Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Protecting my new computer


  • Please log in to reply
14 replies to this topic

#1 jatutt

jatutt

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 04 December 2014 - 08:06 PM

I have just bought a new computer.  I am looking for direction on how to protect it properly with a free anti virus and/or firewall.  I use it for surfing, games, some of which use mods.  My wife occasionally downloads stuff without paying to much attention to what she is doing.   

 

I am using windows 8.1.

 

Can anyone point me to some free programs?



BC AdBot (Login to Remove)

 


m

#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:47 AM

Posted 04 December 2014 - 09:17 PM

My wife occasionally downloads stuff without paying to much attention to what she is doing

 

.....Nothing......paid or free......will protect you from this.

 

 

Avira

 

Avast

 

Comodo (free)

 

 

Malwarebytes  (this is NOT an AV)....use it in conjunction with your AV))....the paid version is well worth it IMO ))

 

Only install ONE av.....otherwise they just conflict/fight with each other

 

 


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT EXCLUSIVELY... NO DUAL BOOT, NO VIRTUAL MACHINE

 

 

 Failure is not an option. It comes bundled with your Microsoft product.

 

 

 


#3 titan1

titan1

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Bengal,India
  • Local time:10:17 PM

Posted 05 December 2014 - 05:56 AM

Your wife must pay attention on what she is doing.Because no antivirus can protect you from everything,but a careful user can avoid almost 99.99% threats.You have to practice safe surfing habits.AV is just a part of pc security.You should use WOT on you browser to avoid malicious sites.And add sandboxie in your setup.If you always browse in a sandboxed browser,then chances of getting infected significantly reduces.Always download the softwares from the author's site.Never accept flash player update other than the official site,always keep windows and other applications updated.And pay attention on what are you doing.If you are careful,and practice safesurfing habits then windows defender windows firewall MBAM free is more than sufficient.That is my experience.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 05 December 2014 - 06:47 AM

No amount of security software is going to defend against today's sophisticated malware writers for those who do not practice safe computing and stay informed. Important Fact: It has been proven time and again that the user is a more substantial factor (weakest link) in security than the architecture of the operating system or installed protection software.

Earlier this year, Bromium published “Endpoint Protection: Attitudes and Opinions,” a statistical analysis of more than 300 information security professionals. The results revealed that endpoints are vulnerable, anti-virus is ineffective and end users are a weak link.

End Users Remain Biggest Security Headache as Compromised Endpoints Increase

...falling victim to data breaches that resulted from attackers exploiting employees or company vendors. Unfortunately, along with exposing millions of identities these attacks also reveal what is often the weakest link in enterprise data security – the human element...

Social Engineering: Attacking the Weakest Link in the Security Chain

Recent surveys confirm that nadve users and risky online behavior make users a significant threat to their own networks...The risk of employees introducing malware to the company network was cited as a major concern by more than half of those surveyed. Nearly three-fourths stated that their network has been penetrated by malware as a result of Web surfing, and almost two-thirds declared that they had been compromised through email, just in the past year...

Studies prove once again that users are the weakest link in the security chain

How many users access spam emails, click on the links found within, and open attachments intentionally? Why are they doing it, and who are they holding responsible for the spread of malware and spam in general...
* Nearly half of those who have accessed spam (46%) have done so intentionally...
* Four in ten (43%) say that they have opened an email that they suspected was spam
* Among those who have opened a suspicious email, over half (57%) say they have done so because they weren’t sure it was spam and one third (33%) say they have done so by accident
* Less than half of users (48%) hold themselves personally responsible for stopping these threats

Millions of users open spam emails, click on links

2013 was a wildly visible year for cyber security and online privacy...And yet for all the visibility, punditry, and drama, new data suggests that internet users are still terrible at choosing a good password...

It’s 2014 And Our Passwords Aren’t Getting Better

Security begins with personal responsibility and following Best Practices for Safe Computing.

Have your wife read the Best Practices topic above and especially this one....About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)


And if you have not done so already, you may want to read:
Choosing an Anti-Virus Program
Supplementing your Anti-Virus Program with Anti-Malware Tools
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 jatutt

jatutt
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 05 December 2014 - 08:52 AM

Thanks Janitor that's some really good stuff.  Do you advocate the use of sandboxie as well?  Thanks Titan, I will check out WOT.  I am not familiar with it.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 05 December 2014 - 09:16 AM

Sandboxing is a technique which creates an isolated operating/virtual environment in which applications can be run, tested or installed without permanently modifying the local drive. Sandboxes can be used for security and software development as well as for testing and debugging code. Sandboxing can also be used as a form of malware prevention as described below by virus Bulletin.

 

A sandbox is a small, sealed-off version of an environment offering a minimal set of services, and is used as a test area. Actions carried out within the sandbox are safely contained within the area and cannot leak out to affect more important parts of a system. Sandboxing is used within security software to unpack compressed or encrypted files, or to analyse the behaviour of unknown items. Larger-scale sandboxing tools are available for improving the security of computing environments - for example, browser sandboxes seal web browsers off from the host system, preventing malware from damaging it.

