What is your security setup these days?

I agree. Cleaning used to be one of the first options. Now it seems like one of the last. I've come to rely on GSS more then any other security app I've got.
And yet, for all the security software that's on my machine, the most precious protection I have is my external hard drive and Dban. If I ever did get infected I'd repave and reload.

 

I have to agree but not for the same reasons perhaps. It's not so much a malware attack that you have to fear of corrupting your drive as much as supposedly normal software programs or even windows itself; and when that happens it is especially time saving as well as a relief to be able to turn to a DUPLICATE in the form of an external drive that you might have imaged to previously to use for a safe backup.

 

Agreed, for problems such as that, I'm glad to have FD-ISR, and IFD. But in the case of malware, and particularly anything that nests in the kernel, I'd want to scrape it clean. Actually my backup/recovery ware has even saved me most often from myself in my desire to know more about my system (tweaking, exploring, experimenting). For that it's been invaluable.

 

added
changed
removed

Server 2003 setup

Resident:

Ad Muncher
Comodo Firewall Pro
LinkScanner Pro
NOD32
Online Armor FW
Prevx1

On-Demand:

SUPERAntiSpyware Free

Other Security / System Hardening:

nLite'd Windows Server 2003 (with service tweaking based on a guide from Smallvoid.com)
Boooggy's Win2k3sp1 WUZero UpdatePack
Harden-it
Samurai HIPS
Seconfig XP
SocketLock
xp-antispy
Process Explorer
Firefox extensions: Cookie Button (in the status bar), and NoScript

XP setup

Resident:

Ad Muncher
Comodo Firewall Pro
LinkScanner Pro
NOD32

On-Demand:

SUPERAntiSpyware Free

Other Security / System Hardening:

nLite'd Windows XP (with service tweaking based on TweakHound's guide)
RyanVM's Windows XP Post-SP2 Update Pack
Harden-it
Samurai HIPS
Seconfig XP
SocketLock
xp-antispy
Process Explorer
Firefox extensions: Cookie Button (in the status bar), and NoScript

 

1) hardware firewall + hardened OS barebones
2) a program that tells me if anything has been modified, created, or deleted.
3) a program that will restore my OS to a clean state.
4)

 

Persistent:

High quality SPI router

Active:

Firewall: CPF 2.4.18.184

A/V: NOD32 2.7.32

A/T BOClean

HIPS/CIPS: Cyberhawk Pro 2.0.2.12

Passive:

McAfee Anti-Virus Standalone

SUPERAntiSpyware Pro (on access off for now)

AVG Anti-Spyware

SpywareBlaster

AdSpy

RootkitRevealer

 

I had to remove Linkscanner Pro. I noticed dramatic slowdown in browsing, i.e. when looking up anything in search engines, they kept trying to connect to the Exploit website to check every link and takes too long, would make browsers "not respond" for a while until they picked up. This only happened which I noticed with Firefox after the last major update. I think with Geswall and going to any bad site, I would be okay since all my browsers are automatically isolated. I just added good old SiteAdvisor to Firefox again instead.

dja2k

 

Latest "changes" in bold as of 3/6/07:

Resident:

Avira AntiVir PE Premium[Removed]
BOClean
DefenseWall HIPS v2.0 Beta 4
LinkScanner Pro
Look'n'Stop 2.06 Beta 1[+Phant0m's latest r/s]
Netgear RP614 v2 Router w/NAT & SPI
Primary Response SafeConnect[Added]

On-Demand:

A-Squared(free)
AVG Anti-Spyware(free)
Autoruns
CounterSpy v2.0
Gmer[Removed]
IceSword[Removed]
NOD32[Added]
Process Explorer
Process Walker
RootKit Hook Analyzer
Rootkit Unhooker
Sentinel
SUPERAntiSpyware Pro
Windows Malicious Software Removal Tool

System Hardening:

Applied manual system hardening tweaks
Disabled most WinXP SP2 services
Harden-It
Removed Netmeeting
Removed Windows Messenger
Samurai
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera Weekly Build(w/UserJS scripts)
Email - PocoMail


Peace & Love,

CogitoErgoSum

 

I've had the same problem with LinkScanner and the FF 2.0.0.2. I've also seen FF's memory usage jump, with or without LinkScanner. Up 'til now FF was using a fairly consistent 32-38 MB of RAM. Now, the average on my PC is about 50MB. Right now, as a matter of fact it's 68MB, without LinkScanner, and I've had spikes that went as high as 160Mb.

