Computer security, am I just being too paranoid?

I have Win 7 Home Premium 64 bit,and McAfee AV (supplied by my ISP). I also have been using Sandboxie,a free sandboxing program,and haven't had malware issues in years-any malware you encounter on the net is kept from writing to your hard drive,and can be erased when the sandbox is deleted.

Just wanted to add something I haven't seen mentioned.

Friends love to send you links to pages they think are funny or interesting, but those links will sometimes be to site that will download malware to you PC, and it could be weeks before they do their damage. I never click on links to sites I don't know in e-mails, even when friends send them.

I remember when starting a new Hotmail account some years ago I only submitted it to sites that promised and pinky-swore they wouldn't on-sell it. Well, that was an epic fail, as I ended up with a spambox full in less than 24 hours. It's only spam, but what worries me is the dishonesty.

It's probably not as bad as a Nigerian scam (I had come across one in a spam email some years ago and screwed them round for weeks just for kicks!) but you can never be too careful with other details. Regardless, if they REALLY want your information and you type it in regularly, it's highly probable they'll get it as anti-malware/virus/bot software ALWAYS detects after-the-fact. Yup, they take time to discover new threats and can only protect you (read: try) from the old ones. New permutations of virus or worm are often built on old code. I've been an assembler programmer for about 25 years and have destroyed many a virus in the old days by disassembling virus code and finding a way to kill it. One permutation I even used against itself. That was sweet justice.

My banking is well protected and has never been compromised over the last 10 years of internet banking. I still don't run a firewall or anti-virus constantly as they tend to get in the way of everything. Every week and/or update I check and copy the entire system (W7) to an external backup drive and if I ever notice a problem, I boot from a clean partition of W7 and copy it all back. Eventually I'll end up with a virus or bot in the backup but it can always be detected later.

Security will always be a problem since malware is always a step ahead. I don't fret over it but keep a close eye on the system. I never have anything auto-run at startup so it's vastly easier to notice if a nasty gets in there.

If you're purchasing from a site and they have a choice between PayPal and direct credit card debit - go the PayPal as your card info will remain secure.

A good idea is to check and backup everything before going into notorious sites (porn or movie/music downloads) as they often drop a dongle onto your computer. One of these was a \system32 .dll file called from the registry at bootup that would tell me my system might be infected. It looked legit and was likely developed by an antivirus company as the link led me directly to their site where they could sell me some monster to get rid of it! Remember what I said about dishonesty. I've had 2 of these over the years. They probably even steal your credit card info as you purchase it.

Another was a page that said I needed to download the latest/upgrade Adobe Flash player. I knew I had no problem there but it tried to drop a bot on my machine. Beware of "download managers" and these completely unnecessary and ever annoying "toolbars" that they tell you are a must-have. Kazaa (music share) was notorious for adware.

My methods above may be a little unorthodox but they've worked exceedingly well. A little suspicion is better than an overdose or none at all. Complete backups are your best friend. All things in moderation I guess.

when i first got involved with going on-line and making sure i was secure from multitude of things thrown at you to find your weakness and hi-jack your OS.i too was a little worried as if i am leaving a door open to my system for unwanted guest.lucky for me i was subscribing to ATT (formerly SBC) for my internet access,and they provided free anti-virus program with my DSL package. and it has made my mind rest a little easier with keeping my computer running well and protected. the Mcaffe has been great. first it was designed to work well with my ISP browser,e-mail and programs they used for my internet connection.i am on my 4th system (2 desktops,2 laptops) and never experinced any type unwanted programs that so many people fall victim to.and all the time it has been perfect for me to use and most of the time i forget its even there making my daily browsing a pleasure.since i have used this product i have had only 3 times where it has notified me of unwanted items were deteceted,isolated and prevented from installing on my system.and keeping up to date with their software is as simple as you could ask for.periodicly i am giving a window on my screen that informs me to restart my computer because of their software updating and even allows me to either restart my computer then or wait and do later if i am busy and dont feel like stopping right then to do a restart.but the thing i like the most is their partnership with my ISP provider and always keeping intune with their package that computer uses to connect to the internet.and best of all its still free for me use and does not matter if i need to install it on any new system or if i need re-install it for any reason.

