Basic security for average users?

[mal1]

I'm new to the whole security world, and I barely know the difference between worms and Trojans. I saw a similar topic from September but it was more pro-oriented.
Currently I have 3 AVs on my device, I know it's wrong from both security and performance points of view. So apart from a good real-time AV, what would you install on an average user's device? Firewall, Sandbox, on-demand antimalware (MBAM or Emsisoft), MBAE, Bitdefender USB, ("HIPS" keeps coming up in conversations here, I have no idea what this means)...? And when professionals here talk about adblock, do they mean the browser extension or something else?
In a descending order, every internet user should have: (and please don't say just Microsoft security essentials and Windows firewall)
Real-time AV
On-demand antimalware
and then what?

 

[OneDay]

Well, it's a difficult topic actually. Take a look at these threads below to have a clearer image.
For an average user, sandboxes and HIPS are a no-go. They need quite some configuration and proper knowledge to respond to alerts.
Windows Firewall would me more than enough for protecting your network from inbound connections.
A simple free AV would be good for real-time protection (like Avast or Avira) or even Windows Defender that's built-in from W8 onwards. Some anti-exploit protection would be a good addtion, but chances to stumble upon something like that are almost non-existent.
Adblock refers to what you mentioned in your post. Exactly.
Now, a couple on-demand scanners (MBAM, HMP, EEK) would complete the puzzle.
But all of the above would be worthless, if not accompanied by common sense and safe browsing habits.

 

[SloppyMcFloppy]

For me average users like me. All you need is one real time antivirus + 1 real time anti exploit. Simple as that, and other tools such as MBAM, HitmanPro, ESET Online Scanner, and others can be use as on demand scanner. But i usually runs them when i suspect my computer to be infected. If not, then run full scan with my real time antivirus is good enough, maybe threat scan with MBAM to give me more confidence.

 

[kev216]

First of all: 3 AVs on your computer . Basic rule number 1: One is more than enough, because they can conflict with each other and cause problems. For a good antivirus, I personnaly would recommend ESET, Bitdefender, Kaspersky or Norton. If you want a free AV, then Avast or Comodo are the best choices. Also note that when you use a so called 'cloud av' such as the free version of Panda, it can be the case that you are not fully protected or you can not acces the full database when you perform a scan when you are not connected to the internet. The positive thing about them is that every second, you get immediately the newest definitions in real-time. Most of the today's security products have both the offline database and the cloud though.
When you buy an internet security suite, then you have AV(antivirus) and Firewall both in one package. If you go for the free ones, then I recommend installing a free firewall such as Comodo firewall or Private firewall.
If you don't do dangerous things and you know what you do on your pc, you don't need a sandbox. This piece of software runs programs in an isolated area and so they don't make any changes on your system. If you try programs that are maybe risky, you can use a sandbox, like Sandboxie. Sometimes there is already a sandbox built in your security suite, for example, when you use Comodo or the paid version of Avast.
Apart from this basic layer of protection, you can always scan your pc with so called on-demand or second opion scanners, such as Malwarebytes (free version is already enough) and Emsisoft Emergency kit, which you both mentioned in your post. Other good ones are Herdprotect (which uses about every antivirus database there is in the world) or Hitman Pro (only free for one scan, after that you have to pay for it). Use these programs, when you want to be sure that there is no malware on your computer, but off course you don't have to do that everyday . When you have just one file that you want to scan with lots of engines, you can also upload it to a site called Virustotal to scan it. You can also use that site to scan links.
Next one you mentioned was HIPS. It stands for Host Intrusion Prevention System. Basically it is commonly part of a firewall and it prevents unauthorized sources to make changes on your system. For example, when a program tries to modify something that is important on your system (startup related things or strange registry changes for example) it will alert you when the action is suspicious. You can find more about it here.
When we mention an adblocker here, we mean indeed the browser extension. Recently there were alerts that ads can even be suspicious and infect your system (malvertising). Also on some download sites, it can be sometimes a bit difficult to find the right download button (on Cnet for example), and to prevent you from dowloading what is called 'adware' by clicking on, for example, some 'download now' Ads, I would definitely recommend using an Adblocker.
There are lots of different Adblockers these days. Adblock plus is probably the most well known one, but there are some people who can't stand that they whitelist some websites who pay to not block their ads. Other ones are µblock, ghostery etc, but I prefer Adguard.
The extensions can be installed on the popular browsers, such as Google Chrome and Firefox (Microsoft Edge has no extension support, but they are working on it), but you can also check other ones, who are maybe for a newbie not that well known, such as Opera, Maxthon, Palemoon or Vivaldi, which also have these extensions available. Don't be afraid to check them out, they are safe .
To help you further, please post your security config in the config share section on the forum here, so that other experts can give you feedback of your security config and give you some more tips based on what you have on your computer. You told here a bit in a 'vague' way what kind of security software you exactly have on your system right now, so if you share it by creating a new threat there, we can help you based on your current config.
To sum up: you need a good av with a firewall (built in the suite or a separate product), a good adblocker if you prefer an ad-free internet (and as I already said an extra layer of protection keeping you away from at first sight 'attractive' software but is in fact just 'adware' or other useless crap), keep your software up-to-date (very important, so that bugs and security patches can be solved and applied on your system), use a second opinion scanner when you think there might be something suspicious on your system BUT the most important one is what we call the 'Common Sense security suite': Be careful on the web, don't install software you are not sure about (or use a sandbox when you have to), don't click on everything you see, just visit and click only on sites you trust.
With this 'survival guide' you should have enough 'armor' to stay safe and to get a malware free life!
To learn more, stay active here in te forums. This is the right place to do so!

