Ever spend much time thinking about how "safe" your computer is? I want to say "no", but then why do I have 3 separate antivirus and/or antimalware programs on my computers?
Malicious programs suck. You can and probably will hit at least one of them while doing legit browsing. By legit, I mean non-porn related sites or "weird" stuff used to bait (hi-yo!) people. It's a good idea to have some sort of active protection and some back-ups.
Among the computer literate community, it is somewhat common knowledge that most antivirus programs are not perfect. They usually work differently and detect things passively and actively at different rates. If you choose just one, things will go missed. Then you have to factor in the differences between malware, viruses, spyware, adware, and whatever other malicious programs out there. Each one may require a different type of program to detect.
I am not a security expert, but like to think that I have a somewhat reasonable level of basic home security. So, any "advice" here is more for the "I have absolutely nothing and don't know where to start" crowd.
Where should you start on your road to having a more secure computer?
Depends on what type of operating system you're running. Since the majority of personal computers out there run Windows, and I only have experience with Windows, I'll stick to, gasp, Windows. Specifically, I am running Windows 7, but everything since XP is somewhat interchangeable.
Standard User Account
If you are currently running an administrator account as your primary account, then stop. This was the best piece of advice I received from tech nerds. It changed my experience from "OMFG, virus fuxxored my computer, I gotta wipe everything and start anew" to "okay, I just have to create a new user account". The former takes a day, the latter should take an hour once you decide to do it -- plus hours of trying to fix everything so that you don't need to start a new account.
The reason is that an administrator account lets you go crazy. You can install anything you want at will and Windows will not ask you for a password. With a user account, every time you try to make a major change like install a program or change a system setting, it asks for a password. Why is this helpful? From my experience, the worst viruses try to install heavy duty programs on your computer off the bat. Don't get me wrong, they can still sometimes install more minor things and change your registry so that everything on your desktop looks to have disappeared. However, most of these problems have been more superficial and annoying than deeply embedded in the system. The major difference is that if my user account is infected, I can log in using my administrator account and start the disinfection process.
Since I've started using separate user and admin accounts, I have not had a virus get deep enough to require a complete reinstallation or repair of Windows.
How do you do it?
Go to Control Panel --> User Accounts --> Change your account type. Remember that I'm on Windows 7, so other versions might be slightly different. You may need to go to Manage another account or something else. One essential thing is that you need to add a password to the admin account. It shouldn't need to be stupidly hard, just do remember that assholes who physically get ahold of your computer could also do damage.
Free Antivirus Software
I am a cheap bastard. If you feel like it, you can buy a copy of McAfee, Trend, or whatever. Last I checked, an annual subscription is required for those things. Meh. And if my work computer is any indication, certain premium programs run like turd and are not resource efficient.
Microsoft Security Essentials
My preference is to use Microsoft Security Essentials, which is an active real-time protection program. It is available for Windows 7, and it should also be available for Windows XP and Vista. Apparently, it has been discontinued for Windows 8 because Microsoft integrated it into Windows Defender, which may come preinstalled with your computer (depends on the version). From what I can gather, Windows Defender was only good for spyware and adware prior to its Windows 8 release.
After using it for about 2 years, I can say that I am pretty satisfied. It doesn't pick everything up, but it catches a lot. It appears somewhat resource efficient and doesn't bog my system down. Virus definition updates are frequent and the system interface is mostly intuitive.
Avira Antivir
This is a program that I have been using forever. It is free, but you get additional functions if you pay for it. I never saw the point of the extra features. For my current systems, I use this as a back-up scanner. That is, I use it to double-check and make sure (best I can) that my primary program (Security Essentials) didn't miss anything. This program does both real-time protection and, like most other antivirus programs, on demand scanning. As a back-up, I did not see the need for the active real-time protection, so never installed it.
Malwarebytes
My absolute favourite and most relied upon anti-screwed-up-computer program is this one. When I have a major issue, this is the program that usually pulls through for me and removes the biggest troublemakers. In fact, some viruses/malware (the hell do I do with my computer?) usually try to block you from running this program, while leaving some antivirus programs alone -- happened once or twice to me.
Being such a good program, the manufacturer can afford to make you pay. Luckily, they only make you pay for real-time protection. It is free to download the on demand scanner and run it when you feel like. However, it won't prevent (or try to) problems from occurring. I recently spent the $25 to get the active protection. So, if you can forego a few six-packs, do consider buying the "full" version.
Java
This is the most recent change I made and it's concerning Java. Apparently, there's a difference between Java and javascripts or something. Long story short, you can disable Java from running if you have Java version 7. This is a bit over my head, but it is significant enough to merit some review. I have disabled Java from running for a week and have had no issues in terms of regular internet browsing. You can do this by going into Control Panel -> Java -> Security -> Enable Java Content in the browser. Uncheck the last one.
Happy surfing!
