Am I Protected?

Hi, Currently I'm using the following, please rate my level of protection (1 bad - 10 excellent) feel free to advise:

ZoneAlarmPro
PC-Cillin "Only Anti Virus portion installed"
SpywareGuard "I'm not sure this is working as I've not seen a 'red alert'
since ver. 2.2 first came out!
Spywareblaster 3.4
Spyware Programs include: AdAware, SpyBot, Microsoft, CA PestPatrol, &
Bazooka, & Microsofts Malware Tool
Also I set IE 6: tools > privacy > advanced to:
accept 1st party cookies
block 3rd " "
session cookies - allow

And a "NAT" from Netgear router

Also GRC.com says all ports "stealth" also did from GRC unplug & play, shoot the messanger, & leak test.

Again SG has not done anything for greater than one year & I've had a few spyware, which one of the above mentioned progs deleted. Does Panda's TruPrevent do or work the same? Should I replace SG with TruPrevent?

Thanks

 

I would give you about a 6. You have a barely adequate security set up IMO. For one thing I would stop using IE and switch to either Firefox or Opera for your main browsing needs. That will cut down considerably on your chances of getting more spyware. Look around the forums, it won't take you long to realize what the saying "running a tight ship" is all about.

 

You may want to take a look here. As well there are discussions on security software here and even more here.

Hope this helps...

Let us know how you go.

Cheers

 

Hi, a 6/10 rating is actually pretty harsh imo, it's probably an 8/10 setup, but people on these boards tend to like incremental protection (ie boosting 9.2/10 to 9.5/10 etc).

Much depends on your surfing habits, and whether or not you do internet banking/online shopping. If you do the latter, you definitely want top notch security.

Your AV isn't the best : See http://www.av-comparatives.org/ for detection rate comparisons (although other things to consider in an AV are resource usage, compatibility, and speed of scan)

However using an Anti-trojan with your current AV would significantly increase your security (there are some free ones out there like Ewido and A2). Other AT's include TDS-3, TrojanHunter, and BoClean.

Switching to Mozilla Firefox would be a good move (it's a free opensource browser with less vulnerabilities than IE), but you will still need IE to browse some sites.

You anti-spyware apps are fine.

If you want to try non-signature based protection, Process Guard, PrevX Pro, Reg Defend are all good options. A combination of PG/RD or PG/PrevX is used by many here.

Panda's TruPrevent is a nice product, but the last test I saw on it, showed it to be about 2/3 effective, which isn't to me isn't quite good enough.

The other thing you may want to consider is using a HOSTS file.

 

Hi & Thanks Vikorr

Since your last post I've installed:

1. TrojanHunter (paid app)
2. IE-Spyad

I'm checking out process guard & reg-defend. PG seems like it can be troublesome with ZA & TrendMicro. With my newly added, how important are PG & RD? I do shop online & bank etc.

Also do you have info. about SpywareGuard 2.2. I've had this for more than one year, and have only one message in logs, and that was about Google Desktop. Other than that nothing from SG. I deleted SG & re-installed, then deleted its lone log entry. Note during the time SG is/was active, my spyware apps have not detected much spyware. Nor has SG given its red-alert.

Also note PC magazine June 2005, was/is very impressed with Panda's TruPrevent.

In my previous post I forgot to mention my malware arsenal also includes Privacy Guardian & Registry Mechanic both from Winguides. Privacy Guardian cleans MRU's and the like.

Also as one of the replies listed low/med/high protection. Listed CD burners, backup software, etc. I should also have listed my UPS, battery backup.

Old score 8/10 new score ?/10

Anyway off to visit ZA & TrendMicro's knowledgebase for issues with the other PG

Thanks again, chat with ya soon.

rico

 

Here Is another great free tool http://www.getfirefox.com

 

Your new score is 7 1/2 out of 10. I am somewhat worried about just a few things I am reading between the lines here but developing some new habbits will bump your score up again.

1. You seem to be trying software faster than you can shake a stick at. Sometimes a good thing and sometimes not.
2. Since you seem to be on an installing craze I will assume you are always signed on the 'Administrator' account.
3. I am worried that you have not setup IE to disable downloads, active x, or java...

Your spyware score is 9.5/10 - With a few tips it could be 12/10

1. Get rid of SpywareGuard since you have all of these...
AdAware, SpyBot, Microsoft, CA PestPatrol, & Bazooka, & Microsofts Malware Tool

I would turn on MS Antispyware's resident spyware scanner instead. Do you have 2 resident spyware scanners on? (SpywareGuard & MS AntiSpyware). The one from MS would serve you much better but 2 is probably a waste...