I just run virtual machines... one for general surfing, one for financial, one for commerce, etc. with backup .vhd files and thumb drives for files. I often have two or three open at a time.

Easy to restore, about 5-10 minutes, can't get out of it's lane, depending on your virtualization SW you can cut and paste between them, e.g. from browsing to commerce.

Keep you system up to date, your systems anti-virus on and back up your .vhd and you should have no problems.

This is very effective when you have more than one user. No way they can get into another users files without starting up their .vhd, and it is password protected so no joy.

Want to try Win 8, Linux, etc., no problem, just create a virtual machine and give it a spin.

"...run with Windows 7, have the Windows firewall activated, and am using the Webroot AntiVirus software"

As you've probably already read, these are only the bare minimum. I only rely on them when I first purchase my computer and have not yet had time to install and activate a real virus scan. They're kinda like installing locks on your screen door and windows on your house. Does it help to lock your windows and screen door? Yes, absolutely. Is that enough? No!

"Spyware, viruses"

There are different kinds of threats and each requires different security solutions. This is why I distrust single application (i.e. "virus scan" or "firewall" only) solutions. As I understand, viruses are programs designed to gain access to your computer and either destroy it or gain control over your computer. Spyware is software that spies on you; it sends data to who ever created the program. Worms, as I understand, I designed to shut down systems by bombarding them with data. Trojans are designed to look and act like something you want but carry with them malware (that's security threats). Phishing is when a conman creates a website or web based form that mimicks with incredible detail something good but is intended to gain access to your personal data. For example, a phishing scam would be "Your bank account has been hacked. We need to verify your account. So we can do so, please send us your name, phone number, e-mail address, social security number, date of birth, sex (male or female), race and credit card number." You guessed it; that data is then used to steal your identify.

Types security
Because of the sheer number of possible threats, individual programs have been created and packaged into "suites." A complete suite includes a virus scan, firewall, and various other programs the company thinks you need.

Virus scan: searches your hard drive for anything already on your computer and tries to destroy it. Typically, you cannot install a virus scan after you've already been compromised.

Firewall: firewall monitors every packet of data coming into and out of your computer. For example, Adobe Acrobat, the program required to read PDF files, requires periodic updates. Is that a good thing? Your firewall can tell you.

Other: this is a wide variety of programs; some you need and some you don't depending on what exactly you are doing. Norton has a program it calls SiteSafety which helps identify websites that may be dangerous before you click on them. There are numerous others such as programs that help you backup your hard drive, often to the software provider's data warehouse for a fee.

I will try a list to simplify your search for solutions to your concern.

Your paranoia is founded! In fact - if you bank and shop online, you might seriously consider using a LiveCD of the latest version of Puppy Linux. This will keep malware and criminals from writing to your hard drive, and they can't write to a closed session CD/DVD. Even the latest version will auto update and you can use familiar browsers like Fire Fox. Most banks accept Mozilla browsers now, and if set in IE mode, they may accept them anyway. Be sure and reboot before and after your bank session; if you need to save anything Puppy Linux will ask if you want to save to flash upon shutdown or reboot. I will follow this suggestion with a descending order of security comparable to this technique, but ease of use will be ratcheting upward with very little compromise in security level. Keep in mind that during sessions between reboots, it is still possible to read your keyboard, video, or otherwise spy on some session functions, but with Linux this is greatly reduced. A lot rides on whether you trust the bank or shop page your are on when using SSL(secure socket layer) to do your business.

A. Puppy Linux Live CD - already mentioned.

B. Microsoft Steady State - this is only available to XP users, and support is not available on Vista/Win7; however several good third party companies have carried this type of saftely onward. This is similar to turning your hard drive into a state similar to a LiveCD, but may not be as safe.

1. If one is to believe the makers of Drive Vaccine - they have the best protection for this type of science. They have been around a long time and in fact used to offer hardware solutions along with the product(PCI). But now they claim is is even better as a purely software solution. This one is easier to use, because it lets you save data to a virtual environment, and updates to software/operating system can be approved on an as needed bases.