Sandbox(ing)

 

A sandbox is a secluded environment on a computer, where you can run untested code or malware to study the results without having any ill effects on the rest of your software. A virtual machine is the most commonly used example of a sandbox, since it emulates a complete computer, called a guest operating system, on the main machine (called the host).

Sandbox Sensitivity

For more specific information about how sandboxes work, please read A Taste of Computer Security: Sandboxing.

Sandboxie is one example of a sandboxing tool.
Getting Started: How to use Sandboxie <- the tutorial has 6 parts

Alternatives to Sandboxie


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:10:17 PM

Posted 05 December 2014 - 09:28 AM

Add these too to your kit:
Browser addons:
> Adblock plus
> No script
System:
> Secunia PSI
> Noscript from symantec (different from addon listed above.)
Sandboxie is a good program. You can run any program in it and bydefault it provides a sandboxed browser link which opens your default browser sandboxed.
WOT will tell if the link in search result is good, bad etc using colour codes.
Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 05 December 2014 - 09:45 AM

Many site rating vendors (i.e. McAfee SiteAdvisor, WOT) use a system of volunteer testers that continually patrol the Internet to browse sites, download files, and enter information on sign-up forms. All the results are documented and supplemented with feedback from users, Web site owners, and analysis from their own employees. The advising site vendor then summarizes the results sometimes into a color-coded red, yellow and green ratings scale to help inform Web users as to the safety of each tested site. While these tools are useful, they are not foolproof and sometimes may provide misleading ratings. Just because you visit a risky site does not automatically mean the site is bad or that your system has been infected by going there. Thus, the use of such rating sites does not always guarantee an accurate rating of the results they provide.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:47 PM

Posted 05 December 2014 - 10:15 AM

My method is the use of a combination of the following programs all free, also exercise extreme caution with anythimg that seems a little bit suspicious.


!Avg antivirus free, this is the main antivirus on my machine
!malwarebytes scanner (free version), a second opinion on demand scanner for extra protection
!Eset online scanner (free), a third opinion scanner, to scan the whole system on demand when i am feeling really supicious
!Firefox (free), this is the browser i use, it is the most secur browser in general but alos allows the installation of some really helpful add-ons
!Noscript, blocks scripts on websites, helps act as a layer of defence against drivebys
!Adblock plus, blocks content from known advertising netwrosk from appearing on pages, this helps protect against "malvertising"

