1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Please give me security advice for my new Windows 8.1 computer (please help)

Discussion in 'General Security' started by AlwaysScrewed, May 19, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    So... I was up way to late last night installing 123 Windows Updates, which, in total, took six hours to finish. That was way too long. I don't want to go through that again.

    So I need some security advice on protecting my Windows 8.1 computer so I don't end up having to restore it to factory settings just to get rid of something bad that somehow got onto my computer.

    I have been told in previous threads that all I would need for security would be Windows Defender, Windows Firewall, and MalwareBytes Free in terms of programs. In terms of add-ons for FireFox (which is the browser that I like and I like to use) I was told I should install AdBlock Plus, Adblock Plus Pop-up Addon, Element Hiding Helper for Adblock Plus, and NoScript.

    I will also be installing the Web of Trust add-on as well.

    Is this really all I will need? Was I told correctly?

    Please keep in mind that I am pretty much working with absolutely no finances so I really cannot afford anything that I have to pay for to get/use. Which means my only options are to get stuff that is free but good.

    If you could please just help me out here and tell me if all of this will protect my Windows 8.1 computer, or if I should add anything else, I would really appreciate it.

    Because, like I just said, I don't want to end up going through 6 hours of Windows Updating again.

    I'd really appreciate any help anyone here could give me.

    Thank you.
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,821
    You start off with listing the kinds of threats you'll encounter. First you should know the threats, then find the counter measures. Here is a list of threats:
    . virus
    . trojan
    . botnet
    . keylogger
    . rootkit
    . screen grabber
    . phishing
    . worm
    . other malware like fake antivirus
    . live hacker

    Counter measures for virus are antivirus programs ( ESET, BitDefender, Avast, or Norton etc ). Antivirus counters trojans also. Generally, You are looking for best virus detection coverage. There are many antivirus programs to choose from. To help decide which one to buy go visit these 2 antivirus evaluation sites:
    https://www.virusbtn.com/index
    http://www.av-comparatives.org
    It takes a bit of reading but read their reports. Then pick one that is consistently ranks among the top because the top most one will vary from season to season.

    Note that antivirus firms take a strict definition of what a virus is and is not. And do not provide coverage for other types of non-virus threats. So for example if a program replicates itself and damages Windows, then it is a virus. But programs that record your credit card numbers and user account passwords are not viruses. And your antivirus program won't even blink.

    Botnet enable a hacker's command and control center to remotely control your PC. Your PC can then be used to send spam or attack other computers. I don’t know what will detect and remove botnet clients but a good 2 way firewall with inbound and outbound protection is part of protecting against them. Windows firewall is 2 way, but you have to enable outbound protection because it is off by default. The 2 way firewall stops the botnet from reaching outbound to contact its server. Because Windows Firewall does not prompt when it blocks outbound connections, it is hard to configure. Use of a 3rd party firewall is recommended, I suggest Comodo Firewall free. (https://www.comodo.com/products/free-products.php)

    Keyloggers capture key presses, and can home in on usernames and passwords and credit card numbers as they are typed. The captured keystrokes are sent back to the hacker's server. Keyloggers can be countered with tools like Key Scrambler (https://www.qfxsoftware.com/applications.htm) and Zemana AntiLogger. Zemana can also stop screen grabbers. (http://www.zemana.com/product/antilogger-free/overview/) And a 2 way firewall also helps contain it like how it contains a botnet client, which forms a second level of defense.

    Rootkits are used to hide files and programs. Usually hackers will install one to hide his tools like a remote admin program. Malware may also make use of them. Rootkits can be countered by using a Standard Account ( vs all powerful admin accounts ) because they need admin privileges to install. There are also rootkit removal tools like TDSSKiller and Gmer. But they are after the fact removal tools; it is much easier to prevent them from installing by using a Standard account for your daily tasks. A Standard user account will also help against some viruses and malware, as a Standard user account cannot install programs and this protects you against things that try to infect the whole system.

    Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware is defined by its malicious intent, acting against the requirements of the computer user. (definition from wikipedia) MalwareBytes ( a free version available) is great at removing malware, like fake antivirus programs that falsely report that you are infected and ask you to pay to have them removed.(http://www.malwarebytes.org/2/)

    Phishing is done by sending you emails with links to a website asking for your personal information, which is actually a server run by hackers. Ploys that have been tried include emails that pretend they are from your bank, the IRS, and other important sounding places. Without fail, they all ask you for your date of birth, social security number, bank account number etc. The key way to thwart this is to be able to read web site addresses on the address bar of the browser. Know that bankofamerica.getinfo.com is NOT a bank site, the site name is 'getinfo.com'. The only part of a web address that matters is the part just before the '.com'. Once you are able to read web addresses, you will know who you are dealing with and know to stop giving out information.

    Sophos claims to remove worms. But I think most antivirus programs don’t work against worms. A worm's main goal is to replicate itself onto all systems without interaction on your part. In past cases, some were so successful that it ate up all the networks' bandwidth doing replication that normal internet functions stop.

