Is running a million security programs necessary?

In other words keep it simple stupid. Keep in mind that lighter is better. Whatever slows you down isn't worth it.

 

The other day I loaned a flash drive to someone at work with some files on it. After they gave it back it was loaded up with a virus on it. Avira stopped it. I would feel really naked going without a av program. I don't notice any slowdown and the av is the only extra start up program I have installed.

I did come across some more threads when reading about the webguard in the premium version. Apparently some of the users here reported that in some cases avira didn't make a peep without the web guard.

I can understand the hobby aspect of it. Its fun reading about all this stuff. However I'm not in the tinkering mood all the time and thats why I'm looking for something solid, easy to use, and free so I can install it on mine and family's computers without the worry of renewing licenses.

I've decided to stay with avira, malware domains sub, and use the mvps hosts file. I just have to remember to update the hosts once a month. When there ever comes out a truly great all in one program I would gladly purchase. For now running windows in a virtual box within ubuntu sounds like a great idea. If most of you guys are really into security why aren't you using linux? I'm not trying to sound like a advocate here but at the moment it looks like the best option.

 

Q) Is running a million security programs necessary?

First ask yourself, when you dont have any antivirus software, how often do you get infected?
If you answer is everyday, or once a week, you are doing something very wrong!!
Remedy that first.
Change your browser from ie to ff.
Use the no-script extension.
Scan the files you download with an antivirus scanner.
If your infections are mainly coming from usb sticks, install usb disk security and kick your autorun.inf infections goodbye.
There is a simple solution for every situation that you get yourself into.
I dont even run a real-time AV, and i have defensewall but i have it turned off (yep, too noisy, but i like it otherwise)

If you have a firewall with inbound and outbound protection, and are running firefox with no-script, you are good to go, if you are me.

 

DefenseWall is not noicy buddy in fact is very silent operation

 

Lebowsky,

Increase your security say at least 1000times:
a) chance FF to IE or preferably Chrome/Iron/Chromium
b) enable DW

Facts on FireFox
1) saves plug-ins in the admin space (this incredible design flaw is the reason DW might warn you)
2) has no signing of plug-ins (even IE now has checks on signed binaries)
3) with modern OS-ses it runs with higher rights than f.i. IE or Chrome

On the second day of Pwn2Own hackers did not even bother to try to crack Chrome. Can you imagine how hard it is to crack when you put a second policy HIPS at guard like DW?


Have a read on the Chrome V8 engine, its hidden classes, sandbox and translation from interpreter code (java script) to machine code, not only increases speed and data integrity but also reduces vulnabilities with say 60%. When you feel naked with scripts (as a matter of pshychologic detoxication) disable JavaScript in Chrome (it is a default option, you can enable it selectively for certain sites).

Happy surfing

 

I get infected around a hundred or so times a week using a full blown admin account.

Good fun actually!

 

I just installed sandboxie. Seems to be very easy to use. I might put the paid version on some of my security illiterate family's pc and force everything to run sandboxed.

Anything I should look into for making it more seamless? Maybe direct access to cookies? I want them to be able to use the browser as they did before. This could be the idiot proofing I have been looking for.

thanks again for all the advice.

 

If you take the time to learn SB's capabilities I doubt you will ever surf without it again.

Throw Returnil into the equation and you have that extra "just in case" layer.

Images are a must have as well imho.

 

Infecting the spitting (ghost) image of a virtualised machine (PC 2007) on a virtualised (Returnil) drive in a virtual application sandbox(IE) which analyses all the malware's actions (Buster) to find a cure . .

.... and you are still getting infected?

Franklin, my friend do you want to talk about this imaginairy infection?

 

LOL, nah, not really but yeah sort of?

 

Nah, it dosent matter if i have dwall on or off, i just dont find my pc getting spyware or viruses at all, month after month.
The ocassional mbam and superantispyware scan always turns up nothing.
Its not like i dont visit porn sites, i do.
Default no-script blocks them, but you can view pictures anyway and allow videos with trusted streaming sites, as long as you dont install a 'codec pack' that they might off you,lol.
I got more dvdrips, movies, games etc than i can handle or have time to watch.
I use utorrent, limewire and use rapidshare & megaupload premium accounts.
I download ridiculous amounts of data, and never seem to get infected.

