PC security

Topic

New Reply

Hi, have just purchased a new computer which has installed as a trial Trend Micro Titanium Internet Security. This trial is about to expire and i am wondering what your advise is to as regard to totally securing my pc.
Free or paid ? Will free do the job adequately or do you have to spend money to do the job properly. Paid seems to be getting very expensive and seems to involve two or three computers whereas i only have one .
I paid for Avast on my previous computer and seemed not to have had any problems that i could detect.
What are your thoughts as to what is currently the best alternative. ie will free do the job ?
In either case what is your current recommendations.
Another thought is , will the Microsoft products on offer be adequate ?
Hoping you can help form a confused PC user.
Thanks , Trevor

Reply | Quote

Replies

MSE is a basic app, far away from best of crop apps. It’s better than using nothing.

I personally think that the best security apps are the paid ones. I find it funny that we only get cheap when getting something that is crucial to a problem free computer usage – security apps. My data and my time are valuable so I try to get what I think are among the best apps in the market. For a general anti-malware solution, I use Emsisoft’s Anti-Malware. It’s not even expensive – 19 euros for 1 computer / year. Renewals are cheaper and discount increases as time goes by. 2nd renewal will be even cheaper.

It should be stated that no app guarantees complete safety. You may remain infection free with a free app and get infected with a paid one. It’s all about probabilities. I think you stand more likely to get infection free if you use a better set of apps and keep as safe computing habits as you can. I do not rely on EAM alone, I also use a best of breed software firewall that, together with EAM, provides a nice layered security strategy that works great for me.

Reply | Quote

you can NEVER COMPLETELY SECURE a pc

what you want is good enough protection – so how good is good enough for you?
and supplement it with backup and other techniques

there are MANY ways for scumware to infest your pc
you will need to do many things to stop that
most of which conflict with using software and sites many want to use

so unless you are willing to give up facebook and the many other sites
that track you with cookies, use flash and flash cookies , run buggy scripts,
and do many other things to your pc with javacrap and activex etc.
then you will never be secure AT ALL

that said
mbam pro – the paid version is plenty cheap
use the ms firewall
win patrol
spyware blaster
spyware search and destroy
all of the microsoft stand alone programs to fix problems you got
turn off flash
turn off all cookies
reject all active x installs
turn on maximum security in your browser settings
turn off html in email
dont follow links to sites from email
never click on a short url
verify where a link actually goes before you click on it
backup backup backup
check every day for new files and delete any that you did not request to be installed
and check for any other ad removers, virus checkers, etc that can be run stand alone.
find a registry protection program that can guard against installs and roll back to teh last good version

personally, my secure pcs are never connected to the internet
only one of them will i even attach a usb device to it
and that after multiple scrubs with several programs to verify that it is clean

buy a cheap laptop to surf with and keep the other pcs off the net
scrub it day one before it is used
make a back up and restore image
roll back after every infection causes problems

Hi, have just purchased a new computer which has installed as a trial Trend Micro Titanium Internet Security. This trial is about to expire and i am wondering what your advise is to as regard to totally securing my pc.
Free or paid ? Will free do the job adequately or do you have to spend money to do the job properly. Paid seems to be getting very expensive and seems to involve two or three computers whereas i only have one .
I paid for Avast on my previous computer and seemed not to have had any problems that i could detect.
What are your thoughts as to what is currently the best alternative. ie will free do the job ?
In either case what is your current recommendations.
Another thought is , will the Microsoft products on offer be adequate ?
Hoping you can help form a confused PC user.
Thanks , Trevor

Reply | Quote

Hi Trevor,

From a Windows troubleshooting perspective, MSE is least likely to be involved in incompatibilities with other software; I’ve never seen it involved in causing a BSOD. That cannot be said for other antivirus products. The biggest drawback for me is the difficulty of configuring it to suit my usage style.

If you’re happy with, and know your way around, the settings and behaviour of Avast! – I’d suggest you use that (I use the free version and I test many other free versions each year); it’s reasonably effective, quite configurable and not too obtrusive.

With all security products, beware of the next version down the line – it’s a competitive area and any changes could cause problems and your productivity.

Whatever software you decide to go with, ensure that any old security software is completely removed or you may get strange problems or even crashes further down the line; there’s a list of security software uninstallers here: http://carrona.org/avuninst.html

Reply | Quote

Still using MSE here as well. I also supplement with the latest free version of MBAM.

I also like to get to know many of my machine’s internal processes and develop a feel for what’s normal
so I can more easily spot something that is out of place. I also like to keep an eye out on my internet traffic as well.

I find these free Sysinternals’ tools indispensable to have around:
TCPView v3.05
Process Explorer v15.40
Portmon for Windows v3.03
Autoruns for Windows v11.70
Process Monitor v3.05

Keep your AV/AM applications up to date.
Create up to date drive images for restoring your OS in a flash.
Mind your downloads and emails, more so than your browsing habits.
Avoid unsecured wireless.

