win10 basic security setup

Discussion in 'other anti-malware software' started by topo, Jun 25, 2016.

  1. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    66
    i'm the designated IT guy for my group of retirees. bob just bought and dropped off to me, a new hp win10 laptop he wants me to setup for him.i've never used win10 so i'm asking for help.i need a set and forget security if that is possibile. i will install mbam free, unchecky, ccleaner & speccy, chrome - adblockplus, and probably go with windows defender and smart screen filter. should i use voodooshield also(i've never used it but have been reading about it)? also need to remove the mcafee trial(do i still need to run their removal tool after control panel uninstall? any advice is welcomed. thanks
     
  2. SHvFl

    SHvFl Registered Member

    Joined:
    May 7, 2015
    Posts:
    546
    Yeah Vs will be a good idea but you will need to educate the user a bit for when an alert appears. Defender on win 10 is decent so you should be fine with that. About needing anything more it depends on user pc habits. If they don't visit risky sites or download random crap you should be fine with this setup.
     
  3. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    267
    Location:
    Philippines
    I know kees/Windows Security has a native Windows 10 security set up that could prevent a lot of nasties. Feel free to ping him.

    A standard user account for everyday use should help a lot. An anti-exploit tool like EMET or MBAE is also good for protection.
     
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Replace Windows Defender with Microsoft Security Essentials, install Comodo Firewall and MBARW as well MBAE and you have pretty solid low resource protection.
     
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    2,901
    Location:
    Australia
    Yes you should use their uninstall tool.
     
  6. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    66
    he is not a downloader, but he does visit the dark side from time to time (he is the youngest in our group). years ago, windows defender only updated once in 24hr period-is it still that way?
     
  7. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    In Windows 10, Windows Defender replaces MSE and Windows 10 won't allow MSE to be installed. Windows Defender is enough of an AV for most peoples needs. It is supposed to be much more effective than MSE ever was. Windows Defender was a different beast entirely in earlier versions of Windows and MSE was an improvement but not in Windows 10.

    I don't know how often the definitions are updated but 24 hours seems fine to me. It wouldn't be that difficult to change the task scheduler to update definitions every few hours.

    That is actually a pretty good list, I would use uBlock origin instead of adblock plus. Voodoo shield is a good program but might be a bit much for some users. That is a reaction I got from a friend that I recommended it to. The other thing I would do is set up the default rules in SRP--Software Restriction Policy. Windows Defender, SRP and smart screen are all part of the OS and are quite effective, especially if you are using a standard user account.
     
  8. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    My recommendations are to use lightweight programs that don't get in the way of the user, and the less real-time protection the better. Just consider the commonly exploited programs (browser plugins, office, pdf reader) and minimise the risk.

    MBAE for the browser (disable the system tray notifications)
    EMET for everything else, e.g. Office
    Unchecky is a great idea, agreed.
    PatchMyPC or some other automated updater
    Stick with Defender as the only realtime AM.

    Instead of Voodoo shield I would just use Cryptoprevent on the default "set and forget" settings. The policies aren't 100% bulletproof but well thought out and hassle free.
    Agreed with MisterB for uBlock Origin for the browser.
    For PDF reader I would suggest SumatraPDF. It's ultra light and fast, with no scripting so it's not easily exploitable. Won't let you fill forms though, but for that I use PDFXchange (2.5, build 312.1, Feb 2015 - one of the last versions that allows typing). If that's too complicated for your friend, then I'd suggest anything but Adobe :)

    Personally I don't think a standard user account is a friendly thing to force on someone else's PC, and malware can encrypt documents and steal data just fine from LUA. As for on-demand scanners, agreed with MBAM and perhaps could use HitManPro as well.

    Overall that'll be a light system and difficult to infect outside of downloading and running something silly. You can always educate him on checking his downloads. Most exploits won't work, and trojan droppers will struggle with the policies.
     
  9. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    561
    Location:
    Baden Germany
    @topo :
    With no personal experience on WIN10, You should ask yourself twice, if You are the right guy for this job.
    Expect to be Bob's 24/7 helpline..., and install a remote software, like Teamviewer, or AnyDesk on his laptop.
    While Bob and the rest of the gang is sleeping, make some experience with WIN10 on your own machine...:D

    If You are willing to take the job, start with a clean install of WIN10.
    First prepare a USB-setup-stick, than wipe the disk, to get rid of the preinstalled crap.
    It's important to wipe the disk, not only reformat, so You won't have trouble, if a data recovery is necessary in the future.
    You can use diskpart: clean all. This will take some time...
    In the meanwhile you should research about WIN10 privacy risks...

    I'm doing setup of machines for retirees daily.
    Let me tell You, that the most important thing is to avoid any unnecessary software, especially if you are not familiar with.
    No cleaners, no tweaking tools, no uncommon software should be installed.

    Go with Chrome and uBlock-orgin; make sure uBlock is active in incognito-mode also.
    Go with build in Defender and do the PUP's patch
    Go with unchecky
    Install Zemana Antimalware Premium (payed for 3 years)
    Make a full backup, that you can restore easily, if something goes wrong.
    If Bob misses something, do it later.

    Good luck!
     
    Last edited: Jun 27, 2016
  10. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    66
    thanks to everyone for your replies. i apologize for taking so long to reply but i have been taking care of a very sick, good friend whose days are now short..my online time has been limited. this is how i set up bob's computer....windows defender and smart screen, mbam free, unchecky, ccleaner/speccy, chrome w/ ublockorgin, cryptoprevent 7.4.21. he is picking up machine friday night and i will keep everyone up to date on how this setup works for him. thanks
     
  11. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    66
    30 day update--so far bob has no issues with this setup. since he does not use this machine everyday, i pinned windows defender icon to the taskbar and told him to click on wd icon and run wd updates first thing before doing anything else on the computer. so far, so good.
     
  12. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
    Why does someone need to do this? :eek:
     
  13. SHvFl

    SHvFl Registered Member

    Joined:
    May 7, 2015
    Posts:
    546
    Depends on the OS. In some cases MSE it's better than Defender. Emphasis on in some cases.
    Go on youtube and check cruelsister1 video called Windows Defender and MSE Boot Time Protection.
     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,736
    there is no need for MSE under win10 - i have doubt you can install MSE on win 10 because MSE is part of Defender since windows 8. MSE up to win7 but not further.

    https://support.microsoft.com/en-us/help/14210/security-essentials-download

    in fact windows defender + adware + windows firewall tweak is close to any other suite. and working like charm because it dont insert rootkit like drivers. in fact all current 3rd-party vendors have trouble with windows 10, either before 10240, before&after 1511 and now with 1607 - forget this crap.

    MBAM free is nice to have, adwcleaner maybe, a sandbox (sandboxie) for testing purpose. and ofc backup, backup and backup.
     
  15. robboman

    robboman Registered Member

    Joined:
    May 6, 2013
    Posts:
    54
    Location:
    holland
    I agree with your last statement. Honestly A few years back I used to get calls from friends all the time asking me to come clean up there computer/laptop.
    I would come and they where often infected pretty badly. These days I (almost) never get calls about infections or stuff like that again (and yes I still got friends lol)

    Running a modern OS like win-10 gives you a great amount of security. Using the build in AV + FW and maybe some add-blocker and 90% of the people are good to go honestly. I know we all love it here on these forums to create a setup with enough layers to go to cyber-security war but for the average joe, there is simply no need for it anymore.

    My sister runs avast free on her laptop for the last few years and that's it. Nothing more and never a infection. Same for all my friends and family.

    So for your friend Bob get a free av, or just stick with the build-in av. Maybe run a mbam free scan like 2/3 times a year and that's it. Just my opinion..
     
  16. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    I have just changed to WD and chrome extensions from Avast and BD. I'm an average Joe who is a lover not a fighter so don't need an arsenal of weapons.

    How long will it last before I again succumb to the phoney war and re-install a layer, or two? I should bookmark your post!
     
  17. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,211
    Location:
    in a remote land :)
    soon...very soon...succumb to the Dark Side... :D
     
  18. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
    If you are referring to THIS video https://www.youtube.com/watch?v=lK5H-WCeOls, then I need to ask about the following:

    1. Is cruelsister1 a recognized AV-Tester or just a hobbyist/amateur?

    2. Who can assure me about the validity of the respective Test-Conditions & Results?
     
  19. SHvFl

    SHvFl Registered Member

    Joined:
    May 7, 2015
    Posts:
    546
    She is an expert and highly valued by most here and malwaretips. Now if you want her credentials i am not in a position to know those.
    You can form your own opinion if you read her replies on the 2 forums and also watch her videos.
     
  20. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    With Win 10 and Chrome, it's really simple.

    Just keep the OS and browser up-to-date (of which is automatic nowadays). Do NOT disable the built-in security features. Filter the web to reduce exposure to the harmful. Done.

    Things can be improved by hardening the native security features but I would avoid that for machines that do not belong to oneself.
     
  21. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    I've tried a few things recently. New BD free stuffed my download speed; finally got an Avira version that updated without unchecking protection but, wow, did it take longggg to boot-up; Panda free didn't turn off WD and right click should have have given the option to close but gave option to start (Panda was working); VS I like but a few false pop-ups + still beta; WAR pop-ups but only when I install (like it but not sure I need it with my loving approach to everybody, also they position as only anti-ransom). How good is it against other malware; best product for installing and working is 360TSE (light for what you get), but I worry about their ethics so install for a day and then remove; CFW is powerful with CS's config but can be a pain when installing new stuff.

    I looked in the mirror and saw a safe surfer who wanted speed of system and internet. Only solution: WD. If I install anything else it will be WAR - just need to see a test of it against other malware. Dan's VS looks good (when out of beta in the near future, but I'm no good with nags) as an alternative to WAR. I appreciate somebody giving me something free and don't need a nag to keep me feeling guilty. I was hoping he would do a cheap lifetime for 5 licences like Brett@WP. A 48-hour sale after VS is released?
     
  22. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,090
    Location:
    Netherlands
    @Iangh

    Have a look at Kapersky Anti-ransomeware tool for Business. It is free, runs nicely with WD

    Chrome startup with AppTimer when running both (on dual core Pentium with SSD)
    0.7348 (cold)
    0.3449 (cached)

    I have Windows 10 Pro with Software Restriction Policies (SRP), so you could download Cryptoprevent Portable, which only has SRP based protection. When installing choose ADVANCED (tab), choose MORE ADVANCED OPTIONS (drop down menu), next deselect everything except "Guard against fake file extensions & RLO", choose APPLY protection (button).
     
    Last edited: Aug 15, 2016
  23. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,989
    Location:
    Brasil
    I don't think I ever met with a security solution that got in my way, but then again I've never used Norton back in the 2000's :p Do you have any examples?

    I'd say the opposite. MBAM Premium + Avira Free + COMODO Internet Security (handling it's Firewall, Sandbox, Antivirus, and HIPS) + EMET = didn't see a single drop in FPS in heavy-load games or in render times in Blender. Never had any issues.

    Blerrgghh :gack: hehehehehehehe
    https://www.av-test.org/en/antiviru...l-2016/microsoft-windows-defender-4.8-161447/

    Whenever going for a real-time scanner, I always go Avira. Lightweight, fast, and has the best detection out there.

    Just my 2 cents.
     
    Last edited: Aug 15, 2016
  24. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,018
    I've seen many self-proclaimed malware-"experts" who are just amateurs & hobbyists...
    Anything away from AMTSO is highly questionable...
    Sorry, but I cannot take these "tests" seriously into consideration...
     
    Last edited: Aug 16, 2016
  25. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    They want a basic setup, and Windows 10 doesn't make it easy to have no antivirus at all. The performance overhead from Windows Defender is typically low, and is the least problematic solution.

    Anyone whose habits require 100% detection from their antivirus will get infected sooner or later.

    The OP asked for a basic setup, not the typical overkill we see in the "what's your security setup" thread :p

    I don't think it's a great idea to have two antiviruses running at the same time, and I don't think COMODO anything meets the requirement for a basic setup. Are you saying that COMODO's AV component would be disabled?

    Unfortunately I've seen both Avira and MBAM Premium combination fail in the real world too often, in most cases for the only time malware had been dropped on those PCs. Also while I still use MBAM as one of the first scans on an infected machine, it's been missing too much in the last year or so for me to have as much faith in it as I used to.

    Back when I still used MBAM Premium on my own setups, I had to manually whitelist HUNDREDS of files and registry items that were falsely detected. This was a very tedious process since the interface only let you do them one item at a time.

    Security solutions getting in the way? Every solution has its pros and cons. There's a balance of performance, convenience, and security - and we have to make that choice based on our own assessment of risk.

    - Countless examples of real-time AV/AM solutions giving false positives for legitimate programs, causing issues up to and including bricking machines;
    - Real-time scanners will always have some kind of performance overhead;
    - Anything with a form of "Lock-Down" mode offers a high level of non-specific security, but with the inconvenience of needing user intervention to do anything outside of the defined parameters (such as update or install a program).
    - Sandboxie, similar to the above needs some user knowledge and intervention in order to update protected programs;
    - Standard user accounts, requiring switching accounts or typing in admin password.

    Another simple example: I use SumatraPDF. The advantage is that it's extremely fast to load and relatively secure with no scripting, but the trade-off is that to fill in PDFs with forms I need to right click and open them in PDFxchange. I'm fine with the extra step, but not everyone will be.
     
    Last edited: Aug 16, 2016
Loading...