Essential PC security programs

[Roentgen]

Hey all.  I like to think I take pretty good care of my PC.  It's been over three years since I had to reformat/reinstall due to a bug I picked up.  However, in my never ending quest for internet porn I picked up a bug I just couldn't shake with Norton, MalwareBytes, Adaware, Hitman, etc.  I think I'm actually out of touch with what it takes to keep a PC healthy these days.

What do I need?  I am willing to purchase.  Not just the free stuff.

[Sky]

Have a separate porn box in a DMZ. You can't win against teh pron.

[Jherad]

Heh, failing that, a freely downloadable virtual machine from MS.

http://www.microsoft.com/downloads/details.aspx?familyid=21eabb90-958f-4b64-b5f1-73d0a413c8ef&displaylang=en

Needs virtual PC, also freely downloadable.

Can also get sandbox utilities like this. Run your browser in a sandbox, and it should isolate any changes.

Also, use Firefox, with the NoScript addon.

[Engels]

Prevention is always better than the cure. Firefox with NoScript is the best way to view pages you're unsure of.

Las thing, Roentgen, have you run those security programs while in safe mode? Sometimes running the programs in safemode can catch a non-active malware executable that would otherwise be running in normal mode.

[Roentgen]

Prevention is always better than the cure. Firefox with NoScript is the best way to view pages you're unsure of.

Las thing, Roentgen, have you run those security programs while in safe mode? Sometimes running the programs in safemode can catch a non-active malware executable that would otherwise be running in normal mode.

No, I didn't run 'em in safe mode.  Too late but I'll remember if it happens again.  So basically the best an average guy can do is AVG + Firefox with noscript and Adaware?

[Prospero]

I don't believe Chrome has been compromised yet. Its sandboxing is pretty beastly. It might be a decent way to browse if there Javascript laden sites you like.

[Trippy]

I don't believe Chrome has been compromised yet. Its sandboxing is pretty beastly. It might be a decent way to browse if there Javascript laden sites you like.

Chrome is vulnerable too:

http://www.securecomputing.net.au/News/219229,chrome-gets-security-update.aspx

[MahrinSkel]

Best protection against porn-delivered trojans: Linux.  Firefox works pretty much the same in either.  Second best: Sandboxie.   Both mean reduced performance (few windows open before they start running choppy), but are pretty safe because they shrug off the standard trojans (sandoxie may have to flush the sandbox after a nasty one), but give far better and more reliable protection against trojans.

--Dave

[Salamok]

Using a VM to surf is pretty safe, I still prefer virtual box to Microsoft's solution though (mainly due to the load times).

[raydeen]

Using a VM to surf is pretty safe, I still prefer virtual box to Microsoft's solution though (mainly due to the load times).

I used Wubi (Windows Ubuntu Installer) on a friends machine after he managed to screw it up twice in the space of three weeks. I told him when he wanted to surf dirty, reboot, pick Ubuntu and after he got it all out of his system, go back into Windows. That was two years ago and so far, no calls. For all I know, he may still be in Ubuntu as we set up his email, IM and other stuff there.

[Chimpy]

The most essential security program is to keep your OS and applications like Flash updated.

I have spent the better part of 2 days cleaning viruses off of my step-dad's old PC and getting it up to date with windows security updates. I had to do 4 cycles of essential security updates/reboots before it even got to installing SP3 (which has been out for over 2 years) and I am sure I still have 3 or 4 cycles after SP3 finishes.

Most of the common viruses/trojans/spyware take advantage of already patched holes in software. Keeping your computer up to date will make it that much harder to get a virus.

[fuser]

The most essential security program is to keep your OS and applications like Flash updated.

A great program for this is Secunia's PSI. Forgot to mention it earlier but its exactly what you mention and keeps an eye on all the other software and alerts you of risks and possible resolutions.

