Post by Envoy1
Which leaves me wondering what is a decent protection for the home
pc user days?
I do apologize in advance for this lengthy reply to your question, As
your question requires a bit of information in order to properly
answer it for you. To leave things out would be doing you an
injustice. Security is something to be taken seriously, and, I'm glad
you asked what should be done.
A layered approach, as always. Avast/Kaspersky/Nod antivirus, take
your pick. With a copy of SAS (super antispyware) resident for
additional AM protection. If you must, you can always keep
Malwarebytes as the freebie non resident backup; for a third opinion.
Also be sure to practice safer hex and teach anyone else who might
use the computer the concepts. To shorten this post, I'll cover the
general rules and provide urls containing more information on the
As you'll see, my rules are not 100% antipiracy oriented either; I
despise scare mongering tactics. I'm going to tell you straight how
to keep your machine safer, without judging whatever it is you might
be doing with it. Stick to these rules, follow my advice concerning
the software to use, you'll be okay almost all the time. This is a
quick cheat sheet style guide to protecting yourself. It's not
intended for the scope of hardening the machine itself with
1. Keep regular backups of anything important to you on the machine.
Always ensure you have viable copies of the OS, drivers, etc to
restore from in the event you need to do so. This isn't just for
malware protection, it's for the far more likely, eventual hard disk
crash you'll experience. if the data is worth keeping, it's worth
making copies of. Do not store the backups on a partition on the same
physical hard drive as the source. You may not be able to access them
in the event of a hard disk failure; as the partitions both reside on
the same physical device. A complete image stored on external media
would be a fine choice for backup purposes. I personally use and
recommend Macrium Reflect for Windows users.
2. Keep your antivirus, antimalware, browser, plugins, java, adobe,
etc, up to date. Do NOT ignore update notices on any of them; As they
all update frequently to address security issues. Occasionally,
they'll add a feature you might not want/might not even use. It's a
fair trade off for the security update work.
3. Whenever possible, Do not use an administrator level account
unless you're doing something to the machine which requires it.
Establish a restricted/normal user account as your daily account and
use that, instead. This will reduce the possible damage a malware
sample could do in the event you do encounter one that's accidently
let loose on your machine.
4. Be very careful where you surf. To help you stay away from bad
sites install a website rating browser plug-in like WOT and make sure
you only visit websites rated "Green" by the plug-in.
5. Never click on attachments you get via email unless you're
expecting the attachment. Even if it's coming from someone you know.
Email the individual back and confirm they intended to send this
attachment to you; give them the filename and the size if you have it
available to you. Always save the attachment to disk and allow your
scanners to examine it, before you attempt to open it. It also
wouldn't hurt to upload it to a site like virustotal.com either, for
6. Only download files from trusted sources. The first choice should
be the authors site, if at all possible. Followed up by your
favorite, but, dependable and reliable freeware distribution site.
completelyfreesoftware.com, snapfiles.com, softpedia.com,
7. Never install programs that friends give you on removable media
unless you have verified that they are clean by submitting them to
free web based file scanning services such as Jotti or Virus Total.
8. Never accept free toolbars, media players or other unsolicited
software offered to you by a website.
9. Don't be the first to download a new program posted to a file
sharing site. Wait for others to check it out and rate/comment on it.
Read the comments. Be *very careful* installing the software.
Whenever possible, send individual executable files to sites like
virustotal.com for another opinion; extra caution due to the nature
of the software in this case is always warranted. If you're still
unsure, it's better to delete and locate a 'safer' copy than it ever
is to chance it.
10. If you insist upon using file sharing sites for certain things;
Always be careful when doing so. Be sure to read the ratings/comments
and only download from established/well known sites. Whenever
possible, only download from known/trusted uploaders who've already
put some effort into establishing a solid reputation as a reliable
and dependable uploader. They won't intentionally put it in harms way
to send your computer malware. Piratebay for example has flags for
uploaders who have uploaded quality content which is what it was
expected to be, and, nothing more. Download from them before
downloading from any username lacking a flag.
11. When installing software, be sure you look around for boxes
checked/unchecked by default. Determine what they will do if
unchecked/checked and make sure it's what you want. Many times, you
can avoid unwanted toolbar installations, browser plugins and home
page changes just by following this rule.
Macrium reflect free (majorgeeks):
Avast Antivirus (majorgeeks):
Superantispyware (Authors site):
Malwarebytes Antimalware (Authors site):
If funds are an issue (I completely understand), you can get away
with running free Avast antivirus for AV/Some AM, and keep a copy of
Sas as well as Malwarebytes installed for on demand scanning
purposes, as both allow it without being registered. When and if
funds become available, I'd recommend purchasing a license to SAS to
activate it's resident features. Your money would be well spent on
software that has been years in the making and is a mature product
with a solid well trained team behind it.
I would not at this time, suggest you throw your hard earned money
away on Malwarebytes antimalware. Continue to use it as 3rd opinion,
on demand scanning utility only.
It is important to note, each utility is only as good as it's most
recent update. Please be sure you always ensure they have the most
recent available before doing any manual scanning with the tools.
Also, when doing a full scan, be sure you disconnect from the
internet (pull the cat5 cable, turn off wifi, whichever method of
connection you use) and disable all but the scanner you intend to
use. Run each scanner one at a time, with the others disabled for
best results. ** It's important to run them one at a time with the
both the av/am resident modules disabled while doing so.
In other words, be sure all resident modules are off AND ONLY scan
your system with one program at a time. Wait for each one to
completely finish and exit before you run the next one.
The software due to the way in which all three function under the
hood can conflict by competing with each other for file access under
some conditions. This can actually result in a potential software
application crash and or possible OS based lockup issue, depending on
the severity and type of file access failure.
If you do experience what appears to be an application lockup and/or
GUI lockup.. be patient and try waiting it out before you do
anything. SAS and MBAM do have timeouts concerning file access and
will move onto the next file in line after a certain period of time,
if at all possible.
Each could possibly detect something the others will miss and this
will always be subject to change. The actual likelyhood of you
catching something as long as you practice safer-hex that a decent AV
and SAS resident alone cannot deal with though aren't that high.
Realistically, you have a better chance of being hit by a bus AND a
dump truck in some horrific multi vehicle (yours and those) crash AND
you walk away without so much as a scratch, but, your ride is kaput.
I will continue to keep an eye on SAS and Malwarebytes and update my
opinion of both as is necessary. Sas is quick to resolve issues that
are brought to their attention, Malwarebytes doesn't seem to have
that line of thought.
I am a former Expert Malware Researcher employed by Malwarebytes
(That of Expert Malware Researcher and Antipiracy technologies) for
two or so years. As such my written statements are my opinions and
thoughts on the subject and mine alone.
Malwarebytes Corporation does not condone, approve of, nor is in any
possible way responsible for the contents of any of the posts I've
written concerning Malware and various Antimalware software,
including their own. As these are completely my opinions on the
subject I'm the only individual responsible for their content.
Questions concerning what I've written *should be* addressed towards
myself. Malwarebytes Corporation support is under absolutely no
obligation to answer any queries concerning the contents of my posts.
I've also written and maintained my own Antimalware utility known as
BugHunter. More information concerning it can be found at it's
present homepage location: http://bughunter.it-mate.co.uk/
Hmmm. I most certainly don't understand how I can access a copy of a
zip file but then not be able to unzip it so I can watch it. That
seems VERY clever!