What do you use to keep your PC secure, other than Anti-Virus software?

[Ian]

I'm interested to know what people do to keep their system secure, other than installing an anti-virus package. I'm asking this as although it is possible to keep a system secure through taking plenty of sensible precautions, it's hard to stop being compromised via vulnerabilities.

I've run anti-virus software for many years now, and it mainly seems to detect e-mail virus attachments which I wouldn't open anyway. However, once it found a trojan on my main system which I found it very difficult to trace. It turns out I was using an insecure version of Adobe Acrobat reader... this started the problem as I ended up visiting a blog which had been hacked and had some iframe code injected in to each page. The iframe contained a PDF file which exploited this vulnerability and somehow contained a trojan payload.

I don't know how serious the trojan actually was, as by the time my AV scanner recognised it a few days later there was no information available about it (as it was so new). Taking no chances, I just formatted and started over - as it gave me a chance to have a spring clean.

This was a long time ago now, and since then I used tools like Secuna Vulnerability Scanner to make sure all my applications are up to date (and I've switched to Foxit Reader instead of Adobe, as any vulnerabilities aren't often exploited in that).

I'd be interested to hear what precautions people here take, aside an anti-virus package and common sense. Do you use other tools or perform manual OS hardening?

 

[Thrax]

Noscript (Firefox addon) makes your browser impervious to XSS, infected banners, Java exploits, etc. If you get a virus, it's squarely on your head as you have to activate every flash/Java applet you come across.

Beyond that, I use mah noodle.

 

[Kougar]

Same tired rheteric for me, I would say common sense. I don't open anything I don't trust the source for, if I doubt a URL's sincerity I type it rather than click (simply checking the underlying linked url is not a guarantee anymore), and its one more reason I use Opera since most browser vulnerabilities don't apply. Obviously not even Opera is a guarantee of safety since I've seen java and flash exploits still work through Opera. I keep all programs updated and current, including Windows Defender.

For computer users that have trouble simply using a computer (friends & family as one example) I will use tools like Spywareblaster. This program maintains a current database of both dangerous and less than savory ad serving websites, and automatically installs the blacklist into IE and Firefox to block any redirects or hijacked links to them. It only takes a few clicks to update the list so anyone can use it and keep their browsers a little better protected.

The real life example Ian gives is exactly why users should scan their systems regularly anyway... its less a question of if, but more of when something will get through. Ironically one family member's work PC was hijacked when i was visiting them over the holidays, but because I'd installed spywareblaster the year before every time the trojan tried to open a specific URL using IE it would be blocked. In the very least Spywareblaster can limit the damage, although their computer was a ripe mess already by that point. They even had current (nonfree) antivirus installed but it wasn't doing anything.

 

[GanjaSMK]

Use Trend Micro

Every month or so I run Trend Micro's free scanner which picks up a lot of malicious instances be they a virus, spyware, or malware. It's a simple scan, can take a while but it's free and works well. If it hangs (which it can do on occasion) that means it could be having trouble with scanning something and is a good lead to dig deeper with other forms of protection. All in all it has found many things that other programs I've used have not and has also removed permanent instances of certain spyware that returned after having been removed by other programs. Give it a try.

 

[clearwater]

Security

I have been using ZoneAlarm Security Suite for two years now as a paid subscription. It used to be a freeware program until Checkpoint Software bought them up. However, Checkpoint improved ZoneAlarm so much so that I never have problems with trojans or viruses. It picks up trackiing cookies regularly and deletes them before I have had a chance to check its daily scanning results. I believe I paid under $50.00 for the first year, and updates are annually $30.00. I have found it to be the best security software that I have used so far, and I am completely satisfied with the service. When I started out with anti-virus/anti-spyware programs I tried Webroot, Norton, Spybot, and AVG when it was free. I still use Spybot occasionally, just in case ZoneAlarm might have missed something. It is free, but I try to send them money every so often, because I realize that they cannot continue without funds. I am running AVG now as a 30 day trial. It is thorough, but it takes up to 15 hours to scan my system. I'm not sure why it takes so long. ZoneAlarm is usually done in less than a half hour. As far as Webroot and Norton are concerned, I think that they are useless. I wouldn't buy anything with the Symantec name on it. And Webroot went behind my back when I was "looking for the price in cart" since they wouldn't tell you the price, and they somehow got my credit card number from Best Buy and charged me for a purchase even though I emptied the cart and backed out. Our credit union called because the way the charges went through, it sent up red flags, so they put a hold on the transaction until they verified with my wife and me. Of course we were outraged and thankful to the credit union for their excellent security screening. But I'm getting off on a rabbit trail. I cannot get a hold of ZoneAlarm to see if they are working on a Windows 7 compatible version of their product. I have logged onto a few websites which are titled Windows 7 and ZoneAlarm and the like, but once in there is no information whatsoever about ZoneAlarm. I have e-mailed ZoneAlarm, but that was probably stupid since a million other people probably did the same. I have gone to their website, but there is no mention of Windows 7 anywhere on the page. My 30 day trial with AVG is up September 9 and I sure would like to have ZoneAlarm back again. It does not work with Windows 7 thus far. If anyone has any information on this topic, I sure would appreciate hearing about it.

