So, when it comes to PC security, it's all about
layers of security.
Let's outline the steps to creating a secure PC:
I. Creating multiple Windows user accounts, and changing some Windows settings.
II. Installing an antivirus.
III. Installing software that supports safe web browsing, etc.
I. Creating multiple Windows user accounts, and changing some Windows settings.
Now, let's dive into the first step. Before we do, let me explain why you should create multiple Windows user accounts. Most people tend to use a single, administrative account, and never bother to create accounts with fewer privileges. Why is this a problem? You will not be prompted to allow rogue programs to be installed, etc., like you would/should be if you were on a user without administrative privileges and UAC enabled.
So, it's important for you to have at least two Windows accounts. One account, the administrator, should NEVER be used. You should use always use a standard user, and set UAC to "ALWAYS NOTIFY."
By using a standard user along with UAC set to the highest setting, you should be protected from most attempts to install malware or change settings on your computer without your knowledge.
HOW?
START > CONTROL PANEL > USER ACCOUNTS
Here, you can create an administrative account, as well as a standard user account. You can, and should, also set UAC to "ALWAYS NOTIFY" here.
Set all of your user accounts to "PASSWORD PROTECTED," and use a different password for each.
Now that you have a standard and administrative account, log out and sign in as the standard user.
From now on, always use the standard user. Install all programs, etc., while logged in as the standard user.
Now that you are logged into the standard account, let's make a few security changes.
HOW?
START > CONTROL PANEL > NETWORK AND SHARING CENTER
Go to change advanced sharing settings.
- Turn off network discovery.
- Turn off file and printer sharing.
- Turn off Public folder sharing (people logged on to this computer can still access these folders.)
- Use 128-bit encryption to help protect file sharing connections (recommended.)
- Turn on password protected sharing.
Unless you use any of these functions, I would recommend turning them off.
WINDOWS FIREWALL
- Block all connections to programs that are not on the list of allowed programs.
- Notify me when Windows Firewall blocks a new program.
I would recommend these settings for Windows Firewall. Enable Windows Firewall, of course.
WINDOWS UPDATES
HOW?
START > CONTROL PANEL > WINDOWS UPDATE
I would recommend the following settings for Windows Update.
- Install updates automatically (recommended.)
- Install new updates: Every day.
- Give me recommended updates the same way I receive important updates.
- Allow all users to install updates on this computer.
- Give me updates for Microsoft products and check for new optional Microsoft software when I update windows.
II. Installing an antivirus.
I would recommend Microsoft Security Essentials (MSE.)
It is important that you uninstall your previous antivirus before installing MSE. I would recommend downloading the installation files, and then disconnecting from the internet and uninstalling your previous antivirus. Install MSE as soon as possible, and run a full scan.
MSE
windows.microsoft.com/en-US/windows/products/security-essentials
Settings in Microsoft Security Essentials.
DEFAULT ACTIONS
- Recommended action > ALL.
CHECK > Apply recommended actions: Help protect your computer by applying the actions above after Security Essentials detects potential threats.
REAL-TIME PROTECTION
CHECK > ALL.
Under "Monitor file and program activity on your computer," list "Monitor all files."
ADVANCED
- Scan archive files.
- Scan removable drives.
*DO NOT EXCLUDE ANY FILES / LOCATIONS / FILE TYPES / AND/OR PROCESSES!
III. Installing software that supports safe web browsing, etc.
I hate Internet Explorer (IE.)
I would recommend Firefox.
www.mozilla.org/en-US/firefox/new/
When installing Firefox, I would recommend
NOT importing any information, and would recommend setting it as your default browser.
Do not uninstall IE.
FIREFOX
OPTIONS
Privacy
- Clear history when Firefox closes. (SETTINGS BELOW)
> SETTINGS > CHECK ALL!
Security
- Warn me when sites try to install add-ons.
- Block reported attack sites.
- Block reported web forgeries.
- Do not remember passwords, or use a master password.
After setting up Firefox, let us download some security add-ons.
*ADBLOCK PLUS
addons.mozilla.org/en-US/firefox/addon/adblock-plus/?src=hp-dl-mostpopular
GHOSTERY
addons.mozilla.org/en-US/firefox/addon/ghostery/?src=search
KEYSCRAMBLER
download.cnet.com/KeyScrambler-Personal/3000-2144_4-10571274.html
NOSCRIPT
addons.mozilla.org/en-US/firefox/addon/noscript/?src=hp-dl-mostpopular
*Security add-on? Debatable.
Installing Ghostery:
- Enable Alert Bubble.
- Enable library Auto-Update.
- Enable blocking > block all bugs. You may also block all cookies, if you'd like.
You're pretty much done...
edited 2011-12-20 22:47:43 
ENOEWO on 2011-12-20 21:43:27
And source of this information?
And in fact no, this is not common sense.
edited 2011-12-20 22:39:36
If you do a Google search, you'll find that most of this information is common knowledge. The bit about using a standard user account, etc.
Because you should create several accounts with different privilege levels and only use a higher privileged account when you really need it. This stops basic viruses but you're pretty much screwed vs (0 day) exploits.
And to all the people running without an antivirus claiming to have 'no problems', I wonder how many of you are actually part of a botnet. The whole goal is to remain undetected (rootkits etc to hide the process running). And to the guy who said you have to be retarded to get a virus nowadays. No not really, it's actually dirt easy to exploit a machine. Ever heard of Metasploit? Any script kiddie can use it to launch an up to date exploit on your machine and get root access.
Security starts with the right configurations/programs but it doesn't end there. As long as you are plugged into the inet you are at risk.
No need for antivirus here :)