2. In Spybot first update it fully then go to the Immunize tab on the left. Click '+ Immunize' (It adds entries just like SpywareBlaster does)

3. Switch to Firefox or Opera. Since I'm prejudice and Firefox is of course the safer option despite security advisories that beg to differ I can only offer suggestions for it...

- In the URL address bar type

about:config

>> hit enter >> in the box named filter: type

refer

>> select network:http.sendRefererHeader >> Change the value to 0
>> click OK

Next go to Tools >> Options >> Privacy
History = 0 days
Save Form Information = uncheck
Remember Passwords = uncheck
Cache = 0
Cookies = (explained)

There are 2 ways you can go about cookies.

a) (the way I do it) Uncheck all and whenever you want a cookie you must go to this panel to

select exceptions >> type in the domain name like

wilderssecurity.com

>> click allow >> click OK.

[The reason I do it this way is because the only cookies I like to have are the various forums I visit and the emails I check. Nothing else really matters that much to me. I don't really want any other cookies save for a rare one here and there.]

b) (Sinbad370's method) which is to check all the boxes and then select the option 'ask me everytime' for keeping cookies. Everytime a cookie pops up it will ask for allow, allow this session, or deny. Usually most folks click allow this session.

When all your privacy settings are set click OK.

>> Click Web Featuers
uncheck the following... Allow websites to install software, Java, Javascript
>> click OK

Take a look at TDS-3 since you can get it free pretty much... Best Trojan scanner out there and don't forget to download the update signatures which come out everyday. Freeware requires manually doing this.

Set up a limited passworded account and use it when not installing all your fun software toys. A hard habit to get into I know... When under your limited account you will not be able to install programs but again so won't other malicious programs...

I would also look into getting a second AV perhaps... Maybe NOD 32 for not all AV engines scan the same way. I hear NOD 32 leaves a light footprint and is good in heuristics.

 

Firewall: Good
AV: Good
Anti-Spyware: Excellent
Anti-Trojan: Excellent

8 out of 10.

I would stick with MS AS, Spywareblaster and Ad-Aware for antispyware. I would probably ditch the rest.

Instead of installing a backup AV, I would download Microworld AV and do a weekly scan. Actually that's what I do.

Microworld AV:
http://www.spywareinfo.dk/download/mwav.exe

 

You have a nice setup, not the best - but definitely not the worse.
The only thing you need to do is change from IE to another web browser then the need for those spyware programs would be less.

You may also like to implement a limited account that you use for everyday use. It is not hard to transfer - it is a simple as copying and pasting your existing windows program into another one.

 

Hi Rico

If you decide to stick with IE, then have a look at this site, which is great for other anti-spyware info http://www.spywarewarrior.com/uiuc/main-nf.htm The recommended IE settings are halfway down the left hand column.

IE-SPYAD is a nice bit of extra protection, I forgot about. The site above is from the same guy that produced this product.

I would go with MSAS rather than SpywareGuard 2.2. MSAS does much more, and there are some problems with cleaning spyware if you run two real time AS monitors <spywareguard is a nice program, and was very useful when no other AS's provided real time protection, but seeing as MSAS does this now, it's fairly redundant>

TrojanHunter is a very good AT, one of the best. Privacy Guardian and Registry Mechanic don't provide much 'protection', rather they eliminate traces of your computer habits and clean your registry respectively. You may want to try regseeker (free) as your registry cleaner...I used to have Registry Mechanic a while back, and I think you'll be surprised at the difference.

Panda TruPrevent is indeed impressive. It's forging new ground in the anti-malware field, so a 2/3 detection rate is pretty good <remembering that the best AS detection rates are only around this mark, and it'll work the same against Virii too>. The good thing about this program is that it 'should' get better as it gets older (with more research and updates of course). However, I've found that since I've had the PrevX Pro/Process Guard combination on my computer (about 3 months now), no spyware at all has installed onto my computer...however this is just my preference, there are other ways to achieve a similar result.

Oh, and PG and ZA don't have any conflicts (I use both). PG does take a bit of time to work out...it's not difficult to learn or understand...you just need to be prepared the first time around to spend a bit of time looking up up what *.exe's are running on your computer (as PG will flag them from time to time). Once it's properly set up its a very quiet security application. And If you ever need to set PG up a second time it's a breeze (though that will still take a bit more time than setting up something like an AV)

 

Using these metrics, my system must result in a score of, say, 3/10. My windows2000 system is equipped with Avast! Home. Adaware is used for cookie hunting. That's about it for detection and prevention. O, just forgot to mention my linux gateway server...