2. Faronics Deep Freeze - this one is less secure than the previous solution but in the last 15 years, our local college has never had a network compromise since using it on every student computer. It may be more difficult to update your PC, and you will have to have every anti-virus(AV) and anti-malware(AM) solution you can to make this unguarded state safer. Of course rebooting before doing maintenance can minimize this possibility of compromise between drive states.

3. Microsoft Steady State is the most difficult to use, but still as about a safe solution as you can use for free - next to LIveCDs

C. Previously mentioned "virtual" environments like Sandboxie can be had, and can work almost like a LiveCD. But I suggest ending each protected browser session before and after using a bank/shop site. I really don't mess with virtual environments, because my clients can't figure them out, and they won't use them anyway - so I try alternative methods to make each "session" safer.

1. Top of the list in this category is using the built in NT system to protect your PC - only run online as a restricted user( also known as limited user and/or restricted account). Always run as a user with the least privileged and rights. This has been made simpler by Microsoft(MS) by making three categories of accounts.
a. Administrator - this one can do anything( always password protect and disable the hidden Administrator)
b. Limited user - this one has all he needs, and can watch video, shop, bank, save files, etc. No ability to install.
c. Guest account - this one has even less privileges, but I think it is only necessary for actual guests to your PC.
This NT protection scheme is almost as good as a sandbox but don't assume your not being watched. Zeus variant malware can also inject into the startup folder, and survive a reboot. Malware can also fool you into clicking on suspicious alerts and gain administrative rights to the PC, they can also use exploits to gain a foothold in a vulnerability in the operating system or other applications.

2. To avoid further calamity in this environment it is necessary to understand that solutions almost to a tee, must be as close to a kernel based environment to prevent manipulation by malware. Some simpler but good AM can use a password to protect the settings console - the better ones simply can't be manipulated without logging in as administrator or allowing an alert to attempted changes to the AV/AM solution. I will list what I have tested as serious condenders in this market - I will list the free ones first, as that precludes me from shilling people to get paid by a company. I am independent and don't take money from any company. In fact I do a lot of free consulting just to destroy the mislaid plans of criminals.

a. Rapport - This tool keeps criminals from riding session into the bank account you just successfully logged into! It can block keyloggers and screen capture as long as an SSL session is active.

b. Comodo Free Firewall - Probably called Internet Security now - but you only need the firewall and Defense+. The later, will alert you to file manipulation, and is getting better at identifying which process is trying to do it. Newbies are gaining more and more understanding of this, as Comodo continues to improve the product.

c. Emisoft Anti-malware or other similar products, are paid products, if you want the real time protection, but it does a better job letting you know what and where the file is being manipulated, and by what, and lets you keep safe processes from being monitored at all. Mamutu is one of the few paid products I can recommend, but I haven't tested PCTools Threatfire, which is supposed to be similar, and is still free, last I checked. Winpatrol can do this for free, but is subject to manipulation, and fairly week against attack; but if you are aware, you will see it drop off the "systray area" or what ever Win 7 denotes that to be. Awareness can prevent many successful attacks, because even weak solutions show evidence of tampering.

d. Prevx Safe-Online - reduces threat settings automatically when Rapport is detected on your PC. This is the only anti-virus/malware, that can be run concurrently with one other anti-virus. It is cloud based and amazingly fast, and free to FaceBook users - so I only recommend it for them. However you do not have to remove anything with it, and I don't recommend doing that BTW. MBAM, Super-Anti-Spyware, or CCleaner will do that much better on a limited account.

3. The next category may not be kernel based(for now) but are compulsory for my clients. These are solutions that are very resistant to malware, and probably wouldn't function if malware were trying to change them anyway! Both the previous category and this one, can operate in infected environments, which one must face now, because their are too many silent and undetectable threats now.

a. Keyscrambler - is a very good key-logger obfuscation tool, it can't block video or snapshot images, but the previous solutions can make life difficult for those that attempt that kind of surveillance.
b. LastPass - this one has a very good reputation, as they immediately alerted the public the one time they though their host based security was compromised; it turned out no 'blobs' were exported by the criminals, and no damage was accomplished, but they still warned folks to change the master password none-the-less. Personal information is store on the local hard drive and the cloud in encrypted form, so no sensitive data ever has to be entered into the hard drive without protection, and if you lose your OS to a crash, the cloud will instantly provide all of it after loggon.
c. CCleaner - I put this into this class because it is such an excellent free solution, and it is so affective at destroying the criminals plans in such a simple way. It just deletes all the temp files you brought in during page loads, and also can clean out the startup folder to prevent injection attacks. The criminals are doing their homework trying to disable CCleaner any way they can during your browsing session, so it is a good idea to use it between sessions, so if something is wrong - you will know it before disaster strikes!

