Noblifias Basic Config

noblifias

Level 1
Thread author
Verified
Oct 16, 2014
26
So obviously, I have a lot to learn. Anti-malware softwares are new to me and only since being infected by a malware was the reason I came upon MalwareTips.

First of all sorry if my "config" is more empty compared to others that I have read. It's just that the amount of information on everyone's post could be overwhelming at times and I decided to post a thread here if anyone could give me the essentials that I need to be fully protected.

Thanks in advance.
 

Oxygen

Level 44
Verified
Feb 23, 2014
3,323
I'll be helping make your configuration better.

Here at MalwareTips you will learn mostly everything you need to know about staying safe online. If you ever need help you can simply create a new thread in the correct section and I or some of our other high quality members will try our best to solve your issue.

Please be aware that no antivirus can detect 100% of viruses as millions are created everyday and with that said, you simply can't rely on it to protect you from every threat that comes your way.
 
Last edited:

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
I'll be helping make your configuration better.


Other than that your configuration is pretty good.



Here at MalwareTips you will learn mostly everything you need to know about staying safe online.
To complete a little what @Fedora has replied, here are a little more details about each layer:



1. Real-Time Protection:
I would also suggest that you install Avast Free Antivirus, and tweak it with the following settings:

1.Enable PUP Detection:
A PUP (potentially unwanted program) is a program that may be unwanted, such as spyware, despite the possibility that users consented to download it. This usually includes: toolbars, browser hijackers or adware (ad-supported software)
  1. Open Avast, click on Settings, then on Active Protection and click on the gear next to the Files System.
  2. In the "Sensitivity", select "Scan for potentially unwanted software (PUPs)".
2-jpg.7181

Next, you will need to do the same for the Web Shield so lets do it.
Click on Settings, then on Active Protection and click on the gear next to the Web Shield. Then select Sensitivity and check "Scan for potentially unwanted software (PUPs)".

2. Enable Warn when downloading files with poor reputation.
In the Web Shield field, you can enable "Warn when downloading files with poor reputation", and it does what it says.. it will warn you when you are downloading a file with a low reputation...
To enable it, click on Settings, then on Active Protection and click on the gear next to the Files System. Then select Web Shield and check Warn when downloading files with poor reputation..
1-jpg.7180



3. Enable Hardened Mode (OPTIONAL)
Hardened Mode is designed to make protection tougher without interfering with the computer usage much.
avast! by default checks suspicious files with DeepScreen within virtual environment to see how they behave. But if you use Hardened Mode, it starts to behave a bit differently.

Hardened Mode: Moderate (Recommended)
Under normal conditions, if avast! decides that some file is too suspicious by various characteristics, it then throws it into the DeepScren for further scanning. But if Moderate Hardened Mode is enabled, avast! automatically blocks files that are detected as suspicious by preliminary analysis.
In most cases DeepScreen checks the file and if it doesn't find obvious malicious problems with it, those files are started automatically after analysis. But Hardened Mode (Moderate) blocks it right there.

Hardened Mode Agressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users. Usually some very specialized programs used by only few users.
Moderate mode often feels a bit too paranoid (despite its name) because it often blocks safe programs just because they exhibit local suspicious file characteristics that are basically ignored by the Aggressive mode.

To enable Avast's Hardened mode to go:
Open Avast, click on Settings, then on Antivirus and check "Enable Hardened Mode", then put a check-mark on Aggressive or Moderated as you wish. Again, I would adivse you to go for the "Moderate" settings as are less intrusive.
1-jpg.7700



2. Browser Protection:
uBlock - https://chrome.google.com/webstore/detail/µblock/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
You need an adblocker becauser apart from the simple fact that most ads are annoying, some of them might even lead you to adware or potentially unwanted programs. This add-on will block all the ads from a web page, making it look very clean and neat!

WOT (Web of Trust): https://addons.mozilla.org/en-US/firefox/addon/wot-safe-browsing-tool/
To help you avoid malicious sites you can use Web of Trust (WOT) a website rating browser plugin. After you add it to your browser make sure you only visit websites rated "Green" by WOT. Here is how it works:




3. Virtualization:
A virtualization software will allow you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the Web browser will be completely contained within the virtual environment, preventing any damage to your computer.
A sandbox can also be used to run any other applications which you think may be suspect - you can run the program inside the sandbox to determine whether or not it is safe while remaining completely protected against any malicious actions that it may try to carry out.
I strongly advise you to install Sandboxie and use it for when you're browsing the Internet or running shady or unknown programs. Sandboxie (Free/Paid) - link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.



Always run suspicious of freshly downloaded files in a Sandboxie to verify that he download isn't compromised! Sandboxie will replicate perfectly your operating system so all the files should run without any problems in it.
If you learn how to properly use Sandboxie, then you really decrease your chances of gettings an infection, I'm always running my web browser sandbox just to be on the safe side.....

4. On-demand scanners
An on-demand scanners is a type of antivirus program that actively scans your computer for malware only when prompted to do so by the computer user, or by scheduling it as a time-specific task. Unlike a traditional antivirus, an on-demand scanner will NOT protect your computer in Real-Time.

