Guide | How To How to strengthen up your security configuration

  • Thread starter Deleted member 21043
  • Start date
The associated guide may contain user-generated or external content.
D

Deleted member 21043

Thread author
Hi everyone,

With the rate of new security configurations being posted all the time, it is only a good idea for me to make a thread on how someone could go about improving their security configuration.

Firstly, I recommend you use a good Antivirus/Internet Security product. An Antivirus product does not usually contain a Firewall. If the Antivirus product you decide does not, then I recommend installing a Firewall alongside your Antivirus product.

I personally recommed either 1 of the 3 Internet Security products. However, this is based on my experience and testing. Everyone has a different opinion, the only person who can decide which product they want to use is YOU. No one else. You should use the trials and test each one to see which one you prefer.

1). ESET Smart Security - I personally feel that ESET have great signature-based/static-analysis detection. (The HIPS (Host Intrusion Prevention System) can perform better once configured correctly). As well as this they have the LiveGrid (cloud).
You can obtain ESET Smart Security from the official website, here: http://www.eset.co.uk/Home/Smart-Security

2). Emsisoft Internet Security - I personally feel that the Emsisoft Behaviour Blocker is good at preventing malware infections and has a good cloud network.
You can obtain Emsisoft Internet Security from the official website, here: http://www.emsisoft.com/en/software/internetsecurity/

3). Kaspersky Internet Security - the signature based detection is OK in my opinion, however they have a feature called Application Control which is quite well liked. As well as this they have the KSN (cloud).
You can obtain Kaspersky Internet Security from the official website, here: http://www.kaspersky.co.uk/internet-security?domain=kaspersky.com

For the money, I recon Emsisoft Internet Security is the best deal. However, I like all 3 products and all 3 are great in my opinion.

If you do not want an Internet Security product then I recommend getting an Antivirus product and then a firewall product alongside it. For Antivirus, I recommend the Antivirus version of the products listed below, however I will also mention some free alternative Antivirus products below, for anyone cannot currently purchase an Internet Security suite:

Paid:
1). ESET NOD32 (Antivirus)
Download: http://www.eset.co.uk/Home/NOD32-Antivirus

2). Emsisoft Anti-Malware
Download: http://www.emsisoft.com/en/software/antimalware/

3). Kaspersky Antivirus:
Download: http://www.kaspersky.co.uk/anti-virus

Free:
1). Avast Antivirus - Download: https://www.avast.com/en-gb/index

I expect someone will mention Qihoo in the comments, so I will mention it here, but not as a recommendation... Qihoo has a lot of users, however I personally do not think it's a fully polished product and I would certainly not trust it. Everyone has their own opinions. It's free; if you want to use it you can, however I do not recommend it and for this reason I will not include it in this thread. The product also seems to be promoted via a lot of adware. It's not always the vendors fault if their product is promoted via adware, however I see them promoted far too often than other vendors. Which is another reason why I have not included them in this thread.

For Firewall products alongside an Antivirus you could use a product like the free Comodo Firewall, however you can always just use Windows Firewall. If you use Windows Firewall, I recommend adding WFC (Windows Firewall Control) alongside it. There is also a program called "Glasswire" which is compatible with Windows Firewall.

Comodo Firewall - Download: https://www.comodo.com/home/internet-security/firewall.php
Windows Firewall Control - Download: http://www.binisoft.org/wfc.php
Glasswire - Download: https://www.glasswire.com/download/


Of course if you know of another Antivirus/Internet Security/Firewall product you want to use, you can feel free to use it. Those are just my suggestions for you.

Before I go off AV/IS and Firewall products, you may like Comodo Internet Security. It also supports "Auto-Sandboxing" with it's Sandbox feature.

After you have got your Antivirus & Firewall/Internet Security sorted out, you will need something people refer to as "on-demand scanners". An on-demand scanner is an application which scans the system without real-time/behavioural components. As we know an Antivirus product may consist of the Real-Time protection, Web Filter, Behaviour Blocker/HIPS... Only difference is an on-demand scanner is when you use a product to just scan the system. You shouldn't install another Antivirus and just disable the Real-Time etc. You shouldn't do this. So instead, there are products which are just for scanning, allowing you to keep your existing security software for real-time protection.

