F-Secure - Safe

Deesale
Deesale Posts: 5 Observer

Hi - I am using F-Secure - Safe for the first time and am particularly concerned to acheive the following:

  • Stop Unwanted ads and pop ups whist browsing
  • Stop Unwanted software being installed whilst browsing
  • Chack all files attached to emails to before they open for malware 

Does F-Secure - Safe  cover these areas or do I need to install additional security - if so, has anyone recommendations please?

 

Thanks in advance

 

Deesale

Comments

  • Ukko
    Ukko Posts: 3,727 Superuser

    Hello,

     

    Probably someone else can to give more helpful information. Just because also... maybe you not mean just "desktop"-versions....  how it will be Mobile-security not sure around some of points. But..

    I just want to say next:

     

    I - not;

    -------------------------------------------------------------------------

     

    II - I not sure... what does you certainly mean about this thing.

    But if you mean just malicious things like exploits, drive-by or other. F-Secure should to give protection for you.

    And here will be some kind of best protection. Other companies can not be much better, than F-Secure. And F-Secure have a lot of things, layers, points or realizations - which will be better, than other have.

     

    But here a little be one point -> you should to use supported browser :) Internet Explorer, Firefox, Google Chrome.

    Can be workarounds - if you use "variant of" or "one engine/core" - such as blink/chromium-core with Opera and some other browsers (like Sleipnir). But... it will be not always work, it required your manual actions around. And just with some of them, which not use tricks by realization.

     

    With Supported browsers will be all as default or with common steps. And re-check/check settings, which F-Secure have. Here just "most important points", which not hard to read/think and choose "use or not". Each setting can be related with "specific" feature.

     

    IF you just mean any potentially unwanted applications, software like paylods by any installers/downloaders or toolbars or other. It's too differently... and related with a lot of "settings".

    Practically you will be protected against some of them... but more good - be care by your actions.

    F-Secure try to be very good around "less false-positives" and would to detected just certainly malicious things or too much suspicious (and close to spyware, riskware).

     

    Also system and browser should be up-to-date.

    Against some of exploits, which can be for "outdate" version or without some of critical updates by Microsoft (or browser).... can be some troubles... and F-Secure can to prevent just result (or potentially prvent).

     

    Also anyway.... does not matter that F-Secure have high-quality software and high-level protection.... 

    you should be worry (a little be, because by design with F-Secure - you should be worry-free) and always think, when something goes to be strange.

    And potentially something can goes to be wrong.... and it's can be with any protection-software.

    -------------------------------------------------------------------------

     

    III - Probably you should to create setting for that and it should be supported mail-client.

    Potentially it will be all like you want - if it will be known malicious things.

    Can be situations, when you receive something "not nice", but it will be known for F-Secure just after "a day" (like example). But here.. can be "re-detect".

    Current layer - enough good with F-Secure, but can be better. And probably F-Secure can to create "around that" something better.

    -------------------------------------------------------------------------

     

    Potentially you able and maybe need to install something around "additional" - but it related with your style of use Internet and other. Here can be a lot of variants, but totally good variants.. which can be certainly always helpful - still not created (for my opinion) :)

    Most things like addition for F-Secure - can be not really nice or can be "too much". But.. here can be a lot of interesting things like addition. And can be related with various background: "which browser" (if around ADs) - if it just one browser in use. And etc.

    -------------------------------------------------------------------------

     

    Sorry for long reply... and sorry if I wrong understand your questions and give wrong "words" about it.

  • NikK
    NikK Posts: 903 Forum Champion

    Additional comments on "Stop Unwanted software being installed whilst browsing"

     

    I suspect you are logged in as Administrator which can be dangerous if you don't configure Windows properly. Check out my previous link on Running as Administrator.

     

    Another great step in preventing "Drive-by downloads" is to make sure you don't have any old and vulnerable program versions installed that can be exploited. I recommend the free Secunia PSI: http://secunia.com/vulnerability_scanning/personal/  and that you run it at least once a month, preferably on "Patch Tuesday" (to prevent "Exploit Wednesday")

     

    To stop zero-day exploits (not yet patched vulnerabilities) I recommend http://microsoft.com/emet to advanced users. For others you could try http://www.malwarebytes.org/antiexploit/

  • NikK
    NikK Posts: 903 Forum Champion

    And also for Windows, make sure you have the F-Secure Deepguard settings turned on, except the "Use the compatibility mode":

    http://community.f-secure.com/t5/Security-for-PC/How-can-I-edit-DeepGuard/ta-p/30316

     

    DeepGuard is the Host-based Intrusion Prevention System of F-Secure's security products. A proactive application monitor and behavioural analysis system that also does file reputation checks before an application is allowed to execute. 

    It also has exploit interception that keeps some applications "under especially close watch", like Java, Adobe Reader, Microsoft Office. And document types like Microsoft Word and Adobe PDF. 

    http://www.f-secure.com/static/doc/labs_global/Whitepapers/deepguard_whitepaper.pdf

     

  • Deesale
    Deesale Posts: 5 Observer

    Thank you NikK - you gave me three answers vcovering the full range of my query and they were excellent. I've implemented them all. One of my main problems has been receiving susupicious emails most of which I deteled but the odd one I opened up and ended up with tracking trojans on my system that were difficult to remove and I'm still not certain I got risd of all of them!