 

[mal1]

@kev216 They are only 2 AVs now (Avast and MSE), I had to delete Avira and I kinda regret it, tests and forums seem to favor some AVs like Avast and Bitdefender, so I thought I should keep Avast. As a matter of fact, I'm on this forum because of an Avast detection that might well be a FP.
I don't do dangerous things online, but sometimes I have to download stuff on mediafire, 2/4shared and mega.co.nz (I've never used torrent, for ethical and mostly security reasons).
Google safe browsing diagnostics say some malicious files were found on these websites, this is my main worry.

 

[Kate_L]

Beside your AV / Firewall, HitmanPro.Alert & Unchecky is a must. Also, use an AD-Blocker.

 

[RmG152]

Adblocker like uBlock.
Any antivirus (on w 8.1 and 10 Windows Defender is enough), but only one, and configure to auto-action.
Comodo firewall with @cruelsister nopopups config

 

[mal1]

I'm confused as to,
Windows 7 service pack 1 firewall vs. Comodo firewall
Sandboxie? (probably not)
Malwarebytes anti-exploit? (probably yes)
USB protection?

And Thanks again @kev216 security configuration wizard section sounds really helpful, I just shared my configuration there

 

[SloppyMcFloppy]

I'm confused as to,
Windows 7 service pack 1 firewall vs. Comodo firewall
Sandboxie? (probably not)
Malwarebytes anti-exploit? (probably yes)
USB protection?

And Thanks again @kev216 security configuration wizard section sounds really helpful, I just shared my configuration there

Windows Firewall is all you needs for basic every days use really. It does do its job of blocking unknown applications.

 

[Kuttz]

A simple configuration but effective can be Avira free + Comodo Firewall Auto sandbox enabled (HIPS Disabled) + Malwarebytes Anti-Exploit free works really great without much complexity

 

[hjlbx]

@mal1

Do you want paid or free ?

 

[mal1]

@hjlbx

Free of course

@kuttan

So you think Avira free is better than Avast free? I just deleted Avira free a few hours ago and kept Avast free. I knew neither of them had a clear edge over the other.

 

[hjlbx]

@hjlbx

Free of course

Then with your level of experience and IT knowledge, I'd strongly suggest taking a look at Qihoo first. Try it out on your specific system and see if it works both on your system and for you personally.

Comodo will provide good base-line protection, but be forwarned, playing with the settings can cause a lot of problems. Plus, there is a lot to learn to use it properly... trust me, it is not a smart or practical way for the novice to start out...

If Qihoo doesn't work out for you then you can look into other freeware softs...

