Back in the saddle: need advice

Discussion in 'other security issues & news' started by MarkW, Oct 26, 2008.

Thread Status:
Not open for further replies.
  1. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    My corporate network has handled all my anti-malware/virus/badness for the past three years and my mind has gone soft.

    Now it is up to me again. My new computer is built and ready to be protected. It's running XP SP3 and IE7. I practice super-safe hex. Three-plus years ago I employed NOD32 AV (w/ blackspear's settings), CounterSpy and SAS behind OutpostPro Firewall. I was happy and secure. No hits, no infections.

    Does that combination now seem antiquated? Have any of the above products crashed and burned? Would anyone suggest a change?

    Thanks.
     
  2. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Nope :) Still good combo, if you are comfortable using those and they work for you, why change?
     
  3. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Just a little warning: the current version of Counterspy is <3>, and it doesn't always play nice with others. It's actually a quite different product than version 2. I stopped using counterspy because I could no longer update the definition files of 2.5, I could only choose between migrating to version 3 or 'upgrading' to VIPRE. But you could experiment if you wish. Using Counterspy as an on-demand (not real-time) scanner would probably work without problems, although I'm not quite sure.

    And from what I've read NOD32 is not very effective against spyware, so you'd need some real-time antispyware protection.
     
    Last edited: Oct 26, 2008
  4. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
  5. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    People, thank you for taking the time to write.

    Thanks for the tip on Counterspy and the thumbs-up on Malwarebytes. One thing I forgot to mention is that I ran Prevx as well. And yes, I kept SAS on call. Do folks still recommend layering HIPS/behavioral anti-malware with their signature based anti-malware? I was a big fan and proponent of Prevx way back when. Brilliant design, low resource utilization. Is it still amongst the recommended?
     
  6. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
    MarkW, there is an ongoing discussion in this Wilders thread: Is Prevx good?
     
  7. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    JRViejo,

    Thanks for the link to the Prevx thread. Sorry I missed it. Good God, there are a lot of people bitching. It suprises me. Three years ago, I installed it (Prevx 1), set it up in ABC and only heard from it like four times in six months - never a false positive. I thought it was God's gift to HIPS. It's either gone downhill or the people on that thread are unduly cranky.

    And two recommendations for Malwarebytes - suprising! Would you please tell me why you prefer Malwarebytes over its hundred competitors out there? I'd really appreciate it.
     
    Last edited: Oct 27, 2008
  8. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    If you read the entire thread, it does get marginally better :D

    ~3 years ago was the peak of our false positives, so, if you didn't have any then, you'll most likely be fine now (granted, every AV does have them, so, no guarantees of course).

    We are about to release a major new product as well, so, don't count us out just yet :)
     
  9. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Suggestion: NAT Router with HWFW as part of essential tools. :)
    Check Sandboxie http://www.sandboxie.com/ :thumb: :thumb:

    Comments:
    re: PrevX
    :D Nah, it's a long story. Look closer you'll see the majority are cool with it. V2.x is still a good tool imho. The -ahem- imminent release of v3 has generated some excitement, but it will be different to v2.

    re: MBAM: works good. Had lots of testing here and there: very effective. Genuine contender for 'app of the year'
     
    Last edited: Oct 27, 2008
  10. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
    IMO, the 3 things that I really like about MBAM are:

    1. Scanning Speed (my last scan - 51,538 objects in 3 minutes, 58 seconds).
    2. Numerous Daily Updates to its database.
    3. Malwarebytes' Anti-Malware Detection List

    Family and friends have been duped by the MSAntivirus and XPAntivirus rogues. MBAM has successfully cleaned out their systems and has protected them, real-time, from being infected again. That alone, it's worth the $24.95 one time fee! :thumb:
     
  11. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    How does Malwarewarebytes realtime protection rate?
     
  12. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
    Funny you should ask because if you look at the latest test in this Wilders thread: New AV Test From SSU, MBAM is 30th out of 30. Yet, I have seen MBAM work brilliantly while being used by family and friends but then again, depending on Internet surfing habits, what works for some, will not work for others.

    I don't venture into the dark side of the force so with the exception of my AVG 8.0, whisking away bugs from emails into its virus vault on a daily basis, none of my other security programs detect anything when I run them. So, I guess you'll have to be your own judge whether MBAM works for you or not.
     
  13. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    JRViejo,

    Thanks for the note.

    I just read that test from front to back and it bothers me. I have a lot of training in statistics and to see a spread like that rings warning bells in my head. 99.12% - 2.16% is just a bit unbelievable. I have no affiliation with Malwarebytes or any other software company, but if 2.16% sensitivity were close to the truth, it would be listed as rogue software (I hope) by reputable forums. And no heueristics can snag over 99% of inbound malware.

    Did they use the paid version or the free version? That and many other question plague my mind.

    I am still considering using Malwarebytes. The methodology of the test and especially the results make me want to dismiss the test out of hand. No heueristics can snag over 99% of inbound malware. What's your opinion?
     
  14. MarkW

    MarkW Registered Member

    Joined:
    Dec 24, 2006
    Posts:
    48
    BTW, I keep reading anectotal comments that Malwarebytes really shines as a sweeper but isn't so great as a real-time defender. Malwarebytes.org on the other hand puts a lot of stock in their heueristics and it's "revolutionalry" design.

    What has been your experience?
     
  15. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
    Yes, that's one of the problems with that testing. Not only do we not know what software version numbers were used, besides Free & Paid, but also what malware samples were thrown against these programs. Until I see that information, I have to label that test as incomplete.

    As I said before, I keep my system super clean, and no security software of mine, real time or on-demand, ever reports anything, except for AVG (lately getting many so called UPS Notice emails with viruses in zip files). What you should do with MBAM is take it for a spin, as a Free on-demand version first, and see how you like it. That's what I do before I buy anything!
     
Loading...
Thread Status:
Not open for further replies.