New to Windows, need advice on 7x64 security

Keep this bookmark:
http://kb2.adobe.com/cps/155/tn_15507.html

This will tell you just by visiting the page which version of flash you have installed. Near the bottom of the page you can see the most recent flash version available. Compare the two numbers. If they match you're ok. If not go and get the latest flash player from Adobe's site.

About java. Go to Program Files folder and then in Java->jre6->bin and run javacpl.exe, there you'll find a tab which will allow to immediately check for updates or setup the frequency of automatic updates ( clicking Advanced )( note: these are instructions for a 32bit system, something very similar will be for your 64bit system)
OR
visit http://www.java.com/en/download/installed.jsp?detect=jre&try=1
To get the latest version visit the page http://www.java.com/en/download/

Both flash and java have autoupdate scheduled features but by default do not check that often for new versions. So better do it manually like once a week.

These two programs are really important to be updated because are the two of the most frequent ways that malware gets in your pc.

PDF-XChange is a great reader and not targeted by malware the way Adobe Reader does. I mean in many occasions is safer to use and alternative pdf reader.

Now about the whole "simple security" issue. There is no need for extra protection if you visit known and "green" web sites. A firewall and an antivirus are more than enough. My opinion...just use only an antivirus and a firewall. Combine them with the use of sandboxie while browsing and the use of a limited user account and you'll never have a problem...conditions: do not change your internet habbits, do not allow others to work with your pc, do not plug usb devices that others provided you, do not run a file that comes from untrusted sources, keep up to date your OS and software.

For sure you can also keep your current setup.

Continue reading Wilders but don't get paranoid. As long you visit only the "green" side of the web, the chances to get infected are really really limited. And if something goes wrong your antivirus will be there and sandboxie at the end of your browsing session will wipe out all the "bad". My advice...read some more things about sandboxie, it is important to configure some basic things ( it's really easy don't worry ).

Things to keep from your current setup: - All your on demand choices - OpenDNS - NAT Router - Avast
Things to add: A firewall ( I didn't really understand which one you use ) - Sandboxie
Threatfire note: If really does not interfere with your every day tasks you can leave it there, but like I've said my opinion is that for you an antivirus + firewall + sandboxie are the best choices.

 

Secuina PSI. Checks all apps are patched and have latest releases.
One stop check .

 

-http://www.youtube.com/watch?v=6vwNcNOTVzY-

 

Secunia PSI keeps statistics. If you don't mind being in their statistics then it's great to use. I don't really like others to collect data from me ( even if the collection is anonymous ).

 

Oh man, your are in trouble, let me tell you...

 

If you're on Ultimate, you should use AppLocker. Sandboxie would be a great idea as well. Personally, I would use Chrome over IE8, but either is fine as long as it is sandboxed. You can try LinkExtend for Chrome as well, it will poll data from 7 separate sources, including WoT as well as automated crawlers to inform you of a site's safety. WoT is useful, but I prefer a second opinion given that it is entirely community based.

I would use a Classical HIPS over Threatfire if I was in your place. However, if you don't want to deal with popups and configuring a HIPS or do not understand the alerts, Threatfire is an excellent choice for a BB.

Sandboxie is quite simple to use though and powerful. If you take away one thing from this post, let it be my recommendation that you give Sandboxie a try.

 

Do you mean AppLocker?

I think AppArmor is for linux.

 

Right you are my friend, shows you which OS I'm spending more time with right now. Thanks.

 

If that's what Ravi meant by a gf, best of luck to him, there won't be much left of the guy.

 

Thanks snowdrift, that's reassuring.

 

Your opinion man! Respected but not welcomed. You did not respect mine. Since you just drop a phrase and you don't explain it, using irony, sarcasm or your type of humour, man...just ignore me next time, because this is what I'll do to you...man.

 

Thanks, NoIos. I've saved the flash bookmark, I'll keep flash and java up-to-date.

I will keep your advice in mind. No one else will use this computer or my flashdrive.

I am using the Windows 7 firewall. Took Threatfire off, and am trying MSE, feeling some confidence after everyone's comments that I can lighten the security up a bit (while using the built-in security of the OS such as DEP).

 

I'm surprised it didn't cause any problems for you. Recently I thought I might try to give it a spin again - well... DaemonTools still broken with it (ridiculous, been reported ages ago), huge delay on reboot, the tray icon basically never showing (even after manually fixing their broken registry autostart entry which keeps randomly switching between no, single and double quotation marks) and beyond that it basically caused a severe malfunction of the system tray - half of the stuff was randomly missing there, it totally killed the safely remove HW icon, it's been fighting w/ Avast on startup etc.

Looking at the forums, it seems the development basically stopped. Probably Symantec will recycle the code for some of their commercial stuff and that will be the end of it.

 

I have Premium, seems I should have gotten Ultimate for AppLocker.