 

[bunchuu]

for me, basic security combo will be like this:
1. Firewall (windows default/zone alarm free/comodo (without HIPS))
2. One free AV with realtime protection (Avira free/avast free/AVG free/ Panda Free)
3. Set UAC for maximum security configuration
4. Regular update for OS and critical software (browser, AV, Firewall)
5. Browser extension (ublock, bluhell firewall, https everywhere)
6. Turn off autorun feature from removable media
7. Anti exploit (MBAE)

But, don't forget swiss cheese effect, Your common sense and judgement are the ultimate protection

 

[mal1]

@hjlbx

I tried Qihoo for a while and actually liked it! Before I read some reviews here that bashed Qihoo and labelled it as untrustworthy, so I opted for other options.

 

[SloppyMcFloppy]

@hjlbx

I tried Qihoo for a while and actually liked it! Before I read some reviews here that bashed Qihoo and labelled it as untrustworthy, so I opted for other options.

I find nothing against Qihoo for real. People just stereotype or hate against Chinese antivirus company, and then put them as untrustworthy.

 

[hjlbx]

@hjlbx

I tried Qihoo for a while and actually liked it! Before I read some reviews here that bashed Qihoo and labelled it as untrustworthy, so I opted for other options.

Disregard all the bashing... Qihoo is good base-line security and should fit your specific needs... that is... if it is what you want to use.

 

[Deleted member 2913]

Basic security for average users in my opinion---

Windows Firewall
A good AV
Adblocker
Unchecky
Disable autoplay on the system
I keep all the windows security UAC, SmartScreen, etc... on default settings.

 

[kev216]

@kev216 They are only 2 AVs now (Avast and MSE), I had to delete Avira and I kinda regret it, tests and forums seem to favor some AVs like Avast and Bitdefender, so I thought I should keep Avast. As a matter of fact, I'm on this forum because of an Avast detection that might well be a FP.
I don't do dangerous things online, but sometimes I have to download stuff on mediafire, 2/4shared and mega.co.nz (I've never used torrent, for ethical and mostly security reasons).
Google safe browsing diagnostics say some malicious files were found on these websites, this is my main worry.

Don't worry I also download things on hosting sites sich as mediafire and of course not all the stuff that you can download there is bad. The AV is there to help you when it is malicious. Avira is indeed not a bad AV, but it heavily relies on signatures. They added cloud in their product a while ago, but it is still not enough imho. Avast has a database that is sometimes slightly behind Avira, but has more zero day components, such as the sandbox, evo-gen etc, so that's the reason why I recommend Avast over Avira if you stay with the free products. Bitdefender free is also not bad and is using one of the best engines in the world. It also has a very good url-blocker. The downside is that is is so simple and has no options, but I you don't care about that, you can off course use that. (I don't know if it is still maintained though, because it didn't got software updates for quite a while now). Qihoo also uses the BD and the Avira engine as far as I know, but you are pro or against it (depending on what you think about privacy issues some people told about). It's your choice, but just stick with one at the time!

I'm confused as to,
Windows 7 service pack 1 firewall vs. Comodo firewall
Sandboxie? (probably not)
Malwarebytes anti-exploit? (probably yes)
USB protection?

And Thanks again @kev216 security configuration wizard section sounds really helpful, I just shared my configuration there

Good! That is the place where the experts can help you .

Basic security for average users in my opinion---

Windows Firewall
A good AV
Adblocker
Unchecky
Disable autoplay on the system
I keep all the windows security UAC, SmartScreen, etc... on default settings.

I agree. I forgot about mentioning unchecky in my very very long post. Also Ccleaner is recommended to add to your list, but I see that it is already mentioned here and in your config threat

 

[jamescv7]

Here is the basic formula at all.

Windows Firewall + built in AV (for 8/8.1/10 of Windows) + USB protection like McShield + turn off autorun + on demand scanners

But first update all the patches available from Microsoft through Windows Update.

Actually by adding another layer will also force you to learn the configuration to make it harden which may cause time consuming.

For example: Avast Free AV, which contain some features to be little complex and need to monitor for changes.

Same goes to other products which binds to be 3rd party.

Check this comprehensive sticky thread for setup