 

[draceena]

Other than the usual, not opening suspect emails, ect, I use the following:

Firewalled Router
Comodo Software Firewall
A-Squared Anti-Malware
Malwarebytes Anti-Malware
SpywareBlaster
Windows Defender
Mailwasher Pro

And Firefox with: Flashblock, NoScript, AdBlock, Web of Trust

 

[Kougar]

Draceena brings up a good point. I personally use a DLink router with a rather good built in hardware firewall. Rather than firewall every single network computer I just use the router in conjunction with the firewall built into Windows. A hardware firewall is a must.

I still use the following as well:

Malwarebytes Anti-Malware
Spybot Search & Destroy
Ad-aware
Spywareblaster

I do not recommend anyone use the system protections built into Spybot or Ad-aware, they tend to conflict with programs and cause problems. I only use the programs for manual scanning.

 

[Veedaz]

My Windows 7

Router Hardware Firewall
Windows 7 Firewall + Vista Firewall Control
Vipre Antivirus + Antispyware
Malwarebytes Anti-Malware on demand

The Wifes Windows 7

Router Hardware Firewall
Comodo Firewall
Spybot on demand
SpywareBlaster

 

[clearwater]

Hardware Firewall

Hi Veedaz,

Thanks for the information. It's funny that when I mention hardware firewall to techy people who should know these things that they look at me like I fell off the moon. I am repeatedly told that there is no such thing. I do have a hardware firewall of a sort in my Linksys router, but it hasn't been enough.

ZoneAlarm had been doing a fabulous job until I installed Windows 7 RC. They will not be compatible until the October 22 release date. I am using AVG as a trial which will expire on September 24. Then they want $70.00. for a one year license. They are also doing a fine job, but that is a lot of money to spend for protection. (It ismore like extortion.)

We have had nothing but trouble with malicious websites, spyware, and adware, which flooded us with spam, took control of our computer, locked us out of our browsers and e-mail, and so forth. So, I would be really interested in a fail safe hardware firewall that can really protect my PC's. I'm not willing to go through what we went through for nearly 3 years.

I do keep hearing about Spyware Blaster and their record of reliability. And I looked them up and they don't seem to charge much for their services. I also use Spybot which is a good secondary insurance.

Thank you for your suggestions

Ken J.

 

[clifford_cooley]

clearwater - I'm pretty sure every techie knows about the hardware firewall

Like myself I believe the hardware firewall is hardly worth mentioning and therefore doesn't exist in my mind. I might even look at you funny when you say you might rely on this weak firewall. It has nothing to do with not knowing about it. It's wondering why you would even mention it.

Don't get me wrong every little bit helps.

 

[spearace]

At the moment my setup is:

Router (with hardware firewall)
ESet Smart Security (anti-virus and firewall)
MBAM
HijackThis

I think we'll need to agree to disagree about the hardware firewall, Clifford. IMO it's one of the most important parts of a security system as it's very hard to bypass when configured properly. A direct attack or exploit to a computer hard wired to the internet, without going through a router firewall is going to be much easier to compromise. Software can easily be disabled and it doesn't allow you to hide behind anything.

ZoneAlarm had been doing a fabulous job until I installed Windows 7 RC. They will not be compatible until the October 22 release date. I am using AVG as a trial which will expire on September 24. Then they want $70.00. for a one year license. They are also doing a fine job, but that is a lot of money to spend for protection. (It ismore like extortion.)

You can get something like NOD32 or KIS2010 much cheaper than that (around $30) or you can use Avira/Avast as a free anti-virus and combine that with a free Windows 7 firewall. If you start a new thread on it and I'm sure we can help you out .

 

[clifford_cooley]

A door lock is important on a car too. But that only stops the ones that will not break the window. Car alarms are important too if you don't fully trust the door locks. The ones you have to worry about the most are the ones that will break through the glass.

Sure I will agree with you on the hardware being important because its the first firewall. That doesn't make it the most important. It only means it blocks the majority. The Minority are the ones you need to worry about the most which makes the most important firewall the stronger one behind the first.

 

[clearwater]

Hi clifford_cooley,

My only response to your reply is why are people sending me posts telling me that I need a hardware firewall if it is so undependable? Am I missing someting here? What is a hardware firewall's significance and why is it even relevent at all? Perhaps it is only just a little bit of extra defense.

Thank you for suffering my ignorance,

clearwater

 

[clearwater]

A door lock is important on a car too. But that only stops the ones that will not break the window. Car alarms are important too if you don't fully trust the door locks. The ones you have to worry about the most are the ones that will break through the glass.