What's great is it will drill down into the add-ons with quick convenient resolution or fixes to insecure browsing issues. Here's a report on the QuickTime attack vector still in the wild that a lot of people probably have open. Totally forgot I exposed myself to it via an iTunes upgrade.

[Murgos]

How about a tangentially related question?

Detection.  What techniques do people use to know if they have a virus?  Typically, if I am worried about it on my machine I'll check my logs at the router for suspicious activity and processes I can't trace back to a legit program but I doubt if that's fool proof.

What do you guys do?

[Minvaren]

A great program for this is Secunia's PSI. Forgot to mention it earlier but its exactly what you mention and keeps an eye on all the other software and alerts you of risks and possible resolutions.

Bookmarked, thanks!

[Numtini]

Detection.  What techniques do people use to know if they have a virus?  Typically, if I am worried about it on my machine I'll check my logs at the router for suspicious activity and processes I can't trace back to a legit program but I doubt if that's fool proof.

Safe mode, hijackthis and malwarebytes.

[Jherad]

'Autoruns' and 'Process Explorer' are pretty helpful for pinning down problems, along with a healthy knowledge of what processes should be running.

It never hurts to just check out what is running from time to time, whilst keeping your AV product+definitions up to date.

[ghost]

Boot linux onto a cheap PC and surf your porn on that

[Engels]

Boot linux onto a cheap PC and surf your porn on that

Minor hickup there: Flash on Linux blows. And not in the good way.

[Morat20]

'Autoruns' and 'Process Explorer' are pretty helpful for pinning down problems, along with a healthy knowledge of what processes should be running.

It never hurts to just check out what is running from time to time, whilst keeping your AV product+definitions up to date.

I second process explorer. Even if you're not familiar with what processes SHOULD be running, process explorer identifies who certified the running process. I've used it to clean off infections -- or at least explicitly kill them so I can run stuff to clean them -- by simply noting processes that aren't certified or certified by some bullshit company name.

I tend to use that and HijackThis to explicitly kill as much as possible, then boot in safe mode and run whatever I need to finish the job. Generally if your basic AV and Spyware doesn't clean it, you'll need something specific (VundoFix or ComboFix, that sort of thing). But if it's resident in memory or autoloading, you need to try to kill that first so it doesn't keep spawning itself as you erase it.

[Chimpy]

Oh also....while I am not a fan of McAfee as a whole, Stinger is still one of the best trojan/spyware removal tools around. Though you still always want to run a full-fledged AV scan with something else as well.

[ghost]

Anyone have an opinion on Kaspersky?  I've been running it for years and like it because it seems to be quite unobtrusive.  What is the best low footprint AV out there?

[Engels]

You don't want too low a footprint. Microsoft Security Essentials has a low footprint, but I've found that it can be pretty late to the party in virus definitions. Virus that have affected my computer lab (100+ computers) have been detectable by both McAffee and Sophos that MS Security Essentials did not recognize. This information is anecdotal!

Kaspersky has a good reputation and has often come out on top of the pack in terms of detection and prevention in various IT surveys. That said, as with all virus companies, their management can change over the course of just 6 months and turn from an industry leader to a pariah (see McAffee). Its best to go on the interwebs and see if you can find the latest reviews for various security suites.

[ghost]

I do 90% of my computing on Macs, so I guess I'm at lower risk.  Their time is coming, however.  It's just a matter of time until the corporate hate that a lot of the hacker types have carries over onto the monster that Apple is becoming.  I've considered making the switch to Linux, and the new Mint 9 is spectacular, but it really comes back to gaming for me.  The only reason I have Windows at all is for games.  Plus I just don't have the time or effort to deal with the coding/compiling necessities that inevitably pop up in Linux anymore.  I have pondered the idea of trying to come up with a nice practice management software for my office using Linux.  I guess I'll do that in my spare time. 

I get you about the footprint thing, too.  I like to think of it as the "just enough to do the job" rule.  I don't need a lot of the extra crap that comes on the software.   So many of these companies overdo it, particularly Norton.