I've loaded Sandboxie a couple of times, and really like it, but with all the file downloading I do (trying security software, getting buildings and mods for SimCity, getting planes and scenery for X-Plane, copying nature pictures daily from Pixdaus for my desktop picture folder) that it added an extra step or two. I figured since I was only at trusted sites, Sandboxie wasn't that necessary. Also read that it wasn't as secure on 64 systems, though I'm guessing that the malware would have to be written specifically to get around Sandboxie, which doesn't seem that likely. After I am set on my security software, I might load Sandboxie again.

I tried LinkScanner on IE8, worked fine, but I noticed that it flagged a lot fewer sites as dangerous compared to WOT. In other words, if I stuck to green WOTs, I wouldn't be stumbling into a place LinkScanner would warn about. Since I want as light a setup as possible, I took it off.

Also took off Threatfire, since from the comments, my computing habits are safe enough to not need it.

 

NoIos, wasn't very clear was it, but I took it to mean that there are all sorts of ways our data is being collected on the web, and blocking one won't make much difference.

 

Sometimes it seems some of the security software can be as much of a problem as what it is trying to stop. Security alerts on a hyper-sensitive security program are an interesting issue. They can seem like an annoying bug that's only function is to pop up a window that has to be clicked.

 

Looking for the right balance, thanks for the list of what's needed. I have taken off TF, I will look into Comodo Time Machine. It's seeming like the stuff in the background (OpenDNS, NAT router, 7 firewall, DEP, LUA, UAC), along with keeping programs updated and patched, and knowing what to avoid, will cover most of the problems, and then having a restore point, copies of files, and a system image is the fail-safe solution. I put two hard drives into this computer so it would be easy to keep everything backed up.

I have tried other browsers, and settled on IE8 for 2 unexpected reasons. I would like to use Chrome, but it and Firefox would crash the system now and then when I scrolled the windows. Couldn't find a solution. And the other reason is that I have a Dell 2209WA monitor at 1680 x 1050, and the font is just too small on the browsers, even with the system fonts set higher. IE8 has the saved zoom level on the lower right, which I haven't found how to do on the other two. And from what I have read, IE8 is now pretty safe.

 

BIG WARNING! Make absolutely sure you have a full drive image before installing Comodo. It's incredibly intrusive, almost impossible to uninstall cleanly and destroyed quite a couple of people's boxes already.

 

Thanks for the big warning, Doktornotor, I won't be looking into Comodo Time Machine.

 

Yep, some have troubles with CTM. Big troubles.
I always have a HDD image around if things go hairy.

 

Well, I have to agree and I admit that I've over reacted with anothermack. I'm sorry for that but it happens sometimes.

Now about the collection of data. There is a huge difference between the collection of data via browser, tracking cookies etc. and the collection of data directly on the machine. At least this is my view. In any case I try to make harder for the others to collect data from me. I think I have the right to handle this the way I believe better and say my opinion about it.

Anyway, I repeat that I have reacted not properly.

 

How to enable Structured Exception Handling Overwrite Protection (SEHOP) in Windows

 

Yeah, I wish I had AppLocker as well. Not enough to shell out for Ultimate though. Shame that MS restricts this feature.

Personally, I browse like you do - only trusted sites. However, with ads being a prominent means of malware spread, trusted sites can't be trusted to not unknowingly attack you. There is of course always the chance of a compromise of the site itself, and the injection of malware into the site.

For example, earlier this month 3 US Treasury sites were hacked and served malware to visitors:
http://www.computerworld.com/s/article/9176278/US_Treasury_Web_sites_hacked_serving_malware

Sandboxie or a properly configured classical HIPS would have prevented compromise of your system in this case. A classical HIPS would actually be less intrusive in the case of downloads compared to Sandboxie - Comodo, for example, would only prompt if the download was an executable of some sort. If it does, just click allow. As opposed to sandboxie, requiring you to recover no matter what. You could even set up a rule allowing your browser to write to your downloads folder and not be prompted on downloads. But, of course, your HIPS would prompt if your browser downloaded an executable and then attempted to execute it, in the case of a typical drive by download.

You really only need to spend time configuring your HIPS with untrusted applications or applications that handle untrusted data. So, web browsers and multiplayer games in your case. You can easily, in Comodo at least, mark an application as trusted and not be bothered by it.

Linkextend marks a site as medium risk if one of the 7 sources marks it as high risk or 2 sources mark it as medium, with any more being marked as high risk. 1 medium risk rating is ignored.

Site hosting malware caught by Norton SafeWeb but with a green WoT:

http://safeweb.norton.com/report/show?url=oldversion.com

http://www.mywot.com/en/scorecard/oldversion.com

Of course, if you clicked through to the WoT, you'd know something was up. But how often do you do that? However, both WoT and LinkExtend simply compliment your common sense. Honestly, WoT is probably enough.

The only remaining concern for your setup is a compromised, trusted website exploiting a zero day. The odds are extremely low, of course, of this happening to you. Yet it can be fairly easily mitigated with a classical HIPS. It all depends on how much effort you want to spend on such a low risk.

 

Yeah, it happens sometimes, to all of us. Thanks for keeping things straight with the follow-up.

 

I looked at it, MrBrian, and the steps for 64 were over my head. I'll come back to it when I know more what I am doing with Windows.