Best Security

Background:

My old laptop has been essentially crippled by some nasty virus (I think it will take a total wipe to fix it), but because of some other problems I'd been having prior to this infection I decided to purchase a new laptop, rather than get it fixed.

I want to be extra careful with this new laptop, and make it as virus-proof as possible (especially as I am uncertain as to how I got such a nasty rootkit on my old laptop.)

I'm going to make sure to create a recovery disc, as well as follow the advice presented in this thread and this article, but I've got a few questions for you guys, if you'd be so kind to advise me.

Laptop Info

The new laptop will be running Windows 7 (64 bit)

If you require any other information let me know.

Queries:

1. What antivirus would you recommend?

I want a powerful (but not too system-slowing) antivirus to help guard my computer. I considered ESET NOD32, but after some research found that it can crash some Windows 7 computers.

Is Microsoft Essentials an effective enough antivirus prevention, and if not, which do you feel is best? (I would prefer a suite, with firewall, anti-phishing, etc)

2. Would you recommend KeyScrambler

3. Any other suggestions?

 

Hi,

Flatten and rebuild.

Restricted user accounts and software restriction policies is what you want.

It doesn't matter. Some are light on ressources, others do not flag system files as malicious, and some others might have a slightly better detection rate this week.

AV software can be a piece of your security strategy, but not the only one. You can not buy security, you have to live it. It is your behaviour that decides if malware is installed or not. It is not the "security software" you bought.

[/QUOTE]What for? There is no benefit from such a suite.

What for?

Brain.exe

Michael

 

Well thanks, although the sarcasm wasn't completely called for.

 

I'd suggest not using IE. Use firefox or Chrome. If you use firefox try using sandboxie. If you use Chrome enable "xss auditing" in the about:flags page.

Using adblock plus you can stop certain malicious sites from loading, or you can do this through custom firmware in your router.

Here's one of the lists I use:
http://malwaredomains.lanik.us/malwaredomains_full.txt

For an antivirus I would suggest MSE. If you automatically download windows updates it should update itself. It's lightweight as well.

UAC should be turned to MAX if you want to be extra-careful.

Keep everything up to date! I suggest using a file-hippo autoupdater to keep as many applications up to date, such as flash, java, or whatever else on your computer.

If you do everything above you'll be fine. I don't even do everything above and I'm fine.


edit: link to sandboxie
http://www.sandboxie.com/

It gives firefox a really big extra layer of protection, similar to what Chrome has built in (except Chrome takes it quite a few levels up.)

If you use firefox with sandboxie it should be pretty secure. If you want to be super paranoid about it you can go ahead and use noscript to block javascript on sites.

Ummmmm what else....

DON'T have more than one realtime antivirus installed at once. You can have a real time + scanner, but not two real times. Two of them will make you LESS secure because they will interfere with eachother.

I personally keep a .exe of SUPERAntiSpyware on my computer just in case I want to install it/ can't download it because of a virus.

 

- If you are not sure about what to use and you are willing to spend money, simply buy NIS2011 and be done with it.
Just look for the best rebate/deal available.

- Use a user account for your daily routine.
Do NOT use an admin account for this. An admin account is meant for just that; administering stuff.

- Create 2 partitions; a separate partition for your OS+progs and one for data, e.g. pics, docs, music, movies etc.
After installing and updating the OS+progs, make an image of this partition.
If you bork your system despite whatever security software installed, you can easily restore the image in minutes and have a clean notebook again.
This will require you to learn about partitioning and imaging but it's time well spent.

- Like already mentioned, keep all progs up-to-date. F.i. with Secunia PSI.
Outdated software is one of the easiest ways to get accidentally infected.

- If you'd like to use free software, an AV ( MSE, Avast, Avira), the Windows firewall and Sandboxie should be enough for 'normal' usage.
But be prepared to learn a bit about Sandboxie. It's a lovely program but it does take some time to configure and understand it well.

 

Honestly, you don't have to be paranoid to stay safe. Don't click popups, dno't go to suspicious sites... you should be fine.

For a while my only defenses were the ones provided by Chrome and MSE. Never had any problem with those alone. I've recently added additional security by forcing certain sites to route to a nonexistent IP instead of my computer. Basically any ad sites or malicious sites go to my router and my router goes "Hey, the computer's at 0.0.0.0" and they never get to me. Obviously it's not a complete list, but it helps, and no ads!

Really though if you want to be safe:
1) STAY UP TO DATE, flash, windows updates, java, antivirus
2) Install MSE
3) Use a popup blocker

you should be fine with those.

 

For free antivirus, I typically use eith Avria or MSE, and for paid, I use ESET NOD32. If your concerned about it crashing your system, just try the trial first.

Most other things have already been mentioned.

Another things I recommend is find a program you like to make images of your system. I have a large external drive that I use just to store images, and I only connect it to either backup or restore the images (so it's less likely to get infected).

Virtual machines are a really good idea to. They're easier to manage if they do become infected. I haven't used sandboxie before, so I'm going to go try that myself.

 

I've never used sandboxie, but it should be pretty good. Not quite what Chrome does but a start.

I wouldn't bother paying for an AV, they all have essentially the same detection rates, but NOD32 is an excelled one.

I personally feel that VM's just take too much away from the system. I would definitely suggest making a system restore point once in a while as well as a system image. I have a 250GB hard drive for all of my stuff and I keep an image on there.

edit: Oh, and don't bother trying to run Chrome in sandboxie. I don't think it works and it would be pretty useless anyway.

