Is free anti-virus and malware cleaners all you need to stay safe?
 

There are several free basic anti-virus software available, AVG, Avast and McAfee to name a few and there is Malwarebytes, my local computer shop says to choose one of the anti-virus and Malwarebytes and you don't really need to spend $$ on anything else because the free stuff works pretty well...your opinion please?

Your local computer shop is a bit ... off. :rolleyes:

There's several protection layers to consider:
- firewalls
- anti-malware
- immunization monitors
- Windows security updates
- better web browsers
- keep Acrobat and Flash updated at all times!

Malwarebytes is an anti-malware tool, and that includes anti-virus protection. In fact, computer viruses don't really exist anymore. What we have these days are variations of malware: trojans, worms, rootkits, bootkits, adware, and spyware. A "virus" is simply a program that self-replicates, and historically most of them were harmless. It's mostly the other malware that makes life hell.

I'd either pick Kaspersky or Malwarebytes Pro for active always-run scanners. In addition to active protections that monitor RAM, new files, and systems files, it's good to periodically run non-active scanners against all files on the computer. MalwareBytes works well here, too.

Comodo offers a good free firewall.

WinPatrol is a good immunization tool. It monitors and prevent changes from being made to your startup programs, hosts file, and other configuration files. It also monitors hidden files, listed in order of "first seen on the computer" date.

Keep Windows updated -- but only the security patches. You do NOT need to update Windows features, and you can safely ignore most of the "important updates". Just read the descriptions and make good choices. New updates roll out the second Tuesday of every month. Always run the Windows Malicious Software Removal Tool each month.

Use a locked-down browser for going to new sites. Let me repeat that: NEW SITES. Use Firefox with the NoScript plugin, as well as the WOT plugin. NoScript will prevent garbage from running via Java exploits. You'll manually allow domains one by one. Understand that sites may appear broken, not load rich media (videos), or issue error message, when scripting is blocked. WOT will alert you to sites that have been flagged by the online community as dangerous, and you'll see warnings in Google search results, as well as blocking the site with a warning, requiring you to ignore before it will load. You can turn off the "green icon" in the WOT settings.

For trusted sites you use daily -- like digitalFAQ.com :) -- use a separate browser without these plugins, such as Seamonkey, Pale Moon, or Chrome.

Keep Adobe Flash and Adobe Acrobat updated at all times, as those have historically been a common entry point for malware. Never open PDFs from unknown emails. Sometimes malware-infected PDFs come from people you know, but their email accounts were hacked. That's common amongst free webmail providers like Hotmail, GMail, and Yahoo.

Now that combination will keep you safe. :2cents:

_________________________________________

Example of Windows Update on Windows 7:

Attachment 2673

Example of NoScript:

In this example, tynt.com is disallowed from running. The others are allowed. Most websites load scripts from multiple sites. Most people confuse this with "spyware", but it's often nothing more than UX (user experience) enhancements, or advertising -- which is how the site is able to support itself financially to stay online, so please never block ads. Note that tynt.com is safe; I only blocked it for this example screenshot.

Attachment 2672

FWIW, the latest versions of Firefox have a warning system for malicious sites built in. One nice thing about Chrome is that its built in Flash support auto updates , and it has a built in PDF reader avoiding Adobe's disaster that is Acrobat Reader. If you do use Reader, make sure Javascript support is turned off.

Don't you need Java to read/display certian files?

Very true. Google also gives alerts when it catches bad sites.
But WOT includes other bad behavior, not purely malware. For example, WOT often alerts you to scam sites.

Look at the results you get when searching for "tv box sets" -- notice the safe green sites vs the one red site:

Attachment 2683

tvboxsetsdvd.net is a scam site. WOT caught it for you.

If you click on the Google result, the site is blocked by a WOT protection pop-up, where you can first read the ratings, and then either choose to ignore the warning, or hit back in your browser to avoid it.

Attachment 2684

The full WOT rating page for that scam site: http://www.mywot.com/en/scorecard/tvboxsetsdvd.net

There's tons of sites like this online -- people trying to steal your money. Firefox and Google don't (yet) help with that. The only issue with WOT is sometimes there are false complaints, maybe 5% of the time at most. So read carefully before skipping the site entirely, and make a wise choice.