 

About Linkscanner Pro, I also found out that disabling its protection wouldn't disable it. It would say its disabled but still block sites that were false positive or at least I thought so.

dja2k

 

Latest "changes" in bold as of 3/7/07:

Resident:

BOClean
DefenseWall HIPS v2.0 Beta 4
LinkScanner Pro
Look'n'Stop 2.06 Beta 1[+Phant0m's latest r/s]
Netgear RP614 v2 Router w/NAT & SPI
Prevx1[Added]
Primary Response SafeConnect[Removed]

On-Demand:

A-Squared(free)
AVG Anti-Spyware(free)
Autoruns
CounterSpy v2.0
NOD32
Process Explorer
Process Walker
RootKit Hook Analyzer
Rootkit Unhooker
Sentinel
SUPERAntiSpyware Pro
Windows Malicious Software Removal Tool

System Hardening:

Applied manual system hardening tweaks
Disabled most WinXP SP2 services
Harden-It
Removed Netmeeting
Removed Windows Messenger
Samurai
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera Weekly Build(w/UserJS scripts)
Email - PocoMail


Peace & Love,

CogitoErgoSum

 

Well I did a fresh install of Linkscanner Pro and it seems that it fixed the slowdown of checking links, but still can't disable its protection. With the "block sites" disabled, it still blocks the site.

dja2k

 

after disabling, have u tried restarting the browser and then visiting the blocked site?

 

Yep WSFuser, I have, still gets blocked. This just happens in Firefox by the way, IE works good enabling and disabling Linkscanner Pro. Already emailed technical support about this issue to see what they say.

dja2k

 

Now using.

Linksys Wireless Router with SPI Firewall enabled
AVG Antivirus and Firewall
Six month trial of Ashampoo Antispyware- with RealTime Heuristics Guard
Cyberhawk- Behavioral HIPS

All set and forget and Internet and PC seems to be running smooth.

 

I see you were involved in a lot of threads dealing with Ashampoo Antispyware. How is it on resources and also are you using it because you picked it over others i.e. AVG antispyware, Spyware Terminator etc. or just because you have a free six month trial?

dja2k

 

Something remained in FF's folder maybe.

 

hey dja2k. Ashampoo AS runs high in memory with two processes at 50MB. it does not however slow down my 512MB RAM PC. I like Ashampoo AS for the many features it has, plus the nice GUI it has is a major attraction. You can check the features and see a screen shot on the Ashampoo website. The thing I don't like though is the Icon it uses in the task tray. It's a small white square with a little picture of a faceless person inside showing shoulders and head dressed in blue with a blue cap to resemble a policeman. It also has no pause for the scans, which like the a squared anti-malware scan engine it uses takes over an hour on my PC to finish. I have the AVG Internet Security Suite which was given to me free and I like it, but since I was told by Grisoft today that none of the Antispyware products use Heuristics in RealTime, I uninstalled the Antispyware Component. So to answer your question, I installed Ashampoo AS again because it has Heuristics for RealTime detection, but I wouldn't have without the 6 month free trial. I will most likely return to Spyware Terminator since I like everything about it, until Grisoft hopefully soon implements the Heuristics that were originally planned by Ewido back in early 2006. Ewido had even mentioned HIPS being added in the future as well. Grisoft has not commented when any of this will happen, but did tell me to keep checking their website. I will say that a few people whose opinion I respect in this forum swear by the AVG AS Guard, so who knows I may add it in the Suite again after I tire of AA and ST.

 

Using:

Router Firewall
AVG Internet Security
BOClean
DefenseWall
WinPatrol

 

Even if you shut down LinkScannerMonitor.exe in the systray and LinkScannerConnect.exe through Taskmanager. You're still left with these dlls running with Firefox.

I dunno. Maybe that's what's causing FF's insane mem usage on my machine. I haven't noticed too many complaints about memory usage on the FF message boards. Although there have been a lot of general complaints (crashing, freezing, and a fair amount of FF forgetting passwords and settings). Crikey! Right now FF is up to 80MB of memory usage.

Maybe it's time to go to the Opera.

 

Latest "changes" in bold as of 3/8/07:

Resident:

BOClean[Removed]
DefenseWall HIPS v2.0 Beta 4
LinkScanner Pro
Look'n'Stop 2.06 Beta 1[+Phant0m's latest r/s]
Netgear RP614 v2 Router w/NAT & SPI
Prevx1

On-Demand:

A-Squared(free)
AVG Anti-Spyware(free)
Autoruns
CounterSpy v2.0
NOD32
Process Explorer
Process Walker
RootKit Hook Analyzer
Rootkit Unhooker
Sentinel
SUPERAntiSpyware Pro
Windows Malicious Software Removal Tool

System Hardening:

Applied manual system hardening tweaks
Disabled most WinXP SP2 services
Harden-It
Removed Netmeeting
Removed Windows Messenger
Samurai
Windows Worms Door Cleaner

Miscellaneous:

Primary Web Browser - Opera Weekly Build(w/UserJS scripts)
Email - PocoMail


Peace & Love,

CogitoErgoSum

 

Superantispyware Free edition
Xsoftspy se
Spywareblaster
BitDefender Antivirus Plus
Counterspy with real-time protection enabled.
The cleaner professional

browser: Mozilla Firefox with no-script,adblocker,mcafee siteadvisor addon's

 

Hey CogitoErgoSum, why would you remove Boclean?

dja2k

 

Hello dja2k,

I removed BOClean because Prevx1 has a similar process memory scanning feature. Just trying to minimize overlap and reduce system resource demands.


Peace & Love,

CogitoErgoSum

 

I would never remove Boclean, its #1 for trojans and Prevx1 can't be better at that, no way!

dja2k