Im not saying i recommed my lifestyle of surfing for everyone, but its my taste, and you gotta be true to who you are.
The only reason i do not use Chrome regularly is because it displays all the flash ads etc. and i dont like going into the option to turn on and off the javascript.
If Chrome can have an extension like No-Script, that would be great!

 

I used to get viruses from ~Link removed~ and run them just for fun, but it got boring crashing my pc over and over again.
I think pirating is just more fun, and lets face it illegal which is always a plus.
Essentially, you gotta do what makes you happy. Online and offline.
And no i am not drunk right now. I dont drink or smoke. and no drugs.
I gotta stop watching 'its always sunny in philadelphia' though.

 

I think the layered security is good choice. If We plan it well we dont need to be afraid of any infection. In my opinion the best solution is HIPS or Virtual System, scanner like Malwarebytes on demand, and if We are intermediate users free antivirus like avast, avira, or any internet security package. This is a good security, only antivirus is not good solution.

 

you could combine a solid free antivirus with a hips/sandbox/virtualization software and you are set to go

 

That's right

 

I went through a phase of having a battery of anti-malware applications, almost everything from Spybot to a Prevx root-kit scanner. All I have now on top of my AV suite are SpywareBlaster, Windows Defender & SUPERAntiSpyware (on demand). I also use Opera & K-Meleon a lot which can easily be customised where you can toggle Javascript on or off. I think I'll be OK.

 

Lebowsky, good to see you're as relaxed as 'the dude' in your avatar . They say security is as much about making you feel safe as being safe, you're obviously happy with you're approach but I think like most things in life your set-up has to be proprtionate to your needs.

An oft quoted example is around your home. Would you leave your house unlocked when you go out because the chance of someone breaking in is slim? Might depend on your neigbourhood or what you had inside. Most would take basic precautions (to make sure no-one takes a leak on their carpet ) and increase that if they had valuable goods and/or knew the chances of break in in their area were high. OK most houses don't need a security gaurd, dog and helicopter surveilance but might consider good locks and a burglar alarm sensible precautions.

System security can be seen the same, most systems don't need the amount of products regularly listed in these and other forums but sensible precautions, although perhaps not entirely necassary, are responsible and proportionate. If you surf in murky waters and/or have something on your systems you can't afford to loose you might want to increase the protection. As I think most here know increased protection is not always provided by more and more products.

As for the OP, multiple products are fairly obviously not necassary but good AV, firewall and a sound back up strategy are sensible precautions for most I would suggest. Virtualisation and some form of software restriction via HIPS type products are important to me but I understand some feel those restrictive or unecassary but it makes me feel safer, so....

Lebowsky you keep on going man and long may your luck hold out!

Cheers

 

Thank you sir chris!

 

No

 

Sorry to keep bothering you guys. I want to secure a persons computer that doesn't care about security at all. I reformatted their computer several times. When their kid uses the computer I can hear avira constantly going off from the other room. The warnings don't mean a thing to them.

What would be the best set and forget solution for people like this? I'm to the point where I want to say sorry I can't help you anymore but they are family . As I mentioned before I thought about using sandboxie and forcing all browsers to run through it along with avira free. Lua wouldn't do anything because they would just click ok anyway.

thanks again

 

Online Armor? As I recall, once it's set it's pretty much done.

There's a run safe option that, I guess, is like LUA. If the browser starts in it, anything coming in has reduced rights and can't do anything - or that's how I understand it.

I haven't used online armor in a long time. No doubt it's much better today. I'm sure someone else and tell you whether it's as good as some of the other things mentioned.

 

Hand on heart...have never reformatted, yet! ... and a hard drive churning away would drive me up the wall.

 

Bro,if you can jack around with Limewire,and keep your machine clean,
Then I will sit in your Ashram,and partake of your wisdom,day by day.

No,really I understand what you say. My habits are pretty well the same.
So far,So good.

 

I kept mine "clean", if clean can mean having downloaded infected files, but never ran them and therefore did not get an actual infection. Brave move to use Limewire though, I've been to warez and keygen websites with less malware than that place. I pretty much live like Lebowsky, though these days my P2P is all but limited to music. Security software just wasn't worth the annoyances of bad keys, infected keygens, and the vendors ever-increasing ways of finding out you have a cracked copy and deny you upates. It's funny, I've NEVER been infected on a porn website, it has ALWAYS been through cracked software.

I stick to the free stuff these days.