Reply | Quote

Many Windows experts are using MSE, including Fred Langa. I switched to AVG only because I got a mail in rebate on a 3 license pack that gave me the Pro version free. If not for this I would still be using MSE in all probability.

Security should be a multi-layered approach. A good Av and AM app (I use AVG and MalwareBytes Pro), and a good S/W and H/W firewall. Watching where you surf, and how you surf may be some of the most important things you can do.

Reply | Quote

I recently switched my A/V product from Vipre Internet Security to Trend Micro Titanium Maximum. My Vipre subscription was about to run out, and so I looked around at what was out there.

Vipre was not very highly rated in the various reviews, but Trend Micro was. I have been pleased with Trend Micro — it is not a resource hog; you don’t even notice that it is there, except for the popup window which appears when it is running. It runs quickly. And I was able to turn off the auto-renew function, so that it won’t automatically charge my credit card next year. (I paid for it via PayPal anyway, so I’m not sure that they could complete the transaction without my involvement.)

I’m with Rui — I have more confidence in the paid apps than in the free ones, because if someone is giving me a free product, they aren’t going to be as motivated to stay on top of things. I used to believe that Microsoft Security Essentials was an exception to that rule, but recently I read that Microsoft has de-emphasized MSE:

http://windowssecrets.com/forums/showthread//156930-Microsoft-senior-program-manager-admits-MSE-will-always-be-quot-at-the-bottom-quot-of-comparatives

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

If you feel you must have a paid product, Webroot SecureAnywhere has received excellent reviews and is recommended by a number of banks to ensure safe online banking.

It offers a host of useful utilities, including a password manager.

Key features as posted on their web-site:

All-in-One Security

Goes beyond PC protection to defend your Mac, mobile device identity, system, and personal files

Groundbreaking Protection

Defeats viruses, spyware and online threats with no slowdown

Online File Backup

25 GB of online protection to keep your files and photos safe and make them available on all your devices

Fully Compatible with Windows 8

Tested by AV-Test and certified compatible
[/SIZE]
For details, look here: http://www.webroot.com/us/en/home/products/complete

Although a “not-so-brilliant” January 2013 review of the product by “PC World” is at the following link, the product has just been extensively updated/improved as of October 2013:

http://www.pcworld.com/article/2026366/review-webroot-secureanywhere-internet-security-plus-2013.html

My Rig: AMD Ryzen 9 5900X 12-Core CPU; ASUS Cross Hair VIII Formula Mobo; Win 11 Pro (64 bit)-(UEFI-booted); 32GB RAM; 2TB Corsair Force Series MP600 Pro 2TB PCIe Gen 4.0 M.2 NVMe SSD. 1TB SAMSUNG 960 EVO M.2 NVME SSD; MSI GeForce RTX 3090 VENTUS 3X 24G OC; Microsoft 365 Home; Condusiv SSDKeeper Professional; Acronis Cyberprotect, VMWare Workstation Pro V17.5. HP 1TB USB SSD External Backup Drive). Dell G-Sync G3223Q 144Hz Monitor.

Reply | Quote

For all the MSE lovers, read what MS has to say about it…..

The entire article should be a real eye opener for those die hard MSE users.

Then they also say…………
http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/

So if you trust MS, trust that they are now telling you to seek AV protection elsewhere.
If you like FREE, like I do, AVG 2014 FREE is top drawer. It can give you file protection, email protection and web protection. All without user intervention. Even Registration is NOT required and did I mention, IT’S FREE! Just make sure you get the right version, either 32 bit or 64 bit, for your computer.

Be safe….Be Happy!
The Doctor

Reply | Quote

For all the MSE lovers, read what MS has to say about it…..

That article is something of a misrepresentation of what MS really have to say: http://securitygarden.blogspot.co.uk/2013/09/sensationalist-press-got-it-wrong.html

Reply | Quote

Since you asked about “totally securing my pc,” here are the main things I use to secure my pc, which has the Windows XP Professional operating system:

1. Avast free antivirus
2. Windows firewall enabled with only one exception enabled (Network Diagnostics)
3. Data Execution Prevention enabled
4. Software Restriction Policy enabled
5. Browse the internet in a limited account
6. Run two avast antivirus scans (full and boot) once a month or after experiencing a malware attack
7. Use CCleaner (http://www.piriform.com) once a week to clean out cookies, temporary files, and other junk
8. Update all software once a month (manually, not automatically).

There are a few other little things I do, but these are what I consider the main prevention measures. Notice that everything either comes with the operating system or is available free. I’ve been using this setup for about four years and my computer runs like a Swiss watch. I go wherever I want on the internet, unless warned otherwise. I usually experience at least one or two malware attacks per month, typically from a web page, with no effect. Although, in an incident last year, Java related malware implanted into my limited account. But, because of the software restriction policy and the limited account, it could do nothing and was cleaned out with an avast scan later that day. Granted, this is just one computer, so it’s hardly a representative sample size, but it provides an indication of what can be accomplished that is simple and free.

