With the amount of malware currently prowling the internet it's very important to fully protect your computer from online dangers. This is important for everyone, not just the overly security conscious. Below I've compiled advice for both novice users and more advanced users. Trust me, there's something for everyone.
5/23/2014-Fixed some links and added link to Best Free Antivirus Software article.
6/9/2014-Replaced http links with https links wherever possible.
The first thing you should do when securing your system is to ensure that your computer is not already infected with malware. To do this please follow my article about How to Know If Your Computer Is Infected. Please make sure any infections you may have are cleaned before continuing to follow the remainder of this article.
One of the most important things to do in order to keep your computer safe from malware, aside from making sure that your computer is protected with a password, is to make sure that Windows Update is set to automatically update. You may find other sites recommending otherwise, and updating it manually is fine for some people, but for the most part I believe that it's best to have it install the updates as quickly as possible. This will help protect you from exploits used by some of the newest malware.
In addition, I would recommend that you keep all programs on your computer up-to-date. If an update is offered for any program I would strongly suggest that you take the time to update it immediately. All programs periodically update in order to fix security holes, which could otherwise be used by malware to infect your computer. Thus, keeping all of the software on your computer up to date is a very important part of staying safe online. A good program, which can help to make sure that all programs are up to date, is called Secunia PSI. It can be downloaded from this page and is free. It will scan the programs on your computer and identify which are not up to date. It will then attempt to automatically update them for you, thus saving you time.
Also, if you have Java installed on your computer, which most people do, you may want to consider removing it. Java is constantly being exploited by malware. Also, for most people having Java installed on their computer is not even necessary. Although there are still sites, and programs, which do require Java in order to run, they are becoming less and less common. Thus, my recommendation would be to uninstall Java and only install it if you find that it is in fact required for you.
These days it can be difficult to tell whether many websites are safe or not. If you're not confident that a site is safe you should investigate it using the methods I discuss in How to Tell If A Website Is Dangerous. Also, in addition to making sure that sites are safe, you should also make sure that anything you download from a site is not dangerous. Even downloads from legitimate sites may sometimes turn out to be dangerous. To investigate unknown files please read my article about How to Tell if a File is Malicious.
Also, even if the site is trustworthy, there is something else to consider if the site asks you to create an account. These days many legitimate sites are being hacked and users' passwords are stolen. This would not be too large a problem if that meant that the passwords could only be used on that site, but the problem is much larger than that. Many users tend to use the same password on multiple sites. This means that if criminals gain access to your password for just one site, they may also have it for many others. Thus, my advice is to not only choose a strong password for each account, but to make sure that you use different passwords for different sites. For good advice on how to do this please read this article about How to Keep Your Passwords Safe. Also, spam is currently a very large problem for many internet users. Because of this I have written an article about How to Avoid Spam. Please read this article in order to learn what behaviors will best allow you to avoid this problem.
There are many different approaches to protecting a computer. Below I have reviewed the main approaches which are constantly being advocated today. I conclude this section with my advice about what approaches I would advise most users to follow in order to protect their computer.
I do believe that having an up to date antivirus program running on your computer is an important component to nearly any protection regime. One of the greatest attributes of a good antivirus program is that it will automatically remove any files that it knows to be bad. Thus, the user can essentially install an antivirus and then almost forget that it is there. For the most part it will do its part protecting the user without requiring any interaction. It's very easy to use. However, make sure that you only have one antivirus program for protection. Running more than one can cause problems for your system.
However, there are also downsides to the approach taken by antivirus programs. It really boils down to this. An antivirus cannot detect all malware. In fact, antiviruses are really quite bad at detecting new malware. Those detection statistics you see in many tests, in which antiviruses achieve detection rates such as 99%, do not apply to new pieces of malware. For real life situations these statistics would be more like 60-70%. Also, the better malware writers will test their new creations before releasing them to make sure that initially their malware won't be detected.
There is a lot more to the story, but the truth is that even if an antivirus program uses ordinary signatures, generic signatures, heuristics, cloud-based detection, and behavioral analysis it still will not be able to provide true protection from new malware. Any detection based approach to protecting your computer can be likened to playing Russian Roulette. One day you're probably going to get unlucky and wind up with your system infected. Because of this it has become apparent that additional methods are required in order to fully protect your computer. That said, an antivirus is a very good compliment to any of the other approaches reviewed in this section.
The benefits of a Secure DNS Server, or at least one that will also filter known dangerous sites, are similar to those of an antivirus. It will protect your computer from any sites which are flagged as dangerous by the company operating the service. Thus, many threats will be stopped before they can even reach your computer. In addition it will also protect you from what are known as DNS Cache Poisoning attacks. These DNS servers are also relatively easy to setup and require no software. In addition, the speed you achieve by using these should be the same, or perhaps even faster, than you achieve without using one at all.
