Help with some choices to beef up security

Hi all,

After recently cleaning my system of a few things, and doing a fresh format I would like to beef up security.

Currently I am using COMODO free firewall(set on custom policy), NOD32 AV, and spybot s&d with sdhelper and teatimer enabled.

On demand I have installed: Superantispyware and asquared free as of now. Also run Ccleaner to wipe cookies only basically every so often.

I was thinking of buying superantispyware for the realtime protection, would that be my best option? If so should I then disable spybots realtime (sdhelper and teatimer) as I don’t want to bog things down too much.

Or would there be a better option?

Appreciate any help.

 

I'd say your current real-time protection is fine and you have additional on-demand scanners which is good. If you still feel a need to add something, I would consider removing spybot and installing a behavior blocker or HIPS to replace it. Threatfire for example is very easy to use and would improve your protection.

 

This is just my opinion, so please do test and see what works best for you. You could get 20 replies with 20 different configurations.

Comodo FW and NOD32 AV, assuming you are leveraging D+ protection with Comodo, is good for many as the sole protection. If you feel the need to add more security, I would add Sandboxie for your web browsing and use some of the config tips here to really lock it down. Defensewall may also be a good option for you if you don't like SBIE.

I would uninstall Spybot S&D, I personally think it has passed its prime. You can stick with SAS on demand, no need for dual real-time scanners.

 

yep that's what i would recomand too. And besides i don't think you need SB

 

As an overall antispyware tool, IMO, Spybot Search & Destroy provides a great protection, if we consider it offers both prevention and detection. Prevention by adding preventive measures within the browsers (IE, Firefox and Opera) and place bad domains in HOSTS file. Detection by detecting malware based on it's signatures.

I would keep it. To have or not TeaTimer enabled is up to you, but I keep it for it's preventive measures.

Considering that NOD32 is a great antivirus, which also includes antispyware tool, Spybot will be a great addition to that. Make sure you add Spybot to the exclusion list in NOD32. You'll be fine. That is, if you do install Spybot and keep TeaTimer.

Also install SUPERAntispyware Free Edition and Malwarebytes Anti-Malware only as on-demand tools. It won't hurt, if you feel you have the need for such.

About, Comodo, well, I used to use it until Comodo Internet Security suite came out. It is way too buggy (Comodo, IMHO is wasting their programmers for other tools such as Registry Cleaners, Tweak tools, etc., and turned a great firewall to a total mess.) and it has already left me out, completely, of my system for a few times. I had to press the shutdown button of my computer and reboot in Safe Mode to uninstall it and get back the control of it. (Not saying it will happen with you. Just saying what happened with me.)

Perhaps you could also use your browser with Sandboxie or DefenseWall, or both, as I already have seen in one other thread (https://www.wilderssecurity.com/showthread.php?t=229691)

Also, which browser do you use? That's the first thing one should know how to protect the best way possible. That will prevent most infections, unless the user is careless.

Also, do you use a HOSTS file? It will prevent you from accessing bad domains, hence preventing you from getting infected. Just another layer of protection. Perhaps, a customizable HOSTS file would be welcome. I, personally, am blocking more than 600.000 entries. You just need to keep it up to date, so that non-existing domains won't still remain in it.

 

Just be careful with that. I once had around 50.000 entries and my PC would boot up in like 10 minutes. All those entries really can slow down your PC.
I prefer some sort of extension that might warn you of fraudulent or malicious websites. Like WOT and sitehound.
To the OP; please read this, it will probably help you allot https://www.wilderssecurity.com/showthread.php?t=229430

 

I appreciate the feedback, but I'm using a customized HOSTS file for a long time now, and I never noticed any slow down. The system boots up normally, actually.

Actually, two of my systems, which run Windows, both have the same setup and one has less memory and less processor capabilities, and no problems at all.

I use LinkScanner Pro, as well.

Regards

 

IMO, Looks great! If your using Defense+ in Comodo Firewall and need helping using it, let me know.

Each product that Comodo has, has their own team. There is not 100 of the same developers working on 7 different products including Comodo Internet Security. CIS Team alone has 110 developers, And ANOTHER 10 or so developers for it's Registry Cleaner (Now System Cleaner so developer number is probably more now). As both products are new, (Antivirus in CIS & Utility tools) give them time to grow. It's very useful very software to millions! Comodo has well over 250 developers overall, + the 60 Analyts on top and they are very lucky to have such a sizable R&D for each product.

If you like... I can help you diagnose your past issue Here through a new topic, or at the Comodo Forums, Remove-Malware.com forums or through a PM, whatever suites you and will be more than happy to help solve your issue. Pls let me know I will be more than happy to help you.

Cheers,
Josh

 

Hi Kevinz and welcome to Wilders!
Nod32 is a very good av. So you're good with that.

Comodo FW. If that's what you're using I'd turn on the Defense + with Hips. Adds some very good protection.
By the way, it has been trouble free.
Mines on Clean PC mode.

I'm with the crowd that thinks Spybot has seen better days.

Keep SAS free and add Malwarebytes' free for on demand scans.
I use them maybe every two weeks but never find anything.

One last thing.
Add some type of backup.
That you will not regret.
All the best, Dan

 

Thanks for all the replies. I've been reading posts on the forum for hours and trying to learn more.

Well I still use IE7 out of habit, but try to use firefox more often. I use Roboform a lot, so that rules out opera for the most part.

I do have the mvps.org hosts file in place right now, which did slow things down a lot until I disabled the dns client. So far so good with it though

 

Thank you very much for the offer for more help. I do have Defense+ set, currently in Safe Mode. I must admit though I really am not entirely sure what I'm doing with it or what settings I should have to suit my needs.

As for my past issue, wasn't sure exactly how I got it or even what I had. It appeared that somehow I did get a keylogger at some point though. It has since been cleaned and I'm on a fresh format now. So no worries there, I'm just trying to do my best to prevent getting anything again

The sandboxie approach does interest me from reading the forum. Also the more I thought about it, I think I am going to at least turn off the realtime applications running from Spybot. I had that running last time and it never found anything, or the searches. But when I did a scan with SuperAntiSpyware it found multiple things. If anything it seems like it would be better to get the Pro version of that for it's real time protection over Spybot. Still reading the forum though before I buy anything else

Thanks again to everyone.

 

Have you determined yet how these "things" got on your computer ? You need to work out what *you* were doing wrong before getting sucked into software as a solution.

 

Running Defense+ in Proactive Security Configuration will Prevent 99% of malware out there.

Cheers,
Josh

 

I really have no idea, or have any idea how long they were there. Wish i did, but once i saw they were there i just wanted to get it cleaned as fast as i could.

Thanks again, I'm not exactly sure what proactive security conf is. I have it set right now on "Safe mode" and the only other option I have changed was checking objects to monitor against direct access keyboard. Is there something else I should do with its setup to get the most out of it?

Thanks

 

I do agree with you. But, you're missing something there.