N
NotMyRealName
Given the current state of computing security holes and malware, what are the best free and paid firewall & antivirus packages for windows? General computing/home use.
singenaadam
Level H
check out av-comparitives etc.
Paid: Kaspersky, BitDefender, Norton
Free: Avast, AVG, Avira
The lists in general haven't changed much.
You get good deals if you buy for more than 1 year and >1 machine. 3PC-#yr deals cost ~350/machine/year. Even if you have only 1 machine, you can try sell the other licenses in places like TE.
Paid: Kaspersky, BitDefender, Norton
Free: Avast, AVG, Avira
The lists in general haven't changed much.
You get good deals if you buy for more than 1 year and >1 machine. 3PC-#yr deals cost ~350/machine/year. Even if you have only 1 machine, you can try sell the other licenses in places like TE.
Its as simple as that, and if you stay away from running unwanted software and/or opening unwanted emails/files/etc you are pretty much safe.
If you are looking from a commerical POV, then I would recommend to look at Kaspersky Endpoint with their System watcher policies enabled, Sophos Intercept X, Cisco Umbrella for network security which will help mitigate most threats, but they are not 100% effective against 0day, but better than run of the mill stuff.
Oh, and keep your data backed up in Google Drive/OneDrive.
N
NotMyRealName
This is not for me really, rather the friends and relatives i'm forced to support. I basically follow safe practices and could probably spot an infected medium before any damage is done. But regular users don't really know enough.
As an example my bro's laptop was infected by a flash drive his wife brought from somewhere. It was a trojan+ransomware+password stealer combo which was actually pretty ingenious in it's simplicity. Hidden and system attrib all files and folders, then create shortcuts to all of them. Since windows 98, shortcuts don't have the 'shortcut to' prefix in the titles, just an arrow in the corner, so they don't really notice it. the shortcut exec string had something like this:
So any file or folder they open ends up executing the malware and the best part is they don't even know it. This laptop actually had some mcafee installed which didn't detect jack. It infected my bro's flash drive which he brought to my place for some work. As soon as i saw the contents (show hidden) i knew something was up and was able to just delete the damn thing. The laptop itself i cleaned out with mbam.
Now what i need is something which can positively and definitely stop these and other kinds of infections before they happen. And that a novice user doesn't need to worry about, it just should work in the background.
Not commercial, free or minimal expense like what Jambumali mentioned. OS is win7
As an example my bro's laptop was infected by a flash drive his wife brought from somewhere. It was a trojan+ransomware+password stealer combo which was actually pretty ingenious in it's simplicity. Hidden and system attrib all files and folders, then create shortcuts to all of them. Since windows 98, shortcuts don't have the 'shortcut to' prefix in the titles, just an arrow in the corner, so they don't really notice it. the shortcut exec string had something like this:
Code:
%comspec% /c "{297ef91d-52b2-7536-dcae-7a22e7d2e74d}\39104454-2448-58e6-c137-51d1d089cc3f.exe 'biodata.docx'"So any file or folder they open ends up executing the malware and the best part is they don't even know it. This laptop actually had some mcafee installed which didn't detect jack. It infected my bro's flash drive which he brought to my place for some work. As soon as i saw the contents (show hidden) i knew something was up and was able to just delete the damn thing. The laptop itself i cleaned out with mbam.
Now what i need is something which can positively and definitely stop these and other kinds of infections before they happen. And that a novice user doesn't need to worry about, it just should work in the background.
Not commercial, free or minimal expense like what Jambumali mentioned. OS is win7
k_m_Arya
Level F
I use eset nod32 it's lightweight and not intrusive. I just keep entering trial version keys found on a site every 30 days it activates all the features...
Would also highly suggest using ublock origin.
McAfee does not do jacksheet. I consider Norton, McAfee etc to be the stuff you need to forget now. Use Kaspersky, and if you can, the Endpoint editions - they are decent.
Coming to your point,
I would
Restrict Admin Acess to the laptop. Tell your brother if something asks for it, its dangerous. I have a feeling you skipped this or your bro had the password.
Enable Software Restriction Policies, which will whitelist allowed apps.
https://www.foolishit.com/cryptoprevent-malware-prevention/
Another option is to move to 10, install needed apps and then disable app install except from store.
Coming to your point,
I would
Restrict Admin Acess to the laptop. Tell your brother if something asks for it, its dangerous. I have a feeling you skipped this or your bro had the password.
Enable Software Restriction Policies, which will whitelist allowed apps.
https://www.foolishit.com/cryptoprevent-malware-prevention/
Another option is to move to 10, install needed apps and then disable app install except from store.
N
NotMyRealName
^^ 10 is not an option. Will look at kaspersky. How is comodo? their internet security package.