 

Thanks for all your helpful responses, I'll definitely take them into account.

I am a bit paranoid I'm afraid Hungry Man! I tried to be as sensible as possible on this laptop (it's had no notable virus issues in two years) so it freaked me out a bit getting such a bad one.

And I'm sorry if I seem a bit clueless about this stuff, but to be honest it's because I am! That's why I came for help, we can't be experts on everything right? :]

Thanks again.

 

If you only take 2 pieces of advice from the above posters...

1) do not use internet explorer, use chrome or firefox and keep up to date

2) do not use an administrator account, use a user account

 

Hi:

Norton Internet Security 2011
KeyScrambler 2.7.1.0(latest)

I have used both of these for some time,,no viruses or key loggers, set'em then forget em..lol

Cheers
3Fees

 

Absolutely right.

It's your mindset that sets you apart. Becoming aware of your own cluelessness and stupidity (no one is perfect) is probably one of the most helpful starting points if you want to learn about security.

That being said, I'd like to tell you thath the problem with anti-virus and anti-spyware is that they are mainly reactive security reasons, which means that they can only / react/ but not / protect in advance/. There's heuristic analysis, for example, but the main characteristic of anti-virus products is still their signature-database-based scanning. Creaters of malicious software continue with their efforts to hide their products from anti-virus vendors and to sneak around specific heuristic products. So while signature-based scanning is a very, very good idea to further shrink the risk, it is not a proactive security solution and therefore by design can't withstand the changing world of malicious software. Since the number of malicious pieces of software found increases greatly every year, vendors of anti-virus solutions simply cant't be able to keep up with the task of finding and analyzing every published malware, let alone create signatures that would be hard to elude for every malware. If anti-virus software vendors don't find more ways to proactively detect malicious software (and they're still working hard on that), they're doomed. The other way around, believing that a security "solution" such as an anti-virus software (no matter which one) will make you secure is dangerous.

Security is not a solution, it' a concept. Security is like a bubble: No matter from which angle the needle was brought in by the attacker, it won't just pop the area of the bubble that you didn't shield.

 

When you get your new machine and walk through the setup wizard...it'll ask you to name a user account. Your first instinct will be to just type your name...but do this instead

*yourname* (admin)

Why? This account, for some reason, is going to be an administrator account..this'll serve a reminder to you to create a standard user account once you've booted into Windows. UAC will allow you to do most anything you can with the admin account via your standard account.

I echo what the other posters said, but also realize that it's possible to become so overboard with security that it negatively affects your enjoyment of your machine. If you use common sense, install the right software (Norton 2011 or Microsoft Security Essentials are both excellent options for mainstream users) and run as a standard user, you should have no issues.

Good luck

 

I use ESET aka. NOD32 products and solutions for over 6 years with no hassle.

 

the best security??? it depends on your needs and your hassles resilience

mine is pretty high so here is what i consider a good security:


no wifi

the right router with wpa2 and a password of a minimum of 5 words

no usb key plug as it often brings virus with it

an internet provider offering a free antivirus protection service

a user account

UAC set to highest

a reliable hardware: ssd over hdd?

a back-up software

programs with good and different passwords, OS included

a password manager: protector suite, lastpass

drivers, OS, programs up-to-date: secunia PSI

a virtual machine: vmware or virtual pc

firefox with security add-ons: noscript, wot, adblock plus, ghostery, redirect remover...

and other internet browsers uninstalled

only the useful and used programs installed

a disk encryption program: truecrypt

a program and registry manager: jv16 powertools

some on-demand scanners: emisisoft emergency kit(free), MBAM(free), superantispyware(free), hitman pro(paid), vba32kit(free), eset online scanner(free), housecall(free), windows defender(free), norton power eraser(free), GMER(free), virustotal(free), jotti's malware scan(free)

some good habits: thinking before clicking, stay informed from security websites

a security tester: shieldsup, comodo leaktests, spyshelter anti-test, auditmypc

an internet security suite stand-alone: comodo, online armor

or a firewall/HIPS/sandbox: comodo firewall(free)

with an antivirus suite(no firewall): MSE(free), coranti, avira, norton, gdata

and added layers:

an antilogger: keyscrambler with spyshelter or prevx

a sandbox: sandboxie



comodo leaktest and spyshelter anti-test = all tests passed, doesn't mean a thing but it's better than nothing

 

you should also use a firewall...sometimes the antivirus has a built in firewall but mostly it won't.

 

Use a hosts file to block >90% of malware and ads with nill impact on your system resources.

MSE is fine, as is avast. Avoid the retail antivirus products. They're not nearly as bloated and horrible as they used to be, but they don't do anything better than the free ones.

 

^90% of ads and adbasede malware =p not 90% of malware. But yeah, host files are a great defense and there's virtually no difference in performance. The file itself is like... ~40KB and I believe it gets loaded into RAM at startup, so yeah.

I wouldn't bother with keyscrambler. Unless you think you've been infected there's no real reason to have it. I'd focus on using your resources to prevent infection.

 

With an up to date hosts file the servers hosting and communicating with known malware are blocked on a system wide level, it's not just ad based malware. The only thing you're left vulnerable to is brand new threats and hijacked sites.

 

Most infections are through hijacked sites. XSS attacks are one of the most popular (if not the most, if I remember they make up 80% of infections) attacks.

edit: The only way to protect against that is with an XSS auditor and an antivirus.

Host files are still great for protection, especially since XSS attacks are often on ads.