NOTICE! - I don't mention anti-virus? Well - actually Avast is my favorite, but during my ******** tests, I am beginning to wonder if running with restricted rights and keeping everything updated has made both AV/ AND AM obsolete! This leads to the next category of updater tools to keep the PC environment locked down and almost invulnerable.
4. This category can keep malware and viruses from comprimising the protection the operating system already provides to the OS, and also plugging holes in applications that or more likely than anything to blow holes in your security. No AV or AM can help you there!

a. Secunia PSI - the new version will pop up during limited sessions to let you know when it can't automatically keep your applications updated. CNET's update alerts through email will usually beat PSI to the rescue, but the following will usually beat all of them.

b. File Hippo Update Checker - this handy updater helper, can beat the others to the punch sometimes three days earlier that any other source. Downloading their updates can be an easier way to accomplish the task too, but simply using your browsers updater is the best once File Hippo lets you know what needs updating. Unfortunately Windows security has improved just enough that FH can't alert you while you are running as limited user anymore. So if you want the max alert time before a zero day threat, you would have to log onto the administrator at least once a day. I personally don't do this; but my bank account is not likely to be compromised, as the bank limits the power of using accounts online, so criminals can't take over the account anyway. Your mileage may vary!

5. The last category addresses methods of payment; and many have already mentioned PayPal. Your Paypal account is only as good as the password protecting it though; so bear that in mind. Most crooks simply guess your password, or get it from surveillance and empty you account that way, they can intercept your email during man-in-the-middle attacks, so you might not get an email alert. You can always tie a store bought pay card to the account to limit the damage, or a credit card that can be blocked if PayPal goes awry. One of my favorite methods is to use an Online Secure Credit Card. This card number is only good for the vendor it is issued to, and if someone else tries to use it, BOOM! - they get nothing! HA! I love keeping the money out of the criminals hands in the first place! Discover is the only credit card company that I know of, doing this now. If anyone knows of others, please chime in.

In conclusion I would just like to add, that when I am attacking my ******** limited account with zero day threats, 75% to 85% or more of the time, something in the modern Windows browser, or operating system will stop the threat cold in it's tracks - it just takes good judgment to NOT blow through the DEP, ALSR, the UAC, and other embedded security features in Windows. I challenge you to look for new security solutions here on CNET that actually provide real time malware protection on limited Windows accounts. Now that AdAware has lost its reputation, that is getting hard to find!

Although there is a lot of great useful info here already, I just thought I'd throw in my two cents.

Desktop 1:
Used mainly for gaming, checking the news & email via Thunderbird Portable.
This PC is running Windows 7 with Windows Firewall, Avast AntiVirus (free), CCleaner (free), MalwareBytes (free), SpyBot Search & Destroy (free), hard drive is encrypted with TrueCrypt (also free).

I use Opera Portable browser on ALL of my PC & laptops. (I refuse to use IE, or Google anything and Firefox seems to be a huge resource hog.) I use LastPass Password Manager (free), NoAds Advanced, and Ghostery to keep all the pop up ads and tracking cookies at bay.

Desktop 2 & 3 and my laptops:
Used as my everyday PCs for work, general surfing and ALL online banking, ebay, PayPal & any other business and financial transactions.
I do NOT trust Windows for ANY of these things, so this PC is running ONLY Fedora 16 with a firewall and I use NO antivirus, malware or spyware software on these PCs.
I either use Opera (same set up as PC 1) or TOR browsers only and have the hard drive encrypted with TrueCrypt.

For email, I use Thunderbird Portable on an encrypted USB flash drive. This way I have all of my work and personal email accounts in one place and being portable, I can take my USB drive and safely have access to my email accounts on literally any computer anywhere. I also have Opera Portable on this drive so I can have "my" browser with "my" setting and all of "my" bookmarks no matter where I go or what computer I use.

