i recommend using portmaster, its kind of extra firewall since windows default is shit. At least you’ll be able to see if something you install is connecting to internet and maybe even block it, though if you dont pay you get only 15min history data. Maybe it wont help preventing infections, but it might help mitigate damage and potentially reveal strange traffic, though i wouldnt count on it too much. Better than nothing at least.

Or if there is some other program that does the same but is better then go with that, just dont rely on default firewall imo.

I have a terrible laptop that I use just for banking, taxes, etc. so that I can use whatever I want on PC. If you’re really paranoid maybe put them both on separate networks.

Hello workgood@lemmy.dbzer0.com

Windows is malware, this is not a joke. Instead of getting frustrated, gettting yourself banned for ragebaiting, and making an alt, you should patiently keep learning how to use a computer properly.

Found great guides here, here and here.

And on a more serious note, the PC Security Channel on YouTube is great. I’d also implement a DNS block list, for instance Hagezi’s. Also, do not fiddle with Windows firewall and Windows defender, unless it’s in a hardening purpose.

Lastly, if you’re willing to spend money on it, I’d use a zero trust solution, which if you ask me is the future of online security for those that aren’t very technically inclined. For instance ThreatLocker has great reviews.

You’re mostly safe if you have windows defender on and don’t bypass it. Windows is shit in general but defender is pretty decent. Paranoid? So am I. Run any files through virus total or scan any directory manually with malwarebytes. Best you can do really.

Lastly, Linux and Mac can have viruses too especially if you use wine/crossover so caution there can be key

Edit:Linux and Mac not windows and mac

Yeah no offense friendo but windows IS malware, it’s not even an opinion anymore just fact. There’s more holes than in a guda cheese and antiviruses are just a grift.

If you really cant do otherwise have regular backup, reinstall often, try using a stripped down version, have hardcore firewall rules and so on

Idk. Don’t put your important information on the malware-ridden warez computer. Make backups.

You aren’t safe from malware and malware isn’t the only thing that can ruin your digital life.

Pretend like you’re setting up windows for your grand mother 600km away.

Windows gets a copy of suspect files? Yes please. Microsoft edge blocks connection if site is “dangerous”? Don’t mind if I do. Go into windows defender and turn on every single security setting. There are a lot of them.

After that, full scan when you go to bed every Sunday.

Check if your favorite app is available in Microsoft store and install from there if possible. Learn how to use kleopatra pgp and get the pgp keys from your developers and verify signatures when you download.

• Step 1. Upgrade to proactive security. Projects like HotCakeX’ offer a streamlined method of attaining it.
• Step 2. Commit to best practices. There’s a long list of this, but the short of it would be:
  • Uphold a strong backbone of secure software that has proven to be committed to safe practices.
  • Ensure that your system and/or software is always up-to-date.
  • Don’t visit unsafe/untrusted websites. Don’t click on shady/untrusted links.
  • Don’t execute untrusted/unsafe files. Especially not with administrator’s rights.
  • Sandbox all activities. So that even if you’re compromised, that the adversary can only access very little beyond the binary/program/software itself.

1. Always run as a user account.

Download from trusted sources (if it’s video games I recommend using cs rin ru forums since they have good resources on which sites to avoid for instance and repackers post there under game threads), that’s probably the biggest piece of advice.

If you want to be extra safe and don’t mind learning something more advanced than just double clicking .exe, look into sandboxing and apps like sandboxie-plus (can’t verify if it’s any good though from experience), as these will essentially isolate programs away from your filesystem and allow you to easily shut off internet connections it can make.

I haven’t used Windows in a couple years, but is Windows Sandbox still a thing? It was supposed to create a temporary, lightweight Windows VM specifically for testing untrusted software and such.