Malwarebytes Anti-Malware and HitmanPro are two of the most known and used on-demand scanners. It's a good idea to have them installed on your machine, and perform regular scans with these anti-malware software.

Hitman Pro - Link
An on-demand scanner using multiple anti-malware engines and cloud technology. It offers unlimited free scanning but once you use it to remove detected malware it switches to a 30-day trial version. I recommend using it after you've scanned your hard-drive with the other products you have installed
Malwarebytes Anti-Malware Free - Link
This product utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.

5. Tips from MalwareTips to keep your computer clean
The single biggest factor in preventing a malware infection on your PC is YOU.
You don’t need expert knowledge or special training.You just need vigilance to avoid downloading and installing anything you do not understand or trust, no matter how tempting might be!

Below you can read , some tips on how to easily avoid a computer infection.Follow them and we can guarantee, that you’ll never have to deal with an infected PC.

1. Avoid running programs that where downloaded from a untrustworthy source or don’t have a digital signature.
Before clicking the ‘Run‘ button make sure you know what the program is and always keep in mind from where you got it.



Everyone has seen this type of alert however most of the user for a reason or another, decide to ignore it and allow the file to run without any kind of restriction.

Files that don’t have a digital signature or were downloaded from a unknown source should always be treated as dangerous.

I strongly recommend that you check each file before allowing it to run :

  1. Scan it with your antivirus.
  2. Scan it with an on-demad scanner (programs that you can install on your computer and use them only for scans) like HitmanPro and Malwarebytes Anti-Malware.
  3. Submit the file to virustotal.com, a site which will scan your program with the 43 known antivirus engines.
Even so it’s strongly recommended that you run the file in a virtual environment like Sandboxie.

2.Avoid keygens,cracks and other warez
Keygen , cracks and patches are the most common ways of getting your PC infected.
I strongly advise you to avoid them, as there is little quality control in the world of illegal software, and it is easy for an attacker to name a piece of malware after a popular movie, album, or program to tempt you into downloading it.



3. Download files only from trusted sources.
You can drastically reduce the risk of an infection by knowing what and from where you are downloading a file.
We recommend that you install a site advisor like Web of Trust or Norton Safe Web, which will help you decide if the site is trustworthy or not.

As a general rule it’s recommended that you download files from known and reputable sites that have confirmed that the download is malware free.
If you are unsure about the quality of a download, leave the site and research the software you are being asked to install. If it is OK, you can always come back to site and install it. If it is not OK, you will avoid a malware headache.

4. Use common sense while online
Finding something on the internet does not guarantee that it is true. Anyone can publish information online, so before accepting a statement as fact or taking action, verify that the source is reliable.
If it’s sounds to good to be truth then most likely is!
You’ll not win the lottery and you’ll not get an amazing prize on the Internet so don’t fall for this type of scams.
Ignore emails or websites who promise you a great prize as there is always a catch behind this type of promises.
Completing a survey will not grant you a iPhone or 1000$ instead it will give the cyber criminals your personal details.

5. Keep your computer up-to-date and secure
Always update your OS or software when an update is available as this can greatly reduce the chances of an exploit.
Also keep in mind that a simple antivirus engine doesn’t do the job anymore, you need to have a layered system protection as malware threats are constantly changing and improving thus making the antivirus engine obsolete.
An antivirus engine, firewall , host intrusion prevention system, a site advisor and sandbox are security layers which every computer needs to be safe in today’s world.
You can build up your malware defenses with our help by starting a thread in our Security Configuration Wizard forum.
Another common mistake made by Windows users is to disable the User Account Control.
The way Microsoft found to keep security, comfort and function in balance by integrating User Account Control (UAC) that seamlessly, is one of the benefits Windows 7 offers.When using a Limited/Standard User Account , your user profile might still getting compromised, but not Windows 7 basic operating system in the background. Even your profile got hit, all your pictures, MP3 files or documents can be restored easily by logging in to another account that is not yet compromised.

I strongly advise you to let this Windows feature enabled and pay a very close attention to this pop-ups , as this could save your PC from an infection.

Other Quick Security Tips :
    • Uninstall Java if you don’t really need it as this is one of the most exploited programs.
    • Use complex passwords for you online accounts – Passwords should be a minimum of eight characters and contain a combination of letters (uppercase/lowercase), numbers, and special symbols (!,@, #, &, %,*)
    • Do not open email attachments from unknown sources or files sent through an instant messenger
    • Don’t give out your details to people who don’t have a legitimate need to know them.
    • While on social networks it’s best to be reserved when allowing people to see your profile or updates.


Welcome... That's it for now.. I'm waiting for you reply for more.. :p
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Hello noblifias. Thank you for joining, and thank you for sharing your configuration.