    A live hacker attacking your system is most dangerous threat. If he doesn't use any viruses or malware, then he is virtually undetectable, and good hackers strive to stay undetected. They are also known to use memory based attack tools that doesn't leave any files on the system, so no file scanner will pick it up. If she gained admin privileges through some vulnerability, then she may deploy a rootkit and install other tools which will remain hidden. Although there are rootkit scanners, they only detect ones that are popularly deployed. Hackers usually keep a tool chest of private tools that scanners can't detect. The only way to recover from a live hacker attack is to reformat and re-install Windows. Then update Everything and pray that the security vulnerability she uses to gain first entry no longer exist. For protection against hackers, it is important to harden your Windows. A hardened system with minimal attack surface configuration will present less for the hacker to manipulate. You can Google for 'hardening Windows 8' to find some guides on how to do this.

    There are also some general protection tools and configuration that stops attacks. If you have Windows 7 Pro or Ultimate or Windows 8 Pro, you can enable Software Restriction Policy which stops things from running unless they reside in \Program Files and \Windows. That would cover a lot of attacks.

    EMET is a free MS tool that stops attacks coded in a certain way, and is very good protection.(https://www.microsoft.com/en-ca/download/details.aspx?id=43714)

    Another protection mechanism is Sandboxie (free). It contains all browser based attacks into one folder and the attack tool cannot escape from it into drive C, and you can wipe that folder anytime. (http://www.sandboxie.com/) Browsers are primary target of attacks nowadays because they are used by everyone and it interfaces to the internet. Most hackers will not attempt to breech your firewall and router as they would in the past, because you use the browser to go through these and they can attack the browser to reach in. Rather than directly attacking you, they attack web sites and rig them to auto-download any of the threats listed above. This way presents most bang for the effort. So it is of UTMOST IMPORTANCE to keep up with the latest patched version of your browser. You should check for new versions at least every month.

    Most importantly, you have to patch Windows and ALL your apps. Security patches close security holes that make attacks work. Secunia's PSI is a good free tool that tells you when security patches have been released for your installed apps. Security patches treats the source vulnerability. Attackers, viruses and malware hack by attacking vulnerabilities that exist on your system. If the vulnerability is patched, then they can't do anything.(http://secunia.com/vulnerability_scanning/personal/)

    Physical security is also important, Windows 7 Ultimate and Windows 8 Pro has BitLocker which can encrypt your whole drive. And when the key is stored in a USB stick, thieves cannot boot your system. It also protects against offline attacks, which is when an attacker boots Linux off a CD to bypasses Windows security. The encrypted drive cannot be mounted by any other OS.

    If you own a laptop, then you should get a cable lock to prevent your system from getting stolen.

    After all counter measures are in place, you need to monitor for attacks. As evidenced by many large corporations, attacks most often go unnoticed for months. And so you have to monitor your event logs. MS has a Security Monitoring and Attack Detection Guide. (https://www.microsoft.com/en-us/download/details.aspx?id=21832) This gives you the EventIDs to filter your logs for. (Note you have to add 4096 to all EventIDs mentioned, because the guide is written for Windows XP. And Vista, Win7 and Win8 uses a higher set of EventID numbers). You need to do this every 2 weeks. Also after securing your Windows, you can create baselines to use on log-review-day to compare if configurations have been changed. One such program is Autoruns. This program lists out all the programs that run upon startup. (https://technet.microsoft.com/en-ca/sysinternals/bb963902.aspx) Because all malware needs to run at startup to keep you infected, this tool is valuable to have. Autoruns can save configurations and can compare current configuration to the previously saved version.

    Backups are your last defense. Do backups diligently on schedule. Although criminal hackers are often after your work files and credit card numbers etc, some others will harm your system by wrecking windows functions. Most often, attackers will want to prevent you from detecting their presence by wrecking your security tools. Automated hacks will also try to stop you from visiting antivirus and antimalware sites. Sometimes Windows is wrecked so badly that a re-installation of Windows is your only choice and you will need your backups. Also currently there is a type of crypto-virus that encrypts all your valuable documents and photos and asks you for a ransom to get the decryption key. Depending on how much new data you generally make, you will want to do backups weekly or bi-monthly. So you need 2 types of backup, one type for your data, and another one for the entire system (called an image) which includes all your programs and Windows configurations and Windows patches. To create a disk image, you can use Macrium Reflect Free (http://www.macrium.com/reflectfree.aspx)

    Do not lose your Windows install DVD. You should keep all your computer discs / windows disc / program install discs and driver install discs together on a bookshelf.

    Lastly, to have the "best security", you have to read up on the latest threats and see if they affect you. Then you can take steps to mitigate the threat until patches become available. www.threatpost.com is one such site.
     
    Last edited: May 20, 2015
  3. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    But what about the stuff I mentioned in my first post?

    Are you saying that all of that isn't enough to protect my computer? Are you saying that what I have been told in the previous threads is incorrect?

    The only thing I wanted to really know is if the stuff I posted in the first post is enough to protect my computer, and if not, what else I should add to ensure I can protect it.
     