You might find this helpful: http://windowssecrets.com/forums/showthread//151966-Ranking-and-reviews-of-free-antivirus-antimalware-software

I only use the administrator account once a week, but if you need to access it regularly or if you prefer to browse the internet in the administrator account:

1. Avast is the only free antivirus software I would recommend. Other free products have small security holes to encourage upgrading to the paid version
2. You might want to add a host-based intrusion prevention system (HIPS), such as WinPatrol (http://www.winpatrol.com)
3. You may want to have a more sophisticated firewall. There may be one in your modem, but it’s probably not enabled as suggested by your ISP in order to create an ideal internet connection. But, you can experiment with it to see how your connection works with various security levels enabled
4. Or, try a HIPS and firewall combination, like Privatefirewall (http://www.privacyware.com).

Reply | Quote

For a great example of malware that only a whitelisting security app would stop, check this thread: http://windowssecrets.com/forums/showthread//157422-CryptoLocker-A-particularly-pernicious-virus

No AV, no diminished user rights would stop it. A whitelisting app would, not only this specific threat, but any other similar malware.

Reply | Quote

For a great example of malware that only a whitelisting security app would stop, check this thread: http://windowssecrets.com/forums/showthread//157422-CryptoLocker-A-particularly-pernicious-virus

No AV, no diminished user rights would stop it. A whitelisting app would, not only this specific threat, but any other similar malware.

That’s nasty malware. The ability of the limited account to defend against CryptoLocker will depend on the version of Windows being used. For Pro versions and higher, the limited account itself doesn’t offer a defense, but it acts as sort of a container in which the Software Restriction Policy would prevent this malware from executing. It would just sit there until an antivirus software scan removed it. For versions below the Pro level, the limited account offers no protection, as you mentioned. Those computers will need HIPS, a sandbox, or some other type of virtualization to defend against this malware.

Reply | Quote

Are you sure whitelisting would stop it? As I understand it, the infection occurs when a zip file is downloaded and then opened. Wouldn’t a non savy user just whitelist it when the security app warning occurs since he just downloaded a new file and expects a new exe.?

Jerry

Reply | Quote

Are you sure whitelisting would stop it? As I understand it, the infection occurs when a zip file is downloaded and then opened. Wouldn’t a non savy user just whitelist it when the security app warning occurs since he just downloaded a new file and expects a new exe.?

Jerry

Susan’s article states that you can prevent it simply by preventing executables from starting from certain locations. So, you have an app that will be executed and any whitelisting app would catch that. Depending on config, the whitelisting app can ask a user what to do with the app that’s trying to run and the user can allow the execution. So, the user can have a pernicious intervention, but the app will definitely catch it.

Non savy users just need to not allow anything they haven’t launched. Online Armor, the one I use, many times provides specific advice on the app being launched, so the user can even have specific advice on what to do for the app being launched.

With an whitelisting app, you always get a warning and a permissions request. It’s more than you would get with a regular AV.

Reply | Quote

I agree its more than you get with a regular AV but users less knowledgeable than you tire of Oking permissions requests and tend to blindly approve after awhile. Thats one reason you see requests to turn off UAC in Windows Vista/7/8.

Jerry

Reply | Quote

I agree its more than you get with a regular AV but users less knowledgeable than you tire of Oking permissions requests and tend to blindly approve after awhile. Thats one reason you see requests to turn off UAC in Windows Vista/7/8.

Jerry

Weeks go by without a single request, on my PCs, Jerry. There was an initial amount of time where there were more requests for input, but you don’t really get the protection provided by a whitelisting based strategy in any other way. The only thing that comes close to whitelisting is something that uses effective heuristics or behavior evaluation.

So, the option is really to use traditional AVs and accept their failings, or use whatever can give you better detection rates, especially against this type of malware, or against zero day threats. To me, the choice is clear.

Reply | Quote

Weeks go by without a single request, on my PCs, Jerry. There was an initial amount of time where there were more requests for input, but you don’t really get the protection provided by a whitelisting based strategy in any other way. The only thing that comes close to whitelisting is something that uses effective heuristics or behavior evaluation.

So, the option is really to use traditional AVs and accept their failings, or use whatever can give you better detection rates, especially against this type of malware, or against zero day threats. To me, the choice is clear.

Its that initial flurry that can train the average user to just whitelist when a popup occurs. UAC doen’t come up much anymore but most people blindly allow now. But you’re right about the choice. In the long run, I suspect that traditional AV’s will figure out how to block this nasty. In the right hands, white listing can cover the interim as well as the long run. Fortunately, this malware is mainly directed at businesses rather than the home user but that could change at any time.

Jerry

Reply | Quote