For on-demand scanners I recommend you either pick 1 - 3 of the following. If you want to extend to 4 then you can, however I recommend 3 as a maximum:

ESET Online Scanner
Malwarebytes Anti-Malware (free, the pro version adds Real-Time protection however this is unnecessary).
HitmanPro (this does cost money however you get a free trial beforehand)
Emsisoft Emergency Kit (EEK)

HerdProtect
Zemana Anti-Malware

Of course if you use ESET for real-time, then the Online Scanner would be pointless. Same for if you use Emsisoft as your main security product, the emergency kit would then be unnecessary.

There is a program called Unchecky. The aim of this program is to help keep potentially unwanted programs off your PC.
Download: http://unchecky.com/

Always make sure to have a backup plan. For backup I recommend using either Paragon & Recovery or AOMEI Backupper. As well as using one of these two pieces of software for backup/recovery, you can also try using cloud storage for your personal documents (of course if they are very important that no one else ever manages to get hold of them, don't use cloud storage since it's possible one day the cloud storage may be attacked) or storing them on an external device (external HDD, USB drive, blank DVD).

I also recommend you keep System Restore points for the future. You never know, even with backup for recovery it can be useful. With this in mind, I also recommend you keep a backup of your Registry. Before cleaning with CCleaner you can do this (if you decide to use CCleaner). If not you can do it manually.

If you like the thought of anonymity whilst browsing online, you may like the idea of using VPN (Virtual Private Network). I recommend: CyberGhost based on my experience.

I recommend an Anti-Exploit solution. A product like ESET will already contain Anti-Exploitation techniques, however if your main security solution does not contain such a feature then you may be interested in Malwarebytes Anti-Exploit.

You can download Malwarebytes Anti-Exploit here: https://www.malwarebytes.org/antiexploit/

You may be interested in installing HitmanPro.Alert. It contains many features such as: [check the spoiler]


    • Alerts the user when critical functions of the browser are compromised by known and new banking Trojans, like:
      • Zeus
      • SpyEye
      • Sinowal (aka Mebroot and Torpig)
      • Ice-IX
      • Citadel
      • Cridex
      • Carberp
      • Shylock
      • Tinba
      • and many others...
    • Passively vaccinates the computer to make sandbox-aware malware belief it is attacking an automated analysis system, causing the malware the disable itself.
    • Supports all popular web browsers: Internet Explorer, Chrome, Firefox, Opera, Maxthon, Comodo Dragon, Pale Moon, Tor Browser, Avant Browser, Baidu Spark Browser, SRWare Iron and Yandex Browser.
    • Future proof technology does not rely on malware signatures.
    • Compatible with all antivirus programs and runs alongside any other security software.

The system requirements are shown below:


    • Supported on 32-bit and 64-bit versions of Windows 8, Windows 7, Windows Vista, Windows XP, Windows Server 2012, Windows Server 2008 and Windows Server 2003.

It's CryptoGuard feature attracted many new users; you can more in-depth about it here: http://www.surfright.nl/en/cryptoguard
You can find more information about it at the following URL: http://www.surfright.nl/en/alert



I recommend that if you have an application you are unsure of or is new to you, you run it in a sandbox or another virtualized environment (such as a virtual machine) before your real system.

For the sandbox, I recommend using Sandboxie: http://www.sandboxie.com/
For the virtual machine I recommend VMWare, however VirtualBox will do: http://www.vmware.com/uk & https://www.virtualbox.org/

A suggestion of mine if you want to be extra secure is to install Sandboxie and then run your Browser sandboxed with Sandboxie.

Please be aware of "Anti-Sandboxing"/"Anti-Virtualization" techniques which may try to trick you.