Of course, the downside to using a service like this is similar to that of an antivirus. It cannot possibly block all dangerous sites. The vast majority will likely bypass it. That said, just as with an antivirus, if you rely on this only as part of your protection regiment it is a very good addition. I find that it complements the other methods very well.
Using a firewall with a Host Intrusion Prevention System (HIPS) can protect your computer from nearly all types of threats. It operates by preventing unknown programs from altering any part of your system. It automatically blocks any files which are not verified as safe by the security vendor. Therefore, malware is automatically prevented from doing any damage. In this way HIPS is superior to detection-based software, such as traditional antivirus applications, as it will stop any type of malware. Once the file is blocked the HIPS program will ask you if you want to give the blocked file access to your computer. Thus, control over what unknown programs are allowed to do is entirely in your hands. For a full explanation of what a HIPS is please read the explanation on this page.
Of course, the obvious downside to this approach is that just as there are many millions of malicious programs, there are also millions of safe ones. Because HIPS vendors cannot instantly analyze every possible legitimate program it's quite likely that you will receive questions about some safe programs, as well as for the dangerous ones. Of course, HIPS vendors are also acutely aware of this problem. In response many companies have developed extensive whitelists. These are databases of known safe programs. If a program is known to be safe, or is produced by a trusted vendor, you won't have to answer any questions about it and the program will be allowed complete access to your computer. Thus, for some HIPS applications, the number of alerts you get for everyday programs is so small that it is almost unnoticeable.
That said, for many people this type of protection, powerful though it may be, is too intrusive. With programs such as these there will always be at least a few popups which the user will be required to answer. In my opinion this is a very good trade-off for the very high level of protection you achieve, but for others it is not worth it. If you are looking for an install and forget kind of program a HIPS is not that. Therefore you should consider other alternatives. However, do realize that besides using a HIPS or sandboxing, which will be discussed in the next part, no other approach will be able to offer you anything approaching complete protection.
Using a sandboxing program can also protect your computer from nearly all types of threats. The types of sandboxing software I believe are most suitable for the majority of users are the ones which only sandbox individual applications. With these, anything run in the sandbox does not affect the real system. Thus, if something turns out to be malicious you can just delete everything in the sandbox. Thus the malware, or whatever was causing the problem, can be easily removed without it ever even touching your actual system.
However, this approach has drawbacks as well. While it is true that all applications in it are isolated from the system, it does give you the option to recover files to your real computer. This will sometimes be necessary, as most users will want to save what they are doing for future use. Thus, it's possible for malware to trick you into infecting your actual computer, even if you are using this type of sandboxing technology. In addition, for many users it may become a hassle that whatever you are working on in the sandbox will not be automatically saved for future use. I believe that many users will find this type of approach to be disagreeable.
I don't mean to imply that sandboxing technology is not useful. It is one of the most potent forms of protection currently available. However, I would argue that, at least for most implementations of it, it is really more designed for advanced users. That said, there are a few approaches to using sandboxing which I believe may be suitable for novice users.
Regardless of what other approaches you take to protecting your computer, I would suggest that you use a Secure DNS Server with malware blocking capabilities. The one I would most highly advise using is Norton DNS. Using this will not slow down your connection. In fact, you may even notice an increase in speed. Norton DNS blocks sites which it knows to be dangerous.
I. Use A Single Program Which Incorporates All Of The Above Technologies
My top recommendation would be to protect your computer by using all of these technologies at the same time. There is a program called Comodo Internet Security, which has combined all of these together into a single package. If you choose to use it you should download the free version from this page. This program includes an antivirus, a HIPS, an automatic sandbox, a firewall, and Comodo DNS Servers (which you can opt out of during installation if you would prefer to use Norton DNS, as advised above). Also, in my opinion this program is quite easy to use, and it keeps getting more user-friendly with each new release. The way this program works is that all files which are known to be safe will be allowed access to your real system and files known to be dangerous will be removed. However, unknown files will be automatically sandboxed and, if they require more permissions than are allowed by the sandbox, the HIPS component will ask you if you trust them enough to allow them access to your computer.
