Do I need more protection?

Discussion in 'other anti-malware software' started by dc116, Aug 30, 2009.

Thread Status:
Not open for further replies.
  1. dc116

    dc116 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    7
    Currently I am using:
    - Avast Home
    - Malwarebytes paid version
    - Superanti-spyware free
    - Spyware Blaster
    - Windows Defender (realtime disabled)
    - Comodo firewall

    On a scale of 1-10 how would you rate my current protection?

    I'm thinking about adding Spyware Terminator, Spybot S&D and Threatfire Anti-virus as extra protection, is this necessary or will it only slow down my system?

    Thanks in advance
     
  2. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Given you have configured CPF correctly...then I would say 10. ;)

    EDIT: If you have defense + activated in Comodo...there is no need for any additional HIPS or behavior blocker.
     
  3. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I think you are good with what you have.
    Nothin's perfect but I'd rate your setup a 9.
     
  4. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,302
    Location:
    Location Unknown
    I would rate that a 7 at best, but that's because I am very weary of malware scanners; they just are not up to par. If I were you I'd remove the scanners and add a virtualization app, Returnil, Shadow Defender, etc. That way should something off happen, like an infection, all you'd need to do is restart to get rid of it And as a bonus, you'd also free up system resources.

    But if you insist on a real-time malware scanner I'd drop Avast and replace it with Prevx Edge (3.0).
     
  5. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    I am kinda with n8. I would not put a lot of importance in MBAM realtime (although on demand is very nice) and if you want a 2nd realtime scanner I would go with Prevx. With TF, SD&D and ST you are really just piling on protection that may already be covered with quality apps. It may be better to add another layer or two as opposed to adding to a layer that already exists. A virtualization/sandbox type program may be something to consider- some like n8 suggested or sandboxie or geswall. Maybe defensewall if you are ok with spending a little cash. Besides that it would be good to do backups and have a system snapshot in case one is needed later.
     
  6. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Personally, I would drop Avast and use the following:

    Avira Free
    Microsoft Security Essentials (keep windows defender disabled)
    MBAM resident
    Comodo with Defense + activated

    Throw in something like RollBack RX and you would have a KILLER setup.

    This is just my opinion of course. ;)
     
  7. dell boy

    dell boy Registered Member

    Joined:
    Apr 13, 2009
    Posts:
    240
    Location:
    uk, england
    i would disable D+ and get something like sbie or geswall, your fine with avast and mbam.
     
  8. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,439
    Don't over do it. I would recommend just Windows Firewall Control 7 and Microsoft Security Essentials. If you're really paranoid, install Threatfire and Spyware Blaster though I don't really think its necessary. To protect your browsers, Browser Defender is all you need to keep out of malware and phishing sites.
     
  9. dc116

    dc116 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    7
    Thanks for the replies I really appreciate them :D

    so as of now I haven't installed anything new. I'm just wondering, am I 100% safe from downloading torrents or do I need to install something like sandboxie?
     
  10. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,439
    Just be careful what you download from torrents. Sandboxie or a virtual browser would make it possible to revert if you do download a nice malware payload.
     
  11. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    With avast! I'm assuming you run with the P2P Shield up, right? I still think you would benefit from sandboxing of some sort.
     
  12. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Your current strategy appears to rely mainly on "traditional" malware scanners.
    Nothing wrong with that, provided you realize that having a good AV (and Avast is good) and antispyware (and MBAM is good) does not guarantee you are bulletproof.
    D+ in the firewall should cover most, if not all, that might be overlooked by the resident scanners. (Which happens if, for example, you are unlucky enough to encounter an exploit that is new enough that the resident scanners don't identify it.)

    (That is only valid if you know how to respond to the alert it would pop up.)

    Don't install more of the same. With MBAM (resident) and SAS (demand) more antispyware applications (SpywareTerminator, Spybot) is probably overkill, for very little extra protection.
    Definitely do not try to add another AV to the mix. Only run one AV (resident) at a time. And generally, only have one AV installed at a time. (Threatfire, without the antivirus component, is a behaviour blocker, and works OK with Avast, but not (currently) with SAS. There's a bug.)

    But I think you have enough.
    What you download and run via torrent/p2p) is far more salient to your security than what you are using to try and protect yourself from yourself. If you are downloading programs (cracks, keygens etc), for example, forget security. You're inviting the enemy in. (And, frankly, you deserve what might then happen.)

    If you install some kind of virtualization, like Sandboxie, and run anything new/untrusted inside it (if possible) you should be protected.

    If you have a rollback/imaging program, and can go back to before infection, you are not protected, but it doesn't matter, because you can wipe the situation- kind of like getting a free replay.
     
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Nice post, Tarq57. :thumb:
     
  14. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Thanks.:)
     
  15. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    If you are going down the route of downloading torrents/files to Sandboxie ... make sure you test your AV scanner works within the sandbox. Prevx especially is hit or miss working within Sandboxie, at the moment. Eicar test files are good to test your AV with.
     
  16. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I know this is not the AV thread, but with the talk that has gone on about how the AV is an outdated idea with little use, doesn't this talk of downloading torrents lend itself to using an AV? Wouldn't one think it would be better to for instance wait a couple days for latest updates, then scan the downlaoded files with the AV engine? Isn't that exactly what it's job is, as long as it is current to the threats of the day, to scan a file you downloaded and tell you BEFORE you run it in SBIE or vmWare or whatever that it MIGHT be infected in the first place?

    Again, it seems to make sense to me anyway that while the AV is always lagging behind the times as it were, it seems like it is still sensible to employ one, although I am not currently doing so.

    Food for thought anyway in relation to protection and the angle of downloading torrents.

    Sul.
     
Loading...
Thread Status:
Not open for further replies.