     

    Thanks again

     

    Deesale

  • Deesale
    Deesale Posts: 5 Observer

    Again NikK - thanks a lot - I had all the PC's on our network set up as administrator - changes them all now - great advice. thanks again

     

    Deesale

  • Deesale
    Deesale Posts: 5 Observer

    Thanks UKKO - some great help - I really appreciate your assistance

     

    Thanks again

     

    Deesale

  • NikK
    NikK Posts: 903 Forum Champion

    You're welcome, Deesale!

     

    If you suspect you still might have "malware" I recommend you to scan with other products:

    https://www.malwarebytes.org/antimalware/

    http://www.microsoft.com/security/scanner/

     

    Malwarebytes Anti-Malware also scans for PUPs - Potentially Unwanted Programs.

     

    Regarding running as Administrator, I've just updated that thread with important information in case someone misinterprets my advice. My advice was to make sure UAC is enabled and set to max.

  • Ukko
    Ukko Posts: 3,727 Superuser

    Hello,

     

    Also I can to add/say some of next points (sorry... not found "where spoiler-feature"):

     

    -> if your system (Windows 7, Windows 8 or Windows 8.1) and you prefer to use Internet Explorer (10/11);

    Here can be a lot of variants for protection against pop-ups/banners/add-ons in common meanings.

     

    Usually enough to re-check settings about "security-settings by Internet / Trusted / Not Trusted / etc." - where able to choose something, which you think "can be understandable for you" and which can to prevent against "potentially risk";

    How it already was -> Activex filters / Pop-up Filters.

     

    Also for your privacy able to re-check setting around Cookies (create higher level, where will be blocked third-party cookies and etc.).


    Also not bad if you use SmartScreen with turn-on status. And some of "advanced" settings, where able to check situation around "always verify valid-status for certs" and etc.

     

    It's all goes by "default" without any new things. Just need to open settings of browser and get time (it's can be minutes, hours) to read each "available" settings and if you sure... and understand... what are you try to change and it potentially goes to "high-level of security" -> better to do that.

     

    Also.... like addition for protection against Advertisements (most of scam, trash and other unwanted) -> Internet Explorer should be with "accelerators" about " against tracking". Here you able get "lists/collections" of known "strange banners/ads/other" - which will be filtered.

    Or you able to create it by your dreams about "what need to blocking/filtering" - it's can be helpful too.

    Potentially - it's a little be better, than addons/plugins. Because can to work more speedy.

     

     

    Also Internet Explorer 11 can be with "turn off" status around EPM - its good feature... and able to check it on "advanced settings"-part. Where can be another good things too (which can be "turn off" as default).

    ------------------------------------------------

     

     

    But also need to be ready for next facts:

     

    - with all (most) of that steps (include all from that topic and all other, which here not noted)...  potentially created situation, when something will be work with wrong "design".

    Any websites, applications, any features on websites or it will be create new steps for you.....  during common steps. Which can be not nice.

    It's mean -> potentially it will be hard to use Internet, system and etc.....    but -> in fact... it's not really hard with common actions. And potentially it better, because you can be with some kind of better protection.

    When something goes to be hard - just.. current place, application, website or other... not really perfect-design. But Microsoft more think about users... and create "as default" -> "can be less protection, but for users less troubles with use anything".   Some companies work with same style.

    So, it's mean... usually "as default" will be not always best-level of security/protection, but you always able to create it more better with default-steps for that. Just potentially it give for you... more steps.. but it better - if you use something critical, which important for you.

     

    - but.... it's not mean.. that system/browsers and other can not be exploited in some situations.

    But most likely - all will be OK.  :) Just need to remember - that you should to "rule" your "security-car" for normal situation and just with "certainly and totally good places" can to use "worry-free".

    -------------------------------------

     

    Also about Potentially unwanted applications and related things.

    I can to recommend to use "Nod32 Online Scanner" for checking.

    Now they have more aggresive-status for that kind of software. And they detected more things, than Malwarebytes. And Online Scanner not needed to have on system always - but they use "local"-space for scan and databases, which able to save after that.

     

    But you should to understand.... that they too much aggresive with that.. and here can be a lot of false-positive-points or things, which not active in your system. And can not be active. :)

     

    Also... No32 not bad with detection for "malicious" things. Which can be enough - if you need to "double re-check for status in your system" and their online scanner here some kind of nice realization for "time to time" using with "most worry-days". Like main software - Nod32... not really nice already.

  • NikK
    NikK Posts: 903 Forum Champion

    Good advice Ukko!

     

    Regarding Internet Explorer note that UAC is required both for Protected Mode and Enhanced Protected Mode(EPM - 64 bit).

     

    Personally I use IE's concept of Trusted Sites which is set to Medium-High, while I have the Internet Zone set to High + Block All Cookies. It's a great protection but can be difficult to set up for some websites. For example to get this community to work with all required javascript I have to allow *.f-secure.com + fsecured.i.lithium.com  I use F12 Developer Tools in IE to get help on this but I would only recommend it to advanced users.

     

    Or/and you could use multiple browsers with different security settings. So when you "google" and don't know what site you might end up on, you use the browser with the maximum security settings.

     

    Another advice is to use alternative DNS servers and not your default ones provided by your ISP. You either change this in your router to cover all your devices, or in the network settings for single devices. You could for example use OpenDNS or Norton ConnectSafe to get extra protection from phishing and malware sites.

This discussion has been closed.
Feedback on New Design