And speaking of FREE software, I have dropped Microsoft Office 2007 on ALL PC's at work and home and started using LibreOffice Suite. A 100% FREE Linux based software that is 100% compatible with OpenOffice and MS Office with all the same bells & whistles I need and use for home and office.

I have used the above setups on my PC's and laptops for better than 10 years and have NEVER (knock on wood) has any issues. And I have been known to go to some pretty, shall we say "shady" sites and have downloaded some pretty "shady" things over the years...

I look at my PCs the way I do a car or a house. You can have all the high tech alarms and security devices you want and spend thousands of dollars on it. But if someone wants it bad enough, nothing will stop them completely from breaking in or stealing what isn't theirs.

Good luck & happy surfing!

~Geminimoon66

I'd like to know what the experts think about the following:

Software Meant to Fight Crime Is Used to Spy on Dissidents
http://www.nytimes.com/2012/08/31/technology/finspy-software-is-tracking-political-dissidents.html?ref=business&_r=moc.semityn.www

BUSTED! Secret app on millions of phones logs key taps
http://www.theregister.co.uk/2011/11/30/smartphone_spying_app/

Live security platinum malware just attacked computer 2 days ago. Computer is in the shop.

I don't believe computer security exists. I believe that you have to take computers off of the internet.

Security through obscurity works by buying or building a computer that no one knows about but that doesn't offer security without well designed tools and designed protocols.

You have to protect the computer on the filing system level.
You have to protect the computer with memory protection.
You have to protect the computer on the control access for programs such as user accounts and not giving programs free reign.
You have to protect the computer on a security protocol and much more.
A computer giving user access in a "sandbox" has been discussed.

Malware, viruses and spam are caused by user intervention and Windows' holes. How does both the computer and the user know the intent of every action? It requires a brain and sometimes both the computer and the user have none.

The user can be tricked. How does he know if he is running a malware program or not? We get free games for work and the users at work install them and we get infected. Someone at work was doing file sharing and downloaded a virus. There is no virus protection against downloading a virus.

Don't run Windows with real I.P. Disable in network file and printer sharing.

Most hackers have read what everyone has written here and they know what security programs you are running so they have socially engineered what they need to do by building a picture of what you have done instead of having security on a "need to know" basis. If you build a security picture for hackers, they can get in.

During the old days, I could read text displayed across the screen at 2400 bits per second and the screen was being used as a buffer. Now we have 56K modems, DSL and cable modems. There are also special characters that the user can't read. I found security is like a door. If you don't open it, nothing gets in but if you open the door a little bit, flies and bugs get in. If you open the door more, mice and dogs get in. If you open it more, crowds get in. In other words, the bigger your hole, the more that can get in. If you keep security tight, nothing gets in.

Security fails for these reasons and more:

Security can be breached off line. You don't need the internet.
As long as there is wide open address space, you can get access to the data you need.
As long as there is a public list of tasks, input handlers, windows and open files, security doesn't exist.
Address randomization doesn't work because there is usually a table found in a MMU and they are subject to buffer overflow attacks.
Don't believe you have FULL CONTROL of the computer because there are drive by and random attacks.
Encryption doesn't work because information can be forwarded through the internet.
Computers that can't distinguish between data and code.
Spammers, government agencies and google spend their time knowing your platform.

As I've become older, I believe that foreign governments are to blame for a lot of the viruses. We're a testing ground for cyber attacks.

There is a balance to be found as far as security goes on your PC. That balance is found somewhere inbetween paranoid and carelessness. In the 10 years that I have been helping people with their computer issues, I have seen both extremes, and all sorts of places inbetween.
As other's have pointed out, there are some good free antivirus, spyware programs out there to be had. That is the route that I have decided on, and it has worked out very well for me and my computers. My advise is to use the trusted and proven free ones available to you, and be wise, not paranoid, in what you click on while on the www. or checking your email.
I use AVG free, Malwarebytes, and allow updates, and run scans on a regular basis. Also run disk clean up and defrag your computer's hard drive(s) as well, and when you go to install something new on the PC, be very careful what little boxes are checked or unchecked. Even some of these good free ones will have you loading up your PC with useless junk that you don't need and will bog down your computer.
So be smart, not paranoid, get advise from others as often as you can, and happy clicking!

