Quick Fix is now recommending the following free security tools and options to help maximally protect Windows-based computers against the particularly nasty infections making the rounds today.
We present these recommendations in a three-tiered structure of options:
(1) Our standard security software provides excellent security protection in a manner that is maximally-transparent and minimally-intrusive during computer use regarding both (a) informative pop-ups (and “nag screens” from free security products, in some cases) and (b) requests for user action when problems are identified or suspected. This level is what the vast majority of our customers will be most comfortable with. This option is what Quick Fix installs, by default, with all of its standard shop services.
(2) Our advanced security options offer an enhanced level of security, but, necessarily, require the user to become more highly-informed in order to correctly utilize the protective features offered. From a user perspective, this will entail (a) being presented with more pop-ups (and “nag screens”), (b) making appropriately-informed decisions regarding real or suspected infections, and (c) correctly dealing with usage limitations imposed on both (i) some network communications and (ii) some hardware and/or software installation processes. Using these tools correctly and without complications will require users to become educated about appropriate usage methodologies. We expect this option will be attractive to a relatively small subset of our customers. This option will be installed by Quick Fix only upon specific request, and with full customer understanding of the associated operational implications.
(3) An alternative to our standard security software provides a higher level of security protection in a manner that remains highly-transparent and only occasionally-intrusive during computer use. This alternative presents the user with (a) only the occasional informative pop-up and (b) only relatively rare requests for user intervention, when possible problems are identified or suspected. This alternative provides a “bundled” approach to PC security that provides a more advanced level of protection while balancing it with only a modest increase in complexity. This option can be installed by Quick Fix upon customer request, but only in situations of an informed decision that a small bit of participation with the security process will be necessary on the customer’s part.
Standard security software
OpenDNS: This involves setting the computer’s TCP/IP (TCP/IPv4) DNS look-up option to manually use the following two IP addresses for domain name resolution: <208.67.222.222> and <208.67.220.220>. Doing so will reduce to nearly zero the likelihood that any internet navigation will pass through known infection-distribution sites. The only conflict we have encountered with this option regards laptops attempting to connect to protected “public” networks (as at hotels, for example) that require temporarily resetting IPv4 DNS resolution to “automatic” (because of requirements imposed by the network service provider). Afterwards, when no longer constrained by this requirement, the system should be reset to the above IP addresses for “secure” usage again. These settings present no incompatibilities with any Windows operating systems.
Microsoft Security Essentials (MSSE): This is a “pseudo-conventional” signature-based antimalware product, (a) the performance of which is nearly second-to-none, (b) that accommodates rootkit-types of infections (aided in significant measure by Microsoft’s recent acquisition of SysInternals), and (c) that “plays nice” with Windows installations (Microsoft developed both MSSE and Windows, so the frequency of conflicts and incompatibilities is exceedingly low). Versions of MSSE are available for all contemporary Windows operating systems (XP, Vista, and Win7, both 32-bit and 64-bit). MSSE is a set-it-and-forget-it installation that is extremely highly-automated in function, and is extremely highly-capable at defeating contemporary malware infections and strategies. At boot-time, MSSE may require a bit of time to fully execute all of its updates, so a few minutes of patience may sometimes be required.
Advanced security options
Sandboxie: This free tool appears to have emerged as the Windows-based-computer standard sandboxing application in use in the world today. It presents as about the simplest sandbox utility available at this time, but still offers a moderately rich set of implementation features, should they be desired. By design, it will interfere with some system functionality, so becoming knowledgeable about its operation is a prerequisite for comfortably using this tool. It is primarily intended for securing web-browsing sessions, but may be used in other applications, as well. After a 30-day “grace” period, Sandboxie presents with a 5-second countdown nag screen informing the user of the free status of the existing installation, and requesting whether or not the user wishes to purchase a full license. To continue using the free installation, just wait for the 5-second countdown and then click on the “proceed button,” and Sandboxie will continue to operate normally, indefinitely, free-of-charge.
NOTE: Recently, our experience suggests that older hardware running XP operating systems (particularly those to which current Microsoft update patches have been applied) may be becoming incompatible with Sandboxie operation. An increasingly frequent occurrence of unresolvable errors has begun appearing in such installations. Although we have no direct evidence for support, just personal experience, it may be that diligent support for older XP installations may be going by the wayside. This is not to be unexpected, as Windows 7 has proven itself to be a robust, reliable Windows operating system. As such, the days of XP usage may be coming to an end, perhaps more rapidly than some long-time users may wish. In such cases, it may be reasonable to consider an alternative product that provides sandboxing capability (Comodo Antivirus below).
WinPatrol (Cloud-edition): WinPatrol is a dynamic system monitoring system that takes a snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. WinPatrol is well-known as having been a pioneering tool, using heuristic behavioral analysis to detect attacks on PC computing environments. Now, having evolved to use “cloud” technology, benefits can be gained from experiences of other WinPatrol users. Another particularly attractive WinPatrol feature is the robust system monitoring capabilities it delivers given its very small memory and resource footprint.
An alternative to our standard security software installations
Comodo Antivirus: Comodo AV is a feature-rich, extremely well-performing, free product that consolidates numerous protective strategies into one security package. Conventional, signature-based scanning methods are employed, as is behavioral process analysis, sandboxing, and even DNS spoof prevention, all with a community threat database mechanism to facilitate “cloud-based” decision-making. Intelligent sandboxing (“Auto Sandbox Technology”) reduces threats from zero-day intruders (particularly important, given today’s threats). Untrusted programs are sandboxed to isolate malicious software from the underlying operating system, running with restricted privileges, with a virtual file system and registry instead of the true, underlying real system. Untrusted (but harmless) applications can operate normally, while malicious programs will be denied infectious access to the system. If proven to be trusted, previously sandboxed apps will be remembered as such and will not be limited to running sandboxed in the future (decisions made by a trust decision engine). Unknown apps placed in the sandbox will also be automatically queued for submission to Comodo labs for analysis. If found to be harmless, the app is added to a global safe list, for subsequent downloading with Comodo AV updates. Alternatively, if found to be malicious, the app’s signature is added to the AV database, and it will be deleted from infected PCs after subsequent rounds of AV database updates. Comodo’s cloud-based capabilities allow detection of malicious files even without local, up-to-date virus definitions. Additionally, cloud-based behavior analysis can detect zero-day malware far more immediately than can signature-based methods. And, cloud-based whitelisting of trusted apps facilitates identification of safe files and vendors. Comodo AV also gives an option, during installation, to use Comodo’s own secure DNS servers, for even further-protected web navigation. As such, Comodo AV is a particularly feature-rich free security product that is an extremely attractive candidate as an all-around PC security solution. It is also surprisingly simple and unobtrusive to use (i.e., very close to set-it-and-forget-it).
Comodo Antivirus: Comodo AV is a feature-rich, extremely well-performing, free product that consolidates numerous protective strategies into one security package. Conventional, signature-based scanning methods are employed, as is behavioral process analysis, sandboxing, and even DNS spoof prevention, all with a community threat database mechanism to facilitate “cloud-based” decision-making. Intelligent sandboxing (“Auto Sandbox Technology”) reduces threats from zero-day intruders (particularly important, given today’s threats). Untrusted programs are sandboxed to isolate malicious software from the underlying operating system, running with restricted privileges, with a virtual file system and registry instead of the true, underlying real system. Untrusted (but harmless) applications can operate normally, while malicious programs will be denied infectious access to the system. If proven to be trusted, previously sandboxed apps will be remembered as such and will not be limited to running sandboxed in the future (decisions made by a trust decision engine). Unknown apps placed in the sandbox will also be automatically queued for submission to Comodo labs for analysis. If found to be harmless, the app is added to a global safe list, for subsequent downloading with Comodo AV updates. Alternatively, if found to be malicious, the app’s signature is added to the AV database, and it will be deleted from infected PCs after subsequent rounds of AV database updates. Comodo’s cloud-based capabilities allow detection of malicious files even without local, up-to-date virus definitions. Additionally, cloud-based behavior analysis can detect zero-day malware far more immediately than can signature-based methods. And, cloud-based whitelisting of trusted apps facilitates identification of safe files and vendors. Comodo AV also gives an option, during installation, to use Comodo’s own secure DNS servers, for even further-protected web navigation. As such, Comodo AV is a particularly feature-rich free security product that is an extremely attractive candidate as an all-around PC security solution. It is also surprisingly simple and unobtrusive to use (i.e., very close to set-it-and-forget-it).