  4. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,821
    As for MalwareBytes, it's a good program to have. Though for real time protection, you have to purchase the full version. The free version does not update on its own, and does not respond to threats real time, you have to initiate a scan yourself when you think you're infected.

    Adblock plus is a good add-in, and so is NoScript. Adblock will block advertisements, and sometimes ad banners are malicous, as the ad companies do not adequately inspect all banners before going live. NoScript stops javascript from executing, and many attacks to browsers utilize javascript.

    In my post above, I am adding more tools to your defense arsenal. The softwares you mentioned in your first post are good. But you need more. Read thru my first post to see what additional programs you need to stay truely secure. I have also given you links to the downloads needed. You hear people adding this and that security program to secure your computer. What I was doing was categorizing the threats and dealing with them methodically. You must know the threats which you'll encounter before you can know to deal with them. Attacks to your PC come in many different ways, and there are corresponding mitigations for each attack vector.

    Since your primary concern is to avoid a re-install of Windows along with the required lengthy Windows Update. I pointed out to you a program called Macrium Reflect. This program does a complete image backup of your Windows, data, and updates. Most people use this once a month after MS Patch Tuesday; ( 2nd Tuesday of each month ). So you check on Wednesday that Windows Update had installed patches overnight, and do a image backup to a USB drive. This way, if you get attacked in the following days, you can restore from the backup image, then restore your data files, and everything is good to go again, without going thru the pain of re-installing Windows.
     
    Last edited: May 21, 2015
  5. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    I cannot afford to buy anything and I clearly stated that in the first post.

    So you are saying that what I was told by other users on this forum was incorrect?
     
  6. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    What you are asking is subjective. For most users in general and provided they aren't visiting dubious sites what you have should be sufficient in addition to making sure that you are running the latest version of the software you have such as Java, Flash, browsers, etc. Lunarlander is merely making suggestions to further harden your system. More can always be done but the more you harden the more difficulty you may have visiting sites, etc. if nothing is permitted.

    The only other software I see recommended is Macrium Reflect. It has a free version and is a good addition but it's not to help with security it's to help restore your system to the last good image before a problem or infection occurred in a matter of minutes so you don't have to go through reinstalling Windows and all the updates, software, drivers, etc.
     
  7. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    Okay but how long does it usually take to do an "image" or whatever and how large will the "image" be?

    I really don't have any external drives that are very big except for a 32GB USB Flash Drive and an external HD that I am already using with my laptop.

    Also... why can't I use Windows Defender for my antivirus as the other users on this forum said I could?
     
  8. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    It takes minutes to create the image and they can be quite large but it depends on how many programs you have as well as documents, photos, music, etc. If you don't have much space then only keep the latest two images, for example. The main thing is that you have the latest one that was taken when the system didn't have any problems. Some imaging software will do increment backups which means they don't image the entire system every time but only update what's changed since the last full image so they're much smaller but I'm not sure if the free versions have this option.

    Also, flash drives should really only be used for transfers (one computer to another) but not for long term storage as they are not as reliable as an external drive would be. You didn't say how big your external is but if you have room on it then I'd store the images there. With Macrium (or any other software of this type) you have to create a rescue CD at the beginning. This will be needed in the event that the system becomes unbootable for whatever reason. You will be able to boot from the CD to run the computer in order to be able to use the image to restore it.
    Who said that you can't use Windows Defender? :confused:
     
  9. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    lunarlander is making it seem like I can't use Windows Defender as my Windows 8.1 antivirus. He is recommending others when I can't afford anything other than free.

    Also, I have no CD's to use for image burning or whatever.

    I'm not using most of those programs on my laptop and using Avast and Comodo Firewall and I've been pretty much fine for the most part. I don't even use NoScript on my laptop and I'm still fine.

    I'll put Comodo on my Windows 8 computer but is there a way I can prevent GeekBuddy, PrivDog, and Comodo Dragon from installing as well? Because that happened when I installed it on my laptop back when I had to restore my laptop to factory settings and I don't want all of that. I just want the firewall.
     
  10. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    Those were just examples he was giving and was not all-inclusive.
    You don't need CDs.
    I don't know anything about Comodo so I can't help you there.
     
  11. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    Then what do I need? I can't use my external HD because I'm using that for my laptop and to put all of the files and stuff that I want onto my new Windows 8.1 desktop.
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    There's no room on it for an image or two? Is it full? How big is it?
     
  13. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    884GB free of 931GB according to "my computer" on my laptop.
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    115,245
    So it looks pretty big and has lots of free space. There's plenty of room for some images. I started my external and my Macrium image is 14.8 GB.
     
  15. AlwaysScrewed

    AlwaysScrewed Thread Starter

    Joined:
    Apr 10, 2014
    Messages:
    181
    I'll think about it.

    Anyway I installed Comodo Firewall on my 8.1 desktop. I had to uninstall GeekBuddy and some kind of Comodo Internet Browser but I did that.

    I need to turn off Windows Firewall but I will do that as well.

    I'll just try to be as careful as I possibly can be.

    Thank you so much for all of the help.

    If I have any further questions, I guess I'll just make another thread.

    Thanks again.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1148501

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice