Access Yahoo! Mail via POP and select any of the options to download spam or not. That's all that you have to do in Yahoo.

Next log-in to your GMail account. If you are using Basic HTML version of GMail click on 'Switch to Standard View' at the top. 

Go to Options, which is the gear icon on top right and select Mail settings. In the Settings page click Accounts and Import tab. Now click on Import mail and contacts or Import from another address if you have already specified an account to import from, before.

In the wizard that appears type in your username, click continue and enter your password, click continue again. Select your import options and click Start Import. It may take a few hours or sometimes upto 2 days to start seeing your imported messages. Click Ok. 

You're done, within a few minutes or hours check your inbox or spam in GMail to see your mail and contacts that you've imported from Yahoo. If you wish to stop importing new messages click on Stop in the import mail and contacts page at GMail.

You may switch back your locale in Yahoo to your current locale, but I'm not sure whether your mails will be imported anymore. This option left to users.


Hints: In step 5 you may try other regional sites and time zone's to see if it works for you as an alternate step. 

What Everybody Should Know About the Windows Registry

I suspect that most PC users probably consider the subject of the Windows Registry to be something to avoid. Over the years a mystique has grown up around the Registry, making it sometimes sound like a set of cabalistic rites known only to the high priests of Microsoft. This article will try to shed a little light on the Registry and outline some basic facts that I believe all PC users will find worthwhile knowing. A second article on the Registry editor is for more advanced users who may wish to do some of the many useful Registry tweaks .

Why should the average PC user know anything about the Registry?

The Registry is so essential to the functioning of a Windows PC that anyone who uses a PC regularly should at least have a general idea of what the Registry does. Just a little knowledge will remove some of the fear and loathing from the subject. Everyone should also know how to back it up and restore it. A little learning here can save big headaches with computer problems. The backup and restore process is neither difficult nor lengthy and is easily mastered by the greenest of computer newcomers.

What is the Registry?

The Windows Registry is a central database containing all the varied assortment of information needed for the computer to run both the hardware and the software. The Registry is in constant use and almost anything that you do on a Windows PC will access the Registry for information. The information is divided among a number of hidden system binary files. Only highly expert professionals will ever need to access these files directly. If desired, viewing the contents of some parts of the Registry is done with the Registry Editor accessory (Regedit), which combines certain components and displays them in a readable unified text form.

Isn't it dangerous to do anything with the Registry?

Because it is involved in everything, damage to the Registry can stop a PC from functioning. For that reason Microsoft has gone out of its way to make the Registry mysterious and fearsome sounding. It is reasonable that Microsoft does not want to have to deal with service calls from ignorant people who have tried to edit the Registry but I think the constant warnings about the Registry that you see everywhere on the Internet are overdone. They are a form of CYA arising in part from our overly litigious society. Yes, you can create a lot of problems if you mess up the Registry but you can also cause problems if you go around deleting things from the Windows or Program folders. You can do stupid things with almost anything. And yes, mistakes do occur. I once misplaced a comma while editing a Windows 95 Registry and found that my computer wouldn't boot. But I had a backup and it took only a minute or two to fix the problem. Actually, the Registry has become increasingly robust with each version of Windows. It is very much harder to make the system unbootable than in the days of Windows 95.

Why does Windows need a Registry? Other operating systems don't have one

All operating systems need a way to store information about the system. There is more than one way to do this and Apple and Linux use a different method. Originally, Windows kept information in a large number of separate INI files scattered throughout the system. Then, beginning with Windows 95, Microsoft decided to centralize the information. It is true that there are a number of computer scientists who think the Registry is not the optimal way to store system information but the Registry method also has its proponents.

How to back up and restore the Registry

If there is one thing about the Registry that everyone should know, it is how to back it up, Every time you make system change- installing software, attaching new hardware or whatever- a backup should be made of the Registry. Fortunately, this is not difficult.

Backing up is often already done for you by System Restore.  Depending on how often you turn your computer off, the default setting is for System Restore to back up certain system components, including the Registry, approximately every 24 hours. However, you can also manually create a restore point whenever you wish and it's a good idea to do so whenever you make a system change. Some quick ways to make System Restore points are at this link. Those who make frequent changes to their system may wish to create a shortcut to System Restore or download one of the little scripts mentioned in the preceding reference. Put the script file on the desktop and making a restore point is just a double-click away.

One drawback to System Restore is that it doesn't provide a convenient way to back up just the Registry or parts of the Registry. Another is that the restore points cannot be placed on an external drive. A possible solution is the free program Erunt, which is included in the Best Free Security Software list.  Another method is to use the export function of Regedit, which I discuss in another article.

Cleaning the Registry

There are many programs that claim to do wonderful things by "cleaning" the Registry. That is, they prune out dead or corrupted entries. Some are better than others. However, some are actually dangerous and none that I have seen actually has any statistical evidence to back its claims. Registry cleaning can be dangerous without taking proper care. Many average PC users do not have the background knowledge to use a Registry cleaner safely. It is very easy to "clean" some Registry entry that should not be removed. I see too many posts on the Internet about Registry cleaning gone awry. Even highly rated programs that I have tried have offered to clean something that I knew should not be touched.

Back in the days of Windows 95, I was an advocate of regular housekeeping for the Registry. My own experience and anecdotal evidence indicated better performance when the Registry was occasionally cleaned.  However, the Registry in Windows XP and later is far more robust and much less prone to corruption. Those who install and uninstall a lot of software and/or those who tweak the Registry a lot may find it worthwhile to do regular Registry maintenance. For ordinary PC users, I feel that the Registry needs this type of maintenance very rarely. Windows Vista and Windows 7 Registries are even less susceptible to corruption than XP with added protective measures such as Registry virtualization. I almost never use Registry cleaners and then only on heavily used old XP systems with problems. For more about Registry cleaners see this reference.

Personally, I believe that a good uninstaller program is a better way to keep the Registry clean. The major source of unnecessary Registry entries is poorly uninstalled programs. Many programs leave behind a great deal of junk in the Registry when uninstalled. See the list of free uninstaller programs and use one of them.

Conclusion

In summary, the Registry is just a database, albeit an unusual and very important database. It’s no more mysterious than much else in Windows (and less than some things). Always back it up before any system changes and you will be prepared if it stops doing its job.

How to Stay Safe While Online

With the amount of malware currently prowling the internet it's very important to fully protect your computer from online dangers. This is important for everyone, not just the overly security conscious. Below I've compiled advice for both novice users and more advanced users. Trust me, there's something for everyone.



Index

1. Ensure Your Computer Is Not Infected

2. Basic Approaches To Staying Safe

    A) Back Up Important Files

   B) Keep Your Software Up To Date

   C) Make Sure Websites, Accounts, And Downloads Are Safe

3. Prevent Future Infections By Using Internet Security Software

    A) Pros And Cons Of Using An Antivirus

    B) Pros And Cons Of Using A Secure DNS Server

    C) Pros And Cons Of Using A Firewall With A HIPS

    D) Pros And Cons Of Sandboxing

    E) My Advice On What To Use

4. Browser Based Protection

5. Protect Your Online Privacy



1. Ensure Your Computer Is Not Infected

The first thing you should do when securing your system is to ensure that your computer is not already infected with malware. To do this please follow my article about How to Know If Your Computer Is Infected. Please make sure any infections you may have are cleaned before continuing to follow the remainder of this article.

2. Basic Approaches To Staying Safe



A) Back Up Important Files

An important aspect of protecting your computer is making sure that if anything bad does happen, your important information will still be safe. Note that I am referring to problems which can arise from both malware related issues, which this article can help protect you against, and many other types of issues, which often cannot be prevented. I find that it's best to go about this task with the realization that it's always possible that the next time you turn on your computer all of the files on it could be lost. This happened to me once when my hard-drive died. Thus, it's very important to regularly back up all of your data. One of the best ways to do this is to use a free backup program, such as Dropbox, to back up your important files. Dropbox will give you 2GB of space to backup your most critical information.

However, if you need more space to entirely backup your critical files you can also put the data on an external hard-drive, although these of course are not free. That said, another advantage to having a backup drive is that if it has enough room you can even make a clone image of everything on your computer, including the operating system. This way, if anything bad does happen, you can just reload the last backup you made. One of the best imaging programs is called Macrium Reflect Free. For more information you can read this article about the Best Free Drive Imaging Program.


B) Keep Your Software Up To Date

One of the most important things to do in order to keep your computer safe from malware, aside from making sure that your computer is protected with a password, is to make sure that Windows Update is set to automatically update. You may find other sites recommending otherwise, and updating it manually is fine for some people, but for the most part I believe that it's best to have it install the updates as quickly as possible. This will help protect you from exploits used by some of the newest malware.

In addition, I would recommend that you keep all programs on your computer up-to-date. If an update is offered for any program I would strongly suggest that you take the time to update it immediately. All programs periodically update in order to fix security holes, which could otherwise be used by malware to infect your computer. Thus, keeping all of the software on your computer up to date is a very important part of staying safe online. A good program, which can help to make sure that all programs are up to date, is called Secunia PSI. It can be downloaded from this page and is free. It will scan the programs on your computer and identify which are not up to date. It will then attempt to automatically update them for you, thus saving you time.

 Also, if you have Java installed on your computer, which most people do, you may want to consider removing it. Java is constantly being exploited by malware. Also, for most people having Java installed on their computer is not even necessary. Although there are still sites, and programs, which do require Java in order to run, they are becoming less and less common. Thus, my recommendation would be to uninstall Java and only install it if you find that it is in fact required for you.

C) Make Sure Websites, Accounts, And Downloads Are Safe

These days it can be difficult to tell whether many websites are safe or not. If you're not confident that a site is safe you should investigate it using the methods I discuss in How to Tell If A Website Is Dangerous. Also, in addition to making sure that sites are safe, you should also make sure that anything you download from a site is not dangerous. Even downloads from legitimate sites may sometimes turn out to be dangerous.

Also, even if the site is trustworthy, there is something else to consider if the site asks you to create an account. These days many legitimate sites are being hacked and users' passwords are stolen. This would not be too large a problem if that meant that the passwords could only be used on that site, but the problem is much larger than that. Many users tend to use the same password on multiple sites. This means that if criminals gain access to your password for just one site, they may also have it for many others. Thus, my advice is to not only choose a strong password for each account, but to make sure that you use different passwords for different sites. For good advice on how to do this please read this article about How to Keep Your Passwords Safe. Also, spam is currently a very large problem for many internet users. Because of this I have written an article about How to Avoid Spam. Please read this article in order to learn what behaviors will best allow you to avoid this problem.



3. Prevent Future Infections By Using Internet Security Software



There are many different approaches to protecting a computer. Below I have reviewed the main approaches which are constantly being advocated today. I conclude this section with my advice about what approaches I would advise most users to follow in order to protect their computer.



A) Pros And Cons Of Using An Antivirus

I do believe that having an up to date antivirus program running on your computer is an important component to nearly any protection regime. One of the greatest attributes of a good antivirus program is that it will automatically remove any files that it knows to be bad. Thus, the user can essentially install an antivirus and then almost forget that it is there. For the most part it will do its part protecting the user without requiring any interaction. It's very easy to use. However, make sure that you only have one antivirus program for protection. Running more than one can cause problems for your system.

 However, there are also downsides to the approach taken by antivirus programs. It really boils down to this. An antivirus cannot detect all malware. In fact, antiviruses are really quite bad at detecting new malware. Those detection statistics you see in many tests, in which antiviruses achieve detection rates such as 99%, do not apply to new pieces of malware. For real life situations these statistics would be more like 60-70%. Also, the better malware writers will test their new creations before releasing them to make sure that initially their malware won't be detected.

There is a lot more to the story, but the truth is that even if an antivirus program uses ordinary signatures, generic signatures, heuristics, cloud-based detection, and behavioral analysis it still will not be able to provide true protection from new malware. Any detection based approach to protecting your computer can be likened to playing Russian Roulette. One day you're probably going to get unlucky and wind up with your system infected. Because of this it has become apparent that additional methods are required in order to fully protect your computer. That said, an antivirus is a very good compliment to any of the other approaches reviewed in this section.

B) Pros And Cons Of Using A Secure DNS Server

The benefits of a Secure DNS Server, or at least one that will also filter known dangerous sites, are similar to those of an antivirus. It will protect your computer from any sites which are flagged as dangerous by the company operating the service. Thus, many threats will be stopped before they can even reach your computer. In addition it will also protect you from what are known as DNS Cache Poisoning attacks. These DNS servers are also relatively easy to setup and require no software. In addition, the speed you achieve by using these should be the same, or perhaps even faster, than you achieve without using one at all.



Of course, the downside to using a service like this is similar to that of an antivirus. It cannot possibly block all dangerous sites. The vast majority will likely bypass it. That said, just as with an antivirus, if you rely on this only as part of your protection regiment it is a very good addition. I find that it complements the other methods very well.



C) Pros And Cons Of Using A Firewall With A HIPS

Using a firewall with a Host Intrusion Prevention System (HIPS) can protect your computer from nearly all types of threats. It operates by preventing unknown programs from altering any part of your system. It automatically blocks any files which are not verified as safe by the security vendor. Therefore, malware is automatically prevented from doing any damage. In this way HIPS is superior to detection-based software, such as traditional antivirus applications, as it will stop any type of malware. Once the file is blocked the HIPS program will ask you if you want to give the blocked file access to your computer. Thus, control over what unknown programs are allowed to do is entirely in your hands. For a full explanation of what a HIPS is please read the explanation on this page.

Of course, the obvious downside to this approach is that just as there are many millions of malicious programs, there are also millions of safe ones. Because HIPS vendors cannot instantly analyze every possible legitimate program it's quite likely that you will receive questions about some safe programs, as well as for the dangerous ones. Of course, HIPS vendors are also acutely aware of this problem. In response many companies have developed extensive whitelists. These are databases of known safe programs. If a program is known to be safe, or is produced by a trusted vendor, you won't have to answer any questions about it and the program will be allowed complete access to your computer. Thus, for some HIPS applications, the number of alerts you get for everyday programs is so small that it is almost unnoticeable.



That said, for many people this type of protection, powerful though it may be, is too intrusive. With programs such as these there will always be at least a few popups which the user will be required to answer. In my opinion this is a very good trade-off for the very high level of protection you achieve, but for others it is not worth it. If you are looking for an install and forget kind of program a HIPS is not that. Therefore you should consider other alternatives. However, do realize that besides using a HIPS or sandboxing, which will be discussed in the next part, no other approach will be able to offer you anything approaching complete protection.



D) Pros And Cons Of Sandboxing

Using a sandboxing program can also protect your computer from nearly all types of threats. The types of sandboxing software I believe are most suitable for the majority of users are the ones which only sandbox individual applications. With these, anything run in the sandbox does not affect the real system. Thus, if something turns out to be malicious you can just delete everything in the sandbox. Thus the malware, or whatever was causing the problem, can be easily removed without it ever even touching your actual system.



However, this approach has drawbacks as well. While it is true that all applications in it are isolated from the system, it does give you the option to recover files to your real computer. This will sometimes be necessary, as most users will want to save what they are doing for future use. Thus, it's possible for malware to trick you into infecting your actual computer, even if you are using this type of sandboxing technology. In addition, for many users it may become a hassle that whatever you are working on in the sandbox will not be automatically saved for future use. I believe that many users will find this type of approach to be disagreeable.

 I don't mean to imply that sandboxing technology is not useful. It is one of the most potent forms of protection currently available. However, I would argue that, at least for most implementations of it, it is really more designed for advanced users. That said, there are a few approaches to using sandboxing which I believe may be suitable for novice users.

 E) My Advice On What To Use

Regardless of what other approaches you take to protecting your computer, I would suggest that you use a Secure DNS Server with malware blocking capabilities. The one I would most highly advise using is Norton DNS. Using this will not slow down your connection. In fact, you may even notice an increase in speed. Norton DNS blocks sites which it knows to be dangerous.

I. Use A Single Program Which Incorporates All Of The Above Technologies

My top recommendation would be to protect your computer by using all of these technologies at the same time. There is a program called Comodo Internet Security, which has combined all of these together into a single package. If you choose to use it you should download the free version from this page. This program includes an antivirus, a HIPS, an automatic sandbox, a firewall, and Comodo DNS Servers (which you can opt out of during installation if you would prefer to use Norton DNS, as advised above). Also, in my opinion this program is quite easy to use, and it keeps getting more user-friendly with each new release. The way this program works is that all files which are known to be safe will be allowed access to your real system and files known to be dangerous will be removed. However, unknown files will be automatically sandboxed and, if they require more permissions than are allowed by the sandbox, the HIPS component will ask you if you trust them enough to allow them access to your computer.



