HI !

I use resident : AVG v7.0 Pro
Anti-trojan v5.5 (AT-watch)
SpywareGuard
Zone alarm Pro 4 with web filtering
Script defender (analog X)

I use On demand 1 time in 2 weeks : The cleaner (full)
Ad-aware 6
Spybot
MRU blaster
Spyware blaster
Trend's micro online scan

-I run AVG 7 and Anti trojan v5.5 for a full system check after every update.

-I have my firewall configured good, i guess (gives 100% stealth on all known online checks)

-My browser settings are verry restricted.

-only use hotmail as email client (online).

-never open unkown attachments from mail (hotmail uses MAcafee but i also like to upload the attachments to Kaspersky's online file checker)

I use the "Twofish" encryption method to secure my important data.

Johny

And, I assume you run regular checks for security updates?

KAV & NOD32 are probably better choices for Anti Virus as AVG does pretty poorly in tests such as Virus Bulletin.

Your Anti Trojan software could be improved, TDS3, Trojan Hunter & BoClean are generally recommended on these forums - You can see by my profile that I use TDS3, Worm Guard & Port Explorer so I may be somewhat biased ;D

With firewalls, as with many other programmes, what you feel comfortable with is important. ZA, Sygate, Outpost & Look n Stop are all very capable firewalls.

The best and worst security usually sits on your shoulders ;)

Try closing down scripting host facilities and the ActiveX capability of you browser. Latest vulnerabilities are related to these design flaws. Or move over to non Microsoft tools for even more security.



I hate ActiveX sites :o
I'm gonna boycot these security threatening environments 8)

I thought that Grisoft did a realy big effort to make Avg 7 better.

They included integrity check and stronger heuristics, and more packer (archives) support.

I know detection of AVG 6 was sometimes bad, but i'm sure they updated there kernel (V7) , so it can be compared to the big boys, so to speak.

Also there support (for payed version) is really fast and good.

btw : meneer, I use script defender (from analog X) to protect me from malicious scripts. (also ZA4 PRO with webfiltering will defend me), i hope....

JOhny

-{ Quote: " quoting: johny23 link=board=24;threadid=13425;start=0#msg85804 date=1062896769]btw : meneer, I use script defender (from analog X) to protect me from malicious scripts. (also ZA4 PRO with webfiltering will defend me), i hope....

JOhny" }-

Still trying to find the applaud link ;D ;D

I would have to say that compared to the average pc user, your system is very secure (keeping in mind, of course, that the average pc user’s security is pathetic). By the way, SpywareBlaster is not an "on demand" program.

Acadia

-{ Quote: " quoting: Johny23 link=board=24;threadid=13425;start=0#msg85728 date=1062871322]
Anti-trojan v5.5 (AT-watch)" }-

This could not be considered as serious anti trojan protection in my opinion. Read more about the weaknesses of Anti-Trojan in this threat:

http://www.wilderssecurity.com/showthread.php?t=8965

wizard

well, after reading in the forums about Anti-trojan V5.5 some say it doesn't unpack or handles archives (I believe Wizard said it)

But according from there features list they DO know alot of archives ? (on demand) :


Port-Scan

Here all port of the computer are checked whether a trojan is active. This port scanner checks in contrast to the online check all ports, not only well-known trojan ports. Note: There will be no trojan removed, only open ports are shown.


Registry-Scan

With this procedure the system is submitted to a high-speed check. There will be checked the system-registry an known filenames of trojans. If a trojan is identified, it will be removed.


Disk-Scan

This is the most important search method. Whole drives (or directories) are searched for trojan files. Each file is checked on the harddisk. With larger harddisks this search can last somewhat longer. As appoximate value we checked 20 GigaBytes in approx. 30 minutes (approx. 170,000 files). Anti-Trojan also checks packed archives of the following formats: ACE, ARC, ARK, ARJ, CAB, DWC, PAK, ?Q?, GZ, LBR, LHA, LZH, RAR, SFX, TAR, TAZ, TGZ, Z, ZIP, ZOO

-{ Quote: " quoting: johny23 link=board=24;threadid=13425;start=0#msg85885 date=1062928802]
But according from there features list they DO know alot of archives ? (on demand) :" }-

When I am talking about packed malware that refers back to runtime packers or crypters and not to archive packers like zip. This is something completly different.

Archive unpacking is a nice to have feature but it is not necessary from a 'security point of view'. But unpacking of runtime packed files is. Because a runtime packed file changes the binary structure of the file and therefore it is an easy method to hide a file from detection.

Any AT program that has no answer to runtime packed (backdoor-) trojans wether it is unpacking, memory scanning or whatever can be considered as nearly useless.

About the other two scanning options: Port scanning is somewhat unreliable because a each port can be used by each program and also most modern backdoor trojan kits allow the trojan to use each port they want. Best example is port 5000 under WindowsME. Anti-Trojan will identify this as a trojan but in reality it is just a regular Windows service that keeps the port open.

Registry scanning is also not enough. There are other ways to autostart programs than you the registry. So just to check the registry for autostart entries only is not enough...

Hope that explains it,

wizard

Hi Johny23,
Question for you..have you ever been infected with a virus. trojan or worm?

If so which ones if you can remember.

To pimrose :

I had the luck from never being infected (so far)

Although i got some virusses and trojans from using p2p networks.

But they always got intercepted before executing.

I scan every download with AVG7 and Kaspersky online (if the file is not to big) and also with Anti trojan V5.5 BEFORE double clicking or unpacking the file, music, video etc...

If the file is indeed a malware, i just press the delete button, and it's gone to the recycle bin :)

Offcourse if i didn't took (take) all these precautions, i can say i could have been infected countless times and a reformat could be daily work.

Mostly with typical Kazaa virusses etc...(nothing really bad)

These days 70% of the stuff found on P2p is malware. especially on Kazaa (lite).
Johny

To Accadia :

It's correct that Spywareblaster is no real "on demand" software.

but in a way it is...I mean by this, that you have to run the update yourself (on demand) once in a 1 or 2 weekly period to keep safe and updated.

Sorry for not being so clear in the first place. But for a Dutch speaking person, it's sometimes hard to find the correct words.

regards,

Johny

-{ Quote: " quoting: johny23 link=board=24;threadid=13425;start=0#msg86580 date=1063193003]
Sorry for not being so clear in the first place. But for a Dutch speaking person, it's sometimes hard to find the correct words.
" }-

That’s OK. It’s like I told another one of your countrymen in another thread, you can speak English one hell of a lot better than I can speak Dutch. Take care.