If you do not want to do this manually yourself, you can upload an executable for online automated analysis with one of the following services:

https://www.hybrid-analysis.com (recommended)

https://malwr.com/
https://anubis.iseclab.org/

As well as this, you may wish to upload executables to a online scanning service like VirusTotal to check the score of other Antivirus engines you do not have access to on your main system.

VirusTotal: https://www.virustotal.com/

For web browser extensions I recommend using HTTPS Everywhere. It won't work for every website, but it does for a lot. HTTPS encrypts the communication between your webbrowser and the website, which is always good for securtiy. You can read more about HTTPS Everywhere and the supported browsers at the official link: https://www.eff.org/https-everywhere

I also recommend 3 other extensions:

LastPass - good for storing passwords. You can read more about it at the offical link:
https://lastpass.com/ (there is an extension available. If you cannot find it, search on the store for extensions for your browser e.g. for Google Chrome users, you can go here: https://chrome.google.com/webstore/detail/lastpass-free-password-ma/hdokiejnpimakedhajhdlcegeplioahd and for Firefox users you can go here: https://addons.mozilla.org/en-us/firefox/addon/lastpass-password-manager/ ).

Click&Clean - good for cleaning your browser after your browsing session.
Download - Google Chrome: https://chrome.google.com/webstore/detail/clickclean/ghgabhipcejejjmhhchfonmamedcbeod?hl=en
Download - Firefox: https://addons.mozilla.org/en-us/firefox/addon/clickclean/


WOT (Web Of Trust) - website reputation. NOTE: Please be aware that the reputation results may not always be 100% accurate and true. Take the results from WOT with a grain of salt. However, it's a nice addition and can be helpful in some cases.
Download: https://www.mywot.com/

I really recommend using an Adblocker. You may already know, however Advertisements invade your privacy in a way - they can collect information (for example, they can track you). Blocking the advertisements prevents this. For an Adblocker I personally recommend using uBlock (however it isn't available for all browsers, sadly).

You can download uBlock for Google Chrome here: https://chrome.google.com/webstore/detail/ublock/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
You can download uBlock for Firefox here: https://addons.mozilla.org/en-us/firefox/addon/ublock/
You can download uBlock for Opera here: https://addons.opera.com/en/extensions/details/ublock/?display=en

Since uBlock is not available for Internet Explorer, if you are an Internet Explorer user you can use Adblock Plus. You can download Adblock Plus for Internet Explorer from the following URL: https://adblockplus.org/en/internet-explorer

If you are not using either of those web browsers but a web browser which does not support a adblocker like uBlock, then you can always resort to using something called the Hosts file. The Hosts file is a file stored in a Windows subdirectories which basically blocks connections to certain hosts. It can be modified to work as an adblocker and/or block websites. Please note that it can be tampered with by other software.

The file path to the Hosts file is: c:\windows\system32\drivers\etc\hosts
You may be interested in MVPS Hosts list which can be obtained from here: http://winhelp2002.mvps.org/hosts.htm

If you are someone who really wants to Lockdown their system and try to prevent malware infections, consider using AppGuard and a lightweight Antivirus for backup to that.

AppGuard: http://www.blueridge.com/index.php/products/appguard/consumer

For Privacy/Cleaning software I recommend CCleaner. My experience with CCleaner has been great, and so has most other peoples experience based on the feedback I've seen people give. Compared to other cleaning products which provide "registry cleaning" abilities, I have seen less encounters of "registry issues" when using CCleaner. It can also clear your browser traces in real-time (if the feature is enabled), clean software installed on the system etc.

CCleaner: https://www.piriform.com/ccleaner/download

If you are a very advanced user, I recommend PrivaZer. You can download it here: http://privazer.com/download.php
Just be extra careful and take caution when using it.

For uninstallations, I personally think that the software uninstaller is usually for the best. The developer knows how to make an uninstaller for the product they made. However, it may still leave traces, so if you hate traces being left behind you can try using Revo Uninstaller. Even with this product, traces may still be left behind. This is where CCleaner may come into place and find them and have them cleaned.