Also, much of the difficulty of using a HIPS, or a sandbox, is mitigated by the very extensive whitelist which Comodo has developed. I find it to be quite easy to use and would strongly recommend it to all levels of users. That said, there will be a few popups which will initially have to be answered, but I believe that these are relatively easy to understand and are few in number. If you like the approach this software takes, but would prefer to use a separate antivirus program, you can instead install Comodo Firewall. You can download the free version from this page. It comes with a HIPS, an automatic sandbox, a firewall, and Comodo DNS Servers. You can then install a separate antivirus program alongside it. A good list of free antivirus programs can be found in this article about the Best Free Antivirus Software. Do note that if you do choose to install Comodo Internet Security, or Comodo Firewall, you should read my guide about How to Install Comodo Firewall. This will explain how to configure it for maximum security.



After installing this program it's very easy to use. For example, you can open up your browser on your actual computer. You don't need to worry about sandboxing anything. Everything will be done automatically. What will happen is that any files you download, bookmarks saved, changes made, etc... will all be saved to your real computer. However, any files will be checked by Comodo before they are allowed to be run. If they are already known to be safe they will be allowed full access to your computer. Thus everything will work fine and you don't need to do anything. If they are known to be bad they will be removed.



However, if they are unknown they will be sandboxed. It's also important to realize that initially much malware will fall into this unknown category. That means that with this approach your computer is protected from anything these files may do, although they may still be able to run in the sandbox. Very little interaction is needed on your part for these files, and of course the number of unknown safe files that ordinary users will run into is very small. Thus, I believe that Comodo Internet Security, or Comodo Firewall, is the most user friendly, and arguably the strongest, approach to truly protecting your computer currently available. There are more user friendly approaches, but these rely on detection technology, thus not providing what I consider to be an adequate level of protection. I would strongly recommend that you try this software and see if it is suitable for you.



II. Or Just Use An Antivirus And HIPS

If you would prefer not to use Comodo Internet Security, or Comodo Firewall, then my first suggestion would be for you to install a different firewall with a HIPS component. A list of other good free firewalls, with strong HIPS protection, can be found in this section of the review of the Best Free Firewalls. I would consider the other programs in that section to be more difficult to use than Comodo Firewall, but if you find that Comodo Firewall is not a good fit for you these programs are certainly viable alternatives. However, just as I advised above, I would strongly suggest that you run an antivirus alongside it. This way, if a file is already known to be bad you will be protected from the possibility of accidently allowing it.

III. Or Just Use An Antivirus And Sandboxing

One of the most effective ways to use this program is to run your browser, or other potential threat vectors, inside of the sandbox. That way anything that enters your computer through them will automatically be isolated from the rest of the system. However, be aware that whenever something is downloaded you will be given the option to recover it to your real system. I would recommend that you only do that if you really trust the file. In order to make sure files are not dangerous please follow the advice I given in my article about How to Tell if a File is Malicious. However, please note that you will have to navigate to the Sandboxie folder in order to submit the file for analysis. When initially setting up Sandboxie I would strongly recommend that you follow this tutorial. Also, in addition to running an antivirus, I would advise that you run a good firewall alongside Sandboxie. For a listing of the best free firewalls please see this review about the Best Free Firewall.

4. Browser Based Protection

Securing your browser is another very important step in order to keep malware, and other threats, from gaining a foothold on your computer. For this please read my article about How to Harden Your Browser Against Malware and Privacy Concerns. If you are not also concerned about privacy concerns then pay particular attention to the portions which are concerned mainly with security.

5. Protect Your Online Privacy

If you are concerned about your online privacy, especially seeing as there have been more and more attempts to invade it recently, then please read my article about How to Protect Your Online Privacy. This covers many ways in which you can increase your online privacy. Many of these methods are easy to use, but some do take a little bit of effort. Please read it and use whichever methods you think best address your concerns.