Since you are running Windows, you should install the free Secunia PSI software which will monitor your computer and most software to make sure that all of the latest patches have been applied. This will seriously reduce any vulnerabilities that may exist in software previously installed.

There is a free program from Trend Micro called RUBotted which can check for signs that your computer has been turned into a 'bot.

I don't think it was the people you gave the email address to.

Open a new account on several online mail services. I used Yahoo.

Do not use these accounts for ANYTHING! Don't give the email address out to anyone anywhere!

Then check your inbox every now and then. I did this and received thousands of junk emails.

Don't assume that the one or two places you gave the address to did this to you. It could just be that these sites get hacked OR the actual owners of the services sell your address (Microsoft, Yahoo, Google). If the service is free and the company is a billion dollar enterprise, be very suspicious.

The ONLY time to not be paranoid on the internet is if you have NOthing to lose.
Including any value that you COULD have if you are able to apply for credit.

In terms of "best practices" I would LIKE to assume that someone else has mentioned the following, but just in case:

One of the absolute best things you can do to protect yourself is most easily accomplished when you are configuring a new PC -- anytime after you've been using a PC for awhile is much less convenient just because layers of 'stuff' have already accumulated (including, possibly, malware which will defeat ANY safeguards you install after that point).

On a new PC, take the time to establish one login account with "Administrator" privileges. And then only use that account for administrative work, never for online activities. Instead, first thing after you finish creating that "Admin" account, create a generic "Browse Safely" account with no special access of any kind. THAT is the account you are going to use while online.

Because most malware inherits the access privileges of the account that it first infests. If you encounter something malicious using your "admin" account, that malware is IN and In Charge, and now owns your machine. Whereas if you "step in it" while wearing your "browse safely" account, that malware (USUALLY) has to ASK for permission to do anything significant. Which means you are still "vulnerable" if you are GULLIBLE -- in this case "paranoia" is completely appropriate (they ARE out to get you, after all). So just say "No" to pretty much anything you didn't initiate, and to anything that you don't fully understand, and to anything that feels even slightly "off".

Above and beyond that first defensive posture, sure, you need a good antivirus, preferably one with a built-in firewall and heuristics and logging and all kinds of bells and whistles. Something that scans both incoming AND outgoing emails (sometimes the first sign you have an infestation is when IT attempts to "phone home" for whatever reason). Be aware that some malware packages include their own built-in comm routines, and won't necessarily USE email; that's why a good firewall will perhaps "appear" to allow ports to be opened, in order to mousetrap whatever is attempting to "sneak through"...

Paranoia tends to be a strong motivator toward obsession with detail. Little things like "what browser do you choose to use" -- do your own "review" checking, but IMHO Chrome offers a few advantages, re "incognito" windows (ones which "sandbox" all online activities, including any changes a website attempts to make to your system, so that when you CLOSE the window all those changes simply disappear). If you were a geek "power user" I'd lean a bit toward IE just because of the page analysis tools available (you can pretty much see anything "under the hood" that you care to inspect).

Obsession with detail gets longwinded. Double check every type of software you use on your system. There are not-so-well-known security settings for javascripting, for PDF viewers, for any Windows Office package, etc etc. YOU get to decide the point of "diminishing returns", weighing risk-of-not-obsessing versus cost-of-obsessing.

Choose wisely.

We have had viruses, trojans and malware ever since people removed beads from the abacus in order to scam people with phony calcuations. many of my favorites were DOS-based malware that did NOT spread through any network connection. The only way to have a secure computer is to remove ALL of the wires that connect to your desktop. For laptops, you need the same except remove the battery as well. Not very useful, but it is damn secure! Honestly, there has been malware out there a very long time. The Internet didn't change anything. The WWW, on the other hand, made people realize that they can get away with an awful lot of things. If I'd have to pick something that realy brought security to its knees it would be the web, HTML and JAVA. Just my opinion. I used to have this nice piece of malware that used to run on a mainframe by taking a checkpoint within a program, modified some of the registeres within the checkpoint file and then started from the checkpoint. It made the program be "part of" the OS, capable of anything regular programs could not do.