My security policy is somewhat different from most others here. I try to do away with vulnerabilities and I practice a little bit of Safe Hex. And sofar nothng has happened to my systems in two decades of personal computing.

And to keep that track record I use even less security tooling by running linux desktop. And yes... I can do all of my work without messing about with security scanners and closing down my registry. Would the risk of using linux grow if more people would use it? I don believe it one bit, but lets not start a religious discussion here...

So, perhaps my windows system is a 3, my security level is more than adequate.

 

Yep, I've known people who only visit a select number of known and trusted sites, and they don't get malware, even with minimal security applications <and that only makes sense>.

Of course most people who visit these forums do so because they've otherwise had a problem; they're security conscious with reason; they download programs; and/or their surfing habits are risky....basically they want to use the net as they wish with as minimal risk as comfortably possible

Then there are the ones that go the DeepFreeze / ShadowUser route.

 

Vikkor seems to have left out a very important point on why some people use the KISS principle and yet remain untouched, while others like me run a shitload of stuff and still get hit.

Meneer is a security pro! Most security pros I know run a very minimal setup too.

 

Poor old IE and OE keep getting the finger from those non-users with regard to Viruses, Spyware,Yada Yada....all this "You must use Firefox...you should have Mozilla etc., etc., or else your OS will be overrun with whatever disaster might be out there in the Ether.....I've had OE and IE for three years now...been just about everywhere on the Net without a scratch...(Configuration is the Thing)....so not being nasty or anything, I can't wait until these other so called 'Safe and Secure' Browsers get smacked by some deadly Germ, just so I can hear the screams of anguish from the supposedly 'I'm alright Jack' Fraternity...


Cochise

 

I also use trend micro internet security 2005 and I have never had a problem with processguard and TM compatabilities, they work just fine together.

bigc

 

Hi Rico,

Your setup is, of course, much above average and depending upon your surfing and email habits, should be sufficient. However, if you asked me whether I would be comfortable with such a setup, based upon my personal experiences (cleaning my own machine and those of my friends), I would say no, I would not be comfortable. For example, just recently, one of my friends had her machine infected pretty badly and she was running the lastest version of PC-Cillin with the latest database updates.

But this is all a matter of personal experiences and preferences. If you have been recently infected, you may want to re-consider some of your choices. If you have been pretty clean and are just looking to see if there are any major holes, then I would say you are doing quite well.

Rich

 

Hi, Thanks for the comments! This kind of started with SpywareGuard, just sitting in my system tray & never doing anything. Recently I got "antivirusgold" then "mediamotor" SG had nothing to say about those pests + I read PC Mag. & they were quite excited about "TruPrevent" another heruistic app.. I thought about replaceing SG with TruPrevent. But before buying I visited Wilders & posted to see where "Am I Protected"

You mentioned PC-Cillin, the only thing I use from them is the AV. I don't recommend anyone using the rest of there apps. I guess AV's probably are for the most part pretty equal. I say this because going from one major magazine to the next, each will have a favorite or best, which probably won't match the other magazines favorite. Perhaps buying a name brand, & just keeping it updated & running it, is whats important.

Any comments on spam protection, currently I use "InBoxer"

 

Ok this seems to be the best thread to post on at the moment. If I'm wrong I apologise.

I am obviously not protected as today I received an email saying that an email that I had tried to send earlier could not be sent. Trouble was I had not sent the returned email and it contained objectional material. I am no computer expert so don't really know too much. This is what I do know.....

I have the free version of Zone Alarm
I have NOD 32 virus protection
I have SpyWare Killer
I think I have the ActiveX thingy on coz I get those yellow bars at the top sometimes and have a popup blocker on.
My computer flicked when I put it on a couple of days ago which I've heard can mean someone is piggy backing into your computer. (Don't know if that's true )

I'd really like some advice and help please...

mezz

 

Hi,

I wouldn't worry too much about the email that was returned. It happens to me a lot. Someone most probably spoofed (forged) your email address and used it to send some malicious email. It happens. It doesn't necessarily mean that your own system has been compromised.

But if you are interested in more security for your system, I would possibly recommend that you add a real-time anti-trojan (e.g. Ewido, BOClean) and if you are not using FireFox, I would recommend it as your browser. Just a couple of quick ideas.

Rich

 

Ta. But can you tell me where to find those programs for download.....

 

http://www.nsclean.com/boclean.html
http://www.ewido.net/en/
http://www.mozilla.org/products/firefox/

 

Ta, going across now.

 

SG is overrated. People like it just because it's free.