Believe me, you've nothing to be sorry for by having a light system!:p Windows Defender together with Windows Firewall and UAC set at default while you practice using your own common sense (considering where you click & what you install) are good protections until you decide to change to another AV.
That said, I agree with every one of @Fedora 's recommendations.:cool: I just didn't type fast enough, and he has some nice links!!:D
After four months using Defender, I deactivated it and I am now an Avast! user,:) though I continue to use Windows Firewall.;)

The makers of malwarebytes Anti-Malware also offer a free Anti-Exploit to protect your browsers & apps. from this vulnerability.
https://www.malwarebytes.org/antiexploit/

  • Finally, Activate Chrome's third party cookie blocker:
  1. Choose settings, then scroll down to "Show advanced settings"
  2. Beneath "Privacy" <click> "Content Settings" button
  3. Check the box beside "Block third-party cookies and site data" :)
Update: @Jack 's tips sure come in handy too, I followed them myself!!:D

Edit: noblifias, I thought I should mention something about that app. represented (below) by the big banner that looks like a kite!:p Think of Sandboxie as your Chrome browser wearing gloves. I browse with it almost all the time. Changes conducted while in a sandbox are only temporary (They last only until the sandbox is deleted) and is a good way to test drive extensions before deciding which you'll wish to keep permanently. Remember, changes and updates you do wish to keep (like security patches for Chrome) must be done outside the protection of a sandbox. If you've any confusion about anything "Sandboxie", don't hesitate to ask.
 
Last edited:
  • Like
Reactions: Adhit Prakosho

noblifias

Level 1
Thread author
Verified
Oct 16, 2014
26
Hello, Fedora and Jack!

Thank you so much for your replies. I am learning so many things to day.

Just some points of clarifications:

1. Avast - This is going to replace my Windows Defender, yes? Also I understand that having multiple antivirus running side by side is a bad thing. So once I have Avast, I should disable Windows Defender immediately.

2. Ublock and Web of Trust - Ok, so these are add-ons that go to Chrome.

3. Sandboxie - I am totally new to this and will have to read up more on it. But if i understand it correctly, is it like running Chrome inside the Sandboxie environment? You still browse normally but in a more secured and safe environment.

4. Hitman Pro and Malwarebytes - I should have both? They won't conflict one another?

5. Yes, I totally agree. I encountered a gosave that TwinHeadedEagle is helping me out with. It was part negligence and part ignorance on my end.
 
  • Like
Reactions: Cats-4_Owners-2

noblifias

Level 1
Thread author
Verified
Oct 16, 2014
26
Hello @Cats-4_Owners-2 ! And thank you for your reply. Some of the other configs that I've read were intimidating, I had no idea what sofware and add-ons they had on their machine.

This forum is a major help.
 
  • Like
Reactions: Cats-4_Owners-2

Oxygen

Level 44
Verified
Feb 23, 2014
3,323
Hello, Fedora and Jack!

Thank you so much for your replies. I am learning so many things to day.

Just some points of clarifications:

1. Avast - This is going to replace my Windows Defender, yes? Also I understand that having multiple antivirus running side by side is a bad thing. So once I have Avast, I should disable Windows Defender immediately.


2. Ublock and Web of Trust - Ok, so these are add-ons that go to Chrome.

3. Sandboxie - I am totally new to this and will have to read up more on it. But if i understand it correctly, is it like running Chrome inside the Sandboxie environment? You still browse normally but in a more secured and safe environment.
4. Hitman Pro and Malwarebytes - I should have both? They won't conflict one another?

5. Yes, I totally agree. I encountered a gosave that TwinHeadedEagle is helping me out with. It was part negligence and part ignorance on my end.


I'm going to reply to this post in order


1. Once you install another antivirus on the system Windows Defender will automatically disable itself.

2. Both extensions are for chrome, and are a must have.

3. Running anything while in sandboxie prevents any changes a program may make on your computer.
  • Example : I see this program that is a .exe file and I want to see what it does, well I can just run that in sandboxie and see what exactly it does without it making any harmful changes to my PC.

4. They shouldn't conflict as they are on-demand and provide no real-time protection. Malwarebytes Premium provides real-time protection, but it shouldn't conflict with Hitman Pro as it is still On-demand.
 
  • Like
Reactions: noblifias

jackuars

Level 28
Verified
Top Poster
Well-known
Jul 2, 2014
1,717
Seems like you're a newbie, I'm not sure if Hardened mode should be enabled by default like Jack mentioned.
 

jackuars

Level 28
Verified
Top Poster
Well-known
Jul 2, 2014
1,717
Please explain why it shouldn't be enabled, I myself would like to know why.

Enabling Deep Screen is fine, but Hardened mode auto-blocks by default. It can be very frustrating for newbie users, as if it's like you're recommending Comodo for the beginner users.

And more especially, Avast had received so many false positives and a low rating for file detection in the latest review at AV-Comparitives.
http://malwaretips.com/threads/av-comparatives-file-detection-tests-for-september-2014.35196/

Hence enabling Hardened mode is suicidal if you're a beginner user.
 

noblifias

Level 1
Thread author
Verified
Oct 16, 2014
26
@jackuars it seems avast keeps on alerting me that a threat has been detected. Something with a "mygreatfiles" and a "operationsfiles" url.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top