Sure I will agree with you on the hardware being important because its the first firewall. That doesn't make it the most important. It only means it blocks the majority. The Minority are the ones you need to worry about the most which makes the most important firewall the stronger one behind the first.

Hi clifforn_cooley,

I hadn't noticed your post of just 2 hours ago. That one answered my question clearly. I notice that others have said the same thing that you did. I'm a little slow sometimes to realize that my gut feelings on a subject are correct, I just need confirmations from those who know more than I do. So just ignore my previous post of a few minutes ago.

Thank you and to all others for clearing up the muddy waters on this subject once and for all,

clearwater

 

[clearwater]

Draceena brings up a good point. I personally use a DLink router with a rather good built in hardware firewall. Rather than firewall every single network computer I just use the router in conjunction with the firewall built into Windows. A hardware firewall is a must.

I still use the following as well:

Malwarebytes Anti-Malware
Spybot Search & Destroy
Ad-aware
Spywareblaster

I do not recommend anyone use the system protections built into Spybot or Ad-aware, they tend to conflict with programs and cause problems. I only use the programs for manual scanning.

Hi Kougar,

You're right about Spybot and Ad-Aware. I am using AVG because ZoneAlarm which was working just fine on XP is not compatible with Windows 7 at this time and won't be until the October 22 release date. AVG seems to be quite reliable and also quite expensive. After the trial period is over for AVG I am considering trying Spyware Blaster, but doesn't that still leave the virus door open?

Additionally, I never use Spybot while ZoneAlarm is running, nor do I run other programs at the same time either. I use it periodically in case something malicious has been missed and is lurking about my system.

Thank you for your suggestions,

clearwater

 

[clearwater]

At the moment my setup is:

Router (with hardware firewall)
ESet Smart Security (anti-virus and firewall)
MBAM
HijackThis

I think we'll need to agree to disagree about the hardware firewall, Clifford. IMO it's one of the most important parts of a security system as it's very hard to bypass when configured properly. A direct attack or exploit to a computer hard wired to the internet, without going through a router firewall is going to be much easier to compromise. Software can easily be disabled and it doesn't allow you to hide behind anything.



You can get something like NOD32 or KIS2010 much cheaper than that (around $30) or you can use Avira/Avast as a free anti-virus and combine that with a free Windows 7 firewall. If you start a new thread on it and I'm sure we can help you out .

Hi spearace,

I have taken note of your suggestions and copied them to a document for referral. I will give them a try. I just need something to bridge the gap between now and October 22. Who knows, I might like these better than what I have been using and just go on with them.

Just a P.S.: I used Windows Defender a couple of years ago and found it to be of little value as far as protection and detection of malware were concernded at that time. Has it been improved any since then?

clearwater

 

[Thrax]

A hardware firewall, the result of a router's NAT mechanism, is one of the most important security things that nobody knows is there. It stops any and all drive-by attacks, and reduces a PC's susceptibility profile to only the things their actions cause.

That is, if you have a router installed, you basically cannot get infected unless you do something on the PC that causes an infection.

 

[Kougar]

After the trial period is over for AVG I am considering trying Spyware Blaster, but doesn't that still leave the virus door open?

Additionally, I never use Spybot while ZoneAlarm is running, nor do I run other programs at the same time either. I use it periodically in case something malicious has been missed and is lurking about my system.

Thank you for your suggestions,

clearwater

First off Spywareblaster is free: This is the program I am referring to: http://www.javacoolsoftware.com/spywareblaster.html

Secondly, it does not scan for spyware. All it does is blacklist known bad sites within the browser, nothing more. So Spywareblaster will not offer any active or passive scanning protection, it is not designed to do that. Spybot S&D is a passive scanner, it only scans when told to scan... an Anti-vrius program would be considered an active scanner because it scans everything executed in real time as it is opened or run.

 

[clearwater]

PC Security

Not having read GanjaSMK's comments I have recently stumbled upon Trend Micro's Internet Security. I didn't see a free version but only the pay one. It is a little pricy at $69.00 per year on one PC, but it does seem to do a very good job.

I do find that it struggles with certain incorrigible spyware and viruses at times. But if you are tenacious, especially with the helps in Windows 7, you can usually get rid of what is ailing your PC. I am using it as a 30 day trialware, but I will certainly see if I can find the freeware.

This program is very straightforward and relatively simple to use once you have it configured. GanjaSMK 's description of how it works and some of its shortcoming were exactly what I found to be true. However, I still like the program for its simplicity and its ability to turn up insidious malware. If I can't get results I simply turn to Spybot which usually does a number on the offending software.

Thank you GanjaSMK and Kougar for your comments.

 

[Veedaz]

You could try Vipre Antivirus + Antispyware full working trial clearwater

Link > http://www.sunbeltsoftware.com/home-home-office/vipre/