After scanning with MBAM, Kaspersky AVP tool, Norton Power Eraser, Hitman Pro, TDSSKiler and some others, I guess it will be pretty hard for a malware to escape from all these different radars. Of course I only do that about once in a month, or when I suspect of something. Other security strategies I employ include enabling Windows Firewall, AdBlock Plus, YesScript, SkipScreen and SpywareBlaster, scanning every new/unknown downloaded executable/compressed file in Virustotal and Jotti, updating software as soon as new versions are released, LastPass bookmarklets, sensitive file encryption with 7-Zip portable, general system tweaks/hardening, several backup strategies and common sense.
Well... those are other security strategies. I thought you were running bare. I scan with: gmer rkill emsisoft hitmanpro superantispyware tdss avz4 I still wasn't sure that my test computer hadn't been completely cleaned up.
Even if you had all soft in the world, you can never be sure and it is still better than to run just one realtime software, which takes resource all the time, you ussually scan when you have nothing to do in backround anyway. And you need to easy down on the ondemand, if you know, that you "can not get infected". You do not need to scan nonstop with everything. If your realtime software did not block/detect anything in past few months/years, then you should be fine even without realtime.
Whether one method is better than another is debatable. I personally feel more confident in proper prevention techniques than proper removal techniques.
For me noisy HIPS is annoying. I just want to use my system for my intended purpose and not to answer frequent and often confusing prompts. With noscript many websites don't function properly and updating its whitelist is a continuous process and takes away the comfort of using my system. Compared with these two sandboxing is easy but then again we have to configure a lot initially thinking of every possibility to give exceptions to certain paths, browser profiles etc. Now I have separate user accounts for different purposes with default deny SRP along with a decent antivirus that is light on system and has tiny incremental signature updates
Absolutely. Removal doesn't happen here. Once something gets in you have no idea what else is there. Time to format at that point.
It is all a pain unless you enjoy it. Most "average" users I know think it is a necessary evil. They hate it all, they just want to "click and go" but they realize they can't or they will have a crippled machine. I am sure I speak for a lot of people here when I say that I want good security with minimum hassle. The list of "methods" in this poll is a good one, it contains many of the ingredients one can use to find thier security without hassle, whatever one considers hassle to be anyway. It just so happens that we each combine different ingredients to make our perfect security dish. As long as it works, what does it matter what it is made of? Sul.
Most annoying security strategy I ever tried was noscript by far, second would be a noisy HIPS. The rest don't annoy me too much, some AV's bug me. 99.9% of the time I am using MS word, excel, IE or firefox to browse this forum and some NFL or MMA websites or work related websites, so a LUA/SRP setup doesn't inconvenience me at all. If I were to do a lot of admin tasks such as installing/uninstalling software or had programs that required administrator access only then would it be an inconvenience.
I think the most annoying is a very noisy hips and ones that don't remember my decisions. I dont like anti virus programs that cripple a pc or have to many bugs its like a virus. I hate waiting for on demand scans that seems like they take for ever just to come up with zilch,elzippo,what a waiste of friggin time.
Security has to be light and painless. If it works well on my netbook, then it goes on the main laptop. Frequent full scans are a waste of time IMO - just check your autoruns, and it's pretty obvious if you have standard malware. Full scans aren't going to show up a rootkit any better either. It's probably enough to use Malwarebytes or Hitmanpro quick scans, routinely clear temp files and Java cache, etc (or even better, don't install Java in the first place), keep an eye on autoruns, and just focus on prevention.
I should start testing security software on my old computer first to see noticeable performance hits.
Noisy HIPS and Firewalls are very annoying. Even if I can understand them, I won't keep such things. Same with NoScript, which I've actually used for a long time, until I got sick of managing my whitelist. Limited users account is far too limiting for a techie like me. UAC on default is just plain dumb (not even an easy way to remember decisions), but you can tweak it.
You could also give a try to SuRun. It will remember your choices, if you want so. And, the nice thing is that, when ran elevated, it will elevate for the current user only, unlike UAC.
Oh, isn't this the very core of so much? It applies to HIPS, to Firewalls, to Default Deny, to just about anything that is really good and granular. This is what finally drove me to quit using such measures. The security was great, the control was even better, but I finally got tired of micro-managing everything. You know, some people really dig micro-managing, and knowing exactly what is happening and knowing they have much of the say as to what may happen. It is quite intoxicating IMO. But after years of doing this, it just got old. People might see my own posts as well as others who don't use a lot of the security tools that most use, and they might wonder why on earth one would do such a thing. The answer is right there in J_Ls quote - I just got tired of doing that, so now I seek any other method(s) that don't require as much "managing". Sul.
Currently, I'm not interested in working under LUA even with that. I just don't want more inconvenience.
I think there is a big difference between using a DNS service and using an add-on like WOT ! I would have them as seperate options in the poll. WOT etc, to me, are intrusive and annoying and pretty pointless. Using a DNS service is the total opposite , its transparent , 1 time set-up , and adds good protection for no inconvience.
It's transparent until you surf somewhere it doesn't like..which can be said for WOT too. With WOT, the only "annoyance" was knowing those little symbols you saw in the search results and on pages were either 1. Outdated. 2. The result of some random persons bias for/against a particular website (or idea, or even a person). 3. Completely wrong, whether that be a good site flagged as bad or bad as good. WOT you take with a grain of salt, a good DNS like Norton can be relied upon fairly well. On topic, the biggest security pain of all is figuring out, by trial and error, what software works well with others and isn't going to break things. That's been my life the past 3 days (luckily I seem to be getting set).
1. HIPS (All) too much a pain to setup for most users. 2. Limited User Account, too limited for every day tasks. 3. Software Restriction Policies, takes too much work to keep them updated. 4. Sandboxes, not all but most are too complicated to setup. Some Auto-sandboxing applications work without many issues. For antivirus programs, they are so many to choose from that has little system impact and only few false positives. If you suffer from system slowdowns and a lot of false positives then it is time to change your antivirus or upgrade your system's components. Thanks.
Sandboxes are so easy to set up. I have Java in a sandbox and I never bother with it except once in a while I'll clear it.
Sandboxes can be a pain, but only temporarily. What I refer to is, for instance, you restrict certain apps to run/have net access in a sandbox. If your browser can run, but your printing process, files used by Windows when saving files, among other things can't, then yeah it can be a hassle. The nice thing about Sandboxie though is when something like that happens, it tells you exactly what is trying to run, and you can add it right then and there.
So just don't set it up to block all files from executing =p That's sandboxie though, I'm using Comodo. Less secure than Sandboxie but it's a matter of seconds to set up the sandbox and it has proven to break exploits.
Well, but that's a part of Sandboxies' beauty, pretty much complete control Now see, I can handle how Sandboxie does it, you start giving me Comodo pop-ups and I start popping pills Granted things may have changed a lot since I last used it several months ago.
Comodo's popups are from a separate module. You can sandbox Java and turn off the rest of the program. Autosandboxing and the Defense+ HIPS doesn't give me popups unless I'm running a program that isn't on the whitelist that I haven't ever run before. I have Java sandboxed as restricted and have literally never had a popup related to it.