Other tips i would give are:
!Remove java immediately, it is a security risk and is almost nevr needed. If it is required for a desktop program you use then atleast disable it's online component so it can't run in the browser.
!Set all plugins as "click to play"/"ask to activate" this prevents plugins running without user consent, is an extra layer against drivebys, it also speeds up browsing as less data needs to be transferred from the site to your computer now that the plugins are gone.
!Make sure flash is up to date, you need it to watch (most) online videos through firefox. check for updates for it every week or so. Deactivate it fully except when you are deliberately going to a video site to watch a video.
!Fully deactivate every plugin except flash(decativate it at most times but not always), enable them temporarily only on sites you trust which require them to run.
!Keep windows up to date, set updates to check automatically but not download until you give approval. make sure to also manually check for updates every tuesday evening, and install the updates as soon after they are released as you can.
!Keep all other programs up to date, things like your media player
!Keep your antivirus up to date, set it to update automatically, but update it yourself manually every few days aswell.
!Anything you download, even images, should be scanned with your antivirus and on demand secondary scanner before opening.
!Windows should be set to "display extensions for known file types" so you can be aware of whether the file you are about to open is really what it claims to be.
!Never open an exe or scr file which you were not expecting, there are also other formats to avoid opening, i can't remember what thye all are but .exe is the main one.
!Never open an email attachment you didn't expect to receive.
!Never click on a pop-up online, though adblock plus and noscript should stop them ever appearing at all.
!Never click on an advert online,once again adblock plus and noscript should stop them ever appearing at all.
!Never believe online "messages" saying to update a plugin (or other piece of software), they are traps to get you to download viruses. Download your programs and plugins only from the proper source.
!When downloading files, be vary careful to avoid fake download buttons, these are often adverts which link to viruses and PuPs. Hover your mouse over the download link first to see where it goes, if it's not on the site you are trying to download the file from then it's probably a fake link to a third party ad network.
!Never follow a bit.ly or tinyurl link, they can go anywhere, including to viruses
!If you feel at all suspicious about a website then go to web of trust, type the url into their search bar and see how previous users have rated it.
!On the RARE occasion you need to download a program then first save the exe file into a folder on your computer, then scan it with your antivirus and second opinion scanner (in my case, an avg scan then an mbam scan), then scan it with the online service virustotal. This does not need to be done for other (zip archives and video, image or audio files)file types.
!If you are downloading something which should be a document, a media file or an image and it turns out to be an exe file treat it as an attempt to infect you. Assume anything that is an exe file but claims to be somethign else is automatically malicious. In the case of downloading a zip (or 7z or rar) archive then if it has an exe file inside when it should have had images, audio files, video files, documents, etc then assume it is a vrius and don't rust any of the files ontained within, even if they are images.
!When downloading files make sure to save them to a folder where they can be scanned before opening, don't choose the "open" option when downloading, choose the "save option".
!Use 2 step verification on your important online email and bank accounts, every time you login first you must input a password, then a text with a verification code is sent to your phone. This gives some protection incase you are being keylogged for example.
!From time to time look in task manager (ctrl+alt+delete) under the processes tab, if you start seeing things that you have not seen before then do a full scan with your antivirus and second opinion scanners. Also ask online about whether that process is normal and under what circumstances, only do this if you feel particularly worried about it.
!If using windows 8 make sure UAC is set to the highest security setting, it will give you 1 click of extra bother for every time you open certain programs but it will help boost your security immensely.
!If using a version of windows without UAC then don't login as the administrator account except when you need to make changes.
!If your system is set up so you can do it then make some system images. Windows 8 has a facility to do this built in. Make a system image when the machine is brand new befor eevn taling it online, then make several once you have your programs installed and running. these can be used to restore your system to these earlir states incase of :crashes, damages due to poorly coded updates, viruses, damage due to changing system settings, damage due to power loss when updating/system restoring, accidental uninstallation of an important program.
!Keep backups of the installer exe files for important programs, both those which are "mission critical" to your computer use, those you really like and alos some of the security programs. When you download the programs make sure to save their installer exe file in a folder you can easily find. After the program is installed and running then copy the instaler to a USB stick or CD-RW. These can be used to install programs onto a system without having to go online. If you copy the installer for your antivirus onto a USB stcik the when setting up new machines (or restoring old ones) you can copy the exe file from the stick onto the machine, run it to install the antivirus and then the second you connect to the internet you can update the definitions and be protected, rather than having to hunt around online for the installer to download. Only do this for exe files thhat you absolutely KNOW you can trust. make sure you have been runnng a programs for years and know it is trustworthy before doing this.
!Don't allow autorun of files on USB sticks, DVDs or CDs. Make sure autorun is disabled as historically it has been a very easy way for viruses to spread. in the past windows would, by default, execute instructions given to it on any removable media you inserted. Nowadays this is disabled by deafult but make sure of it. If when you insert a disc the video plays mmediately or the software installer opens just like that then you are doing this wrong, you should have to go into "my computer" and double clcik on the disc for it to start playing/installing.
!Backup all your personal files regularly, don't lave it to an automated system and don't use synced backups. Just dedicate five minutes at the end of each day to copying that days new or edited files onto a USB stick, and a few hourd each month to copying oldr files onto USB sticks, external hard drives, CD-RWs ,DVDs or cloud storage( this cold include emailing things to yourself as attachments).
!Backup all your personal files(documents, images, audio, video, zip archives, other) regularly, don't lave it to an automated system and don't use synced backups. Just dedicate five minutes at the end of each day to copying that days new or edited files onto a USB stick, and a few hourd each month to copying oldr files onto USB sticks, external hard drives, CD-RWs ,DVDs or cloud storage( this cold include emailing things to yourself as attachments). There ar reasons i said that twice, for a backup to be much good there must be atlest three separate and totally independent copies of any given file, for example one on your computer's hard drive, one on a CD-RW, and one in the cloud.
!Make sure everyone who uses your computer understands all these principles.

Edited by rp88, 05 December 2014 - 10:16 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 05 December 2014 - 10:26 AM

Most of that is mentioned in the Best Practices for Safe Computing topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 jatutt

jatutt
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 06 December 2014 - 12:51 AM

Thanks guys. I really appreciate all the attention to detail.  Last question.  Should I have a firewall of some kind?



#12 titan1

titan1

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Bengal,India
  • Local time:10:17 PM

Posted 06 December 2014 - 03:57 AM

Yes,you MUST use a firewall,either software or hardware.Most of geeks whom I know say that the built in windows firewall is sufficient for most of the home users.Some say it is even better to use windows firewall along with a router.But if you like more control over which application may try to connect to the Internet,you will have to consider a third party firewall like comodo or online armor.Both are free,and well reputed.



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 06 December 2014 - 08:27 AM


5 Reasons Why the Windows Firewall is One of the Best Firewalls.

For more information see Choosing a Firewall.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:05:47 PM

Posted 06 December 2014 - 09:56 AM

If your wife sometimes install things as well, then you might consider Unchecky to avoid additional PUPs that come with bundled downloads.

#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,567 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:47 AM

Posted 06 December 2014 - 10:47 AM

Introducing Unchecky on RaMMicHaeL's Blog, indicates it is more for average users who are not careful about reading everything and accept all defaults when installing programs. The blog posting also indicates Unchecky is still a beta version.

I seldom recommend using beta versions of most programs since you never know what bugs or quirks might turn up... then you have to waste time researching and getting things straightened out. The goal of a beta program is to collect information regarding the performance, quality, stability, and functionality of new products in order to iron out the bugs before they are released to the general public as a stable final product. Beta software is not intended for inexperienced users since it may contain bugs ranging in severity from minor features not working properly to problems that may potentially damage your system. If you choose to use a beta program, you use it at your own risk.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users