Also, much of the difficulty of using a HIPS, or a sandbox, is mitigated by the very extensive whitelist which Comodo has developed. I find it to be quite easy to use and would strongly recommend it to all levels of users. That said, there will be a few popups which will initially have to be answered, but I believe that these are relatively easy to understand and are few in number. If you like the approach this software takes, but would prefer to use a separate antivirus program, you can instead install Comodo Firewall. You can download the free version from this page. It comes with a HIPS, an automatic sandbox, a firewall, and Comodo DNS Servers. You can then install a separate antivirus program alongside it. A good list of free antivirus programs can be found in my article about the Best Free Antivirus Software. Do note that if you do choose to install Comodo Internet Security, or Comodo Firewall, you should read my guide about How to Install Comodo Firewall. This will explain how to configure it for maximum security.
After installing this program it's very easy to use. For example, you can open up your browser on your actual computer. You don't need to worry about sandboxing anything. Everything will be done automatically. What will happen is that any files you download, bookmarks saved, changes made, etc... will all be saved to your real computer. However, any files will be checked by Comodo before they are allowed to be run. If they are already known to be safe they will be allowed full access to your computer. Thus everything will work fine and you don't need to do anything. If they are known to be bad they will be removed.
However, if they are unknown they will be sandboxed. It's also important to realize that initially much malware will fall into this unknown category. That means that with this approach your computer is protected from anything these files may do, although they may still be able to run in the sandbox. Very little interaction is needed on your part for these files, and of course the number of unknown safe files that ordinary users will run into is very small. Thus, I believe that Comodo Internet Security, or Comodo Firewall, is the most user friendly, and arguably the strongest, approach to truly protecting your computer currently available. There are more user friendly approaches, but these rely on detection technology, thus not providing what I consider to be an adequate level of protection. I would strongly recommend that you try this software and see if it is suitable for you.
II. Or Just Use An Antivirus And HIPS
If you would prefer not to use Comodo Internet Security, or Comodo Firewall, then my first suggestion would be for you to install a different firewall with a HIPS component. A list of other good free firewalls, with strong HIPS protection, can be found in this section of the review of the Best Free Firewalls. I would consider the other programs in that section to be more difficult to use than Comodo Firewall, but if you find that Comodo Firewall is not a good fit for you these programs are certainly viable alternatives. However, just as I advised above, I would strongly suggest that you run an antivirus alongside it. This way, if a file is already known to be bad you will be protected from the possibility of accidently allowing it. A good list of free antivirus programs can be found in my article about the Best Free Antivirus Software.
III. Or Just Use An Antivirus And Sandboxing
If you would prefer not to use Comodo Firewall, or any HIPS program, then perhaps a program which is strictly used to sandbox applications is the correct approach for you. In terms of a program which runs specific applications in an isolated environment, my top recommendation would be Sandboxie. This program is free, very effective, and relatively easy to use. Anything run in this sandbox will only be able to interact with the virtual system. Also, make sure that you install an antivirus program alongside Sandboxie. Keeping an antivirus in the loop means that most dangerous files will automatically be removed before you even have to worry about whether you should allow them access to your computer or not. A good list of free antivirus programs can be found in my article about the Best Free Antivirus Software.
One of the most effective ways to use this program is to run your browser, or other potential threat vectors, inside of the sandbox. That way anything that enters your computer through them will automatically be isolated from the rest of the system. However, be aware that whenever something is downloaded you will be given the option to recover it to your real system. I would recommend that you only do that if you really trust the file. In order to make sure files are not dangerous please follow the advice I given in my article about How to Tell if a File is Malicious. However, please note that you will have to navigate to the Sandboxie folder in order to submit the file for analysis. When initially setting up Sandboxie I would strongly recommend that you follow this tutorial. Also, in addition to running an antivirus, I would advise that you run a good firewall alongside Sandboxie. For a listing of the best free firewalls please see this review about the Best Free Firewall.
Securing your browser is another very important step in order to keep malware, and other threats, from gaining a foothold on your computer. For this please read my article about How to Harden Your Browser Against Malware and Privacy Concerns. If you are not also concerned about privacy concerns then pay particular attention to the portions which are concerned mainly with security.
If you are concerned about your online privacy, especially seeing as there have been more and more attempts to invade it recently, then please read my article about How to Protect Your Online Privacy. This covers many ways in which you can increase your online privacy. Many of these methods are easy to use, but some do take a little bit of effort. Please read it and use whichever methods you think best address your concerns.
Please help by rating this article. Also, if you believe this article deserves anything less than 5 stars, please leave a comment below explaining how you think it can be improved or where you find fault. This article is written by me but fueled by the community. Thus your opinions and advice are not only much appreciated, but actually necessary in order for this article to grow and improve.
If you found this article useful then perhaps you'd like to check out some of my others.
This software category is maintained by volunteer editor Chiron. Registered members can contact the editor with any comments or suggestions they might have by clicking here.