Revo Uninstaller: http://www.revouninstaller.com/index.html

Make sure UAC (User Account Control) is enabled. The default settings are good for use. Next time you try to open a program and get a UAC alert on your screen asking if you want to run it as Administrator, make sure you know what the program is before allowng it. The amount of people who complain about UAC not being good because they decided to allow a program to run with Administrative rights which was new to them which then turned out to be malicious software... The security features can only do what they are programmed to do. The user still needs to do his work by doing research on new programs before giving them administrative permission on the system.

Before you allow a program to run with Administrative rights, check if it's digitally signed. I am not saying to just allow any program which is digitally signed.

If Microsoft SmartScreen is on your system (for example Windows 8) make sure to keep it enabled.

No matter what people may tell you, UAC and SmartScreen are GOOD features and they do WORK.

Make sure to keep all your software up-to-date as much as possible. If you see a update, get it done. Don't think "Later" because by later you may have already been affected by a exploit which was not caught which was pathced up in the update you decided not to install...

With that in mind, always keep Windows up-to-date. Should you ever have a bad, faulty update (which has happened in the past), you have a backup solution for a reason. It's not just in case of malware infections, but for a case where anything bad goes wrong. You don't have to install "optional" updates, but the security updates I recommend you always install. If you are paranoid about faulty updates, you can have Windows download the updates but not install them, allowing you to wait a few days and wait for any bad news for the updates before allowing them to install.

On top of everything mentioned above, if you are using a browser which offers security, then make sure it's enabled!

If you are a very advanced user, then you could use Windows Defender/MSE with Windows Firewall and be fine... Please do not just assume you are an "advanced" user because you know how to do something like show hidden files on your disk or think you know what you are doing. I have seen many people who have thought this and then become infected by something as bad as ransomware, and then lost all their files since they didn't make a backup (because they felt so confident they'd be fine).

Make sure not to use 2 Antivirus programs at the same time. They can cause system slowdowns, or in the worst cases even detect each other (although whitelisting should fix the detection issue). Multiple Antivirus software is not required, either.

Just remember, no Antivirus can protect you. It's down to you just as much. Think before you visit a website, think before you download and run a new program... If you are click happy and run anything then you're bound to become infected sooner or later. I know people who haven't used any secuirty products like Antivirus/Internet security for years and haven't ran into any issues.

Please note that depending on your hardware (RAM for example) may limit what you can use on your system.

Always remember that any change you make on your system is up-to-you. If you do not want to use something (let's say somebody suggested something), then of course you do not have too. Just remember that we are here to help you!

You could have the most minimal setup and never become infected. You could have the most minimal setup and become infected. Or you can stay infection-free with the most advanced setup or even become infected with that.


After reading this this thread, I recommend reading some comments since other members may give their suggestions for you below.

Cheers. ;)

EDIT: Added note about WOT, fixed grammar mistake and removed EAM compatibility opinion.
 
Last edited by a moderator:

Alexstrasza

Level 4
Verified
Mar 18, 2015
151
The only part where I'll disagree with you is the fact that Emsisoft AM can run alongside other AVs and AMs, and there is actually no problem at all. It's one of the favorite AM software in my neck of the woods (alongside MBAM), and is commonly installed with other AVs and AMs.

For browser extensions, consider adding HTTPS Everywhere (force encryption of contents) and Ghostery (blocks tracking) if you need privacy.

Otherwise good work.
 
  • Like
Reactions: DardiM
D

Deleted member 21043

Thread author
The only part where I'll disagree with you is the fact that Emsisoft AM can run alongside other AVs and AMs, and there is actually no problem at all. It's one of the favorite AM software in my neck of the woods (alongside MBAM), and is commonly installed with other AVs and AMs.

For browser extensions, consider adding HTTPS Everywhere (force encryption of contents) and Ghostery (blocks tracking) if you need privacy.