Hmm, i disable UAC on systems i use, but i don't think i did on the laptop. Will check. setting policies is a pita, so i haven't bothered yet, but i guess that is the only way forward. block everything. these guys have a very basic use case so i dont think they will/should even be installing any new apps.
Are you recommending CryptoPrevent in addition to a fw+av or as an alternate?
But these days i strongly feel the virus definition detection model is not enough. They keep coming out with new malware which even the heuristics cant detect. The only surefire way i know is to avoid it in the first place but there's no way i can teach all that is required to these kinds of basic users. And more than internet or email attachment vectors, the biggest pita is flash drives. Given the variety of flash based malware, i'm not sure everything can be even stopped.
Hmm, i disable UAC on systems i use, but i don't think i did on the laptop. Will check. setting policies is a pita, so i haven't bothered yet, but i guess that is the only way forward. block everything. these guys have a very basic use case so i dont think they will/should even be installing any new apps.
Are you recommending CryptoPrevent in addition to a fw+av or as an alternate?
But these days i strongly feel the virus definition detection model is not enough. They keep coming out with new malware which even the heuristics cant detect. The only surefire way i know is to avoid it in the first place but there's no way i can teach all that is required to these kinds of basic users. And more than internet or email attachment vectors, the biggest pita is flash drives. Given the variety of flash based malware, i'm not sure everything can be even stopped.
singenaadam
Level H
CryptoPrevent is an add-on. Free version needs manual updates.
Backup - encourage your friends/family to backup monthly or, whatever frequency they would need.
Backup - encourage your friends/family to backup monthly or, whatever frequency they would need.
N
NotMyRealName
Backup is not an issue. More important is personal data theft.
N
NotMyRealName
^^ one single laptop at this location. internet is via jiofi
I use pfsense, you need to look at IDS/IPS for this, it is resource hungry as well, plus how do you know it works? Rather, this is ok for a large company, that too on budget. For a better set of rules, you need to pay as well.
I would suggest to use OpenDNS which has partial Cisco Umbrella filtering rather than this. Use Windows 10, lock out admin and only allow store apps. Put SRP if needed.
singenaadam
Level H
Given the use scenario & The users profile, I wont suggest additonal stuff like pfsense.
Keep it as simple as possible.
Keep it as simple as possible.
Can't your brother use Ubuntu or some other Linux version like Mint? If the usage is just for browsing and occasionally word/spreadsheet then Linux is more than enough. Mint comes with built in firewall now days. For working on word or spreadsheet your brother can use Libre office or Google docs. Infected pen drives won't have any effects in Linux. Even updating software requires elevated privileges in Linux.
Processors are so fast now, malware infect PC in few seconds. I saw in some YT videos that the recent wanna cry malware infected a Windows 7 PC in less than 5 seconds with av turned off. With av turned on, by the time the AV caught it it had already encrypted halfway.
So if you want to stay with Windows, get an external HDD and take regular backups. And test the backups too. Backup that can't be used is useless.
Processors are so fast now, malware infect PC in few seconds. I saw in some YT videos that the recent wanna cry malware infected a Windows 7 PC in less than 5 seconds with av turned off. With av turned on, by the time the AV caught it it had already encrypted halfway.
So if you want to stay with Windows, get an external HDD and take regular backups. And test the backups too. Backup that can't be used is useless.
N
NotMyRealName
His wife has some stupid edu s/w which is windows only. And i can't be arsed to teach them linux now. Windows was hard enough as it is. These are basically the usual whatsapp and facebook app phone users who've just graduated to pcs to basically do the same thing on a bigger screen. they can barely do anything above that on their phones itself. hope you get the picture.
again, there is no need for backups. no important data at all. and i've saved a few ghost images so i can restore the OS in a flash. but i'm more concerned with password/personal info theft. which is why i need something to protect against that. and cheap/free.
again, there is no need for backups. no important data at all. and i've saved a few ghost images so i can restore the OS in a flash. but i'm more concerned with password/personal info theft. which is why i need something to protect against that. and cheap/free.
Emrebel
Level G
Check :
https://www.bleepingcomputer.com/download/windows/
It has wide range of tools for anti-malware and anti-virus.
I personally loved adwcleaner.
https://www.bleepingcomputer.com/download/windows/
It has wide range of tools for anti-malware and anti-virus.
I personally loved adwcleaner.
CapriAnupam
Level G
It depends on you.
I have been using Avast free for many years now with Windows Firewall, and haven't faced any issues.
Apart from having an antivirus, or any other security software, you do have to follow safe practices too, like not venturing to dodgy sites, or opening suspicious emails etc. Otherwise, it will be hard to save your PC for any security software.
AVG have been acquired by Avast from what I read a few days ago. AVG has improved, but I don't know how much. I would suggest Avast, or even Avira, for freeware.