Locust's Setup (Novice seeking serious guidance for first time)

Windows Edition
Pro
User Access Control
Always notify
Real-time security
Comodo Internet Security Free, HIPS off, all other things enabled after putting firewall in training mode for a while, basically using default settings but with high heuristics turned on
Malwarevytes Antimalware Premium (meh, lifetime license)
Malwarevytes Antiexploit Premium, all default settings (received a license for beta testing it, seems to be lifetime?)
WinAntiRansom (currently in trial period, leaning toward purchase), with all my documents and important stuff kept in C:/SafeZone
ShadowDefender (Licensed), but with C:/SafeZone not affected by Shadow Mode
Periodic malware scanners
None
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Chrome, Blur, uBlock, LastPass, Click&Clean
Maintenance tools
Click&Clean runs on Chrome exit

Locust

New Member
Thread author
Apr 1, 2016
9
Miscellaneous notes:

Daily use on non-administrator account. Daily backups to OneDrive. Unconcerned with security issues related to physical access to computer itself, hence lack of Windows password. I would consider a password on user and/or admin account if it did defend against remote threats in some way. Only built in Windows tweak that I've done is setting HOSTS file to read only, don't know enough about SRP or anything to use any of Windows tools or settings to make my computer more secure.

Might get Winpatrol, seems fiddly and hard to configure with lots of prompts that I wouldn't understand. UAC is off for the same reason, I don't feel like I'm ever going to know when to disallow anything. WinPrivacy seems useless and annoying from my trial so far, I can't get it to play nicely with Private Internet Access' client on an automated basis. On the other hand, maybe it'll get better down the road and I'll sit on the license until then.

If it isn't obvious already, I'm not super technical. Only just barely technical enough to manage the above. Which is probably more than your average person plucked from the street, but regardless, if I need something explained to me like a complete novice, don't be surprised. There are a lot of guides out there and it's pretty overwhelming. I don't mind being pointed to them, but please be sure to name a specific part of a guide if you're going to link to a big one. A lot of good reading so far, but I'm at the point where it's time for some hands on guidance. Thanks!
 

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
You definitely need to enable UAC. It is not bothersome when you consider the benefit of having it enabled.Especially for a novice user!
You should add a login password/PIN to your PC
 
D

Deleted Member 333v73x

Important:

1.) Enable UAC to at least default, if not always notify.
2.) Enable Login Password.
 

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
Im not sure if OP is a novice user, looking at his config choice. Considering SD is on, will UAC really be that relevant? Its a valid question.
 
  • Like
Reactions: shukla44 and Ink

Locust

New Member
Thread author
Apr 1, 2016
9
I knew they'd hog all the attention immediately, which is okay, I am genuinely interested in learning more about how to use UAC and user passwords effectively. But before further discussion on UAC and an account passwords continues I'm also very interested in learning about other things - assume for this purpose that I have just now turned UAC on the highest setting and am using both BitLocker and user account passwords with ludicrous password strength. I want to get the most out of what I already have before adding new things like WAR (which would be my only new purchase at this point), UAC, SRP, passwords/Hello, etc.
 
  • Like
Reactions: shukla44 and XhenEd

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Everything seems good except on those built in features on the OS to be turned out.

Well Comodo Internet Security is very powerful in the sense you need a patience for regular maintenance so no need to WinPatrol on that case.

On demand scanners are fine enough to your system like Zemana AM/Hitman Pro or MBAM; so that you can have a periodic checkup to your system.
 
  • Like
Reactions: shukla44

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
WAR will not be that important - MBAE AND MBAM will block exploits, CIS will (hopefully) block the dropped file(s) with MBAM, UAC (if you enable it) and SmartScreen may get involved and if all else fails you have Shadow Defender. If you are that worried then use Crypto Prevent, It is free and doesn't run in real-time:
Written Review - Crypto Prevent Review - UPDATED
Official website/download link:
CryptoPrevent Malware Prevention
CryptoPrevent takes the Group Policy approach. It is better if OP learns how to apply Group Policies manually since he is using the PRO edition of Windows.
Tho the CryptoPrevent is not the "Be all, End all" option by any stretch.
 

Locust

New Member
Thread author
Apr 1, 2016
9
Thanks for the good stuff so far, hope you all are enjoying your weekend.

My wife really likes some of the miscellaneous functions of WinPatrol, and has sold me on some of them too, so even though we could get by with the free version, I'm happy to support the devs and just buy it and WAR due to the generous licensing. Will probably get WinPrivacy with it, just to squat on the license in case it ever improves, I actually got fed up and uninstalled the trial. For instance, I decided to move to Office 2016 today, and during the installation process the prompts from WinPrivacy caused the installation to fail multiple times. Each time I tried reinstalling it, the process would get a little further until I finally had allowed enough things through WinPrivacy that it finally finished. So much for their "smart recognition," MS Office isn't exactly software from off the beaten path.

Regarding UAC, I'm certainly willing to turn it on, it's not particularly onerous, but before I do, I want to learn how to use it. Right now I don't feel like there's a situation where I'd know to disallow anything. Suppose 7zip or some other program that I happen to be downloading and installing happens to have been compromised in some way, and I am in fact about to open ransomware or whatever. I'm already expecting to click through a UAC prompt at this point, so it's seeming to not provide any safeguard. What's a situation where UAC is actually going to alert me to suspicious activity?

CryptoPrevent doesn't look like it'd be much use to me now that I'm throwing WAR into the mix for sure. Comodo already blocks things in whatever it considers suspicious locations, and if I could figure out how to set some broad group policies that's probably enough. I could afford it pretty easily, but any amount of money for something that superfluous seems wasteful in what already seems to be an overkill setup from comments to far. That said, I am interested in specific feedback in whether my idea of excluding C:/SafeZone from ShadowDefender is good based on my idea of making that folder my WAR safezone.
 
D

Deleted member 178

Regarding UAC, I'm certainly willing to turn it on, it's not particularly onerous, but before I do, I want to learn how to use it. Right now I don't feel like there's a situation where I'd know to disallow anything.

If you see an UAC prompt poping-up out of the blue , without you doing anything at that moment , you can be sure it is suspicious, so blocking the process is mandatory.

That said, I am interested in specific feedback in whether my idea of excluding C:/SafeZone from ShadowDefender is good based on my idea of making that folder my WAR safezone.

i won't exclude anything with SD , better save your work in the cloud before leaving Shadow Mode.
 
D

Deleted Member 333v73x

Crypto Prevent would work with other security programs.
 

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
I doubt cryptoprevent policies will have issues with WAR and WinPatrol.

I recently got my wp dust off and placed on shared system. Handy tool. As far as WAR goes despite my recent infection, after troubleshooting further it was war services not fully loaded when I performed the test. I would go with WAR over the betabuild of malwarebytes anti ransom due to a) being beta and b) WAR having more options for configuration.
 

Locust

New Member
Thread author
Apr 1, 2016
9
So I've added UAC and a PIN and am now browsing on a standard user account. However, now Private Internet Access won't run at startup, and I need to enter my administrator pin every time I run it. Is there an easy way to get it to run at startup without all the fuss? Or at least, is there a way to use firewall rules or somesuch to prevent my computer from connecting to anywhere besides PIA's servers?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top