Otherwise good work.
I said it can run alongside, but I don't personally think it's really necessary. But I will edit out the part about using Emsisoft. It's compatible, it was made to be compatible, however it's an opinion as to whether it's a good idea to use it alongside another AV or not (since using EAM means more memory consumption, and some systems it would be a bad idea if they had low memory and a bad CPU (since then if they had real-time enabled on both it would result in more CPU usage for the scanning on file creations, modifications, accesses,...)).

HTTPS Everywhere was a suggestion in the thread already?

Cheers. ;)

EDIT: Edited out the note about Emsisoft.
 
Last edited by a moderator:

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
If Qihoo's ethics [which differs from one to another] are what is to be judged rather than the product itself, the same goes for Avast with the issues it had in the past about spying by it's extension. Google Chrome is being recommended by many other softwares but that doesn't make it any less trustworthy.

It's sad to see about people not being optimistic about a product that has achieved its popularity by not having a upgradable payware version, not bundling any kind of adware, extremely good performance by including multi-antivirus engines, and a lot of promotions [I'm not sure how that was a bad thing in the first place], but rather they would like to be pessimistic by thinking that "Something is happening *Under the Hood* that's making it popular and increase it's assets".

Personally i would prefer and recommend a free antivirus that doesn't bundle adware for the newbies and is *completely freeware*. Very very few free antiviruses does this.
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
What we have in "common": MBAM and CCleaner
 

Harish_Shan23

Level 1
Verified
May 12, 2015
19
Adguard is also an alternative to uBlock. It is available for Chrome, Firefox, Safari and Yandex Browser. There is also an Adguard assistant extension which integrates WOT into it. Take a look at it...........:)
 
D

Deleted member 2913

Thread author
Adguard comparison mention ads blocking limited due to browser capabilities for Adguard extension?
Whats missing here?

How does Adguard extension compare to Adblock Plus?
 

Bryan J

Level 1
Verified
May 17, 2015
22
Hi everyone,
Make sure to keep all your software up-to-date as much as possible. If you see a update, get it done. Don't think "Later" because by later you may have already been affected by a exploit which was not caught which was pathced up in the update you decided not to install...

.

THIS suggestion is of utmost importance imo. I personally use File Hippo's App Manager. But a lot of people recommened SUMO as well.

Great info kram7750
 
  • Like
Reactions: DardiM

russ0408

Level 5
Verified
Well-known
Jul 28, 2013
234
If Qihoo's ethics [which differs from one to another] are what is to be judged rather than the product itself, the same goes for Avast with the issues it had in the past about spying by it's extension. Google Chrome is being recommended by many other softwares but that doesn't make it any less trustworthy.

It's sad to see about people not being optimistic about a product that has achieved its popularity by not having a upgradable payware version, not bundling any kind of adware, extremely good performance by including multi-antivirus engines, and a lot of promotions [I'm not sure how that was a bad thing in the first place], but rather they would like to be pessimistic by thinking that "Something is happening *Under the Hood* that's making it popular and increase it's assets".

Personally i would prefer and recommend a free antivirus that doesn't bundle adware for the newbies and is *completely freeware*. Very very few free antiviruses does this.
If Qihoo's ethics [which differs from one to another] are what is to be judged rather than the product itself, the same goes for Avast with the issues it had in the past about spying by it's extension. Google Chrome is being recommended by many other softwares but that doesn't make it any less trustworthy.

It's sad to see about people not being optimistic about a product that has achieved its popularity by not having a upgradable payware version, not bundling any kind of adware, extremely good performance by including multi-antivirus engines, and a lot of promotions [I'm not sure how that was a bad thing in the first place], but rather they would like to be pessimistic by thinking that "Something is happening *Under the Hood* that's making it popular and increase it's assets".

Personally i would prefer and recommend a free antivirus that doesn't bundle adware for the newbies and is *completely freeware*. Very very few free antiviruses does this.
So true jackuars. I'm using Qihoo's Security Essential and Voodooshield and so far it's working great together. You can say what you want about what they did with the testing companies, but I've been looking through all the malware posts you all have been posting and all the ones Qihoo has been included in, the malware has been detected. So you can all say what you want about Qihoo it's a very good antivirus and it's free.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top